Log360 Cloud Release Notes

New Features

• Log360 Cloud is now a Unified Security Platform
  You can now leverage Open API compatibility in Log360 Cloud to create custom extensions for any data source, ensuring it meets your specific security requirements. This makes Log360 Cloud an extensible, integrable, and customizable platform that seamlessly integrates with your existing ecosystem. Learn more
• Customizable Widgets
  Create custom widgets using HTML, JavaScript, and CSS files with the Zoho Extension Toolkit. This allows you to extend the product’s capabilities, perform specific operations, and seamlessly integrate third-party services.
• Pre-Built Extensions
  Explore pre-built extensions for Log360 Cloud in the ManageEngine Marketplace. These extensions can be integrated into the product to collect logs, analyze specific data sources, and provide deeper visibility. Explore the marketplace to learn more.
• Agent-Based Import
  Log360 Cloud now supports agent-based log imports.
• Custom Action: Log360 Cloud now lets users create custom actions, enabling them to define specific criteria and use these custom actions to establish correlation rules.
• Advanced Operator Support: Log360 Cloud has now introduced advanced operator support (is constant and link to) in correlation.
  • The "Is constant" condition ensures that an action triggers only if a field's value remains unchanged across all iterations of the rule.
  • The "Link to" comparison type allows you to check the value of a selected field in one action against the value of a field in another action within the same correlation rule.

New Features

• Account Lockout Analyzer
  Quickly detect and resolve Active Directory account lockouts with a new report in the User Management group.

  Analyze logs, Windows components, and recent logon activities to identify the root cause. Receive instant notifications, detailed audit reports, and actionable insights into the specific events, processes, or activities that triggered the lockouts.

• ADSync Scheduler
  Schedule and manage Domain Objects sync efficiently with the new ADSync Scheduler. Easily manage sync frequencies, configure specific object types to sync, and monitor sync status for improved threat detection and response.
• AD FS Logon Monitoring
  Gain visibility into logon activity occurring via federation servers with a new report group in Active Directory.
• AD Summary
  A new dashboard tab provides a comprehensive summary of key Active Directory events at a glance.
• CASB Forward Policy Sync
  Cloud Protection audit rules and predefined policies will now sync seamlessly , enabling faster updates to rule changes.
• User Work Hours
  Monitor employee productivity with a new report in the User Logon Reports group. Track workstation activities, analyze logon and logoff times, and generate detailed reports on active and idle periods to calculate billable hours.

New Feature

• Introducing support for TLS Syslog collection to improve secure log transmission.

Enhancement

• A toggle has been added to enable or disable offline log collection on the 'Agent Settings' page.

Enhancement

• Zendesk Ticketing Tool configuration: Support has been provided for configuring Zendesk in Log360 Cloud using the OAuth 2.0 Authorization Grant Flow.
• Support has been added for creating tickets using custom templates in ServiceDesk Plus On-Demand.

New feature

• JSON parsing support: Log360 Cloud now offers advanced capabilities to parse JSON logs, allowing users to extract various fields from JSON logs seamlessly. This parsing method can be applied to both new and existing custom log formats that support file import, ensuring greater flexibility and precision in log management.

New feature

• File integrity monitoring for NAS file servers: Log360 Cloud now supports file integrity monitoring (FIM) for monitoring unauthorized changes to sensitive files and folders in network attached storage (NAS) file servers, including EMC Isilon, Synology NAS, and EMC Server. The FIM feature includes:
  • FIM dashboard: A centralized view of file integrity monitoring data.
  • Alerts: Real-time notifications for unauthorized changes.
  • Compliance reports: Pre-configured reports to meet various compliance standards.
  • Auto log forwarding support: Enabled for EMC Isilon and Synology NAS.
  • Monitored location check: An option to verify whether the monitored location exists.

