Customers on Data Lake i33.x or later versions can upgrade directly to Data Lake i40 to take advantage of the following new features and improvements:
An Enhanced Reindexing Experience for Admins
Reindexing operations no longer compete with ongoing ingestion for resources. They now use only available resources, so they can be safely run at any time. You can also track ongoing reindexing jobs and view the history of past jobs.
For more information, see Reindex Operations.
Get More from Your Data with an Additional Syslog Destination
To leverage event data from Site Collector for additional IT operations, you can now add a secondary Syslog destination in SaaS deployments. The secondary destination can be used for a variety of purposes, such as gaining additional insights from your data in non-security applications, satisfying legal requirements for storing data, easing cloud adoption and migration, and supporting disaster recovery operations. The secondary destination can be located on premises or in a virtual environment.
For more information, see Add a Secondary Syslog Destination.
Miscellaneous Improvements and Updates
Filtered search results can now be exported to PDF files.
Context tables can now be enriched with user attributes from Azure Active Directory. These attributes can in turn be used as search filters. See Azure AD Context Enrichment.
You can now delete archived snapshots from the NFS drive. See Delete Snapshots from the Archive.
The Advanced Settings page has been redesigned and streamlined to include only supported settings.
Exported query results now include a CSV file that reports any errors that occurred in the query. The addition of the error report provides a clear picture of your results set.
To enhance the security of cloud-delivered services, Security-Enhanced Linux (SELinux) is enabled by default in Data Lake.
Data Lake now includes a user interface for upgrading site collectors to the latest software. See Upgrade Exabeam Site Collector.
The primary Site Collector now supports network ports 1194 and 443 for OpenVPN to simplify the installation process.
Orphaned collectors can now be manually removed 15 days after being uninstalled. See Remove an Uninstalled Collector from the Collector Management Page.
eStreamer now uses the eNcore version 3.7.4 library.
Customers on Data Lake i40.1 or later versions can take advantage of the following new features and improvements:
The cluster charts provided in Data Lake have been improved to provide more relevant and useful information to customers.
Metadata processing in Site Collector and supported collection agents has been optimized to include only fields that provide significant value.