Today we are officially releasing Graylog v3.3.2.
The release includes a Graylog Enterprise update to the Palo Alto input as well as bug fixes that improve the functionality of Graylog. Please read on for detailed descriptions of the update and bug fixes.
Many thanks to our community for reporting issues and contributing fixes!
DOWNLOAD LINKS
- Docker image
- DEB and RPM packages are available in our repositories
- OVA / Appliance
- Tarballs (manual installation):
– Graylog Enterprise Integrations
Please report bugs and any other issues in our GitHub issue tracker. Thank you!
UPDATE: PALO ALTO INPUT TO SUPPORT PAN-OS V9.X DEVICES
More visibility into the Palo Alto Ecosystem
The Palo Alto input is getting a makeover in v3.3.2. Our customers were asking for v9.0 and above support. We responded with a significant update to the existing input.
The Palo Alto input update pretty much covers most if not all of the standard minefields in the Network Landscape. It now maps Correlation, GlobalProtect, HIP, and Config. These 4 add to the 3 existing feeds (Traffic,Threat, and System) making it a total of 7 feeds to the GL schema.
The best part about this Palo Alto input update is it eliminates hours or even days doing painstaking, manual investigation of network logs. Graylog ingests the Palo logs, parses them out, and presents them in an easy to search format. With this Palo Alto update, data exploration and threat hunting will become ridiculously fast in v3.3.2.Teams can spend minutes instead of hours or days investigating the logs.
GRAYLOG ENTERPRISE 3.3.2
FIXED
- Fix message table headers in reports.
GRAYLOG 3.3.2
CORE
CHANGED
- Mark legacy aggregation API as deprecated in favor of the new views API. (to be removed in 4.0) Graylog2/graylog2-server#8323
- Update Graylog field schema. Graylog2/graylog2-server#8331
- Improve search page rendering performance. Graylog2/graylog2-server#8343
FIXED
- Fix issue with flickering in the single number widget. Graylog2/graylog2-server#7563 Graylog2/graylog2-server#8341
- Fix issue with extending alert notification grace period. Graylog2/graylog2-server#8365 Graylog2/graylog2-server#8402
- Fix rendering of message table header. Graylog2/graylog2-server#8415
