Upgraded to newer Java engine that results in vast improvements in performance requiring less memory and CPU running the product. Supporting libraries have been updated to take advantage of new optimizations.
Replaced network selection when running report from single drop-down to multi select option.
System
Heath Monitoring
Added module for monitoring metric server integrity. This module will ensure that the metric server is up and running and is receiving new data. It also includes option to ensure that enough data is being retained based on each company’s retention policy. If error is detected, email will be sent to configured address(es).
Java Runtime Engine
Upgraded to newer Java engine that results in vast improvements in performance requiring less memory and CPU running the product. Supporting libraries have been updated to take advantage of new optimizations.
Secure Interface
Added ability to import encrypted keys by addition of new password field when configuring custom certificate.
URL List
Otherwise
Added new otherwise data upload that includes more detail on the raw request for increased list accuracy and detail. All details still do not contain any private information allowing identification of source.
System
Arrays
Fixed encoded version file issue preventing product updates occurring on secondaries after starting upgrade on primary.
Log Configurations
Prisma
Added support for Prisma Cloud.
FortiGate
Updated FortiGate configuration to set the doc id for forward records that belong to the same session.
Sophos XGS 3300
Added support for Sophos XGS 3300.
Syslog
Added option to rotate syslog files hourly for creating manageable log files. This works in concert with hourly importing of syslog data. This option is recommended for customers that have large amounts of data where direct importing is causing high CPU and memory demand.
Corrections
Reporting
PDF
Added code to attempt to resolve PDF report conversion executable when error condition exists.
Data Management
Log Data Setup
Corrected timezone preview showing 24 hour format plus am/pm designation.
Metric Data Deletion
Fixed scheduled metric data deletion not purging Microsoft O365 data.
Updated the evaluation licensing system allowing the product to request trials for Firewall, O365, Defender, and VPN modules.
Updated EULA agreement.
Log Configurations
CheckPoint
Updated CheckPoint configuration to make use of new session capabilities.
BlueCoat
Added new BlueCoat configuration using new parser system.
Reporting
Visualizer
Added event logging reporting for interface logons and report generation requests.
Parser
Updated parser to allow for import of records that contain just application name and no URL.
Session
Updated parser to be able to identify and update log entries that belong to the same session. This includes updating the session end time and the number of bytes that was transferred for example.
Templates
Updated the template audit section to sort additional number fields as descending by default.
Added ability to filter based on session duration by seconds.
FortiGate
Added ability to disabled session tracking for faster start and stop time lookup.
Added throttling to prevent resource starvation when importing session data.
Data Management
Log Data Setup
Added ability to use epoch time in seconds instead of just milliseconds and nanoseconds.
Corrections
User Management
Groups and IDs
AD import
Changed Permission Group label to Security Group to align with industry standard.
Logon Accounts
Corrected 2-factor authentication issue with newly created AD accounts that prevent logging in.
Data Management
Log Data Setup
Fixed the date time configuration for data source to properly adjust the timezone based on the system default.
Logfile Viewer
Prevent screen from showing license upgrade required for older configurations.
Reporting
No longer not excluding category or application for configurations for records that do not contain URL.
Templates
Corrected issue that doubled the configured fields in the section when editing an Audit section.
Added communication client to talk to Wavecrest App Center.
Added communication for requesting evaluation license for Reporting modules (Firewall, O365,etc etc).
Reporting
Templates
When creating audit section and sorting by Bytes, order by Bytes descending instead of default of Date ascending.
Log Configurations
Updated FortiGate parser to properly handle Web session logging in FortiGate where multiple URLs are visited during a single session. Byte field is calculated for each request during the session (if present).
Firewall Reporting
Templates
Added FortiGate option for Data Type in Report Templates to create sections for FortiGate firewall data.
Data Management
Log Data Setup
Updated configuration wizard to allow customer to choose Wavecrest categories or the categories contained in the device log (if present).
Added ability to enable or disable firewall data collection.
If License upgrade is required for Firewall module, a link is provided to request a free trial using new Secure Communication component.
Added ability to define timezone when no timezone is configured in the device log.
Corrections
Reports
Fixed the total row in the Top Classifications table in Site Analysis report to display the word Total instead of Neutral.
Added ability to customize Application/Sites categorization by either editing existing Application/Sites urls or creating a custom Application/Site.
User Management
Logon Accounts
Added 2-factor authentication to logon accounts. When enabled for an account using the edit Logon Account screen, an email code is sent to the corresponding email address each time that user logs on.
Reports
Application/Sites Sessions
New Web Session reporting. Added web data analyzer to identify user Web Sessions based on a user’s activity to an application. Analyzer is scheduled to run daily to identify sessions for the previous day. Added session fields of Session Start Time, Session Stop time and Session Hits to template reporting and pre-configured Dashboard and panels to Visualizer to display User Session information.
Settings
Session Analyzer
Added new screen to adjust the configurations used by the Session Analyzer. In addition, you can also re-analyze the web data for a given configuration.
Corrections
Health
Corrected problem with lingering connections to metric server leading to performance degradation.
Arrays
Fixed product update instructions to propagating to array members.
Added ability to customize Application/Sites categorization by either editing existing Application/Sites urls or creating a custom Application/Site.
User Management
Logon Accounts
Added 2-factor authentication to logon accounts. When enabled for an account using the edit Logon Account screen, an email code is sent to the corresponding email address each time that user logs on.
Reports
Application/Sites Sessions
New Web Session reporting. Added web data analyzer to identify user Web Sessions based on a user’s activity to an application. Analyzer is scheduled to run daily to identify sessions for the previous day. Added session fields of Session Start Time, Session Stop time and Session Hits to template reporting and pre-configured Dashboard and panels to Visualizer to display User Session information.
Settings
Session Analyzer
Added new screen to adjust the configurations used by the Session Analyzer. In addition, you can also re-analyze the web data for a given configuration.
Data Management
Log Types
Updated CheckPoint parser to be able to parse additional types of records.
Updated Zscaler to:
parse CSV export and Event format.
include additional fields like Super Category.
Removed None as valid application.
Removed default browser value.
Added Tunnel protocol mapping to https
Updated Palo Alto parser to include better header record matching. Prevents issues where URL field is misconfigured.
Parser
Updated parser to properly handle records that have duplicate keys by validating the value.
Updated parser to allow protocol mapping to convert field value to http or https protocol.
Corrections
Health
Corrected problem with lingering connections to metric server leading to performance degradation.
Arrays
Fixed product update instructions to propagating to array members.