Release Notes

Released in June

  • Released on 18 June 2024
  • Features

    • Log360 Cloud now offers expanded support for various application logs that includes
      • Databases: MSSQL, Oracle, MySQL, PgSQL, DB2.
      • Web servers: IIS Web, IIS FTP, Apache.
      • Security applications: Malwarebytes, McAfee, Trend Micro, FireEye, CEF Format, Symantec Endpoint Protection, Symantec DLP.
      • Other server logs: Terminal, Sysmon, DHCP (Windows & Linux), SAP ERP Logs.
      • ManageEngine applications: Password Manager Pro, OpManager, ADAudit Plus, Exchange Reporter Plus.
    • Log360 Cloud introduces file integrity monitoring (FIM) to monitor unauthorized changes made to sensitive files and folders in a Windows environment. The feature includes FIM Dashboard, alerts, compliance support, and FIM Reports.
    • Users can now import logs from other sources directly into Log360 Cloud.
    • Log360 Cloud now supports REST API to enable users of other applications to access and search for events from within its console.
    • The Teams feature in Log360 Cloud now helps organizations streamline their operations by offering a flat architecture, enabling multiple teams to function securely and independently. With granular user management and individual licensing, users can now seamlessly create and manage teams, switch between them, and ensure data segregation for heightened security.
    • Evaluation clients in Log360 Cloud enables MSSPs to include prospective clients on trial period alongside regular clients. They are provided with 50GB storage, customizable log retention, 90-day search retention, 10 correlation rules, 50 alert profiles, and advanced threat analytics. The storage allotted for evaluation clients does not reflect in dashboards. And, only two evaluation clients is allowed per MSSP, convertible to regular clients upon license application.
  • Enhancements

    • Over 20 new predefined correlation rules have been added to detect prevalent attacker tools and living-off-the-land attacks.
    • Syslog Discovery now supports SNMPv3 credentials for enhanced security.
    • Based on user configuration, the agent can now stop log collection upon upload failure or when the license quota is exceeded.
    • Log360 Cloud MSSP clients now receive a default allocation of 50GB upon account creation. If an MSSP account has less than 50GB but at least 1GB of available storage, the remainder is given to the client. However, if the available storage drops below 1GB, client account creation is halted until a license is purchased.
    • Changes to Log360 Cloud MSSP base subscription include reduced client add-on pricing to $495 per year and $49 per month, increased storage to 150 GB, allowance for up to 3 regular clients and 2 evaluation clients per licensed customer, and customizable log retention.
    • The GUI of the compliance page has been revamped. This will enable enhanced navigation and management of compliance reports.

Released in April

  • Released on 30 April 2024
  • New Feature

    • Custom Log Parsing: Log360 Cloud's custom log parsing now enables users to extract additional fields from logs by defining parser rules. This feature additionally facilitates the creation of custom formats and enables the definition of parser rules specific to these newly generated formats. These log formats, along with their respective parsing rules, can be applied to any new or existing log sources added as syslog.
  • Released on 03 April 2024
  • New Features

    • Real-time Threat Analytics: Log360 Cloud now offers real-time threat analytics for traffic via the gateway server. Administrators can now view website reputation scores and app categories to identify potential threats and manage productivity effectively. New reports including these values, such as 'Low Reputed Apps' and 'Top Cloud App Categories', have been added.
    • Gateway Server Logs: An option to "View Gateway Server Logs" has been added to the List Gateway Server page, allowing users to track all status changes that occur on the Gateway Server.
    • Website Access Security: Gateway Servers now support accessing websites enabled with TLSv1.3 and those configured with 2-way SSL, ensuring broader compatibility and security.
    • Backup Gateway Server: A lightweight backup gateway server has been added to ensure continuous internet connectivity, if the primary gateway server fails.
  • Enhancements

