We’ve continued to make enhancements around our Custom Parsing Tool. Most recently, we’ve made it easier for customers to define what they’d like to parse from their logs, so they can extract the log data that is most relevant to their organization. With the Custom Parsing Tool, customers can parse logs in a format that is unknown to InsightIDR or further parse log entries in common formats.
Additional resources:Learn more about the Custom Parsing Tool in InsightIDR here.
Import log data from cold storage for search
Importing log data from cold storage is now automated. When customers attempt to search for log data outside of their data retention period, they can easily import logs from cold storage at the push of a button. Imported cold storage logs will be automatically reimported into InsightIDR and available for search.
- See more on cold storage logs in our help documentation here.
New event sources
We also released a number of new event sources, including:
- Cisco ISE
- Proofpoint TAP
- Trend Micro Apex One
- Carbon Black Defense
See the full list in our release notes.
Stay tuned for more!
As always, we’re continuing to work on exciting product enhancements and releases throughout the year. Keep an eye on our blog and release notes as we continue to highlight the latest in detection and response at Rapid7.
You may be interested in...
If you like the site, please consider joining the telegram channel or supporting us on Patreon using the button below.