Skip to main content
Version: 5.0

What's New?

Version 5.0

📅 Smart Monitor version 5.0.0 released on April 30, 2025.

Core

⚡️Changes
  • Added a new mechanism - Notes, which allows quickly creating and supplementing notes from any interface section. Notes can include incidents, visualizations, Inventory module assets, files, images, and arbitrary text
  • Development of Search Anywhere: added a new source type - API, which allows obtaining data using REST API
  • Added visualization Quick State: consists of dynamic cards automatically generated based on search query results. Each card displays a key indicator with color indication and an icon.
  • Added visualization Tree Map: displays search results as rectangles of different sizes, whose area is proportional to the numeric value of the corresponding breakdown element
Improvements
  • Now by default only frequently occurring source fields are displayed in the side menu of the search interface
  • Visualization Table: added tooltips with column names when hovering over them
  • Highlighting a line in a search query now highlights all its occurrences
  • Added tooltips for Export, Notifications, Share buttons in the search interface
  • Expanded display options for the number of rows on the search page, now 100 and 200 are available
  • Now the total number of objects is displayed on pages with lists
Fixes
  • Fixed an error with incorrect substitution of values from visualizations into text filter and multi-selection filter

Core: Engine

⚡️Changes
  • Now available option allowing to exclude indexes from processing whose data does not fall under the specified time filter when running a search through a pattern
Improvements
  • Now the name of cross cluster connection can be specified in search without single quotes
  • The search command now supports the in function, which checks if a field value is included in a specified set
  • Now multiple addresses can be specified for connecting to SME RE
Fixes
  • Now in case of query parsing error, the correct line number containing the error is displayed
  • Fixed operation of ceil and floor functions with large numbers in the eval command

Core: Job Scheduler

Fixes
  • Fixed suppression operation for multivalue fields

User Behavior Analytics

⚡️Changes
  • Added ability to configure Exclusions for profiling policies
  • Added ability for partial updating of calculation results of algorithms Dictionary and Statistics in profiling policies

RSM

⚡️Changes
  • Beta version of RSM 2.0 is now available. New interface, updated logic, new functions for linking metrics and services
Improvements
  • Added ability for automatic model updating in the interface
  • Added ability for multiple editing of models, metrics, indicators
Fixes
  • Optimized model page rendering

Smart Beat Manager

⚡️Changes
  • Now supports new agent type - Vector
Improvements
  • Added support for new flags during service installation:
    • --ignore-systemd - service will not be installed in systemd
    • --ignore-selinux - ignoring presence of SELinux and granting execution rights
    • --directory - allows specifying installation directory
    • --group - allows setting file permissions for a specific group
Fixes
  • Fixed an error where group settings changes (applications or files) were not displayed in agent list
  • Fixed an error where client was not deleted from group
  • Fixed notification logic for availability of new data
  • Fixed an error where there were no changes after calling API method reload
  • Fixed an error where remote application or file was displayed in agent information blocks

Smart Beat

⚡️Changes
  • Added support for data collection and processing agent Vector
Improvements
  • Added support for new flags during service installation:
    • --ignore-systemd - service will not be installed in systemd
    • --ignore-selinux - ignoring presence of SELinux and granting execution rights
    • --directory - allows specifying installation directory
    • --group - allows setting file permissions for a specific group
  • Added ability to grant Linux privileges for running Auditbeat during service installation
  • Redesigned format and optimized number of logs during service installation

Inventory

⚡️Changes
  • Now available in the module mechanism for building relationships between assets, which allows configuring rules for automatic linking of configurations, and provides visualizations of obtained relationships
  • No separate installation of calculation module required, now it is integrated into the system
  • Asset update calculations now run as separate tasks with their own schedule
  • For each configuration calculation, a Run Statistics section is available with detailed information about status and execution stages
Improvements
  • Module configuration available through interface
  • Improved interaction experience with interface, redesigned components

