Document toolboxDocument toolbox

Exchange 2.2

RELEASE DATE: DECEMBER 04, 2024

[ New features ] [ Improvements ] [ Bug fixes ]

New features

New type of content: Query

A new type of content named Query has been added. This content includes information about query, sources and LINQ code. Each query can be launched independently. There are five (5) groups, each including more than 100 queries: Event day, Geolocation, Math Built-in operations, Collector ingestion Monitor, and ActiveDirectory detections.

Queries are available in the Use cases & data section.

Exchange_10.png

Content Proposal Tool

Queries in Exchange can now be shared using the Content Proposal tool.

Exchange_20.png

Changes in Synthetic data content type

To address the issue for users that cannot change the basic launch parameters in Synthetic data content type for demo data injections, two changes have been made:

  1. A dialog in Synthetic data to enable the selection of a time period to run the injection was added. Default is marked in DEM, maximum period is 30 days.

  1. This time period have also been added to Synthetic data pack content type.

New Activeboards added to Multitenant

10 new Activeboards have been updated to support multitenancy:

  • Ingestion volume

  • Collector Monitoring

  • Datasource Monitor

  • Active Directory

  • Relay Monitoring

  • Firewall Monitoring

  • Web Activity Monitoring

  • Windows System Audit

  • AWS Account Activity

  • Datasources Insights