    • Improved User Interface: The top pane now consistently displays Pricing details, Personalized Demo, and Get Quote options for users in the free plan and trial plan, ensuring easy access to essential features. Additionally, Personalized Demo and Get Quote options have been added to the Demo Page.
    • File Upload Reporting: File upload reporting now includes uploads done via Zoho APIs, Microsoft 365 SharePoint, and Graph APIs, providing more comprehensive insights into user activities.
    • Gateway Server Health Monitoring: The Gateway Server Health table on the managed server page has been enhanced to include additional information about Disk Space status and sync status, aiding in server performance monitoring.
    • Multipart File Upload Reports: Multipart file upload reports now feature a column displaying the Filename, enhancing the clarity of file upload data analysis.
    • Enhanced Security Measures: Cloud Protection's Gateway server now prevents users from accessing websites with revoked certificates.
    • Improved Error Page: The Gateway Server Error Page for end users has been revamped to enhance user experience and provide clearer error messages.
  • Fixes:

    • Minor fixes have been implemented to improve overall system stability and performance.

Released in February

Released on 20 February 2024

  • Released on 20 February 2024
  • Features

  • Incident Workbench

    Log360 Cloud now introduces an exclusive threat investigation console for advanced contextual analytics. This console is called the 'Incident Workbench' and can be invoked from multiple dashboards of Log360 Cloud. The features include the following:

    • User activity overview and AD object details
    • Process analytics

      This analysis comprises process spawning with parent-child process trees available in multiple graphical formats.

    • Threat analytics

      This analysis is offered through the integration of Log360 Cloud's Advanced Threat Analytics for in-depth risk analysis of IPs, URLs, and Domains. Along with the threat analysis, the integration of VirusTotal, one of the largest live threat feeds, is also introduced in this release and will be available in the Incident Workbench

    Users can add upto 20 analytical tabs in a single instance of the Incident Workbench and can save it to Incidents as Threat Evidences.

    Device summary

    Log360 Cloud now introduces an analytical console to view the overall device summary events. This console can be invoked from multiple dashboards of Log360 Cloud. Users can find event summary for the selected period,device severity events, and alerts summary.

  • Enhancements

    • Correlation rule package

      Log360 Cloud now adds 50+ new predefined correlation rules complementing the new features released to level up threat detection. This new package includes rules for detecting suspicious process spawning, use of prevalent attacker tools like Mimikatz and Metasploit, and living off the land mechanisms with the exploitation of native binary tools and utilities.

  • Released on 19 February 2024
  • New Feature

    • AWS ALB & NLB Analytics: Log360 Cloud now supports automatic ingestion and analytics of AWS Application Load Balancer (ALB) and Network Load Balancer (NLB) log formats. The solution now provides:
      • Application Load Balancer Reports
      • Network Load Balancer Reports
    • Custom Reports: Users can efficiently create custom reports in Log360 Cloud and view them in four different formats: table, summary, matrix, and multi-report.
    • Scheduling Report Export and Distribution: Users can schedule the generation of selected reports at various frequencies and easily distribute them via email or SMS.
  • Enhancements

    • Manage View: Users can create and manage multiple views of the same report. This enables you to view the report based on different parameters such as time, domain, source, etc. The different views will be generated from the same set of log data.
    • Manage Pre-defined Reports: Users can now personalize the arrangement of reports based on their specific requirements.
    • Notification Template: Users can now customize notification messages and recipient lists for specified events, enabling them to receive email or SMS alerts as needed.
    • Windows Group Reordering: Windows reports have been reorganized for improved usability through group reordering, and a few obsolete reports have been removed.
    • Increase in Real-Time Devices: The earlier restriction of 25 real-time devices for a Log360 cloud account has been increased to allow 25 real-time devices per agent. This will enable users to configure as many real-time devices as required by using multiple agents.
    • Streamlining Device Selector Window: While adding devices for log collection, the device selector window will not display devices that have already been added. If there are no more devices to be added from a domain, a message saying "All devices are already added" will be shown.
  • Fixes

    • The log collector has been improved for stabilized operation from crashes. This will enhance seamless log collection.
    • Duplication of devices that share IP addresses or other factors will no longer occur as they will be differentiated using a unique ID or the FQDN.
    • Performance issues associated with exporting 100,000 log records from a larger data pool of around 10 million records have been resolved.