Incident Manager

⚡️Changes
  • Added section Inventory Module Integration to active action Create Incident task scheduler settings, which allows configuring mapping between asset configurations and incident fields
  • Now identifiers are written in new format:
    • For incidents - INC-[<installation prefix>]-<YYMMDD>-<sequential number>
    • For aggregations - AGG-[<installation prefix>]-<YYMMDD>-<sequential number>
Improvements
  • Added ability to configure time boundaries for drilldown mechanism of type Search
  • For aggregations added ability to configure index suffix, which allows adjusting distribution of aggregation results across different indexes
  • Added ability to adjust column widths on Incident Manager page
Fixes
  • Fixed error filling customer information field in Service Provider mode
  • Now in incident card settings for fields of type Selection default value can be cleared

MITRE ATTACK

Improvements
  • Added Detection Methods section to technique description
  • Added ability to view tactic description
Fixes
  • In Trigger Matrix calculation is now performed for selected layer

SME RE

Fixes
  • Fixed error preventing use of parameters containing separator characters

Cyber Security

⚡️Changes
  • Added mechanisms for importing rules in Sigma format. Now they can be added to the system and generate search tasks with automatic query formation on SML. More than 3000 rules available for import

Smart EDR

⚡️Changes
  • Implemented endpoint event monitoring - process control, network connections, and system changes.
  • Formed data enrichment - automatic inventory supplementation and event correlation from other systems.
  • Implemented dashboards for analyzing historical data.
  • Implemented integration with Incident Manager.
  • Completed task automation - remote command execution as incident responses.

Smart Code

⚡️Changes
  • Added availability check for Continent nodes and Secret Net Studio agents.
  • Implemented CPU, memory, disk, and network interface load control.
  • Added dashboards for analyzing crypto-gateway, firewall, and cryptographic device operation.
  • Formed reports on user sessions, access attempts, configuration changes.
  • Added automatic collection of user, device, certificate data.

Version 5.0.1

📅 Smart Monitor version 5.0.1 released on June 20, 2025.

Core

Fixes
  • Fixed error where some dashboard visualizations did not update after changing time filter
  • Fixed error where dynamic filter inside dashboard did not show search results if time token was absent
  • Fixed error with incorrect array display in search results
  • Fixed incorrect output of value list in color scheme of visualizations
  • Fixed work with prefix and suffix in dashboard dynamic options
  • Fixed error where visualization selection window did not close
  • Fixed recognition of index pattern without single quotes for cross cluster search
  • Fixed error where system dashboard could not be edited
  • Fixed display of popup values when updating Pie chart visualization
  • Fixed drilldown formation when editing query in Pie chart visualization
  • Fixed work with color schemes in Table visualization
  • Fixed error with column duplication in Table visualization when renaming field in query
  • Fixed error where color scheme settings were reset when switching between settings tabs in Table visualization
  • Fixed macro name validation error if it contains many parameters
  • Fixed error where JDBC driver list did not load if among them existed a driver with large size

Core: Engine

Improvements
  • Now in search command regex function is case-insensitive by default, case sensitivity can be enabled with sens flag
Fixes
  • Fixed error with high memory consumption when saving background task result to disk
  • Fixed search error when query or subquery starts with pipeline preceded by comment
  • Fixed error where data request limit for qsize parameter was not considered

Core: Job Scheduler

Fixes
  • Fixed error where Save button was blocked when editing search task
  • Fixed query editor display in dark theme
  • Fixed HTML editor display in active action Send E-mail
  • Fixed tokenization problem arising when escaping special characters in active actions
  • Fixed error where Severity field with integer value in active action Create Incident was saved as fractional
  • Fixed focus loss error when entering Result Fields and Local Parameters values in active action Create Incident

Knowledge Center

Improvements
  • Added ability to configure access for notes using cluster permissions:
    • cluster:admin/sm/kwc/notebook/read_all - read
    • cluster:admin/sm/kwc/notebook/write_all - edit and delete
    • cluster:admin/sm/kwc/notebook/create - create
Fixes
  • Fixed access error to notes when having read permission

RSM 2.0

Improvements
  • Added ability to configure access rights for layer
  • Added ability to enable/disable metric

Smart Beat Manager

Improvements
  • Added support for client binding by tags in group filter configuration
  • Now search on Clients page supports Tag field

Smart Beat

Improvements
  • Now when applications are changed, their metadata and logs are not deleted

Incident Manager

Improvements
  • Added sorting of additional fields for AdHoc actions
  • Now full incident information is passed to AdHoc actions
Fixes
  • Fixed error with incorrect creation time of empty incident
  • Fixed NullPointerException error when loading dynamic filter
  • Fixed clearing of aggregation settings in memory when deleting them

Version 5.0.2

📅 Smart Monitor version 5.0.2 released on October 16, 2025.

