Skip to main content
Version: 4.2

What's New?

Version 4.2

📅 Smart Monitor version 4.2.0 released on October 25, 2024.

Core

⚡️ Changes
  • Added a page with frequently asked questions
  • Added interface for installation and content management
  • Added interface for monitoring active searches
  • Updated dark and light themes
  • Style settings have been replaced with interface theme selection
  • Added themes: Green, Blue, Night Blue, and Ocean
Improvements
  • Expanded set of modules and objects available for search in Spotlight
  • Global tag search is now available in Spotlight
  • Significantly increased data migration speed to ClickHouse
  • Library dompurify updated to version 2.5.4
Fixes
  • Fixed an error where the core.use_cluster_state setting value was reset after cluster reboot
  • Fixed an error retrieving configurations from Cluster State

Core: Search Interface

Fixes
  • Fixed an error forming the link when clicking the Share button

Core: Engine

⚡️ Changes
  • Added support for Machine Learning for Smart Monitor Language commands
  • Added support for the following algorithms:
    • K-means
    • Linear regression
    • Random Cut Forest (RCF)
    • RCF Summarize
    • Localization
    • Logistic regression
  • Added commands train and predict
  • Added median function to commands stats, aggs, timechart, timeaggs, chart, eventstats, and streamstats
Improvements
  • perc (percentile) function is now available in commands chart, eventstats, and streamstats
  • Added ability to disable time filter in source command using timefield parameter
Fixes
  • Fixed incorrect number comparison with different data types in eval command
  • Fixed an error where random function generated identical values for different documents

Core: Job Scheduler

⚡️ Changes
  • Added developer mode for editing tasks
Improvements
  • Added ability to configure SSL/TLS in Webhook action
  • Password for authorization in Webhook action moved to Keystore with prefix jobscheduler.webhook.password
Fixes
  • Fixed an error with incorrect operation of suppression mechanism on nested fields
  • Fixed an error where tasks could run on servers where the node_with_sme attribute had value false

Core: Remote Executor

Improvements

Smart Beat

⚡️ Changes
  • Added configuration parameter rotation.log_path to specify log directory
  • Added CN=<hostname> to agent certificate (or Smart Beat if hostname could not be obtained)
Improvements
  • Configuration group server is now hidden by default
  • Set default parameters: ssl.cert_ca with value ./cert/ca-cert.pem and manager.host with value 127.0.0.1

Smart Beat Manager

⚡️ Changes
  • Added CN=<hostname> to agent certificate (or Smart Beat if hostname could not be obtained)
Improvements
  • Console command delete renamed to remove (aligned with Smart Beat)
  • Optimized data loading speed in interface
  • Expanded error descriptions in logs
  • Parameter authorization.opensearch.host now defaults to https protocol
  • Parameter authorization.opensearch.ca_key is now hidden by default
  • Parameter authorization.opensearch.ca_cert now defaults to ca-cert.pem
  • Parameter authorization.opensearch.ssl_enabled is now optional and hidden by default

Inventory

⚡️ Changes

Incident Manager

Fixes
  • Fixed Responsible filter with value Not Assigned

Lookup Manager

Improvements
  • Optimized lookup data search
Fixes
  • Added parameter in lookup settings to adjust amount of displayed data in interface

Version 4.2.1

📅 Smart Monitor version 4.2.1 released on December 3, 2024.

Core

Improvements
  • Added module links on main page
  • Improved search bar hints
  • Section Fields from search results in Job Scheduler renamed to Result Fields
Fixes
  • Fixed encoding issue in object deletion events
  • Fixed duplicate dot character suggestion in source command
  • Fixed filter selection update without saving dashboard
  • Fixed search execution time display
  • Fixed focus shift on search page when notifications expand
  • Field Priority in index management section is now required
  • Fixed incorrect coloring in some visualizations
  • Fixed missing backslash character escaping in object name during export
  • Fixed extra spaces and line breaks when copying query
  • Fixed prefix and filter token substitution used in another filter's search
  • Fixed page hanging after selecting logarithmic display for Line Chart
  • Fixed incorrect information display on Pie Chart
  • Fixed Drilldown functionality in Radar Chart visualization
  • Fixed result display error in table
  • Fixed Table display when using timeaggs command
  • Fixed temporal filter token value substitution in dashboards
  • Fixed missing hint highlighting in search bar in dark theme

Core: Engine

⚡️ Changes
  • Changed calculation formula in statistical function stdev to Population Standard Deviation
Improvements
  • Added memory-optimized mode for lookup command - ERGO
  • Added user limit for lookup size in lookup command in FAST and ERGO modes
Fixes
  • Fixed array handling in peval command
  • Fixed error in timechart command with useother parameter
  • Fixed only first 10000 documents being written when outputlookup command runs with append=false
  • Fixed issue where peval couldn't process keys enclosed in single quotes
  • Fixed bug occurring with source peval wildcard, and added sens-scripts for equal and wildcard operators
  • Fixed missing OTHER field in timeaggs command results
  • Fixed error in db command requiring cluster reboot to apply updated driver path
  • Fixed error in stats command where list, last, and first functions returned numbers as strings
  • Added field handling with spaces to format command
  • timeaggs command with composite=true parameter now displays intervals with empty values same as without composite=true
  • relative_time function in eval command can now accept fields as second parameter
  • Fixed incorrect calculation of frequently occurring values for queries like source clk:...
  • Fixed lookup command work with lists
  • Fixed field renaming from lookup in lookup command
  • Fixed fillnull command when querying large amounts of data
  • Fixed page hanging when creating new db-query with existing name

Core: Job Scheduler

Improvements
  • Improved field validation in Webhook
Fixes
  • Fixed custom_fields field writing in Mitre Action in one line
  • Fixed error expanding Additional Fields section in Create Incident action
  • Create Incident action cannot be saved without description

Core: RSM

Fixes
  • Fixed RSM tree and indicator settings display

Core: Remote Executor

Fixes

Inventory

Fixes
  • Fixed incorrect coloring of some field names in asset table
  • Fixed error in edit form on Fields tab

Lookup Manager

Fixes
  • Search now only searches fields displayed in lookup list

Knowledge Center

Fixes
  • Fixed permission selection for read or write for all users in Rule List section
  • User with role kwc_admin can now view list of all user groups

Mitre Attack

Fixes
  • Fixed non-working links in MITRE matrices

Incident Manager

Fixes
  • Fixed default field values display from incident card when manually creating incident and incident group
  • Fixed errors when filtering rows with special characters
  • Fixed errors when following View Additional Information link
  • Fixed erroneous addition of incidents to incident group after closing incident group

User Behavior Analytics

Fixes
  • Fixed IndexNotFoundException error when calculating profiling or scoring if non-existent index specified in calculation
  • Fixed error when substituting type in policy
  • Fixed error when filtering object and configuration tables
  • Fixed modal window reset when selecting text
  • Fixed various configuration fill display issues
  • Fixed field validation in Cybersecurity Index
  • Fixed scoring-type translations during initialization