- What's New
- Known Issues in Data Lake SMP 2021.1 DL-i36 General Availabiltiy
- Fixed Issues in Data Lake SMP 2021.1 DL-i36 General Availability
- Issues Fixed in Data Lake i36.7
This release of Data Lake arrives with some very powerful and handy use cases for the Security Analyst in addition to other system stability and maintainability improvements.
Data Lake I36 features include:
Update Security Content Over Cloud
Stay update with threat filters using Exabeam's security content parsers downloaded on a regular basis from the cloud. If you choose to, you can also upload your own customized security content parsers or remove obsolete ones. For more information, see Manage Security Content in Exabeam Data Lake .
Syslog Forwarding Rate Configuration
Manage syslog forwarding volumes from Data Lake to log recipients. Balance the output of Data Lake log forwarding with ingestion limits at destination endpoints. Configure maximum throughput between 3,000 to 55,000 events per second. For more information, see Configure Log Forwarding Rate .
Exporting Large Volume Query Results
Up to 10 million records can be exported to CSV files for each query. You can choose to chunk results into 10k, 50k, 100k, 250k, and 1M records per CSV file.
PDF exports are available for reports and dashboards with up to 5 monthly scheduled reports per time window and 20 nested objects.
Improved Correlation Rules Monitoring
In some cases, correlation rules trigger their suspension and require correction before resuming. You can verify the status of correlation rules by querying the Exabeam audit logs. For more information, see "How to Find Disabled or Erred Correlation Rules" in How to Forward Alerts Using Correlation Rules in Exabeam Data Lake.
Improved Parser Management Controls
As custom parsers can wrack havoc on system performance, Exabeam continue to make improvements to allow you control and visibility to your parsers. You can select how host resources are allocated. Parsers performance will be weighted against your performance preference. Parsers that cross performance thresholds are suspended. You can review parser statistics and resume a suspended parser as you need to. For more information, see Parser Management .
Exabeam Site Collector Egress Filtering
Optimize logs ingested by the Exabeam Site Collector by applying additional filters before forwarding. Configure correlation rules to the site collector to focus your data and reduce the load for the log recipient. For more information, see Filtering Outbound Logs in Exabeam Site Collector.
Smartctl Added to System Monitoring
smartctl is now part of Exabeam's tools to monitor cluster nodes. With
smartctl, hard drive failures will be detected more readily.