7.0.0
The latest updates to the Devo platform are now available and we have some new features and improvements for you to work with. Read on below for a recap from our latest release effective March 2021.
New features
Data search
- You can now open a filter in a new tab.
Activeboards
- We've added the possibility to choose more than one value when using the select input type as well as keeping the menu displayed among other improvements.
- There is now a progress meter indicator in each widget and we've added a stop button to stop all the Activeboard widget queries currently in progress.
- You can now switch between the widget types with just two clicks.
Miscellaneous
- We've rolled out a new feedback system in both the application and public documentation.
- Search ID is now available.
Improvements and updates
Dashboards
- We've removed the option to add a new Dashboard as part of our sunsetting of this feature.
Activeboards
- The real-time icon has been changed.
- In the "Filter by" window we've changed the name of the "close" button to "cancel".
Data search
- We've cleaned up the drop-down menu.
- We've implemented improved pop-up notifications with clearer guidance.
- Open searches in the side menu now have a tooltip which displays the full name of the search when you hover over it. We've also changed the icon that appears when you collapse the search.
- In Data Search, the "table size" option has been removed and the "time series report" tooltip updated.
- The max size of query LINQ code has been increased to 16MB.
Relay
- We've added a "version" column and removed the "description" column.
- We've renamed some tabs in the Relay Configuration.
- There are changes to the relay output page. We've added a link to documentation, related info is now grouped together visually, some default values have been updated, and the ZLIB compression option has been removed.
Provisioning API
- The vault query has been added to the model role.
- Added new endpoints to manage Domain information.
- Added new endpoints to manage Plan information.
Administration
- The download operation in Data Search is now managed under role permission.
- The new role permission "Data search download" has been defined.
- For "Admin" and "No privileges" roles it is now clearer that permissions view/manage checkboxes are not editable.
- Delete user confirmation message now adds the user identification.
- We've spruced up the roles permissions list.
Alerts
- Preconfigured alerts in new domains won't be activated by default.
- Small improvements to the "Sending Policy" window.
- "Alert ID" column added to Alert History.
- Recovery in Alerts dispatching has been implemented.
Miscellaneous
- We've added a new router logic that allows navigation within the webapp pages via their corresponding URLs.
- We've changed the terminology in some places to make it more consistent across the app. The term "query" has been replaced with "search". For example, "query history" now named "search history".
- The term "data source" has been replaced by "aggregation task".
- Collections have been removed as they are no longer supported.
- On the Home page we've added a new widget for your favorite Activeboards and removed the widget for favorite Dashboards when this feature isn't available.
- The first steps in the help area for relay configuration now open in a new tab.
- User browser crashes are now identified and all the crash information logged in the "siem.logtrust.web.error" table.
- On isolated platforms, Dropbox and MFA have been disabled.
- In the Alerts API we've add a check to reject alerts with subqueries.
- In order to avoid credential deletion mistakes in "Administration --> Credentials", a confirmation window will now be displayed whenever the user requests to delete an API key/secret pair, a Certificate or a Token.
Bug fixes
- There were unit errors in the Live Event Stats widget on the homepage when the value was 0.
- We've fixed an issue relating to logging in for the first time and the first-steps pop-up window being disabled.
- The custom finder was incorrectly displaying some tables that are no longer available.
- There was an issue with the time filter when switching between "user queries" and "account queries".
- Values were cut off the table description in data search if it was too long.
- When opening a vapp/tool, Devo and custom styles would become mixed.
- An incorrect last login date would be displayed for users with MFA, SAML2 or OpenID activated.
- Some users would be incorrectly logged out when the session hadn't expired.
- In Data Search, the eventdate column drop-down menu wouldn't work for non temporal grouping queries.
- In the "remove search" pop-up, long search names would be displayed incorrectly.
- Hidden columns were not kept when cloning a template after changing the date range in Data Search.
- Pretty Print wouldn't display all of the text in the case of long texts.
- In Lookups, columns had no values when editing a Lookup coming from a CSV with trailing spaces.
- The wrong tooltip would be displayed in the Lookup Summary operation.
- There would be an error when deleting a specific row in an upload lookup.
- In Activeboards widgets that depend on Google maps wouldn't work on isolated platforms.
- There was a small issue with cancelling an incorrect date range in the calendar editor.
- We've made some visual improvements to the Activeboard manager buttons.
- With sparkline you can now have an aggregation in the first query.
- A problem with a second tag not being displayed has been corrected.
- In Alerts, sometimes closed alerts appeared in alerts history when "Show Open" was selected.
- We've fixed an overlap issue with the ABC icon in the role description field.
- "Closed" and "False positive" alert statuses can now be modified.
- There is now no error given when deleting all Delivery Methods for a Sending Policy.
- We've fixed an issue where Alerts created through the API didn't not attach the events that triggered the Alert.
- In the Users section the wrong tooltip was displayed in the Status value for a disabled user.
- In Roles we've fixed a couple of role mapping issues.
- In the Preferences section the wrong value was shown in "Basic Authentication User" field in "API/ODATA" Preferences and the wrong text in the Authentication Domain Preferences update confirmation message.
- In Relays, for the central Relay, the "Download the certificate" option led to an erroneous tab.
- Tapu Logs displayed an incorrect environment value.