Release Notes
The latest version of Log360 Cloud will be automatically updated for its users
- Released on 18 November 2024
-
Features
-
- Dark web monitoring
You can now scan the deep and dark web continuously for leaked credentials and personal information associated with your organization, employees, and third-party vendors in Log360 Cloud through our partnership with Constella Intelligence.
You can identify if your domains or other digital assets have been compromised in supply chain breaches through real-time alerts and investigate and respond to threats quickly and efficiently.
Learn more
- External threat feeds integration:
You can now import Sigma rules into Log360 Cloud as alert profiles and detect security threats.
Sigma is a widely adopted format for security signatures, allowing you to detect suspicious activities in your environment.
- Log360 Cloud now supports comprehensive monitoring of your Salesforce Cloud environment.
-
Enhancements
-
- You can now create an external share link for a specific tab or widget within the dashboard for streamlined collaboration using the Embed Dashboard capability.
- Correlation rule package: Log360 Cloud now adds 16 new predefined correlation rules complementing the new features released to level up threat detection. This new package includes rules for detecting living off the land attacks.
- User interface enhancements on the Reports page for better usability.
- Search enhancement
- Save search with time selection: Search can now be saved along with the selected calendar date and time.
- Save graph: The search graph has been enhanced to allow customers to save their graph options, including the newly added 'Graph color' feature.
- Add to search: When clicking on a field in a table row, we can now add the criteria to the query with additional options.
- Graph selection: A portion of the graph can be selected, which highlights it, and the details of the selected portion are updated in the table logs.
- Search history: Search history is maintained to showcase recent queries.
- Share search: Saved searches along with all search preference details can now be shared with other technicians or roles within the organization.
- Sort: Logs in the table can be sorted based on the timestamp of the calendar.
- Time value click action: Clicking on the time field in the table row now provides options to update the calendar time based on the selected time value.
- Save as Alert: We can transition from the search page to the alert page and create alerts with all search-related data
- Agent auto registration
- The agent installation has been upgraded from an MSI package to an executable, enabling a simplified, one-click installation.
- After installation, the agent now requires administrative approval from the server for registration and communication. This ensures a secure and authorized connection before the agent can start interacting with the server.
- The Agent installation directory has been moved to C:\Program Files (x86)\ManageEngine
- Cloud protection
- Gateway Clusters: Users can now group multiple Gateway Servers into Clusters, allowing for streamlined server management. This enhancement simplifies administration, reducing setup time and ensuring consistent configurations across your network.
- Released on 16 September 2024
-
Enhancements
-
- The reporting and analytics feature in Log360 Cloud now helps organizations meet the requirements of TISAX Version 6.0.
- Released on 01 August 2024
-
Enhancements
-
- Minor usability enhancements have been implemented in Log360 Cloud to improve the user experience.
- Released on 18 June 2024
-
Features
-
- Log360 Cloud now offers expanded support for various application logs that includes
- Databases: MSSQL, Oracle, MySQL, PgSQL, DB2.
- Web servers: IIS Web, IIS FTP, Apache.
- Security applications: Malwarebytes, McAfee, Trend Micro, FireEye, CEF Format, Symantec Endpoint Protection, Symantec DLP.
- Other server logs: Terminal, Sysmon, DHCP (Windows & Linux), SAP ERP Logs.
- ManageEngine applications: Password Manager Pro, OpManager, ADAudit Plus, Exchange Reporter Plus.
- Log360 Cloud introduces file integrity monitoring (FIM) to monitor unauthorized changes made to sensitive files and folders in a Windows environment. The feature includes FIM Dashboard, alerts, compliance support, and FIM Reports.
- Users can now import logs from other sources directly into Log360 Cloud.
- Log360 Cloud now supports REST API to enable users of other applications to access and search for events from within its console.
- The Teams feature in Log360 Cloud now helps organizations streamline their operations by offering a flat architecture, enabling multiple teams to function securely and independently. With granular user management and individual licensing, users can now seamlessly create and manage teams, switch between them, and ensure data segregation for heightened security.
