π― New Features
-
Redesigned Data Collection interface with an updated visual layout and improved usability.
-
Added hostname support for SMB and SFTP pollers for enhanced configuration clarity.
π Plugin & API Poller Updates
API Integrations:
-
MalwareBazaar integration added to support ingestion of threat intelligence indicators. (New)
-
Cloudflare integration updated with support for Firewall Events and improved position tracking.
-
AWS S3 integration updated with payload size checks for more reliable data handling.
-
IBM QRadar EDR manifest updated with default alert ID for consistent parsing.
-
Google Cloud Audit integration updated to fix inconsistent date formatting.
-
Zoho Cliq integration updated to support authentication via API token.
-
Motadata integration updated with proper authorization header handling.
Plugin Enhancements:
-
Forcepoint Web Security Cloud CEF plugin updated to include username field parsing.
-
QNAP Generic Log plugin improved with refined column handling and extended regex mappings.
-
Suricata IDS plugin updated to support additional log fields for better event visibility.
-
Xlight FTP Server plugin updated to include parsing of transferred byte data.
π§ Improvements
-
Added audit logging for system update events.
-
Enabled artifact synchronization with Cyfusion.
-
Added FirstReplyTime field support for Cyfusion integration.
-
Improved password validation on system user forms.
-
Optimized object fetching in the UEBA module for better performance.
-
Removed deprecated and unnecessary informational elements.