Enhancements

• Log360 Cloud now allows the management of devices through account settings for each configured domain. The filtering is based on the selected domain. Clicking the device count for each domain redirects to a list of Windows devices. These devices are filtered based on their roles:
  • Domain Controller
  • Member Server
  • Workstation
• Regrouping of Active Directory reports: Over 50 reports in Log360 Cloud have been reorganized into new report groups under the Windows and Active Directory categories for improved accessibility.
• User services report: A new service account auditing report has been added to the Active Directory tab. This real-time report provides Windows service information from selected domain computers, with the option to filter services based on domain users.
• RSoP audit policy status: Added a Resultant Set of Policy (RSoP) icon to the Windows Device Management section that shows which Group Policy Objects are applied to each device. It helps administrators understand the current configurations and rules in effect on the device.

Enhancements

• Starting with this release, Log360 Cloud is now supported in the CA Data Center.

Enhancements

• Log360 Cloud MSSP now offers a guided product tour to enhance new user experience.
• Users can now configure up to 3 clients during the Log360 Cloud MSSP trial period.
• The Log Sources page in the dashboard has been enhanced to display comprehensive device information. It now includes details such as the associated agent's name, version, and status. Additionally, a new export option has been introduced to enable easy data extraction.

Features

• Out-of-the-box compliance reports are now available in Log360 Cloud for the following compliance standards:
  • PCI-DSS, updated to version 4.0
  • ISO 27001-2022

Features

• Dark web monitoring:

  You can now scan the deep and dark web continuously for leaked credentials and personal information associated with your organization, employees, and third-party vendors in Log360 Cloud through our partnership with Constella Intelligence.

  You can identify if your domains or other digital assets have been compromised in supply chain breaches through real-time alerts and investigate and respond to threats quickly and efficiently.

  Learn more
• External threat feeds integration:

  You can now import Sigma rules into Log360 Cloud as alert profiles and detect security threats.

  Sigma is a widely adopted format for security signatures, allowing you to detect suspicious activities in your environment.

• Log360 Cloud now supports comprehensive monitoring of your Salesforce Cloud environment.

Enhancements

• You can now create an external share link for a specific tab or widget within the dashboard for streamlined collaboration using the Embed Dashboard capability.
• Correlation rule package: Log360 Cloud now adds 16 new predefined correlation rules complementing the new features released to level up threat detection. This new package includes rules for detecting living off the land attacks.
• User interface enhancements on the Reports page for better usability.
• Search enhancement
  • Save search with time selection: Search can now be saved along with the selected calendar date and time.
  • Save graph: The search graph has been enhanced to allow customers to save their graph options, including the newly added 'Graph color' feature.
  • Add to search: When clicking on a field in a table row, we can now add the criteria to the query with additional options.
  • Graph selection: A portion of the graph can be selected, which highlights it, and the details of the selected portion are updated in the table logs.
  • Search history: Search history is maintained to showcase recent queries.
  • Share search: Saved searches along with all search preference details can now be shared with other technicians or roles within the organization.
  • Sort: Logs in the table can be sorted based on the timestamp of the calendar.
  • Time value click action: Clicking on the time field in the table row now provides options to update the calendar time based on the selected time value.
  • Save as Alert: We can transition from the search page to the alert page and create alerts with all search-related data
• Agent auto registration
  • The agent installation has been upgraded from an MSI package to an executable, enabling a simplified, one-click installation.
  • After installation, the agent now requires administrative approval from the server for registration and communication. This ensures a secure and authorized connection before the agent can start interacting with the server.
  • The Agent installation directory has been moved to C:\Program Files (x86)\ManageEngine
• Cloud protection
  • Gateway Clusters: Users can now group multiple Gateway Servers into Clusters, allowing for streamlined server management. This enhancement simplifies administration, reducing setup time and ensuring consistent configurations across your network.

Enhancements

• The reporting and analytics feature in Log360 Cloud now helps organizations meet the requirements of TISAX Version 6.0.

Enhancements

• Minor usability enhancements have been implemented in Log360 Cloud to improve the user experience.