Released in January

Released on 12 January 2024

  • Released on 12 January 2024
  • New Feature

    • Threat Alert Profile Creation: Users can now create a threat alert profile by enabling either default or advanced threat analytics, or upon purchasing a license.
  • Enhancements

    • Automatic device inclusion in threat alert profiles: A new checkbox has been added to the alert profile creation page for threat profiles. When selected, it automatically adds all current and future devices to the threat alert profile, ensuring comprehensive monitoring without the need for manual updates.
  • Issue Fixes

    • This release includes several hotfixes, enhancing the stability and performance of Log360 Cloud.

Released in December

Released on 06 December 2023

  • Released on 29 December 2023
  • New feature

    • New out-of-the-box compliance reports: Audit ready and out-of-the-box compliance reports are now available for the following compliance standards:
      • Saudi Arabian Monetary Authority (SAMA)
      • Criminal Justice Data Communications Network (CJDN)
      • Systems and Organization Controls (SOC 2)
      • Qatar Cybersecurity Framework (QCF)
      • Trusted Information Security Assessment Exchange (TISAX)
      • Kingdom of Saudi Arabia Essential Cybersecurity Controls (ECC)
      • Saudi Arabia's Personal Data Protection Law (PDPL)
      • United Arab Emirates National Electronic Security Authority (UAE-NESA)
      • General Law for the Protection of Personal Data (LGPD)
    • These out-of-the-box compliance reports will help monitor the security posture of the network, and stay compliant to the respective compliance mandates.

  • Released on 21 December 2023
  • Issue fix

    • A critical issue related to the configuration of the active directory audit policy from the account settings page has been fixed.
  • Released on 06 December 2023
  • Enhancements

    • Active Directory Object Level Auditing: Automatic configuration for AD object level auditing is now supported.

Released in November

Released on 14 November 2023

  • Released on 23 November 2023
  • New feature

    • Log360 Cloud can now audit GPO changes, thereby enhancing security and visibility into the Active Directory infrastructure.
  • Released on 14 November 2023
  • New feature

    • Professional Edition: Exclusive edition to cater to custom log retention needs, starting at $1,995. With this edition you get:
      • Storage: Default 150GB
      • Search Retention: 90 days.
      • Storage Retention: Customizable by the user.
    • Standard Plan update: Standard Plan now starts at $995, with 150GB default storage.
  • Released on 07 November 2023
  • Enhancements

    • OU filter performance was enhanced.
  • Fixes

    • The error "Domain already exists" on adding two different domains of the same name has been fixed.
    • Search export button visibility issue has been fixed.
    • Time zone mismatch between the search page and my-accounts page has been fixed.
    • Default fields missing issue in Search Add/Remove feature has been fixed.
    • Non security group logs in security group reports issue has been fixed.
  • Released on 03 November 2023
  • New Features

    • Active Directory Reports:

    • Log360 Cloud now supports Active Directory reports, allowing users to view them on the comprehensive AD Overview dashboard.
    • The dashboard helps users gather vital insights about their Active Directory with predefined reports, allowing them to customize the reports, filter them based on domains and do much more.
    • Account settings now include Domain Controller information and Audit Policy configuration required for certain Active Directory reports.
    • Users can now sync Domain Groups and Domain Users.
    • Ticketing Tool Status:

    • Log360 Cloud now supports the following ticketing tools: Jira Service Desk Cloud and Freshservice Cloud.
    • Users can view the ticket details and the live status fetched from the configured ticketing tools in the Alerts page.
  • Fixes

    • Issues related to Domain Objects synchronization have been fixed.

