v7.0.3

7.0.3 (2021-09-28)

Bug Fixes

• addon: Fix user showing as unknown from GlobalProtect logs. - #217
• app: Remove endpoint from Data Model Audit dashboard - #218

v7.0.2

7.0.2 (2021-09-11)

Bug Fixes

• addon: Add GlobalProtect SourceUserName - #209 #202
• addon: Remove endpoint tags and eventtypes - #196

Performance Improvements

• app: Change simple XML to use JQuery 3.5 - #207

v7.0.1

7.0.1 (2021-05-26)

Bug Fixes

• addon: Fix CDL logs contained string 'null' in 'user' field - #187
• addon: Restore "unknown" string for empty 'user' field
• app: Fix error after upgrade to 7.0.0: "Unknown search command 'panwildfirereport'" - #189

v6.6.2

6.6.2 (2021-05-26)

Bug Fixes

• addon: Fix src_user field contained destination user - #186

v7.0.0

7.0.0 (2021-05-14)

Features

• addon: PAN Quality Validation and Improvement
• addon: Significantly improve and modernize CIM compliance
• app/addon: Add Cortex XDR incident support to App and Add-on including new XDR Incidents dashboard - #166

Bug Fixes

• addon: Fix error from Minemeld automatic lookup
• addon: Fix src_user field contained destination user - #186

Performance Improvements

• app: Remove high cardinality fields from datamodel

⚠ MAJOR RELEASE CHANGES

This is a major release

Splunk dashboards and searches you have created might be
affected by these changes. Please be prepared to test and
adjust any dashboards not included with the App after upgrade.

• addon: pan_traffic logs moved from Network Session to Network Traffic datamodel
• addon: pan_threat event type now includes wildfire and data logs
• addon: pan_file logs moved from Web to IDS datamodel
• addon: pan_virus logs moved from Malware to IDS datamodel
• addon: pan_wildfire logs moved from Malware to IDS datamodel
• addon: pan_email removed from Email datamodel
• app: Removes datamodel for GlobalProtect logs before PAN-OS 9.1
• app/addon: Removes Traps 4 support
• app/addon: Deprecates Traps 5 and Traps 6 support
• app: Removes support for legacy WildFire Report API
• app/addon: Requires Splunk 8.0 or higher
• app/addon: Replaces Adversary Scoreboard and Incident Feed dashboards with new XDR Incidents dashboard

v6.6.1

6.6.1 (2021-05-08)

Bug Fixes

• app: Fix IoT Security dashboard filter - #181

v6.6.0

6.6.0 (2021-04-01)

Features

• addon: Cortex Data Lake HEC log support - #162 #176
• app/addon: Add IoT Security - #158

Bug Fixes

• addon: Add fields for GlobalProtect logs
• addon: Add modinputs as tasks in app.manifest - #153
• addon: Fix GlobalProtect logs dvc_name field
• addon: Fix nav bar background color
• addon: Parse GP and Decryption logs w/ pan:firewall - #168
• app: Incident counters flash in Splunk 8.1 - #163
• app/addon: correct user-id tag_user / untag_user

v6.5.2

6.5.2 (2021-03-31)

Bug Fixes

• addon: Fix GlobalProtect logs dvc_name field

v6.5.1

6.5.1 (2021-03-14)

Bug Fixes

• addon: Add fields for GlobalProtect logs
• addon: Parse GP and Decryption logs w/ pan:firewall - #168
• app: Incident counters flash in Splunk 8.1 - #163

v6.6.0-beta.1

6.6.0-beta.1 (2021-01-13)

Features

• app/addon: Add IoT Security - #158

Bug Fixes

• addon: Add modinputs as tasks in app.manifest - #153
• addon: Fix nav bar background color
• app/addon: correct user-id tag_user / untag_user