Skip to main content
Version: 4.0

What's New?

Version 4.0

📅 Smart Monitor version 4.0.0 was released on April 12, 2024.

Core

⚡️ Changes
  • Added Smart Monitor settings interface (connection to external data stores)
  • Added auto-completion for database connection strings in Smart Monitor
  • Added the ability to test connections to external storage
  • Added scoring configuration options
Improvements
  • JDBC query configuration is now integrated into Smart Monitor
  • The Upload Data and Active Tasks links have been moved to the left menu
  • The xlsx library was updated to version 0.20.1
Fixes
  • Fixed the filter-saving mechanism in the address bar

Core: Search Interface

⚡️ Changes
  • Added a new visualization type: Heatmap

Core: Engine

⚡️ Changes
  • Support for searching Clickhouse using Search Language
  • Added Timeline and Sidebar for Clickhouse queries
  • Time parameter passing is now available for Clickhouse storage queries

Core: Job Scheduler

⚡️ Changes
  • Added the ability to select which columns to display in the Jobs List
Improvements
  • The MITRE ATT&CK action now supports multi-selection of techniques

⚡️ User Behavior Analytics

⚡️ Changes
  • Added module configuration on first launch
  • Added new profiling algorithms: Dictionary, Statistics, Frequency, and Chronology
  • Added UBA object profile page and object information card
  • Added warning for UBA object duplicates
  • Added the ability to configure the type of object profiling
  • Added the ability to link scoring type to an object
  • Added automatic object list population by schedule
  • Added support for running multiple profiling algorithms in policies
  • Added the ability to use a custom function for scoring calculation
  • Added the ability to view profiling policy results
  • Added statistics on runs for each object
  • Added server filtering options for running calculations
Improvements
  • Added deletion confirmation in module settings
  • Added scoring deletion confirmation

Incident Manager

⚡️ Changes
  • Added incident group creation mechanism (aggregations)
  • Added incident group configuration
  • Added the ability to choose the closure status for incident groups
  • Added the ability to configure the display (incidents only or incidents and groups of incidents)
  • Added the ability to edit incident groups with synchronized changes for each incident
  • Added the ability to run Adhoc Actions for incident groups
  • Added the ability to display MITRE techniques for incident groups
  • Each incident group now has configurable group parameters
Improvements
  • Incident or incident group description configuration can now be done with Markdown
  • Added search by owners in the incident table search bar
  • Added search by query results in the incident table search bar
  • System and display names for incident groups are now configurable
Fixes
  • Fixed the error that occurred when the incident list auto-refresh caused an issue due to lack of data

Knowledge Center

Fixes
  • Fixed the display of tags on the Scenarios page
  • Fixed the error when fetching the list on the Wikilogs page

MITRE ATTACK

Fixes
  • Fixed the error in technique information display when mitigations were missing
  • Fixed the error in getting statistics for triggered rules

Version 4.0.1

📅 Smart Monitor version 4.0.1 released on May 6, 2024.

Core

Improvements
  • Added ability to differentiate access rights to the Smart Beat Management page
  • Added ability to specify a default time field in the Search Anywhere configuration
  • Added support for the smartbeatsmanagement.keepalive parameter
  • Added additional notifications when working (modifying, adding, deleting) with objects in Lookup Manager, Knowledge Center, Job Scheduler
  • lettuce-core library updated to version 6.3.2.RELEASE
  • netty-transport library updated to version 4.1.109.Final
  • spring-boot-starter-parent library updated to version 3.2.5
  • xlsx library updated to version 0.20.2
Fixes
  • Fixed error when overwriting Search Anywhere configuration
  • Fixed incorrect pagination behavior on search pages
  • Fixed incorrect access to user objects when a system object with the same identifier exists
  • Fixed error when retrieving the list of drivers if no driver has been saved yet
  • Fixed error with incorrect value coloring ranges in the Metric visualization
  • Fixed legend centering error in Line Chart and Column Chart visualizations
  • Fixed error when configuring Column Chart splitting by series
  • Fixed incorrect display of search history on small screens
  • Fixed update of search execution time information
  • Fieldbar now displays when searching an index without a time field
  • Fixed error when exporting search results to Excel if an array was present
  • Fixed incorrect icon in the Refresh button when starting a search
  • Added missing tooltips, updated links to documentation in search

Core: Knowledge Center

Fixes
  • Fixed undefined error when there are no elements in the permission group field when editing rights
  • Fixed incorrect article movement
  • Fixed error when loading dashboards in an article

Core: Engine

Fixes
  • Fixed incorrect operation of the transaction command with certain time intervals
  • Fixed parser error when using the search command with parentheses
  • Fixed error that made it impossible to cancel a query during transaction command execution
  • Fixed error when sorting a field in descending order
  • Fixed error where a field could not be named os or testt
  • Fixed incorrect operation of the strptime function in peval
  • Fixed random function in eval which returned a multivalue field
  • Fixed incorrect operator precedence of boolean OR and AND operations in the peval command
  • Fixed error where a background query remained in the active queries list after search completion

Core: Job Scheduler

Fixes
  • Fixed error where a query executed with an error was not displayed in logs
  • Webhook Action no longer sends duplicate requests within a single trigger when is_once mode is disabled
  • Fixed non-working tokenization issue in cases where a field contains %
  • Fixed field display in Incident Action, they no longer appear over the menu
  • Fixed display of severity options depending on settings in Incident Action
  • Fixed duplication of query parameters when specified in the query string in Webhook Action