Released in October

Released on October 2023

    \
  • Released on 16 October 2023
  • Fixes

    • Parsing issues in the following Palo Alto device type reports have been fixed:
      1. VPN Logon Success
      2. VPN Logon Failed
      3. Firewall Logon Success
      4. Firewall Logon Failed
    • Fixed the DFS bottleneck issue, and enhanced the file data storage during job submission.
  • Enhancements

    • Default support for standard syslog protocol in Sophos format has been added.

Released in September

Released on 04 September 2023

  • Released on 04 September 2023
  • Fix

    • The release fixes the delegation mapping omission for client users, ensuring a smoother account setup process.

Released in August

Released on 26 August 2023

  • Released on 26 August 2023
  • New Features

    • Language update: Log360 Cloud now additionally supports Japanese and Simplified Chinese.
    • Audit logs from Dell, Forcepoint and Stormshield devices: Log360 Cloud now supports log collection and offers pre-defined reports from Dell, Forcepoint and Stormshield devices.
  • Enhancements

    • The release supports revamped reports for network devices.
  • Fixes

    • The release fixes few usability bugs, UI and log parsing issues.

Released in July

Released on 06 July 2023

  • Released on 06 July 2023
  • Enhancements

    • A Bulk Refresh IP option has been added in the "Other devices" page in device configuration settings. This allows the other device users to bulk refresh their IPs.
    • The cloud account configuration, AWS fields and data source configuration have been revamped.
    • Enhancements have been made to cloud protection usability, alert, and correlation criteria matching.
  • Fixes

    • This release fixes the space issue in the "To address" tab in alert email notification.
    • The Meraki firmware upgrade which caused the parsing issue of Meraki logs has also been fixed.

Released in June

Released on 26 June 2023

  • Released on 26 June 2023
  • Fixes

    • This release fixes the log collection issue in Microsoft 365 caused by excessive data, ensuring proper collection of logs.

Released in April

Released on 18 April 2022

  • Released on 25 April 2023
  • New

    • Log360 Cloud MSSP is now available for managed security service providers. Learn more.
  • New features

    • New Cloud Protection dashboard tab has been added in Log360 Cloud Home
    • Cloud Protection tab can be now filtered with date-time range.
  • Enhancements

    • UI enhancements have been made in the Manage Gateway Server, CA Certificate page & Certificate Trust Store page
    • Enhancements have been made in Banned Applications and Sanctioned Applications
    • Remarks column is added in Add New Cloud Applications to Sanctioned List/Banned List with a popup to notify users about conflicting configurations.
  • Fixes

    • When PAC Proxy is chosen in Gateway Server configuration, an issue related to handling multiple choices is now fixed.
  • Troubleshoot

    • Troubleshoot link is now provided in Gateway Servers list page along with error status codes.
    • New Gateway Server error status codes for low disk space, sync failure, PAC proxy error are handled
  • Released on 18 April 2023
  • New Feature

    • Improved Incident Dashboard: An Incident Overview dashboard has been added to show the status of incidents and provide analysts with the insights to take better incident response measures.
    • Audit Logs from VMWare ESXi Device: Log360 Cloud now supports log collection from ESXi Devices. This allows you to audit login/logoff events, VM state changes, VMWares System Events and Server Events.
    • Support Access: Administrators and operators can now share data during debugging to provide optimal support. When enabled, they will be able to provide view or modify access to their app account data with the Log360 Cloud's support team for a specified time.
    • Storage Estimation: Users can now estimate the amount of storage they need to purchase based on their devices and events requirements.
    • Historic Log Collection: Administrators can now retrieve the past logs for a particular device based on the time range given by them.
    • Listener Ports: Syslog listener port handling has been moved from Manage Agents to Listener Ports to efficiently configure and manage the syslog ports.
  • Enhancements

    • Added end-to-end encryption for data in transit between the Log360Cloud server & its agents using industry standard AES-256 protocol.
    • Peer device verification force enabled in all agents

Released in March

Released on 24 March 2022

  • New Feature

    • Inventory Synchronization: When Windows Devices are renamed in Active Directory, the updated names will be reflected in Log360 Cloud. When Windows Devices are deleted from Active Directory, they will be shown as decommissioned devices in Log360 Cloud.
    • Real-time log collection - Windows logs can now be collected in real time via agent-based log collection
    • Log collection filter - User can now add filters for log collection for Windows and Syslog Devices to exclude or collect the logs which are only required to save storage and network bandwidth
  • Enhancements

    • Password and username can be simultaneously updated for multiple devices.
    • The IP address can be updated by refreshing all devices or selected devices in Log360 Cloud.

