Open Collector 2023.08 Release Notes

August 2023 Release Details

The 2023.08 release of Open Collector requires Knowledge Base version 7.1.671.0 (or above).

Software Component	Version Number	New Version?
Open Collector	5.6.18	Yes
LRCTL Script	6.0.1
LRCTL Container	6.5.13	Yes
LRJQ	5.1.4
Metrics	6.0.4
OC Pipeline	5.1.7
OC-Admin	6.0.12	Yes
OC-DB	6.0.2
AWS S3 Beat	6.2.2
Azure Event Hubs Beat	6.0.8
Carbon Black Cloud Beat	6.0.7
Cisco AMP Beat	6.1.6
Darktrace Beat	6.0.0
Duo Authentication Security Beat	6.0.5
Generic Beat	6.1.2
Gmail Message Tracking Beat	6.0.3
GSuite Beat	6.0.4
Kafka Beat	6.0.6
Microsoft Graph API Beat	6.0.5
Okta Beat	6.0.4
Prisma Cloud Beat	6.0.1
Proofpoint Beat	6.0.3
PubSub Beat	6.0.3
Qualys FIM Beat	6.0.5
Salesforce Beat	6.0.0	Yes
Sophos Central Beat	6.0.3
Symantec WSS Beat	6.0.3
Webhook Beat	6.1.6

New Features

Feature or Beat	Description	Relevant Documentation Updates
Salesforce Beat	A new Beat has been added: the Salesforce Beat, allowing for the collection of Salesforce Audit logs within the Open Collector.	Salesforce Beat

Resolved Issues

Bug ID	Found in Version	Release Notes
ENG-34476	2023.05	New deployments added to the OC Admin Pipeline Properties window no longer disappear when the page is refreshed.
ENG-40188	2023.07	Using OC Admin to generate pipeline augmentations no longer results in parsing errors. Previously deployed pipelines will need to be re-deployed with the new version of OC Admin for this fix to take effect.

Known Issues

Defect ID

Components

Release Notes

DE15285

Beats: G Suite

Issue: The GSuite Beat OAuth URL fails when the browser attempts to resolve to localhost.

Expected Results: The OAuth URL should be formatted correctly and grants access.

Workaround: When the localhost timeout page is reached, the Auth Code can be pulled from the URL. The code is in between "token&=" and "&scope". Copy the data in between those entries in the URL and paste it at the Auth Code prompt, at which point collection will commence.