Data LakeExabeam Data Lake Release Notes

What's New

This release of Data Lake arrives with some very powerful and handy use cases for the Security Analyst in addition to other system stability and maintainability improvements.

Data Lake I36 features include:

Update Security Content Over Cloud

Stay update with threat filters using Exabeam's security content parsers downloaded on a regular basis from the cloud. If you choose to, you can also upload your own customized security content parsers or remove obsolete ones. For more information, see Manage Security Content in Exabeam Data Lake .Manage Security Content in Exabeam Data Lake

Syslog Forwarding Rate Configuration

Manage syslog forwarding volumes from Data Lake to log recipients. Balance the output of Data Lake log forwarding with ingestion limits at destination endpoints. Configure maximum throughput between 3,000 to 55,000 events per second. For more information, see Configure Log Forwarding Rate .Configure Log Forwarding Rate

Exporting Large Volume Query Results

Up to 10 million records can be exported to CSV files for each query. You can choose to chunk results into 10k, 50k, 100k, 250k, and 1M records per CSV file.

PDF exports are available for reports and dashboards with up to 5 monthly scheduled reports per time window and 20 nested objects.

Improved Correlation Rules Monitoring

In some cases, correlation rules trigger their suspension and require correction before resuming. You can verify the status of correlation rules by querying the Exabeam audit logs. For more information, see "How to Find Disabled or Erred Correlation Rules" in How to Forward Alerts Using Correlation Rules in Exabeam Data Lake.How to Forward Alerts Using Correlation Rules in Exabeam Data Lake

Improved Parser Management Controls

As custom parsers can wrack havoc on system performance, Exabeam continue to make improvements to allow you control and visibility to your parsers. You can select how host resources are allocated. Parsers performance will be weighted against your performance preference. Parsers that cross performance thresholds are suspended. You can review parser statistics and resume a suspended parser as you need to. For more information, see Parser Management .Parser Management

Exabeam Site Collector Egress Filtering

Optimize logs ingested by the Exabeam Site Collector by applying additional filters before forwarding. Configure correlation rules to the site collector to focus your data and reduce the load for the log recipient. For more information, see Filtering Outbound Logs in Exabeam Site Collector.Filtering Outbound Logs in Exabeam Site Collector

Smartctl Added to System Monitoring

smartctl is now part of Exabeam's tools to monitor cluster nodes. With smartctl, hard drive failures will be detected more readily.