Release Notes June 23, 2023

New App - Security Onion (Public Review)

The Security Onion app ingests data from open source threat intelligence lists and infrastructure as service providers, using Observe pollers.

Observe helps you monitor the public networks that your systems contact by using resource sets that include information about known bad addresses, known infrastructure addresses, and more. More information can be found here.

New Monitors Landing Page

When you select Monitors from the More menu on the main login page, Observe displays a list of existing Monitors configured on your instance.

Monitor landing page

Figure 1 - List of Configured Monitors

More information about Monitors Overview can be found here.

OPAL Language Updates

Change to merge_events

Description

If order_by is specified, it will be used to sort the events before merging them. If order_by is not specified, the default ordering will be used. The default ordering for merge_events is the timestamp of the event. More information here.