Released in January

Released on 04 January 2022

  • New Feature

    • Log360 cloud now supports Microsoft 365 auditing. Users can add multiple tenants to gain insights on usage, accesses, and modifications to spot anomalies and prevent breaches.
  • Enhancements

    • Log sources: when click action is implemented in event counts & last 10 events shown in Devices and Cloudsources table, log data will be displayed in drilldown popup.
    • Dashboard: Recent-alerts widget is introduced. Most of the dashboard widgets will have drilldown popup, which will show the underlying data of the widget report. You can export the data for further analysis.
    • Alerts and incidents: Clicking more details on correlation alerts ,will display correlation data in timeline view.
    • Device management settings: On clicking the last 10 events present in last message time column of devices, syslogs table , log data will be displayed in drilldown popup.
    • Sorting option has been added to the reports table on the reports page.

Released in December

Released on 19 December 2022

  • New Feature

    • Log360 Cloud now supports data storage in the AU Data Center too.

Released in November

Released on 15 November 2022

  • Enhancements

    • Log360cloud now lets you configure preferences on an organization level through the Product Settings Page.
    • Log360cloud now lets you customize preferences on a user level through the My Accounts Page.
    • Log360Cloud now has Working Hours Settings which provides the following capabilities:
      • The ability to generate trend reports to analyse network patterns during the working and non-working hours of your organization.
      • Option to trigger Collector Down Notification based on the working, non-working or the custom hours set by the admin.

Released in October

Released on 12 October 2022

  • Fixes

    • This release fixes ZVE-2022-2665 vulnerability which restricted guest users from performing Device Groups actions.
  • Fixes

    • This release fixes ZVE-2022-2671 vulnerability where the guest user can enable/disable compliance therefore committing privilege escalation, reported by Amit khandebharad.

Released in August

Released on 25 August 2022

  • New features

    • Log360 Cloud now helps you to forward the logs collected from configured sources to a specific AWS account storage.
    • The Manage Gateway Server page has been revamped to assist in detecting and debugging gateway server configuration issues. It includes:
      • Sync status and comparison of Gateway Server health properties.
      • Manual sync option between the Gateway Server and Log360Cloud Cloud Protection server.
  • Enhancements

    • Log360 Cloud now has two set of license packages (Basic and Standard).
    • Log360 Cloud now provides card-less trial to explore the product features.
    • Log360Cloud now has enhanced cloud access security broker (CASB) functionality by,
      • All configuration information will be zipped before transfer to reduce the communication time between the Log360Cloud server and the Gateway Server.
      • The browser name parsing engine has been updated to include the latest user agent details.
      • The PAC script used in proxy chain configuration will now be fetched automatically every 60 minutes.
      • Rules used for file upload detection have been updated for the cloud applications under the domains namely Microsoft365, Zoho, Box.
  • Issue Fixes

    • A Gateway Server uninstallation issue that left a few files undeleted in the server has been fixed.

Released in June

Released on 07 June 2022

  • New feature

    • Log360 Cloud now offers event correlation capabilities.
    • You can now configure threshold for alerts in Log360 Cloud.
  • Enhancements

    • The agent down notifications will not be sent during agent upgrades.
    • Issues in agent upgrade have been fixed.

Released in May

Released on 09 May 2022

  • New feature

    • Log360 Cloud now provides out-of-the-box compliance reports for the Protection of Personal Information Act (POPIA) and the California Privacy Rights Act (CPRA).

