Version 7.10
New features
- Support for sending syslog notifications over TCP
- Display parsed network traffic in analysis reports
Support for sending syslog notifications over TCP
When configuring a syslog (SIEM) notification configuration, users can now select to use TCP or UDP transport protocol.
Display parsed network traffic in analysis reports
The network traffic captured during the analysis of an artifact is now displayed in parsed and browsable form when viewing the analysis report in the Lastline Portal.
Bug fixes and improvements
- The timestamp of syslog messages is now correctly influenced by the timezone selected in the notification configuration, instead of being always UTC.
- Fix a visual glitch that would sometimes affect our line and bar graphs
- Fix a visual glitch in the analysis subjects overview graph
- Fix UI performance issue when using malware filter
- Analyst appliances now report errors more promptly. Previously, it could take up to 10 minutes for an error state detected on the appliance to be reflected in the appliance's status as show in the Lastline UI.
- Fix the Knowledgebase Configuration to fetch results from the Lastline Analysis host that is referenced in the list of hosts to be reachable according to the documentation.
Deprecation of API methods
The following deprecated methods of the legacy API are being removed in this version:
- list_threat_classes
- list_threats
- query_entry_info
The Lastline API documentation includes a deprecation schedule for methods in the legacy API, as well as information on how to replace usage of these deprecated methods with supported methods.
Released appliance versions
As part of this release, we are making available the following version of Lastline appliances for use with Lastline Analyst On Premise:
- Lastline Analyst version 714