Advanced Analytics i63.5
The following issues were addressed in Advanced Analytics i63.5:
Issue ID | Description |
|---|---|
CONT-17429 | To reduce false positive alerts and provide more accurate threat detection, the scoring system for IP addresses collected from threat detection services has been modified. The default score for IP addresses, as assigned in the For a list of the rule score changes, see Scoring Updates for IP Threat Rules in the Security Content Release Notes. |
EXA-31707 | Fixed an issue encountered during threat hunting where the Data Upload size was mislabeled as MB instead of MiB. The UI label is now corrected. |
EXA-35817 | Fixed an issue with model calculations that affected up to 320 rules. The model threshold calculation incorrectly evaluated event counts as anomalous based on outdated model snapshot data, causing rules to be either over or under triggered. With this fix, the percentile threshold count is now always calculated based on the latest model snapshot data instead of cached snapshots. This fix does not change the underlying calculation logic for the percentile threshold count. |
EXA-36685 | Fixed an issue on asset timeline pages where setting a date/time ahead of the current time resulted in an error that required the page to be reloaded. With this fix, a No more data message is displayed to indicate that data for future dates does not yet exist. |
EXA-36703 | Fixed a processing issue where Alert Triage did not raise alerts from some third-party vendors. |
EXA-36988 | Fixed an issue on the Exabeam Rules page where the Action drop-down menu was not fully visible on the last rule in the search list. |
EXA-37190 | On the System Activity page, the text color has been changed to make it visible in Day Mode. |
EXA-37376 | Fixed an issue where asset timelines could not load domain controller timelines. When this occurred the timeline would appear to hang without loading data. This was due to an error with the logic for defining asset IDs by IP address or hostname. |
EXA-37380 | Fixed an issue on the Timeline pages where the screen would hang and Timeline buttons would become disabled. |
EXA-37441 | Fixed an issue where Data Insights and Rule Definitions were not available for some processes when |
EXA-37559 | Introduced an enhancement to improve performance related to reprocessing time after Advanced Analytics restarts. With this enhancement, the time required to analyze logs during the downtime is now significantly decreased. |
EXA-37788 | Fixed an issue with worker nodes that caused processing delays when an empty event list was encountered. With this fix, worker nodes can now proceed with processing to avoid any additional delays and provide additional helpful details in the log. |
NGPM-1425 | Fixed a link on the Exabeam Engine page for initiating UIP Log Reprocessing through Customer Support. |
PLT-13600 | Fixed an issue that caused excessive delays with audit log ingestion times and anomaly notifications. |