Added communication client to talk to Wavecrest App Center.
Added communication for requesting evaluation license for Reporting modules (Firewall, O365,etc etc).
Reporting
Templates
When creating audit section and sorting by Bytes, order by Bytes descending instead of default of Date ascending.
Log Configurations
Updated FortiGate parser to properly handle Web session logging in FortiGate where multiple URLs are visited during a single session. Byte field is calculated for each request during the session (if present).
Firewall Reporting
Templates
Added FortiGate option for Data Type in Report Templates to create sections for FortiGate firewall data.
Data Management
Log Data Setup
Updated configuration wizard to allow customer to choose Wavecrest categories or the categories contained in the device log (if present).
Added ability to enable or disable firewall data collection.
If License upgrade is required for Firewall module, a link is provided to request a free trial using new Secure Communication component.
Added ability to define timezone when no timezone is configured in the device log.
Corrections
Reports
Fixed the total row in the Top Classifications table in Site Analysis report to display the word Total instead of Neutral.
Added ability to customize Application/Sites categorization by either editing existing Application/Sites urls or creating a custom Application/Site.
User Management
Logon Accounts
Added 2-factor authentication to logon accounts. When enabled for an account using the edit Logon Account screen, an email code is sent to the corresponding email address each time that user logs on.
Reports
Application/Sites Sessions
New Web Session reporting. Added web data analyzer to identify user Web Sessions based on a user’s activity to an application. Analyzer is scheduled to run daily to identify sessions for the previous day. Added session fields of Session Start Time, Session Stop time and Session Hits to template reporting and pre-configured Dashboard and panels to Visualizer to display User Session information.
Settings
Session Analyzer
Added new screen to adjust the configurations used by the Session Analyzer. In addition, you can also re-analyze the web data for a given configuration.
Corrections
Health
Corrected problem with lingering connections to metric server leading to performance degradation.
Arrays
Fixed product update instructions to propagating to array members.
Added ability to customize Application/Sites categorization by either editing existing Application/Sites urls or creating a custom Application/Site.
User Management
Logon Accounts
Added 2-factor authentication to logon accounts. When enabled for an account using the edit Logon Account screen, an email code is sent to the corresponding email address each time that user logs on.
Reports
Application/Sites Sessions
New Web Session reporting. Added web data analyzer to identify user Web Sessions based on a user’s activity to an application. Analyzer is scheduled to run daily to identify sessions for the previous day. Added session fields of Session Start Time, Session Stop time and Session Hits to template reporting and pre-configured Dashboard and panels to Visualizer to display User Session information.
Settings
Session Analyzer
Added new screen to adjust the configurations used by the Session Analyzer. In addition, you can also re-analyze the web data for a given configuration.
Data Management
Log Types
Updated CheckPoint parser to be able to parse additional types of records.
Updated Zscaler to:
parse CSV export and Event format.
include additional fields like Super Category.
Removed None as valid application.
Removed default browser value.
Added Tunnel protocol mapping to https
Updated Palo Alto parser to include better header record matching. Prevents issues where URL field is misconfigured.
Parser
Updated parser to properly handle records that have duplicate keys by validating the value.
Updated parser to allow protocol mapping to convert field value to http or https protocol.
Corrections
Health
Corrected problem with lingering connections to metric server leading to performance degradation.
Arrays
Fixed product update instructions to propagating to array members.
Added new Health status page to display the current state of different components in the product through Health Modules. These modules can be configured to trigger notification alert emails when an error is detected. The following modules are currently available:
License Expiration – Checks the number of days left on the license and can trigger warning and error notifications based on days left.
Syslog Inactivity – Checks active syslog ports for data being sent and triggers alert when no data is received in a configurable time period. Module also checks for valid data being received instead of just any data and triggers different error alert accordingly.
Reporting
Dashboard
Visualizer
Added an extensive library of preconfigured charts for users to select when creating new panels.
Library
Updated product to use most recent MySQL library (8.0.33).
Corrections
Dashboard
Removed “AVG Daily Usage” and “AVG Daily Ingestion” tiles because metric is not useful when combined with metric data removal as it is currently. Results include large possible negative numbers.
Added new Health status page to display the current state of different components in the product through Health Modules. These modules can be configured to trigger notification alert emails when an error is detected. The following modules are currently available:
License Expiration – Checks the number of days left on the license and can trigger warning and error notifications based on days left.
Syslog Inactivity – Checks active syslog ports for data being sent and triggers alert when no data is received in a configurable time period. Module also checks for valid data being received instead of just any data and triggers different error alert accordingly.
Reporting
Dashboard
Visualizer
Added an extensive library of preconfigured charts for users to select when creating new panels.
Library
Updated product to use most recent MySQL library (8.0.33).
Corrections
Dashboard
Removed “AVG Daily Usage” and “AVG Daily Ingestion” tiles because metric is not useful when combined with metric data removal as it is currently. Results include large possible negative numbers.
Corrected issue that could cause direct syslog imports to stop working upon a service restart. The file writer continued to work, just the metric server stop receiving the data directly. This was caused by the syslog server attempting to start before the importer had been initialized.
Palo Alto Firewall reporting now available in addition to Web data. Both types of data can be seamlessly imported and reported on in the Visualizer which has been updated to include pre-configured Firewall dashboards. * Firewall Reporting requires an upgraded license, but evaluation periods are available.
Data Management
Log Data Setup
Updated the location of the wizard buttons for clarity and optimized flow.
Log Date Types
Updated Sonicwall VPN to include ability to parse NetExtender VPN data.