🔌 Plugin & API Poller Updates
Updated Plugins
• Safetica One Log Plugin
Fixed log parsing and data mapping issues.
• Postfix Mail Server Log Plugin
Addressed log normalization errors in the Postfix plugin.
• Dovecot Mail Server Plugin
Corrected log parsing inconsistencies affecting data ingestion.
• Sophos XG Log Plugin
Resolved parsing and stability issues within the Sophos XG plugin.
• A10 DDoS Detection & Mitigation Plugin
Fixed log ingestion and parsing accuracy issues.
• Fortigate Old Log Plugin
Improved log compatibility and resolved data parsing problems.
• Extreme X-Series Switch Log Plugin
Addressed parsing and normalization issues to improve data integrity.
• F-Secure WithSecure Log Plugin
Implemented support for the WithSecure plugin.
API Poller Updates
• Sophos XDR Poller API
Resolved polling issues that were affecting data retrieval and API performance.
• IBM EDR Poller API
Improved logic for fetching inactive/idle alerts and enhanced system timezone accuracy.
• Mimecast Email Gateway API
Fixed issues causing data synchronization and API polling instability.
• Google Cloud Audit API
Corrected private key field configuration issues.
• Brandefense Response API
Implemented Brandefense integration, extending threat intelligence capabilities.
• Symantec Endpoint Security API
Added a Symantec Endpoint Security form to API settings for simpler configuration and setup.
📝 Other Improvements
• Incident Detail & Export Enhancements
Added alert lists to incident detail and export pages, improving context and visibility.
• Action Rule Form Enhancement
Integrated a new response_type field for greater flexibility and customization.
• Custom Plugin Whitespace Replacement
Enhanced custom plugin functionality to normalize whitespace in logs.
• Responses Index Update
Added an ActionObject column to the Responses index page for improved clarity.
• Custom Plugin Form Enhancement
Introduced a replacement field feature for better data processing and customization.