Skip to main content

Version 1.10.0 Released

Release date: May 4, 2026

This release introduces major platform capabilities centered around security, agent management, and connectivity. The new Vault feature integrates with CyberArk, HashiCorp, and Azure Vault to centralize secret management across devices and targets. Enrollment Templates streamline bulk agent provisioning through a single command with configurable acceptance workflows. Platform connectivity expands with 6 new device integrations — RabbitMQ, Redis, Google Cloud Pub/Sub, Google Cloud Storage, Elastic, and Splunk HEC — alongside 2 new targets, UDP and TCP. Linux and Windows File Datasets enable file-based data collection through agents, and 3 new Content Hub packs extend Microsoft Sentinel coverage.

🚀 New Features

  • Vault - Centralized secret management introduced with support for CyberArk, HashiCorp Vault, and Azure Vault integrations, as well as a native VirtualMetric Vault for local secret storage. Sensitive fields such as passwords, keys, certificates, and secrets used across all configurations can now be managed centrally, reducing credential sprawl and improving security governance across the platform.

  • Enrollment Templates - Reusable templates for agent onboarding at scale. Define a template once, then enroll any number of agents against it with a single command. Templates can be set to auto-accept incoming enrollment requests, or to hold them for manual review and approval when controlled onboarding is required.

  • Linux & Windows File Dataset - File-based data collection support added through new Linux and Windows File Dataset types. Agents can now read and ingest data directly from files on monitored hosts, expanding log collection capabilities beyond event and system log sources.

🔧 Improvements

New Devices

  • RabbitMQ - Message broker device integration for ingesting events from RabbitMQ queues.
  • Redis - In-memory data store device integration for Redis-based log and event collection.
  • Google Cloud Pub/Sub - Google Cloud managed messaging service device integration.
  • Google Cloud Storage - Google Cloud object storage device integration for ingesting stored log data.
  • Elastic - Elasticsearch platform device integration for log and event collection.
  • Splunk HEC - Splunk HTTP Event Collector device integration for ingesting Splunk-forwarded data.

New Targets

  • UDP Target - UDP protocol target added for forwarding log data over UDP.
  • TCP Target - TCP protocol target added for forwarding log data over TCP.

Content Hub

Three new pipeline packs added to Content Hub, extending Microsoft Sentinel integration coverage:

  • ESET Protect Pack for Microsoft Sentinel
  • Squid Proxy Pack for Microsoft Sentinel
  • Ubiquiti UniFi Network Pack for Microsoft Sentinel

Audit Log

  • Filter Standardization - Filtering controls across the Audit Log page have been standardized, bringing filter behavior and presentation in line with the rest of the platform for a more consistent user experience.

Tables

  • No Data State Standardization - Empty state presentation standardized across all tables in the platform, ensuring a consistent no-data visual experience regardless of the page or context.

🐛 Bug Fixes

Audit Logs

  • IP Address Not Shown in Login Audits - Fixed an issue where IP address information was not being displayed in login audit entries, ensuring complete audit trail visibility for login events.

Live Data

  • Filter and Default Value Errors - Fixed issues with incorrect filter behavior and default values in the Live Data view, ensuring accurate and reliable data display upon opening the interface.

Quick Routes

  • Device Description Field Rendering Issue - Fixed an issue where the description field for devices in Quick Routes was displaying incorrectly, restoring proper rendering of device descriptions.

Stats Page

  • Incorrect Response When No Data Available - Fixed an issue where the Stats page returned an error state instead of an empty state when no statistical data was available for the selected period.

Notifications

  • Latest Version Download Blocked in Self-Managed Directors - Fixed an issue where notifications in self-managed Director environments were preventing users from downloading the latest available version.

WEC Device

  • Authentication Field Not Saved - Fixed an issue where the authentication field in WEC device configurations was not being persisted correctly, ensuring credentials are properly saved and applied.