FREE User Conference | Oct 4-5 | REGISTER NOW >​

The Graylog blog

Announcing Graylog Illuminate v3.3.1

Announcing Graylog Illuminate 3.3.1

  • This version of Illuminate requires Graylog Server version 5.0.3 or later
  • Converted Fortigate from using event_code to event_id
    • While the Fortigate field is numeric it contains leading 0’s and is not intended to be used as a literal numeric value
    • event_code is used for numeric fields to allow ranged searches and other numeric operators
  • Defined static mappings for the fields event_code and event_id
    • These fields previously relied on dynamic mappings but this caused mapping conflict errors

 

GRAYLOG ILLUMINATE 3.3.1

Released: 2023-06-02

Fixes

  • event_code and event_id not mapped (#920)
  • pfSense dashboard widgets not aligned (#1310)
  • pfSense dashboard time series graphs not displaying correctly (#1316)
  • Checkpoint event_action value using allowed and not allow (#1321)
  • Checkpoint event_severity_level not always defined (#1325)
  • Watchguard not identifying some message formats (#1331)
  • Snort Spotlight IDS tab missing widget title (#1328)

 

Enhancements

  • Additional field renaming for Snort 3 IDS logs (#1304)
  • Improved Cisco ASA saved search (#1306)

 

Known Issues

  • Auditbeat cannot process events with multiple values assigned to vendor_event_action (#622)

 

Let us know what you’d like to have included in our GitHub issue tracker.

Graylog GO white logo

Learn more at Graylog GO

FREE User Conference, Oct 4-5, Virtual | Houston, TX
Register Now - It's FREE

Get the Monthly Tech Blog Roundup

Subscribe to the latest in log management, security, and all things Graylog Blog delivered to your inbox once a month.