Features

• Log360 Cloud now offers expanded support for various application logs that includes
  • Databases: MSSQL, Oracle, MySQL, PgSQL, DB2.
  • Web servers: IIS Web, IIS FTP, Apache.
  • Security applications: Malwarebytes, McAfee, Trend Micro, FireEye, CEF Format, Symantec Endpoint Protection, Symantec DLP.
  • Other server logs: Terminal, Sysmon, DHCP (Windows & Linux), SAP ERP Logs.
  • ManageEngine applications: Password Manager Pro, OpManager, ADAudit Plus, Exchange Reporter Plus.
• Log360 Cloud introduces file integrity monitoring (FIM) to monitor unauthorized changes made to sensitive files and folders in a Windows environment. The feature includes FIM Dashboard, alerts, compliance support, and FIM Reports.
• Users can now import logs from other sources directly into Log360 Cloud.
• Log360 Cloud now supports REST API to enable users of other applications to access and search for events from within its console.
• The Teams feature in Log360 Cloud now helps organizations streamline their operations by offering a flat architecture, enabling multiple teams to function securely and independently. With granular user management and individual licensing, users can now seamlessly create and manage teams, switch between them, and ensure data segregation for heightened security.
• Evaluation clients in Log360 Cloud enables MSSPs to include prospective clients on trial period alongside regular clients. They are provided with 50GB storage, customizable log retention, 90-day search retention, 10 correlation rules, 50 alert profiles, and advanced threat analytics. The storage allotted for evaluation clients does not reflect in dashboards. And, only two evaluation clients is allowed per MSSP, convertible to regular clients upon license application.

Enhancements

• Over 20 new predefined correlation rules have been added to detect prevalent attacker tools and living-off-the-land attacks.
• Syslog Discovery now supports SNMPv3 credentials for enhanced security.
• Based on user configuration, the agent can now stop log collection upon upload failure or when the license quota is exceeded.
• Log360 Cloud MSSP clients now receive a default allocation of 50GB upon account creation. If an MSSP account has less than 50GB but at least 1GB of available storage, the remainder is given to the client. However, if the available storage drops below 1GB, client account creation is halted until a license is purchased.
• Changes to Log360 Cloud MSSP base subscription include reduced client add-on pricing to $495 per year and $49 per month, increased storage to 150 GB, allowance for up to 3 regular clients and 2 evaluation clients per licensed customer, and customizable log retention.
• The GUI of the compliance page has been revamped. This will enable enhanced navigation and management of compliance reports.

Features

• Custom Log Parsing: Log360 Cloud's custom log parsing now enables users to extract additional fields from logs by defining parser rules. This feature additionally facilitates the creation of custom formats and enables the definition of parser rules specific to these newly generated formats. These log formats, along with their respective parsing rules, can be applied to any new or existing log sources added as syslog.

Features

• Real-time Threat Analytics: Log360 Cloud now offers real-time threat analytics for traffic via the gateway server. Administrators can now view website reputation scores and app categories to identify potential threats and manage productivity effectively. New reports including these values, such as 'Low Reputed Apps' and 'Top Cloud App Categories', have been added.
• Gateway Server Logs: An option to "View Gateway Server Logs" has been added to the List Gateway Server page, allowing users to track all status changes that occur on the Gateway Server.
• Website Access Security: Gateway Servers now support accessing websites enabled with TLSv1.3 and those configured with 2-way SSL, ensuring broader compatibility and security.
• Backup Gateway Server: A lightweight backup gateway server has been added to ensure continuous internet connectivity, if the primary gateway server fails.

