December 02, 2017

Release Note — v6.12.0

This release delivers a completely new UI interface for the web console. A comprehensive list of various enhancements and bug fixes can be found in the following sections:

  • Beautiful and easy to use UI upgrade for the DNIF web console.

  • Introduction of Packages - This version has all new feature called as Package. We have now deprecated Repository view and have instead replaced them with package. Various functionalities like widgets, dashboards, reports, templates and workbooks remain the same in its way of operation. All these functionalities can now be included as a bundle into a single entity called as package. We also have feature to sync and backup the packages to our central repository(UNET), where users can upload, download and share packages with relevant usage rights out of the scope of their repository. Learn more on packages here

  • Parsers can now be used from the packages created - Listing and processing of parsers at Adapter(AD) can now be fetched from packages created and stored in Data Store (DS) via UNET, earlier it was being processed from parser files separately.

  • Epoch time added for log parsing - Events for which time information was received as “epoch”, can now be parsed into readable date time format.

  • Ability to send data in cluster environment - EPP (Event Parsing Processor) at AD has a new ability to communicate and send data to the multiple datastores in discrete(natted) environments.

  • Netflow version 5 listener - AD can now ingest Netflow version 5 data.

  • _lookup directive has a new capability - _lookup directive has been evolved into a framework which can be used to write plugins based on custom requirements like domain list, reverse ip, geo details etc

  • Real time utilization can now be viewed locally - Similar to other prebuilt stores like event and module, a new store called usage can by queried to retrieve current utilization at regular intervals.

  • Licensing in cluster is now automatically managed - Previously we had to manually change the configuration for licenses to work in clustered environment.

  • Replication is now configurable externally - In case a cluster replication is required it can be configured by making necessary changes in the configuration files.

  • Automatic utilization notification via email - Notification regarding utilization will now be emailed at predefined intervals such as 50%, 80% ,85% etc to the configured email address.

Bug fixes
  • Indexing problems due to license configurations - Improper license configuration led to indexing failure, which is now fixed.