New and Noteworthy

• Generate a schema in the UI from uploaded sample logs for quicker data onboarding (docs)

• New security content that will expand built-in detections, helpers, and data models in Panther (repo)

Features

• Pull your Zoom operation and activity logs with our new SaaS Log Puller (docs)

• Pull your 1Password event logs with our new SaaS Log Puller (docs)

• Map detections to frameworks to better track coverage against compliance frameworks (docs)

Enhancements

• Log drop-off alarms now support minutes for more granular alarming

• Built-in detections are non-editable to prevent overwriting modifications when Panther pushes an update

• Panther Analysis Tool (PAT) can now ignore files entirely to prevent recurring failures during processing

• Panther's alert listing page now supports filtering by log source

• Don’t see your log source supported in Panther? Submit a request from the log source onboarding page

Bug Fixes and Migration Instructions

• p_ field stored as string: this fixes an error when p_alert_context is stored as string of escaped JSON

• Incorrect start time: this fixes the start time to reflect the alert's start time in Indicator Search

• Query results show Trailing Z: this fix removes trailing Z on timestamps displayed in Snowflake query results