Plugin & Integration Updates
- PMGPolicy plugin has been added.
- Infoblox CEF/LEEF plugin has been added.
- SSH authentication event parser has been added.
- MessageTrace integration has been updated and migrated to Microsoft Graph API.
Other Improvements
- Updated ATT&CK technique library to v19.0.
- Remapped deprecated alarm technique IDs to ATT&CK v19.0.
- Removed unused EPS limit setting.
- Improved HA stability to prevent failover flapping.
- Improved Redis error handling for token management and token revocation.
- Removed unused identity and asset field mappings.
- Optimized
Source.*enrichment with a more focused field set. - Added
silence_timesupport for predefined alarms. - Improved LDAP/AD lookup behavior with case-insensitive matching.
- Added support for system events.
- Extended event mapping with new fields, object structures, and additional event types.
- Added configurable pagination options for API and Threat Intelligence forms.
- Added system update page with release notes.
- Improved MFA rate limiting with IP and username-based controls.
- Extended request timeout and optimized response handling.
- Added field-aware search support with secondary indexes.
- Improved AD asset and identity enrichment using in-memory cache.
- Improved index deletion and close operations for better stability under load.
- Improved Elasticsearch template recovery behavior.