Enhancements

• Improved User Interface: The top pane now consistently displays Pricing details, Personalized Demo, and Get Quote options for users in the free plan and trial plan, ensuring easy access to essential features. Additionally, Personalized Demo and Get Quote options have been added to the Demo Page.
• File Upload Reporting: File upload reporting now includes uploads done via Zoho APIs, Microsoft 365 SharePoint, and Graph APIs, providing more comprehensive insights into user activities.
• Gateway Server Health Monitoring: The Gateway Server Health table on the managed server page has been enhanced to include additional information about Disk Space status and sync status, aiding in server performance monitoring.
• Multipart File Upload Reports: Multipart file upload reports now feature a column displaying the Filename, enhancing the clarity of file upload data analysis.
• Enhanced Security Measures: Cloud Protection's Gateway server now prevents users from accessing websites with revoked certificates.
• Improved Error Page: The Gateway Server Error Page for end users has been revamped to enhance user experience and provide clearer error messages.

Fixes

• Minor fixes have been implemented to improve overall system stability and performance.

Features

Incident Workbench

Log360 Cloud now introduces an exclusive threat investigation console for advanced contextual analytics. This console is called the 'Incident Workbench' and can be invoked from multiple dashboards of Log360 Cloud. The features include the following:

• User activity overview and AD object details
• Process analytics

  This analysis comprises process spawning with parent-child process trees available in multiple graphical formats.

• Threat analytics

  This analysis is offered through the integration of Log360 Cloud's Advanced Threat Analytics for in-depth risk analysis of IPs, URLs, and Domains. Along with the threat analysis, the integration of VirusTotal, one of the largest live threat feeds, is also introduced in this release and will be available in the Incident Workbench

Users can add upto 20 analytical tabs in a single instance of the Incident Workbench and can save it to Incidents as Threat Evidences.

Device summary

Log360 Cloud now introduces an analytical console to view the overall device summary events. This console can be invoked from multiple dashboards of Log360 Cloud. Users can find event summary for the selected period,device severity events, and alerts summary.

Enhancements

• Correlation rule package

  Log360 Cloud now adds 50+ new predefined correlation rules complementing the new features released to level up threat detection. This new package includes rules for detecting suspicious process spawning, use of prevalent attacker tools like Mimikatz and Metasploit, and living off the land mechanisms with the exploitation of native binary tools and utilities.

Features

• AWS ALB & NLB Analytics: Log360 Cloud now supports automatic ingestion and analytics of AWS Application Load Balancer (ALB) and Network Load Balancer (NLB) log formats. The solution now provides:
  • Application Load Balancer Reports
  • Network Load Balancer Reports
• Custom Reports: Users can efficiently create custom reports in Log360 Cloud and view them in four different formats: table, summary, matrix, and multi-report.
• Scheduling Report Export and Distribution: Users can schedule the generation of selected reports at various frequencies and easily distribute them via email or SMS.

Features

• Threat Alert Profile Creation: Users can now create a threat alert profile by enabling either default or advanced threat analytics, or upon purchasing a license.

Enhancements

• Automatic device inclusion in threat alert profiles: A new checkbox has been added to the alert profile creation page for threat profiles. When selected, it automatically adds all current and future devices to the threat alert profile, ensuring comprehensive monitoring without the need for manual updates.

Issue Fixes

• This release includes several hotfixes, enhancing the stability and performance of Log360 Cloud.

New feature

• New out-of-the-box compliance reports: Audit ready and out-of-the-box compliance reports are now available for the following compliance standards:
  • Saudi Arabian Monetary Authority (SAMA)
  • Criminal Justice Data Communications Network (CJDN)
  • Systems and Organization Controls (SOC 2)
  • Qatar Cybersecurity Framework (QCF)
  • Trusted Information Security Assessment Exchange (TISAX)
  • Kingdom of Saudi Arabia Essential Cybersecurity Controls (ECC)
  • Saudi Arabia's Personal Data Protection Law (PDPL)
  • United Arab Emirates National Electronic Security Authority (UAE-NESA)
  • General Law for the Protection of Personal Data (LGPD)

These out-of-the-box compliance reports will help monitor the security posture of the network, and stay compliant to the respective compliance mandates.

Issue fix

• A critical issue related to the configuration of the active directory audit policy from the account settings page has been fixed.

