Release Note — v8.7.0
While we continue to build new features, squash bugs, and plan new releases in order to improve your DNIF experience, here’s a summary of what has changed since our last release…
Collect, Compress and Encrypt
With DNIF you can now reduce your network bandwidth utilisation for data transmission between DNIF components and logs forwarded from DNIF to other destinations. The Syslog native listener on Adapter is now capable of compression and encryption of the ingested logs before transmission. PICO and v2 connectors are compatible as well.
Carbon Black logs…We are listening!!
You can now forward logs from your Carbon Black setup to DNIF on a dedicated listener.
View all your Integrated SOAR plugins in one place
DNIF users can now view all the SOAR plugins installed on their DNIF setup here.
Using playbook made simpler
Introducing a new entity type named “playbook”. You can now build and manage all your playbooks as a separate entity. You can view/add entities in your Package from the REPOSITORY.
Two new directives to play with
We have two new directives to the DNIF Query Language (DQL) specification, namely:
Overview : A playbook having status as EXECUTABLE can be executed using the search query on the Search tab with the help of the _call directive as shown below.With the help of the _call directive, the execution of the playbook returns the original stack of data as the result in the Search tab. It does not return the result of the query execution mentioned inside the playbook.
Sample Query : _call package_slug playbook_slug
Overview : A playbook having status as RETURNABLE can be executed using the searchquery on the Search tab with the help of the _return directive as shown below.With the help of the _return directive, the execution of the playbook returnsthe result of the query execution mentioned inside the playbook along with the original stack of data as the result in the Search tab.
Sample Query : _return package_slug playbook_slug
Password reset made easy
DNIF users can now reset there passowrd using the forgot password option in the DNIF console login page.
On clicking this option users will receive an email with an OTP on their registered email which need to be entered in the DNIF console for the option to reset password
Source IP filtering for RAW log forwarder
Your DNIF Adapter can now forward raw logs from specific source IP’s to any other device for further analysis.
Reset Password Admin Users(AU)
Admin users can now reset passwords for themselfves as well as general users.
_checkif else enhancement
Users can now use the _checkif funtion in a manner in which the excluded data can be futher analysed by automatically sending it to a playbook
_checkif float compare
Users can now accurately compare decimal values by using _checkif float_compare function.
Stack proccesing improved in _checkif sjoin.
If validation and response plugin having a same name then can be used now in a single query.