- Evaluation clients in Log360 Cloud enables MSSPs to include prospective clients on trial period alongside regular clients. They are provided with 50GB storage, customizable log retention, 90-day search retention, 10 correlation rules, 50 alert profiles, and advanced threat analytics. The storage allotted for evaluation clients does not reflect in dashboards. And, only two evaluation clients is allowed per MSSP, convertible to regular clients upon license application.
-
Enhancements
-
- Over 20 new predefined correlation rules have been added to detect prevalent attacker tools and living-off-the-land attacks.
- Syslog Discovery now supports SNMPv3 credentials for enhanced security.
- Based on user configuration, the agent can now stop log collection upon upload failure or when the license quota is exceeded.
- Log360 Cloud MSSP clients now receive a default allocation of 50GB upon account creation. If an MSSP account has less than 50GB but at least 1GB of available storage, the remainder is given to the client. However, if the available storage drops below 1GB, client account creation is halted until a license is purchased.
- Changes to Log360 Cloud MSSP base subscription include reduced client add-on pricing to $495 per year and $49 per month, increased storage to 150 GB, allowance for up to 3 regular clients and 2 evaluation clients per licensed customer, and customizable log retention.
- The GUI of the compliance page has been revamped. This will enable enhanced navigation and management of compliance reports.
- Released on 30 April 2024
-
New Feature
-
- Custom Log Parsing: Log360 Cloud's custom log parsing now enables users to extract additional fields from logs by defining parser rules. This feature additionally facilitates the creation of custom formats and enables the definition of parser rules specific to these newly generated formats. These log formats, along with their respective parsing rules, can be applied to any new or existing log sources added as syslog.
- Released on 03 April 2024
-
New Features
-
- Real-time Threat Analytics: Log360 Cloud now offers real-time threat analytics for traffic via the gateway server. Administrators can now view website reputation scores and app categories to identify potential threats and manage productivity effectively. New reports including these values, such as 'Low Reputed Apps' and 'Top Cloud App Categories', have been added.
- Gateway Server Logs: An option to "View Gateway Server Logs" has been added to the List Gateway Server page, allowing users to track all status changes that occur on the Gateway Server.
- Website Access Security: Gateway Servers now support accessing websites enabled with TLSv1.3 and those configured with 2-way SSL, ensuring broader compatibility and security.
- Backup Gateway Server: A lightweight backup gateway server has been added to ensure continuous internet connectivity, if the primary gateway server fails.
-
Enhancements
-
- Improved User Interface: The top pane now consistently displays Pricing details, Personalized Demo, and Get Quote options for users in the free plan and trial plan, ensuring easy access to essential features. Additionally, Personalized Demo and Get Quote options have been added to the Demo Page.
- File Upload Reporting: File upload reporting now includes uploads done via Zoho APIs, Microsoft 365 SharePoint, and Graph APIs, providing more comprehensive insights into user activities.
- Gateway Server Health Monitoring: The Gateway Server Health table on the managed server page has been enhanced to include additional information about Disk Space status and sync status, aiding in server performance monitoring.
- Multipart File Upload Reports: Multipart file upload reports now feature a column displaying the Filename, enhancing the clarity of file upload data analysis.
- Enhanced Security Measures: Cloud Protection's Gateway server now prevents users from accessing websites with revoked certificates.
- Improved Error Page: The Gateway Server Error Page for end users has been revamped to enhance user experience and provide clearer error messages.
-
Fixes:
-
- Minor fixes have been implemented to improve overall system stability and performance.
- Released on 20 February 2024
-
Features
-
Incident Workbench
Log360 Cloud now introduces an exclusive threat investigation console for advanced contextual analytics. This console is called the 'Incident Workbench' and can be invoked from multiple dashboards of Log360 Cloud. The features include the following:
- User activity overview and AD object details
- Process analytics
This analysis comprises process spawning with parent-child process trees available in multiple graphical formats.