Enhancements

• Active Directory Object Level Auditing: Automatic configuration for AD object level auditing is now supported.

New feature

• Log360 Cloud can now audit GPO changes, thereby enhancing security and visibility into the Active Directory infrastructure.

New feature

• Professional Edition: Exclusive edition to cater to custom log retention needs, starting at $1,995. With this edition you get:
  • Storage: Default 150GB
  • Search Retention: 90 days.
  • Storage Retention: Customizable by the user.
• Standard Plan update: Standard Plan now starts at $995, with 150GB default storage.

Enhancements

• OU filter performance was enhanced.

Fixes

• The error "Domain already exists" on adding two different domains of the same name has been fixed.
• Search export button visibility issue has been fixed.
• Time zone mismatch between the search page and my-accounts page has been fixed.
• Default fields missing issue in Search Add/Remove feature has been fixed.
• Non security group logs in security group reports issue has been fixed.

New Features

Active Directory Reports:

• Log360 Cloud now supports Active Directory reports, allowing users to view them on the comprehensive AD Overview dashboard.
• The dashboard helps users gather vital insights about their Active Directory with predefined reports, allowing them to customize the reports, filter them based on domains and do much more.
• Account settings now include Domain Controller information and Audit Policy configuration required for certain Active Directory reports.
• Users can now sync Domain Groups and Domain Users.

Ticketing Tool Status:

• Log360 Cloud now supports the following ticketing tools: Jira Service Desk Cloud and Freshservice Cloud.
• Users can view the ticket details and the live status fetched from the configured ticketing tools in the Alerts page.

Fixes

• Issues related to Domain Objects synchronization have been fixed.

Fixes

• Parsing issues in the following Palo Alto device type reports have been fixed:
  • VPN Logon Success
  • VPN Logon Failed
  • Firewall Logon Success
  • Firewall Logon Failed
• Fixed the DFS bottleneck issue, and enhanced the file data storage during job submission.

Enhancements

• Default support for standard syslog protocol in Sophos format has been added.

Fix

• The release fixes the delegation mapping omission for client users, ensuring a smoother account setup process.

New Features

• Language update: Log360 Cloud now additionally supports Japanese and Simplified Chinese.
• Audit logs from Dell, Forcepoint and Stormshield devices: Log360 Cloud now supports log collection and offers pre-defined reports from Dell, Forcepoint and Stormshield devices.

Enhancements

• The release supports revamped reports for network devices.

Fixes

• The release fixes few usability bugs, UI and log parsing issues.

Enhancements

• A Bulk Refresh IP option has been added in the "Other devices" page in device configuration settings. This allows the other device users to bulk refresh their IPs.
• The cloud account configuration, AWS fields and data source configuration have been revamped.
• Enhancements have been made to cloud protection usability, alert, and correlation criteria matching.

Fixes

• This release fixes the space issue in the "To address" tab in alert email notification.
• The Meraki firmware upgrade which caused the parsing issue of Meraki logs has also been fixed.

Fixes

• This release fixes the log collection issue in Microsoft 365 caused by excessive data, ensuring proper collection of logs.

New features

• Log360 Cloud MSSP is now available for managed security service providers.

  Learn more.
• New Cloud Protection dashboard tab has been added in Log360 Cloud Home
• Cloud Protection tab can be now filtered with date-time range.

Enhancements

• UI enhancements have been made in the Manage Gateway Server, CA Certificate page & Certificate Trust Store page
• Enhancements have been made in Banned Applications and Sanctioned Applications
• Remarks column is added in Add New Cloud Applications to Sanctioned List/Banned List with a popup to notify users about conflicting configurations.

Fixes

• When PAC Proxy is chosen in Gateway Server configuration, an issue related to handling multiple choices is now fixed.

