Open Collector 2023.06 Release Notes
June 2023 Release Details
The 2023.06 release of Open Collector requires Knowledge Base version 7.1.667.0 (or above).
Software Component | Version Number | New Version? |
---|---|---|
Open Collector | 5.6.17 | Yes |
LRCTL Script | 6.0.1 | |
LRCTL Container | 6.5.11 | Yes |
LRJQ | 5.1.4 | |
Metrics | 6.0.4 | |
OC Pipeline | 5.1.7 | |
OC-Admin | 6.0.11 | |
OC-DB | 6.0.2 | |
AWS S3 Beat | 6.2.2 | Yes |
Azure Event Hubs Beat | 6.0.8 | |
Carbon Black Cloud Beat | 6.0.7 | |
Cisco AMP Beat | 6.1.6 | |
Darktrace Beat | 6.0.0 | Yes |
Duo Authentication Security Beat | 6.0.5 | |
Generic Beat | 6.1.2 | |
Gmail Message Tracking Beat | 6.0.3 | |
GSuite Beat | 6.0.4 | |
Kafka Beat | 6.0.6 | |
Microsoft Graph API Beat | 6.0.5 | |
Okta Beat | 6.0.4 | |
Prisma Cloud Beat | 6.0.1 | |
Proofpoint Beat | 6.0.3 | |
PubSub Beat | 6.0.3 | |
Qualys FIM Beat | 6.0.5 | |
Sophos Central Beat | 6.0.3 | |
Symantec WSS Beat | 6.0.3 | |
Webhook Beat | 6.1.6 |
New Features
Feature or Beat | Description | Relevant Documentation Updates |
---|---|---|
Darktrace Beat | A new Beat has been added: Darktrace Beat. | Darktrace Beat |
MS Graph API Beat | The MS Graph API Beat now includes a log source virtualization template for configuring the log source in the SIEM. | Configure the Microsoft Graph API Beat Log Source in the SIEM |
Improvements
Feature or Beat | Description | Relevant Documentation Updates |
---|---|---|
Open Collector Installation | The Open Collector can now be deployed using Red Hat 9. | Install RedHat Enterprise 8 |
MS Graph API Beat | The MS Graph API Beat now allows for parsing support. | Configure the Microsoft Graph API Beat Log Source in the SIEM |
Resolved Issues
Bug ID | Found in Version | Release Notes |
---|---|---|
ENG-32681 | 2023.04 | Empty JSON key names and JSON key names including dots are now correctly quoted in JQ. |
Known Issues
Defect ID | Components | Release Notes |
---|---|---|
DE15285 | Beats: G Suite | Issue: The GSuite Beat OAuth URL fails when the browser attempts to resolve to localhost. Expected Results: The OAuth URL should be formatted correctly and grants access. Workaround: When the localhost timeout page is reached, the Auth Code can be pulled from the URL. The code is in between "token&=" and "&scope". Copy the data in between those entries in the URL and paste it at the Auth Code prompt, at which point collection will commence. |