Skip to main content
Version: 4.3

What's New?

Version 4.3

📅 Smart Monitor version 4.3.0 released on January 29, 2025.

Core

Changes
  • ⚡️ OpenSearch updated to version 2.18.0
  • ⚡️ New dashboard implementation, optimized rendering of visualizations and the number of network requests when fetching data from storage.
  • ⚡️ Added the ability to configure access rights to menu sections
  • ⚡️ Added macros management interface
Improvements
  • ⚡️ Redesigned the menu settings interface
  • Now, when editing system scheduler tasks, dashboards, or tags, information is added to their user copy indicating that it was created from the system version
Fixes
  • Fixed multiple updates of visualizations when moved within dashboards
  • Fixed incorrect behavior of filters in dashboards when moved between panels
  • Fixed incorrect operation of dependent filters whose options are generated by a search query
  • Fixed behavior where multiple requests to the storage were triggered

Core: Engine

Changes
  • ⚡️ Added support for macros, allowing for the reuse of query fragments in any other search queries
  • Added the ability to export results of background queries
  • Added the ability to configure the maximum execution time, result retention period, and the number of events stored in a single file for background tasks
Improvements
  • The SP-client prefix can now be set by default
  • Optimized the execution process of background tasks
  • The train command now supports the use of existing ML models
  • In the outputlookup command, the logic for the keyfield parameter has been changed, now the field name is used as an argument, by the value of which the matches with the data in the lookup table are checked and updated
  • Double quotes are no longer required for values without separators in the search command
  • The search command now uses the logical operator AND by default
Fixes
  • Fixed an issue where the loadjob command did not return results
  • Fixed issues that occurred when deleting or stopping a background task
  • Fixed the setting that overrides the directory for storing background task results
  • Fixed an issue where the field order in background task results was not saved
  • Fixed the calculation of the background task execution time
  • Fixed an issue with canceling the execution of a background task

Core: Job Scheduler

Changes
  • Added the ability to use mailing lists in the active action Send E-mail
  • In the active action Create Incident, added the ability to configure the index suffix, which allows controlling the distribution of incidents across different indexes
  • Added the ability to enable system tasks
  • Added the ability to edit tags and access rights for system tasks
Improvements
  • Now, in the active action Send E-mail, the field order in attached Excel/CSV files is preserved
  • The active action MITRE ATT&CK® Techniques Logging now supports the use of tokens for layer specification
  • Now, in the active action Create Incident, the incident card fields support tokens
Fixes
  • Fixed the suppression mechanism when handling nested objects

User Behavior Analytics

Improvements
  • Added the ability to ignore case sensitivity for object identification fields

Smart Beat Manager

Changes
  • ⚡️ Up to 30 times faster interface response time with a large number of connected clients
  • ⚡️ Now applications can be uploaded and deleted through the interface
  • ⚡️ Added the ability to view, create, and edit applications in the interface
  • Optimized algorithms for processing and storing information about connected clients
  • When the client list is updated, a notification now appears with the option to refresh the data
  • Completely redesigned the group management interface
  • Added the ability to export the client list
Improvements
  • Expanded the filter set on the client page, now it is possible to filter by applications, files, tags, versions, and also select clients without groups
Fixes
  • Fixed the freeze that occurred when updating group configurations

Smart Beat

Changes
  • Now, to determine the beat type for launching an application, instead of using a prefix in the name, you can use a property file

Inventory

Changes
  • Added the ability to specify the lifetime of an asset, after which the asset will be deleted

Incident Manager

Changes
  • ⚡️ Now, incident search supports the syntax of the search command
  • Now, filter values on the Incident Manager page can be populated based on the search results
Improvements
  • Added time zone display to all time fields
  • Pagination for the incident list has been expanded
Fixes
  • Fixed editing of comparison fields and functional fields in Incident Group Settings

Lookup Manager

Improvements
  • In the dictionary configuration, it is now possible to specify the number of rows to display
Fixes
  • Optimized dictionary data modification queries

MITRE ATTACK

Improvements
  • Added the ability to collapse/expand all sub-techniques with one button
  • Added the ability to display only the techniques that are involved in the rules
Fixes
  • Fixed the issue where the layer selection did not work after Smart Monitor reboot