Lastline Analyst and Detonator On-Premises Release Notes

Version 7.11

New features

  • Improved appliance metrics views
  • Display child tasks in analysis reports
  • Audit log extensions

Improved appliance metrics views

The appliance metrics views have been improved to better support deployments with a large number of appliances.

For such deployments, the legend listing all of the appliances could end up occupying most of the available space for each graph.

In this version, the legend has been moved outside of individual graphs and into a dedicated "Appliances" widget, so it is not repeated in each graph on the page and so that the actual graphs can use all of the available space to display appliance data.

Display child tasks in analysis reports

Lastline's analysis of a file or URL may, under a growing list of circumstances, trigger additional analysis tasks on URLs or files generated by the initial analysis run. As an example, the analysis of a URL may trigger the analysis of a linked file. Conversely, the analysis of a file may trigger the analysis of a URL that was found in that file.

The Lastline portal now displays all such child tasks of an analysis report in a new "Additional artifacts" table displayed in the report overview page.

Audit log extensions

With this release, additional information will be included in the audit log which is available in the Lastline portal, API, and in audit log notifications.

  • Include logout events.
  • Include failed login attempts that use a valid user account
  • Successful login events were already included in audit log, but are now also included in audit log notifications.
  • Include changes to integration configurations. This includes notifications (Syslog, email, generic HTTP, streaming) and Tanium integration.

Bug fixes and improvements

  • Improved design of portal sidebar. It is now collapsible to make more efficient use of screen space.

  • Fix an issue linking analysis metadata for download in the analysis report.

Deprecation of API methods

No additional methods of the legacy API (/ll_api/ll_api) are being deprecated or removed in this version.

The Lastline API documentation includes a deprecation schedule for methods in the legacy API, as well as information on how to replace usage of these deprecated methods with supported methods.

Released appliance versions

As part of this release, we are making available the following versions of Lastline appliances for use with Lastline Enterprise On Premise:

  • Lastline Analyst version 715
7.10 7.12