Advanced Analytics i62.5
Advanced Analytics i62.5 includes the following addressed issues:
Issue ID | Description |
|---|---|
CONT-17429 | To reduce false positive alerts and provide more accurate threat detection, the scoring system for IP addresses collected from threat detection services has been modified. The default score for IP addresses, as assigned in the is_ip_threat field, has been changed from a score of 40 to a score of 1. |
EXA-31707 | Fixed an issue encountered during threat hunting where the Data Upload size was mislabeled as MB instead of MiB. With this fix, the UI label is now corrected. |
EXA-36247 | Fixed an issue where incidents manually added to a user timelines in Advanced Analytics did not appear on the Incident Responder homepage when no filters were applied. |
EXA-36303 | Fixed an issue with the search feature on the Exabeam Rules page that led users to incorrectly assume search results had fully rendered and before they were fully rendered. To prevent users from launching additional searches before their original searches are completed, the search function is now disabled until the search results are fully rendered. |
EXA-36368 | Fixed an issue where the analytics engine (Martini) was not following the |
EXA-36432 | Fixed an issue that sometimes caused timeline pages to hang when users scrolled on them, requiring users to reload the page to continue loading timeline events. |
EXA-36534 | Fixed an issue with user profile views that caused Top Peer Group information to overlap with the Risk Score box. |
EXA-36685 | Fixed an issue on asset timeline pages where setting a date/time ahead of the current time resulted in an error that required the page to be reloaded. With this fix, a “No more data” message is displayed to indicate that data for future dates does not yet exist. |
EXA-36694 | Fixed an issue affecting non-admin users that caused them to experience slow-loading pages when navigating Advanced Analytics, and to incorrectly receive the following message: "You do not have sufficient privileges to view this section. |
EXA-36703 | Fixed a processing issue where Alert Triage did not raise alerts from some third-party vendors in a single-node environment. |
EXA-36760 | Fixed an issue in Risk Reasons tables that occasionally caused content in the Description column to render incorrectly. |
EXA-36988 | Fixed an issue on the Exabeam Rules page where the Action drop-down menu was not fully visible on the last rule in a search list. |
EXA-37376 | Fixed an issue where asset timelines could not load domain controller timelines. When this occurred the timeline appeared to hang without loading data. This was due to an error with the logic for defining asset IDs by IP address or hostname. |
EXA-37441 | Fixed an issue where Data Insights and Rule Definitions were not available for some processes when |
PLT-13096 | Fixed an issue in which the software was unable to fetch the Exabeam license expiration date, which incorrectly triggered an alert stating that the customer’s Exabeam license was expiring soon. |
PLT-13297 | Fixed an issue that intermittently purged data from custom context tables, causing rules to trigger incorrectly or not at all. To repopulate the affected context tables, users had to test their LDAP connections. With this fix, context tables are no longer erroneously purged. |
PLT-13444 | Fixed an issue in which audit logs for changes made to notifications were not appearing in MongoDB (the persistence database). |
PLT-13446 | Fixed an issue where adding context sources with New-Scale Site Collectors and LDAP agents failed to generate context. These context sources were also mistakenly identified as Azure AD on the Context Management page. |
PLT-13483 | Fixed an issue where users would log in to Advanced Analytics and then be prompted to log in again instead of being redirected to the Exabeam Cloud Platform page. |
PLT-13492 | Fixed a license processing issue that caused delays in navigating from the Exabeam Cloud Platform to Data Lake and Advanced Analytics. |
PLT-13571 | Fixed an issue that prevented context tables from populating when data in the first column of context records began with a # character. To correct this issue, parsing support for the data starting with # character has been added. |
PLT-13648 | Fixed an issue with broken HTML tags in the Feed Indicator Sample listings which affected data formatting and distorted the Indicator in Context Tables numbers on the Threat Intelligence Feeds page in Cloud Config settings. |
PLT-13813 | Fixed an issue that prevented context data from being pulled from domains with dash characters (-) in their filenames. |