- Threat analytics
This analysis is offered through the integration of Log360 Cloud's Advanced Threat Analytics for in-depth risk analysis of IPs, URLs, and Domains. Along with the threat analysis, the integration of VirusTotal, one of the largest live threat feeds, is also introduced in this release and will be available in the Incident Workbench
Users can add upto 20 analytical tabs in a single instance of the Incident Workbench and can save it to Incidents as Threat Evidences.
Device summary
Log360 Cloud now introduces an analytical console to view the overall device summary events. This console can be invoked from multiple dashboards of Log360 Cloud. Users can find event summary for the selected period,device severity events, and alerts summary.
-
Enhancements
-
- Correlation rule package
Log360 Cloud now adds 50+ new predefined correlation rules complementing the new features released to level up threat detection. This new package includes rules for detecting suspicious process spawning, use of prevalent attacker tools like Mimikatz and Metasploit, and living off the land mechanisms with the exploitation of native binary tools and utilities.
- Released on 19 February 2024
-
New Feature
-
- AWS ALB & NLB Analytics: Log360 Cloud now supports automatic ingestion and analytics of AWS Application Load Balancer (ALB) and Network Load Balancer (NLB) log formats. The solution now provides:
- Application Load Balancer Reports
- Network Load Balancer Reports
- Custom Reports: Users can efficiently create custom reports in Log360 Cloud and view them in four different formats: table, summary, matrix, and multi-report.
- Scheduling Report Export and Distribution: Users can schedule the generation of selected reports at various frequencies and easily distribute them via email or SMS.
-
Enhancements
-
- Manage View: Users can create and manage multiple views of the same report. This enables you to view the report based on different parameters such as time, domain, source, etc. The different views will be generated from the same set of log data.
- Manage Pre-defined Reports: Users can now personalize the arrangement of reports based on their specific requirements.
- Notification Template: Users can now customize notification messages and recipient lists for specified events, enabling them to receive email or SMS alerts as needed.
- Windows Group Reordering: Windows reports have been reorganized for improved usability through group reordering, and a few obsolete reports have been removed.
- Increase in Real-Time Devices: The earlier restriction of 25 real-time devices for a Log360 cloud account has been increased to allow 25 real-time devices per agent. This will enable users to configure as many real-time devices as required by using multiple agents.
- Streamlining Device Selector Window: While adding devices for log collection, the device selector window will not display devices that have already been added. If there are no more devices to be added from a domain, a message saying "All devices are already added" will be shown.
-
Fixes
-
- The log collector has been improved for stabilized operation from crashes. This will enhance seamless log collection.
- Duplication of devices that share IP addresses or other factors will no longer occur as they will be differentiated using a unique ID or the FQDN.
- Performance issues associated with exporting 100,000 log records from a larger data pool of around 10 million records have been resolved.
- Released on 12 January 2024
-
New Feature
-
- Threat Alert Profile Creation: Users can now create a threat alert profile by enabling either default or advanced threat analytics, or upon purchasing a license.
-
Enhancements
-
- Automatic device inclusion in threat alert profiles: A new checkbox has been added to the alert profile creation page for threat profiles. When selected, it automatically adds all current and future devices to the threat alert profile, ensuring comprehensive monitoring without the need for manual updates.
-
Issue Fixes
-
- This release includes several hotfixes, enhancing the stability and performance of Log360 Cloud.
- Released on 29 December 2023
-
New feature
-
- New out-of-the-box compliance reports: Audit ready and out-of-the-box compliance reports are now available for the following compliance standards:
- Saudi Arabian Monetary Authority (SAMA)
- Criminal Justice Data Communications Network (CJDN)
- Systems and Organization Controls (SOC 2)
- Qatar Cybersecurity Framework (QCF)
- Trusted Information Security Assessment Exchange (TISAX)
- Kingdom of Saudi Arabia Essential Cybersecurity Controls (ECC)
- Saudi Arabia's Personal Data Protection Law (PDPL)
- United Arab Emirates National Electronic Security Authority (UAE-NESA)
- General Law for the Protection of Personal Data (LGPD)
These out-of-the-box compliance reports will help monitor the security posture of the network, and stay compliant to the respective compliance mandates.
