Skip to main content
Skip table of contents

Open Collector 2023.06 Release Notes

June 2023 Release Details

The 2023.06 release of Open Collector requires Knowledge Base version 7.1.667.0 (or above).

Software ComponentVersion NumberNew Version?

Open Collector

5.6.17

Yes

LRCTL Script

6.0.1


LRCTL Container

6.5.11

Yes

LRJQ

5.1.4


Metrics

6.0.4


OC Pipeline

5.1.7


OC-Admin6.0.11
OC-DB6.0.2

AWS S3 Beat

6.2.2

Yes

Azure Event Hubs Beat

6.0.8


Carbon Black Cloud Beat

6.0.7


Cisco AMP Beat

6.1.6


Darktrace Beat6.0.0Yes

Duo Authentication Security Beat

6.0.5


Generic Beat

6.1.2


Gmail Message Tracking Beat

6.0.3


GSuite Beat

6.0.4


Kafka Beat

6.0.6


Microsoft Graph API Beat6.0.5

Okta Beat

6.0.4


Prisma Cloud Beat6.0.1

Proofpoint Beat

6.0.3


PubSub Beat

6.0.3


Qualys FIM Beat

6.0.5


Sophos Central Beat

6.0.3


Symantec WSS Beat6.0.3

Webhook Beat

6.1.6


New Features

Feature or BeatDescriptionRelevant Documentation Updates
Darktrace BeatA new Beat has been added: Darktrace Beat.Darktrace Beat
MS Graph API BeatThe MS Graph API Beat now includes a log source virtualization template for configuring the log source in the SIEM.Configure the Microsoft Graph API Beat Log Source in the SIEM

Improvements

Feature or BeatDescriptionRelevant Documentation Updates
Open Collector InstallationThe Open Collector can now be deployed using Red Hat 9.Install RedHat Enterprise 8
MS Graph API BeatThe MS Graph API Beat now allows for parsing support.Configure the Microsoft Graph API Beat Log Source in the SIEM

Resolved Issues

Bug IDFound in VersionRelease Notes
ENG-326812023.04Empty JSON key names and JSON key names including dots are now correctly quoted in JQ.

Known Issues

Defect IDComponentsRelease Notes
DE15285Beats: G Suite

Issue: The GSuite Beat OAuth URL fails when the browser attempts to resolve to localhost.

Expected Results: The OAuth URL should be formatted correctly and grants access.

Workaround: When the localhost timeout page is reached, the Auth Code can be pulled from the URL. The code is in between "token&=" and "&scope". Copy the data in between those entries in the URL and paste it at the Auth Code prompt, at which point collection will commence.

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.