Wazuh v3.9.2 - Splunk v7.3.0

This release comes with all the changes from the previous version, and the following additions and bugfixes:

Added

• Support for Wazuh v3.9.2
• Added overall metrics for Agents > Overview #725.

Fixed

• Fixed visualization for Agents > Overview #718.
• Fix error when adding an api with invalid fields format #729.
• Fix missing parameters in Dev Tools request #731.

Wazuh v3.9.1 - Splunk v7.3.0

This release comes with all the changes from the previous version, and the following additions and bugfixes:

Added

• Support for Splunk Enterprise 7.3.0

Wazuh v3.9.1 - Splunk v7.2.6

This release comes with all the changes from the previous version, and the following additions and bugfixes:

Added

• Support for Wazuh v3.9.1

Changed

• Improve dynamic height for configuration editor #700.
• Changed the way the app validates the version matching between Wazuh API and the app #693.

Fixed

• Prevent error when kvStore is not ready yet #695.
• Several UI/UX improvements and fixes for the 3.9.0 latest changes #686, #692.
• Fixed handled but not shown error messages from rule editor #697.
• Fixed infinite API log fetching #704.

Wazuh v3.9.0 - Splunk v7.2.6

This release comes with all the changes from the previous version, and the following additions and bugfixes:

Added

• Support for Wazuh v3.9.0
• Edit master and worker configuration (#525, #534, #572).
• Edit local rules, local decoders and CDB lists (#525, #532, #501, #572)
• Dev Tools additions
• Added hotkey [shift] + [enter] for sending query (#503).
• Added Export JSON button for the Dev Tools (#503).
• Added configuration assessment information in "Agent > Configuration Assessments" (#505).
• Restart master and worker nodes (#564, #545, #535, #563).
• Restart agents (#556).
• Discover function on each section (#529).
• Can pined filters (#529, #618).
• Expand visualizations on the dashboard (#570).
• Reporting as admin extension (#585).
• Delete rules, decoders and CDB lists files (#589).
• Prevent overwrite a existing file (#589).
• Unescape back slash for JSON raw content (#599).
• Capability to edit rules and decoders files (#597, #613).
• Allow navigation throught url (#596).
• Enable back button (#596).
• Capability to hide or show columns ( #566, #614).
• Can resize columns (#566, #614).
• Cabability to expand visualizations (#567).
• Set the browser time zone to the report (#619).
• View no local rules/decoders XML files (#667).
• Added some Angular charts in Agents Preview and Agents SCA sections (#668).
• Added Docker listener settings in configuration views (#665).
• Added Docker dashboards for both Agents and Overview (#665).
• New server module, it's a job queue so we can add delayed jobs to be run in background, this iteration only accepts delayed Wazuh API calls (#629).
• Added a dynamic table columns selecto (#668).
• Added resizable columns by dragging in tables (#668).
• Added an info bar when Wazuh is not ready yet in order to prevent App fails. (#636).
• Show follow symbolic link in the configuration ondemand (#685).

Changed

• Changed empty results message for Wazuh tables (#487).
• Escape XML special characters (#496).
• Allowing the same query multiple times on the Dev Tools (#503).
• Using full height for all containers when possible (#575).
• Changed some visualizations for FIM, GDPR, PCI, Vulnerability and Security Events (#527).
• New design for agent header view (#575).
• Not fetching data the very first time the Dev Tools are opened (#503).
• Store the API database into Splunk KVstore (#537).
• Notification toast types and style(#570).
• UI changes for editing groups (#478).
• Use new meaningful toasters (#591).
• Change several descriptions (#597).
• Redisign configuration view (#597).
• Updated autocomplete list in DevTools (#538).
• Modularize some functions (#601).
• View logs as raw text (#604).
• Show logs in a text box (#604).
• Reviewed Osquery dashboards (#668).
• Improve audit dashboards (#668).

Fixed

• Permit special charsets in API credentials(#578).
• Can download API response in Devtools (#559).
• Do not lose the focus of the navbar (#558).
• Polling agents state (#548).
• Reporting (#504).
• Refresh rule info after edit it (#589).
• Change the selected index (#580).
• More descriptive error when saving a file and get an error (#601).
• Show a success message when group configuration is saved (#601).
• Error when trying to download a CSV file (#604).
• Do not show pagination for one-page tables (#668).
• Show email configuration on the configuration on demand (#672).
• Unify timezone (#673).
• Properly handling long messages on notifier service, until now, they were using out of the card space, also we replaced some API messages with more meaningful messages (#570).
• Adapted Wazuh icon for multiple browsers where it was gone (#475).

Wazuh v3.8.2 - Splunk v7.2.5

This release comes with all the changes from the previous version, and the following additions and bugfixes:

Highlights for this version

• Support for Splunk 7.2.5

Take a look at the changelog file for a complete list of what's new on this release.

Wazuh v3.8.2 - Splunk v7.2.4

This release comes with all the changes from the previous version, and the following additions and bugfixes:

Highlights for this version

• Support for Splunk 7.2.4

Take a look at the changelog file for a complete list of what's new on this release.

Wazuh v3.8.1 - Splunk v7.2.3

This release comes with all the changes from the previous version, and the following additions and bugfixes:

Highlights for this version

• Support for Wazuh v3.8.1
• Moved monitored/ignored Windows registry entries to "FIM > Monitored" and "FIM > Ignored" to avoid user confusion (#508).
• Excluding manager from agent monitoring script (#508).

Take a look at the changelog file for a complete list of what's new on this release.

Wazuh v3.8.0 - Splunk v7.2.3

This release comes with all the changes from the previous version, and the following additions and bugfixes:

Highlights for this version

• Support for Wazuh v3.8.0
• Group management from the app is now available
  • Edit group configuration
  • Add and remove groups
  • Add and remove agents of a group
• New search bar for the agents' list
• New tables for an agent FIM monitored files
• Modify the Wazuh monitoring index pattern name
• Edit the app configuration file (config.yml) from the app

Take a look at the changelog file for a complete list of what's new on this release.

Wazuh v3.7.2 - Splunk v7.2.1

This release comes with all the changes from the previous version, and the following additions and bugfixes:

Highlights for this version

• Support for Wazuh v3.7.2
• Fix for TinyDB handler (#422).

Take a look at the changelog file for a complete list of what's new on this release.

Wazuh v3.7.1 - Splunk v7.2.1

This release comes with all the changes from the previous version, and the following additions and bugfixes:

Highlights for this version

• Support for Wazuh v3.7.1
• Added administrator mode for Dev Tools module (#353).
• Added extension management features (#330).
• Added export as CSV option for multiple tables (#348).
• Added VirusTotal integration (#340).
• Added CIS-CAT integration (#342).
• Added Discover section (#331).

Take a look at the changelog file for a complete list of what's new on this release.