- Released on 21 December 2023
-
Issue fix
-
- A critical issue related to the configuration of the active directory audit policy from the account settings page has been fixed.
- Released on 06 December 2023
-
Enhancements
-
- Active Directory Object Level Auditing: Automatic configuration for AD object level auditing is now supported.
- Released on 23 November 2023
-
New feature
-
- Log360 Cloud can now audit GPO changes, thereby enhancing security and visibility into the Active Directory infrastructure.
- Released on 14 November 2023
-
New feature
-
- Professional Edition: Exclusive edition to cater to custom log retention needs, starting at $1,995. With this edition you get:
- Storage: Default 150GB
- Search Retention: 90 days.
- Storage Retention: Customizable by the user.
- Standard Plan update: Standard Plan now starts at $995, with 150GB default storage.
- Released on 07 November 2023
-
Enhancements
-
- OU filter performance was enhanced.
-
Fixes
-
- The error "Domain already exists" on adding two different domains of the same name has been fixed.
- Search export button visibility issue has been fixed.
- Time zone mismatch between the search page and my-accounts page has been fixed.
- Default fields missing issue in Search Add/Remove feature has been fixed.
- Non security group logs in security group reports issue has been fixed.
- Released on 03 November 2023
-
New Features
-
-
Fixes
-
- Issues related to Domain Objects synchronization have been fixed.
\
- Released on 16 October 2023
-
Fixes
-
- Parsing issues in the following Palo Alto device type reports have been fixed:
- VPN Logon Success
- VPN Logon Failed
- Firewall Logon Success
- Firewall Logon Failed
- Fixed the DFS bottleneck issue, and enhanced the file data storage during job submission.
-
Enhancements
-
- Default support for standard syslog protocol in Sophos format has been added.
- Released on 04 September 2023
-
Fix
-
- The release fixes the delegation mapping omission for client users, ensuring a smoother account setup process.
- Released on 26 August 2023
-
New Features
-
- Language update: Log360 Cloud now additionally supports Japanese and Simplified Chinese.
- Audit logs from Dell, Forcepoint and Stormshield devices: Log360 Cloud now supports log collection and offers pre-defined reports from Dell, Forcepoint and Stormshield devices.
-
Enhancements
-
- The release supports revamped reports for network devices.
-
Fixes
-
- The release fixes few usability bugs, UI and log parsing issues.
- Released on 06 July 2023
-
Enhancements
-
- A Bulk Refresh IP option has been added in the "Other devices" page in device configuration settings. This allows the other device users to bulk refresh their IPs.
- The cloud account configuration, AWS fields and data source configuration have been revamped.
- Enhancements have been made to cloud protection usability, alert, and correlation criteria matching.
-
Fixes
-
- This release fixes the space issue in the "To address" tab in alert email notification.
- The Meraki firmware upgrade which caused the parsing issue of Meraki logs has also been fixed.
- Released on 26 June 2023
-
Fixes
-
- This release fixes the log collection issue in Microsoft 365 caused by excessive data, ensuring proper collection of logs.
- Released on 25 April 2023
-
New
-
- Log360 Cloud MSSP is now available for managed security service providers. Learn more.
-
New features
-
- New Cloud Protection dashboard tab has been added in Log360 Cloud Home
- Cloud Protection tab can be now filtered with date-time range.
-
Enhancements
-
- UI enhancements have been made in the Manage Gateway Server, CA Certificate page & Certificate Trust Store page
- Enhancements have been made in Banned Applications and Sanctioned Applications
- Remarks column is added in Add New Cloud Applications to Sanctioned List/Banned List with a popup to notify users about conflicting configurations.
-
Fixes
-
- When PAC Proxy is chosen in Gateway Server configuration, an issue related to handling multiple choices is now fixed.
