Table of Contents

  1. About Log360
  2. Release Overview

    1. 5.0 (GA)
      • Build 5036

        Released on 17 Oct 2017, 2017

        New Features

        The Correlation Engine has been completely upgraded to bring you complex attack detection across all devices on your network, enhanced field-level correlation, improved incident reports with timeline view, and much more:

        • Multiple log format support: Correlation is now carried out across multiple log formats, enabling you to correlate logs from Windows and Unix systems, network devices, and more.
        • Enhanced field-level correlation: Correlation can be done based on multiple log field values to provide fine-grained attack detection.
        • Predefined rules: The module is packaged with 25 predefined complex attack patterns.
        • Custom rule builder: The custom correlation rule builder has been upgraded to include over 250 predefined network actions and advanced filters.
          • Check for unique, constant, or shared field values among the actions that make up a rule.
          • Use multiple comparison conditions for fields, namely 'equals', 'not equal to', 'starts with', or 'ends with'.
          • Create rules for individual log types using specific network actions, or rules common to all log types with generic network actions.
        • Incident management integration: All correlation alerts can be viewed and managed with the in-built incident management console.

        Enhancements

        • The correlation user interface has been upgraded with an all new look and feel, incorporating all the above new features.
        • The time between each individual pair of actions can now be specified when creating a rule.
      • Build 5031
      • Build 5030
      • Build 5024