Incident Manager

Improvements
  • Added additional notifications when working with configurations
  • Added confirmation window when deleting a field from an incident card
Fixes
  • Fixed incorrect translation in the incident card when creating an incident manually
  • Fixed error when editing the default value in the Date field type
  • Fixed incident count calculation when displaying multiple pages
  • Fixed incorrect operation of the Enable multi-edit setting in the incident card
  • Fixed incorrect action execution in Workflow (user information was not displayed)
  • Fixed incorrect Workflow selection in Incident Action

UBA

Fixes
  • Replaced hyperlinks with plain text in the document details of run results
  • Fixed incorrect breadcrumbs in run results

Inventory

Fixes
  • Fixed excessive value enumeration when searching the asset database (-fast-only launch flag)
  • Fixed incorrect page behavior when deleting prioritization settings from sources
  • Fixed display of prioritization fields during creation, field name is no longer empty
  • Fixed display of configuration values in the configuration list after saving, updates now apply immediately

Smart Beat

Improvements
  • github.com/stretchr/testify library updated to version 1.6.1
Fixes
  • Fixed incorrect integrity control calculation for unpacked configuration

Version 4.0.2

📅 Smart Monitor version 4.0.2 released on June 4, 2024.

Core

Fixes
  • Fixed error with missing username when viewing JDBC connection configuration
  • Fixed error that occurred when logging out on the Search page
  • Fixed incorrect visualization update when changing filter values
  • Fixed incorrect display of child nodes in RSM after editing
  • Fixed incorrect substitution of time tokens when configuring Drilldown
  • Fixed data loading into index from CSV files containing Cyrillic characters
  • Fixed error that occurred when moving a filter to the dashboard panel
  • Added ability to specify minimum distance between X-axis labels in Column Chart
  • Fixed incorrect handling of fields with dot and space in Lookup Manager
  • Fixed issue with incorrect field display when using thetimechart command
  • Fixed error in the inputlookup command that caused incorrect return of fields with spaces
  • Fixed incorrect encoding in Job Scheduler results

Incident Manager

Fixes
  • Fixed error when editing multiple incidents with different Workflows
  • Fixed error when navigating to the incident group creation page
  • Fixed error when opening the modal window during incident creation
  • Fixed number formatting in incident statistics
  • Added default level colors for the Severity field

MITRE ATTACK

Fixes
  • Fixed error that occurred during initialization from file

Version 4.0.3

📅 Smart Monitor version 4.0.3 released on August 8, 2024.

Core

Improvements
  • Delete button color in Job Scheduler and UBA changed to red
  • Added new notifications when working with Resource-Service Model objects
Fixes
  • Added permission check for * and cluster:admin/sm/*
  • Fixed translations for English language in Index State Management
  • Fixed visualization scaling in search
  • Fixed substitution of values from search query results into the search bar when a subquery is present
  • Fixed error in navigation menu after pinning the Wikilogs item
  • Fixed display of Smart Beat Management menu item
  • Fixed translation of the Other section in the Pie Chart visualization
  • Fixed display of large number of tags in object list
  • Fixed error when substituting tokens with values containing the $ character
  • Fixed table display in Lookup Manager in dark theme

Core: Engine

Improvements
  • Improved result processing in the rest command
  • Added format_escape_backslash setting for escaping the \ character in format command
  • Optimized function operation in the peval command
  • Empty timefield, earliest and latest parameters specified in the search string will now be ignored
Fixes
  • Fixed order issue in the format command
  • Fixed error when calling | aggs count using Cross Cluster Search
  • Fixed field display when executing a search with the format command
  • Fixed mapping operation with the format command when the enable_field_caps setting is enabled
  • Fixed field statistics display when using Cross Cluster Search
  • Fixed hexadecimal number comparison in the where command
  • Fixed empty string filtering in the search command
  • Fixed operation of the append command with enabled limits
  • null values in the join command are now overwritten
  • Fixed display of Job Scheduler searches in the active searches list after their completion

Core: Remote Executor

Fixes
  • Service logs are now written correctly without the need for additional configuration

Incident Manager

Fixes
  • Fixed aggregation configuration update freezing when the task list is not updated
  • Fixed service startup before configuration is populated with settings from the index
  • When changing the status in an incident for the first time, the assignee is now automatically set
  • Fixed error when editing multiple incidents with different workflows

Inventory

Fixes
  • Added human-readable error for incorrect asset configuration filling
  • Fixed page switching in Asset List

Smart Beat

Fixes
  • Fixed client filtering by operating system

User Behavior Analytics

Fixes
  • Fixed focus loss issue in modal window when editing fields

Version 4.0.4

📅 Smart Monitor version 4.0.4 released on September 9, 2024.

Core

Fixes

Incident Manager

Fixes
  • Fixed incorrect addition of comments to incident history
  • Fixed operation of the Assignee filter when filtering by display name
  • Fixed incorrect filtering of dependent filter types in Incident Card

Smart Beat

Fixes
  • Fixed agent status information update

Inventory

Fixes
  • Fixed error during configuration import