-
Troubleshoot
-
- Troubleshoot link is now provided in Gateway Servers list page along with error status codes.
- New Gateway Server error status codes for low disk space, sync failure, PAC proxy error are handled
- Released on 18 April 2023
-
New Feature
-
- Improved Incident Dashboard: An Incident Overview dashboard has been added to show the status of incidents and provide analysts with the insights to take better incident response measures.
- Audit Logs from VMWare ESXi Device: Log360 Cloud now supports log collection from ESXi Devices. This allows you to audit login/logoff events, VM state changes, VMWares System Events and Server Events.
- Support Access: Administrators and operators can now share data during debugging to provide optimal support. When enabled, they will be able to provide view or modify access to their app account data with the Log360 Cloud's support team for a specified time.
- Storage Estimation: Users can now estimate the amount of storage they need to purchase based on their devices and events requirements.
- Historic Log Collection: Administrators can now retrieve the past logs for a particular device based on the time range given by them.
- Listener Ports: Syslog listener port handling has been moved from Manage Agents to Listener Ports to efficiently configure and manage the syslog ports.
-
Enhancements
-
- Added end-to-end encryption for data in transit between the Log360Cloud server & its agents using industry standard AES-256 protocol.
- Peer device verification force enabled in all agents
-
New Feature
-
- Inventory Synchronization: When Windows Devices are renamed in Active Directory, the updated names will be reflected in Log360 Cloud. When Windows Devices are deleted from Active Directory, they will be shown as decommissioned devices in Log360 Cloud.
- Real-time log collection - Windows logs can now be collected in real time via agent-based log collection
- Log collection filter - User can now add filters for log collection for Windows and Syslog Devices to exclude or collect the logs which are only required to save storage and network bandwidth
-
Enhancements
-
- Password and username can be simultaneously updated for multiple devices.
- The IP address can be updated by refreshing all devices or selected devices in Log360 Cloud.
-
New Feature
-
- Log360 cloud now supports Microsoft 365 auditing. Users can add multiple tenants to gain insights on usage, accesses, and modifications to spot anomalies and prevent breaches.
-
Enhancements
-
- Log sources: when click action is implemented in event counts & last 10 events shown in Devices and Cloudsources table, log data will be displayed in drilldown popup.
- Dashboard: Recent-alerts widget is introduced. Most of the dashboard widgets will have drilldown popup, which will show the underlying data of the widget report. You can export the data for further analysis.
- Alerts and incidents: Clicking more details on correlation alerts ,will display correlation data in timeline view.
- Device management settings: On clicking the last 10 events present in last message time column of devices, syslogs table , log data will be displayed in drilldown popup.
- Sorting option has been added to the reports table on the reports page.
-
New Feature
-
- Log360 Cloud now supports data storage in the AU Data Center too.
-
Enhancements
-
- Log360cloud now lets you configure preferences on an organization level through the Product Settings Page.
- Log360cloud now lets you customize preferences on a user level through the My Accounts Page.
- Log360Cloud now has Working Hours Settings which provides the following capabilities:
- The ability to generate trend reports to analyse network patterns during the working and non-working hours of your organization.
- Option to trigger Collector Down Notification based on the working, non-working or the custom hours set by the admin.
-
Fixes
-
- This release fixes ZVE-2022-2665 vulnerability which restricted guest users from performing Device Groups actions.
-
Fixes
-
- This release fixes ZVE-2022-2671 vulnerability where the guest user can enable/disable compliance therefore committing privilege escalation, reported by Amit khandebharad.
-
New features
-
- Log360 Cloud now helps you to forward the logs collected from configured sources to a specific AWS account storage.
- The Manage Gateway Server page has been revamped to assist in detecting and debugging gateway server configuration issues. It includes:
- Sync status and comparison of Gateway Server health properties.
- Manual sync option between the Gateway Server and Log360Cloud Cloud Protection server.