Troubleshoot

• Troubleshoot link is now provided in Gateway Servers list page along with error status codes.
• New Gateway Server error status codes for low disk space, sync failure, PAC proxy error are handled

New features

• Improved Incident Dashboard: An Incident Overview dashboard has been added to show the status of incidents and provide analysts with the insights to take better incident response measures.
• Audit Logs from VMWare ESXi Device: Log360 Cloud now supports log collection from ESXi Devices. This allows you to audit login/logoff events, VM state changes, VMWares System Events and Server Events.
• Support Access: Administrators and operators can now share data during debugging to provide optimal support. When enabled, they will be able to provide view or modify access to their app account data with the Log360 Cloud's support team for a specified time.
• Storage Estimation: Users can now estimate the amount of storage they need to purchase based on their devices and events requirements.
• Historic Log Collection: Administrators can now retrieve the past logs for a particular device based on the time range given by them.
• Listener Ports: Syslog listener port handling has been moved from Manage Agents to Listener Ports to efficiently configure and manage the syslog ports.

Enhancements

• Added end-to-end encryption for data in transit between the Log360Cloud server & its agents using industry standard AES-256 protocol.
• Peer device verification force enabled in all agents

New features

• Inventory Synchronization: When Windows Devices are renamed in Active Directory, the updated names will be reflected in Log360 Cloud. When Windows Devices are deleted from Active Directory, they will be shown as decommissioned devices in Log360 Cloud.
• Real-time log collection - Windows logs can now be collected in real time via agent-based log collection
• Log collection filter - User can now add filters for log collection for Windows and Syslog Devices to exclude or collect the logs which are only required to save storage and network bandwidth

Enhancements

• Password and username can be simultaneously updated for multiple devices.
• The IP address can be updated by refreshing all devices or selected devices in Log360 Cloud.

New features

• Log360 cloud now supports Microsoft 365 auditing. Users can add multiple tenants to gain insights on usage, accesses, and modifications to spot anomalies and prevent breaches.

Enhancements

• Log sources: when click action is implemented in event counts & last 10 events shown in Devices and Cloudsources table, log data will be displayed in drilldown popup.
• Dashboard: Recent-alerts widget is introduced. Most of the dashboard widgets will have drilldown popup, which will show the underlying data of the widget report. You can export the data for further analysis.
• Alerts and incidents: Clicking more details on correlation alerts ,will display correlation data in timeline view.
• Device management settings: On clicking the last 10 events present in last message time column of devices, syslogs table , log data will be displayed in drilldown popup.
• Sorting option has been added to the reports table on the reports page.

Features

• Log360 Cloud now supports data storage in the AU Data Center too.

Enhancements

• Log360cloud now lets you configure preferences on an organization level through the Product Settings Page.
• Log360cloud now lets you customize preferences on a user level through the My Accounts Page.
• Log360Cloud now has Working Hours Settings which provides the following capabilities:
  • The ability to generate trend reports to analyse network patterns during the working and non-working hours of your organization.
  • Option to trigger Collector Down Notification based on the working, non-working or the custom hours set by the admin.

Fixes

• This release fixes ZVE-2022-2665 vulnerability which restricted guest users from performing Device Groups actions.
• This release fixes ZVE-2022-2671 vulnerability where the guest user can enable/disable compliance therefore committing privilege escalation, reported by Amit khandebharad.

New features

• Log360 Cloud now helps you to forward the logs collected from configured sources to a specific AWS account storage.
• The Manage Gateway Server page has been revamped to assist in detecting and debugging gateway server configuration issues. It includes:
  • Sync status and comparison of Gateway Server health properties.
  • Manual sync option between the Gateway Server and Log360Cloud Cloud Protection server.

Enhancements

• Log360 Cloud now has two set of license packages (Basic and Standard).
• Log360 Cloud now provides card-less trial to explore the product features.
• Log360Cloud now has enhanced cloud access security broker (CASB) functionality by,
  • All configuration information will be zipped before transfer to reduce the communication time between the Log360Cloud server and the Gateway Server.
  • The browser name parsing engine has been updated to include the latest user agent details.
  • The PAC script used in proxy chain configuration will now be fetched automatically every 60 minutes.
  • Rules used for file upload detection have been updated for the cloud applications under the domains namely Microsoft365, Zoho, Box.

