Dec 6, 2023

New and Noteworthy

  • Use our new Splunk alert destination to send Panther alerts to Splunk.
    • This new integration enables you to leverage Panther’s powerful detection-as-code functionality on a set of logs while keeping your existing triage, search, and remediation workflows in Splunk.
    • This feature is in open beta and is available to all customers.
  • Easily convert Sigma rules into Panther YAML detections (Simple Detections) using the sigma-cli tool.
    • Sigma rules are a common way to share detection logic in a vendor-agnostic format. This converter makes thousands of Sigma rules available for use in Panther. It also can make it easier to migrate to Panther from another SIEM.
    • Currently, only Okta and AWS CloudTrail log sources are supported for conversion. More will be added.
    • This feature is in open beta and is available to all customers.
  • Track your monthly ingestion volume against your allotment using the new ingestion quota tool in the log ingestion dashboard.


Panther Developer Workflows


Previous Releases

v1.91 Nov 29, 2023
Use the new Summary tab on search results to quickly understand what is and is not important when triaging an alert, investigating a potential breach, or threat hunting.
v1.90 Nov 16, 2023
Added the ability to use prefix exclusion filters with GCS sources.
v1.89 Nov 9, 2023
Added the ability to manually resize columns in search results tables and significantly improved the load time of the Log Sources page in the Panther Console.