-
Enhancements
-
- Log360 Cloud now has two set of license packages (Basic and Standard).
- Log360 Cloud now provides card-less trial to explore the product features.
- Log360Cloud now has enhanced cloud access security broker (CASB) functionality by,
- All configuration information will be zipped before transfer to reduce the communication time between the Log360Cloud server and the Gateway Server.
- The browser name parsing engine has been updated to include the latest user agent details.
- The PAC script used in proxy chain configuration will now be fetched automatically every 60 minutes.
- Rules used for file upload detection have been updated for the cloud applications under the domains namely Microsoft365, Zoho, Box.
-
Issue Fixes
-
- A Gateway Server uninstallation issue that left a few files undeleted in the server has been fixed.
-
New feature
-
- Log360 Cloud now offers event correlation capabilities.
- You can now configure threshold for alerts in Log360 Cloud.
-
Enhancements
-
- The agent down notifications will not be sent during agent upgrades.
- Issues in agent upgrade have been fixed.
-
New feature
-
- Log360 Cloud now provides out-of-the-box compliance reports for the Protection of Personal Information Act (POPIA) and the California Privacy Rights Act (CPRA).
-
New Features
-
- Log360 Cloud now offers a Threat Management console to detect and track malicious content.
- Log360 Cloud now provides Advanced Threat Analytics. You can now get crucial information on the severity of threats when potentially malicious URLs, domains, and IP addresses intrude into the network.
-
New Features
-
- Log360 Cloud now offers audit reports to track the actions that admins and technicians perform with the tool.
- The solution now has pre-defined reports for the below compliance mandates,
- Code of Connection (CoCo)
- Family Educational Rights and Privacy Act (FERPA)
- Gramm-Leach-Bliley Act (GLBA)
- Information Security Level Protection (ISLP)
- North American Electric Reliability Corporation Critical Infrastructure Program (NERC CIP)
- National Institute of Standards and Technology (NIST)
- Nuclear Regulatory Commission (NRC)
- Philippines Data Privacy Act (PDPA)
- Cybersecurity Maturity Model Certification (CMMC)
-
Enhancements
-
- Log360 Cloud now adds ServiceDesk Plus Cloud to the list of software that can be added in Ticketing Tools.
- Log360 Cloud now provides notifications when the maximum limit for alerts is reached, which is 5000 for each alert profile.
-
New Features
-
- Log360 Cloud now helps you streamline security incident management.
- Investigate and track security incidents.
- Create incidents and assign technicians to investigate them.
- Track the status, severity, and the progress made in the investigation of incidents.
- You can now map triggered alerts, reports, and log search results as incidents and assign a technician to investigate them.
- Log360 Cloud now provides notifications for important events in users' network via both email and SMS. It provides notifications for the following actions:
- Access Key Regeneration
- Account Termination
- Agent Down
- GDPR Enabled
- Reload Historical Logs
- Storage Threshold Reached
- User Management
- Log360 Cloud now provides the option to reload historical logs.
-
New Feature
-
- The option to switch Data centers during signup is now available. This enables storage of customer data in the Europe (EU) DataCenter also.
-
Enhancement
-
- The light weight agent of Log360 Cloud now replaces the heavy agent used for collecting logs from Windows and Linux devices.
-
New Feature
-
- Log360 Cloud now has pre-defined audit report templates for major compliance regulations such as the GDPR, SOX, FISMA, PCI-DSS, and more.
-
Enhancements
-
- The Graphical User Interface of the reports has been revamped for providing enhanced insights.
-
Enhancement
-
- The dashboard can be customized. The option to add interactive graphical dashboards as widgets is now available.
-
Issue fix
-
- Issue with updating dashboard data when devices are added has been fixed.
-
New features
-
- Search results can now be saved as tags, exported, and new reports and alert profiles can be created from a saved search.
- Alerts: A range of predefined and customizable alert profiles can now be configured.
-
New features
-
- Log360 Cloud now has pre-defined reports for the Cyber Essentials compliance mandate.