Issue Fixes

• A Gateway Server uninstallation issue that left a few files undeleted in the server has been fixed.

New feature

• Log360 Cloud now offers event correlation capabilities.
• You can now configure threshold for alerts in Log360 Cloud.

Enhancements

• The agent down notifications will not be sent during agent upgrades.
• Issues in agent upgrade have been fixed.

New feature

• Log360 Cloud now provides out-of-the-box compliance reports for the Protection of Personal Information Act (POPIA) and the California Privacy Rights Act (CPRA).

New feature (Beta release)

• Log360 Cloud incorporates cloud access security broker (CASB) capability by providing a cloud protection server in networks to help organizations:
  • Monitor cloud application usage
  • Track data transfer to cloud
  • Monitor and control the use of shadow applications
  • Block high-risk cloud applications

New feature

• Monitor and audit AWS accounts: Log360 cloud now supports monitoring changes made to AWS accounts. It allows you to audit access to AWS S3 buckets and track Elastic Load Balancing (ELB) traffic.

Features

• Log360 Cloud now offers a Threat Management console to detect and track malicious content.
• Log360 Cloud now provides Advanced Threat Analytics. You can now get crucial information on the severity of threats when potentially malicious URLs, domains, and IP addresses intrude into the network.

Features

• Log360 Cloud now offers audit reports to track the actions that admins and technicians perform with the tool.
• The solution now has pre-defined reports for the below compliance mandates,
  • Code of Connection (CoCo)
  • Family Educational Rights and Privacy Act (FERPA)
  • Gramm-Leach-Bliley Act (GLBA)
  • Information Security Level Protection (ISLP)
  • North American Electric Reliability Corporation Critical Infrastructure Program (NERC CIP)
  • National Institute of Standards and Technology (NIST)
  • Nuclear Regulatory Commission (NRC)
  • Philippines Data Privacy Act (PDPA)
  • Cybersecurity Maturity Model Certification (CMMC)

Enhancements

• Log360 Cloud now adds ServiceDesk Plus Cloud to the list of software that can be added in Ticketing Tools.
• Log360 Cloud now provides notifications when the maximum limit for alerts is reached, which is 5000 for each alert profile.

Features

• Log360 Cloud now helps you streamline security incident management.
  • Investigate and track security incidents.
  • Create incidents and assign technicians to investigate them.
  • Track the status, severity, and the progress made in the investigation of incidents.
• You can now map triggered alerts, reports, and log search results as incidents and assign a technician to investigate them.
• Log360 Cloud now provides notifications for important events in users' network via both email and SMS. It provides notifications for the following actions:
  • Access Key Regeneration
  • Account Termination
  • Agent Down
  • GDPR Enabled
  • Reload Historical Logs
  • Storage Threshold Reached
  • User Management
• Log360 Cloud now provides the option to reload historical logs.

Features

• The option to switch Data centers during signup is now available. This enables storage of customer data in the Europe (EU) DataCenter also.

Features

• Log360 Cloud now has pre-defined reports for the Cyber Essentials compliance mandate.

Features

• Search results can now be saved as tags, exported, and new reports and alert profiles can be created from a saved search.
• Alerts: A range of predefined and customizable alert profiles can now be configured.

Enhancement

• The dashboard can be customized. The option to add interactive graphical dashboards as widgets is now available.

Issue fix

• Issue with updating dashboard data when devices are added has been fixed.

Features

• Log360 Cloud now has pre-defined audit report templates for major compliance regulations such as the GDPR, SOX, FISMA, PCI-DSS, and more.

Enhancements

• The Graphical User Interface of the reports has been revamped for providing enhanced insights.

Enhancements

• The light weight agent of Log360 Cloud now replaces the heavy agent used for collecting logs from Windows and Linux devices.