Document toolboxDocument toolbox

6.7.0

Owned by Anthony Shevlin (Deactivated)
Last updated: Jan 12, 2021 by Borja Moro Moreno
2 min read

The latest updates to the Devo platform are now available and we have some new features and improvements for you to work with. Read on below for a recap from our latest release effective January 2021.

New features

Data search

  • Along with the columns available in a table, each table has a unique set of unrevealed columns. They may contain a variety of information related to data ingestion and structural metadata. A subset of them is now available, however, they are not shown by default and need to be explicitly requested in the query. You can find them marked as Extra so they can be easily identified. Learn more in Selecting unrevealed columns.



  • In the Finder there are two new tables available in Custom Finders: demo.ecommerce.data and siem.logtrust.collector.counter.
  • There is a new operation available for strings called isempty().

  • Selected events has a new "type" column and JSON values are now displayed in a tree format.

Improvements

Data search

  • We've made improvements to the timezone selector in the Download search data window.
  • The "No time-based grouping" is now at the top of the "Every" dropdown list.
  • When searching for functions that apply to "regex", the "peek" operation will be displayed.

Lookups

  • It's no longer necessary to give a description when creating a new lookup table.

Bug fixes

  • When configuring the Timezone, the drop-down values always displayed the winter offset.
  • In Data search, a JSON column value displayed the wrong type in the Pretty print view.
  • We've fixed how the user query priority mark was displayed.
  • The "Event loading preferences" window would remain open despite leaving the search window.
  • The Aliased Finder wouldn't recover the complete search when the search selects an explicit set of columns.
  • The "OR" operation could be enabled without any data.
  • There was an issue with Alerts querying the "my." tables not attaching the events that triggered the alert.
  • The Alert subcategory name max size was incorrectly checked.
  • There was an error when adding an HTTP-JSON type delivery method.
  • We've fixed a couple of bugs relating to the XML OData feed.