Skip to main content

Version 1.8.0 Released

This release delivers major enhancements across security, platform integrations, and user experience. Multi-Factor Authentication introduces enterprise-grade login security with email and TOTP methods alongside admin management capabilities. Update Management establishes version control infrastructure for Directors and Agents. Platform connectivity expands with 3 new streaming targets including Apache Kafka, Confluent Cloud, and Redpanda, plus 3 new device integrations. The Dataset & Profile feature centralizes agent log type management, Content Hub extends beyond pipelines to include Advanced Routes, a new Onboarding flow guides first-time users through initial setup, and a new Invite User flow simplifies team provisioning by allowing new users to set their own credentials upon first login.

🚀 New Features

  • Multi-Factor Authentication (MFA) — Two-factor authentication support added to the platform with two available methods: email-based one-time passwords and TOTP via authenticator applications. Each method generates a backup code at setup time that can be used for account recovery if the primary method is unavailable; using a backup code requires the user to complete MFA setup again. Administrators and tenant owners can reset MFA settings for users within their tenant, prompting those users to reconfigure their MFA on next login. Individual users can manage their MFA preferences from the preferences panel, including enabling or disabling MFA (when not enforced) and switching between authentication methods.

  • Update Management — Version management system introduced for Directors and Agents, laying the foundation for controlled update workflows across distributed infrastructure. When a new version becomes available, users can choose their preferred update action — applying updates automatically or triggering them manually — ensuring Directors and Agents remain current while maintaining operational control over when updates are applied.

  • Dataset & Profile — Centralized log type management feature added for agent configurations. Users can define datasets and profiles that specify which log types should be collected, then apply these configurations across multiple agents from a single location. This eliminates the need to configure log types individually per agent and ensures consistent collection policies across infrastructure.

  • Onboarding Flow — Guided onboarding experience introduced for users registering on the platform for the first time. Step-by-step pages walk new users through the key actions required to get started, reducing time-to-value and ensuring a smooth initial setup experience.

  • Content Hub Expansion — Content Hub has been extended beyond pipeline content to include Advanced Route packs. Users can now browse, download, and apply both pipeline and Advanced Route configurations from a single Content Hub interface, consolidating content discovery for all routing and processing workflows.

🔧 Improvements

User Provisioning

  • Invite User — New user creation method added alongside the existing password-based flow. When using the invite option, the platform sends an invitation email to the specified address, allowing the new user to set their own password upon first login. This simplifies user provisioning and removes the need for administrators to manage initial credentials.

Targets

  • Apache Kafka — Open-source distributed event streaming platform integration added as a new streaming target.
  • Confluent Cloud — Fully managed Kafka cloud service integration added as a new streaming target.
  • Redpanda — High-performance Kafka-compatible streaming platform integration added as a new streaming target.

Devices

  • Amazon S3 — Object storage device integration added for ingesting logs stored in S3 buckets.
  • Amazon Security Lake — Centralized AWS security data lake device integration added.
  • Microsoft Sentinel — Cloud-native SIEM device integration added for log collection.

Pipeline Debugger

  • System Field Support — System fields can now be excluded from output results for cleaner inspection during pipeline debugging. Visual and functional improvements have been made to the debugger interface to improve usability and development workflow.

Quick Routes

  • Type Search Filter — Type search filter added to Quick Routes to support faster device and target selection as the number of available types continues to grow. Visual improvements have been applied to the Quick Routes page for a more consistent and polished experience.

Devices Page

  • Category Organization — Device page updated with category-based grouping to improve discoverability as the number of supported device integrations expands.

Content Hub

  • Vendor Filter — Vendor filtering improved with a "Show More" option, preventing the filter list from becoming unwieldy as the number of supported vendors grows.

Helper Menu

  • Version Information — New helper menu added to the platform interface, surfacing information about the currently active version and the date on which this version was deployed.

UI Standardization

  • Consistent Visual Experience — Loading states, breadcrumbs, headings, and title structures reviewed and standardized across the platform to ensure a consistent visual and functional experience.

Detail View Drawer

  • Summary Drawer Panel — All table views across the platform now include a summary drawer panel. Clicking a component name in any list opens a right-hand drawer displaying key configuration details and action buttons. Available on Devices, Targets, Directors, Datasets, Profiles, Roles, Users, and Tenants pages.

Content Hub Update Review

  • Added and Removed Pipelines — Pipeline update review now displays pipelines that are being added or removed, not only those that have been modified. Added pipelines appear with an "added" tag in the navigation tree and show a full-content diff in the review editor.

Stats Page

  • Percentage Precision — Gauge chart percentages now display with one decimal place for cleaner readability.
  • Pipeline Bar Cap — Processed Data chart limits displayed pipelines to the top five by volume, preventing chart overcrowding.

🐛 Bug Fixes

Pipeline Debugger

  • Step Into Error — Fixed an issue where using the step into function in Pipeline Debugger could cause an error, restoring reliable step-by-step execution during pipeline debugging.

Quick Routes

  • Device and Target Addition Error — Fixed an error that occurred when attempting to add devices or targets from the Quick Routes page.

Agent Management

  • Reinstall Agent Command Missing — Fixed an issue where the agent installation command was not returned during the reinstall agent flow, ensuring users receive the correct command to complete reinstallation.

  • Agentless Mode Required Fields — Fixed an issue where mandatory fields in agentless mode for Windows and Linux devices were behaving as optional, allowing incomplete configurations to be saved.

Devices & Targets

  • General Stability Fixes — Various bugs identified across device and target configurations have been resolved, improving overall reliability of device and target management.

User Management

  • User Not Listed After Disable — Fixed an issue where disabling a user caused them to disappear from the user table entirely instead of remaining visible in a disabled state.

Stats Page

  • Duplicate Devices in Overview — Fixed an issue where the device overview modal displayed duplicate device entries.