A number of features have been improved in version 2.5.7, including small changes to the KnowledgeBase feature.
You can now annotate each event in KnowledgeBase so it’s clear what each connection means without just relying on the automatically generated metadata. We’ve also listened to your feedback and changed the way the column headers display so they look a little bit clearer. Two more useful changes in KnowledgeBase include a reordering of events based on sample time, so they should be in a more intuitive order, and indicators for the direction of the connection too, so you can see which host initiated each connection.
There’s also some bug fixes and user enhancements, including refining the behaviours introduced in version 2.5.3, fixing issues with rendering some ForensicAI alerts, and protecting system stability with disk capacity protection.
A full list of updates are below:
Added support for text-based annotations to be included against KnowledgeBase events. This enables the user to add free text notes describing each event.
Fixed header position in KnowledgeBase swimlane diagram.
KnowledgeBase events now show direction of connection in swimlane diagram.
Updated KnowledgeBase to use sample time when ordering events in swimlane diagram.
Fix issue where behaviours were not loaded under HLC if the number of these exceeded a certain limit.
Added disk capacity protection to address issue seen on busier systems.
Enhanced metadata included in Host Activity classifier.
Added ability apply exceptions to Host Activity classifier.
Added an ability to purge all data from CCS and sensor should equipment need to be re-deployed or have all prior data removed
This update will be pushed to all managed customers at the pre-agreed upgrade time. Self-monitored customers can update their own systems using the software upgrade processes. If you have any further questions about this upgrade please contact us at firstname.lastname@example.org