Product: ITRS Log Analytics
Release Number: 6.1.7
Release Date: December 02, 2019
Release Type: Micro
Previous Release: 6.1.6
- Elasticsearch nodes encryption using transport layer
- DevTools Support
- Wazuh support
- Non Root deployment support
- Auditing provide more detailed information on user activities
- Comprehensive Windows AD Reporting
- SIEM security rules - Windows
- Netflow support and reporting
- Syslog support and reporting
- Windows Remote Management [winrm] support
- Improved query support in CSV export
- Cookie session TTL options can be set in kibana.yml. Default TTL: 10 min, Keep Alive: -----true:
- GeoLite2 database used by the geoip plugin in logstash updated
- Hostname visible in Kibana Config tab
- Index.translog.durability set to async as default in default-base-template
- New alert rules:
- ConsecutiveGrowth - Rule matches when there are values of compare_key in each checked timeframe.
- Difference - Rule matches for value difference between two aggregations calculated for different periods in time.
- FindMatch - Rule matches when in defined period of time, two correlated documents match certain strings.
- Recovery - This rule works generically and can cancel any previously triggered alarm.
- UniqueLongTerm - Rule matches when there are values of compare_key in each checked timeframe.
- Fixed the Issue #113 - Intelligence mutliply fix
- Fixed the issue with the Broken Access Control in config tab
- Fixed the issue with the Token expires after user logout
- Fixed the issue with the Lack of security enhancements HTTP headers.
- Fixed the issue with the ANTI-CSRF mechanism.
- Fixed the issue with Unnecessary API call for users list when accessing Report plugin
- Fixed the issue with Duplicated requests made by Kibana Alerts plugin
- Fixed the issue with the Disable export of empty CSV files
How to install
Download one of the following Log Analytics distributions: Tarball
Documentation can be found here.