Announcing Graylog Illuminate 4.0.1
- Installing this Illuminate release will cause any currently running Anomaly Detection jobs to be disabled. Please identify which Anomaly Detection jobs are running prior to activating this release and enable them after this version has been activated. (graylog-plugin-enterprise#6090)
GRAYLOG ILLUMINATE 4.0.1
- Cisco ASA: Incorrect field extraction for network_icmp_code and network_icmp_type (1760)
- Numeric values were being extracted to the text fields network_icmp_type and network_icmp_code, creating potential mapping conflicts. Converted these ICMP extractions to the fields network_icmp_code_number and network_icmp_type_number.
- Cisco FTD: The field for ICMPCode can be a number or a text. (1743)
- Assigned the fields network_icmp_code_number for numbers and network_icmp_code for keywords to avoid index errors.
Let us know what you’d like to have included in our GitHub issue tracker.