Released in February

Released on 24 Jan 2022

  • New feature
    (Beta release):

    • Log360 Cloud incorporates cloud access security broker (CASB) capability by providing a cloud protection server in networks to help organizations:
      • Monitor cloud application usage
      • Track data transfer to cloud
      • Monitor and control the use of shadow applications
      • Block high-risk cloud applications
  • New feature:

    • Monitor and audit AWS accounts: Log360 cloud now supports monitoring changes made to AWS accounts. It allows you to audit access to AWS S3 buckets and track Elastic Load Balancing (ELB) traffic.

Released in October

Released on 29 Oct 2021

  • New Features

    • Log360 Cloud now offers a Threat Management console to detect and track malicious content.
    • Log360 Cloud now provides Advanced Threat Analytics. You can now get crucial information on the severity of threats when potentially malicious URLs, domains, and IP addresses intrude into the network.

Released in August

Released on 13 Aug 2021

  • New Features

    • Log360 Cloud now offers audit reports to track the actions that admins and technicians perform with the tool.
    • The solution now has pre-defined reports for the below compliance mandates,
      • Code of Connection (CoCo)
      • Family Educational Rights and Privacy Act (FERPA)
      • Gramm-Leach-Bliley Act (GLBA)
      • Information Security Level Protection (ISLP)
      • North American Electric Reliability Corporation Critical Infrastructure Program (NERC CIP)
      • National Institute of Standards and Technology (NIST)
      • Nuclear Regulatory Commission (NRC)
      • Philippines Data Privacy Act (PDPA)
      • Cybersecurity Maturity Model Certification (CMMC)
  • Enhancements

    • Log360 Cloud now adds ServiceDesk Plus Cloud to the list of software that can be added in Ticketing Tools.
    • Log360 Cloud now provides notifications when the maximum limit for alerts is reached, which is 5000 for each alert profile.

Released in June

Released on 13 Jun 2021

  • New Features

    • Log360 Cloud now helps you streamline security incident management.
      • Investigate and track security incidents.
      • Create incidents and assign technicians to investigate them.
      • Track the status, severity, and the progress made in the investigation of incidents.
    • You can now map triggered alerts, reports, and log search results as incidents and assign a technician to investigate them.
    • Log360 Cloud now provides notifications for important events in users' network via both email and SMS. It provides notifications for the following actions:
      • Access Key Regeneration
      • Account Termination
      • Agent Down
      • GDPR Enabled
      • Reload Historical Logs
      • Storage Threshold Reached
      • User Management
    • Log360 Cloud now provides the option to reload historical logs.

Released in March

Released on 13 Mar 2021

  • New Feature

    • The option to switch Data centers during signup is now available. This enables storage of customer data in the Europe (EU) DataCenter also.

Released in April

Released on 13 Nov 2020

  • Enhancement

    • The light weight agent of Log360 Cloud now replaces the heavy agent used for collecting logs from Windows and Linux devices.

Released in May

Released on 20 Oct 2020

  • New Feature

    • Log360 Cloud now has pre-defined audit report templates for major compliance regulations such as the GDPR, SOX, FISMA, PCI-DSS, and more.
  • Enhancements

    • The Graphical User Interface of the reports has been revamped for providing enhanced insights.

Released in June

Released on 20 Oct 2020

  • Enhancement

    • The dashboard can be customized. The option to add interactive graphical dashboards as widgets is now available.
  • Issue fix

    • Issue with updating dashboard data when devices are added has been fixed.

Released in July

Released on 20 Oct 2020

  • New features

    • Search results can now be saved as tags, exported, and new reports and alert profiles can be created from a saved search.
    • Alerts: A range of predefined and customizable alert profiles can now be configured.

Released in September

Released on 20 Oct 2020

  • New features

    • Log360 Cloud now has pre-defined reports for the Cyber Essentials compliance mandate.