Core

Improvements
  • Now global search can search notes
  • In Upload Data section now can view detailed error information
  • Improved display of long values on axes for Bar chart visualization with Vertical layout parameter enabled
Fixes
  • Fixed global search error occurring when user has no access to Inventory module asset settings
  • Fixed errors when getting information about connected Service Provider clients
  • Now long search query in dynamic options of filter settings on dashboard does not overlap other input fields
  • Fixed problems when switching visualization types on dashboard editing page
  • Fixed error where modal window did not close after saving permissions for JDBC queries
  • Fixed incorrect parsing of fields containing dates when loading data through interface
  • Fixed applying default value in selection and multi-selection filter when opening dashboard
  • Fixed errors occurring when copying query from search history
  • Fixed incorrect parsing of Path to trust store field in Search Anywhere connections
  • Fixed incorrect display of negative fractional values in Metric visualization
  • Fixed incorrect application of Palette color scheme in Table visualization
  • Fixed display of null values in Table visualization
  • api command added to list of available commands when configuring limits
  • Fixed missing highlighting for qsize, packsize and nores parameters in search

Core: Engine

Improvements
  • Accelerated calculation of frequently occurring values for field list in search interface
  • Added ability to use coalesce, nullif, case, if, validate functions of eval command for string concatenation
  • Added time filtering for fields with DateTime and DateTime64 types in ClickHouse sources
  • Now eval command can work with fields of array-extracted object
Fixes
  • Fixed search error where after executing timechart or timeaggs commands incorrect fields were displayed in table
  • Now any commands can be used after format command
  • Fixed error when using * symbol in rename command
  • Fixed error preventing use of body_type=text parameter for api command
  • Fixed filtering operation in search command by integer type fields for ClickHouse sources
  • Fixed error when searching by array type fields in ClickHouse sources

Core: Job Scheduler

Fixes
  • Fixed missing task selection options in active action Run another search when Service Provider mode enabled
  • Fixed incorrect display of multi-selection type fields in Additional Fields section of active action Create Incident

Knowledge Center

Fixes
  • Fixed incorrect link formation when opening note in new tab
  • Fixed error where only last block was saved when adding multiple blocks to note
  • Fixed error occurring when deleting image from note

Lookup Manager

Fixes
  • Fixed error where record order changed after editing lookup

RSM 2.0

Fixes
  • Fixed error occurring when editing range for string metric
  • Fixed incorrect saving of time interval in metric

Incident Manager

Improvements
  • Now fewer system resources required to load Incident Manager page
Fixes
  • Fixed editing aggregation with disabled Synchronize with incidents of this group option
  • Fixed incorrect filtering by Multiline text type fields
  • Fixed error when running Active Action when field for token from Incident Description Format setting is absent in incident
  • Fixed incorrect pagination operation when changing filters or time range

Inventory

Fixes
  • Added automatic storage creation for asset when creating configuration
  • Fixed incorrect display of arrays in Related Assets section

User Behavior Analytics

Improvements
  • Added support for wildcard in object search
  • Optimized search on UBA Objects page with large number of objects
Fixes
  • Fixed operation of default selection button in UBA Object Types section

Move to ClickHouse

Improvements
  • Added support for SSL for ClickHouse connections
  • Added ability to configure lifetime for `Click
  • Added ability to transfer data from old indexes

MITRE ATTACK

Fixes
  • Fixed incorrect display of creation and update time in permission editing modal window on Layer Editor page

Smart Beat

Fixes
  • Fixed logic for waiting network interface initialization during system reboot