2023.11 Release Notes
MistNet NDR has been renamed LogRhythm NDR.
During a transition period, you will see both names referenced in our documentation. In a later release, the user interface (UI) will be updated to include only references to LogRhythm NDR. At that time, our documentation will also be updated only to reference LogRhythm NDR.
Enhancement of DNS & DGA Anomaly Models by Limiting Traffic
DNS and DGA models will not use traffic if the source, ext_info, domain_info, and domain fields end with or contain any of the following:
in-addr.arpa
ip6.arpa
servicebus.windows.net
ldap._tcp
ipv6-literal.net
cluster1.e1350
If a particular query contains whois.arin.net, whois.internic.net, and http://arsys.es/dominios/whois the traffic will not be used.
Resolved Issues
Bug ID | Salesforce Case ID | Release Notes |
|---|---|---|
ENG-39454 | 00477428 | Data is now available as intended in the new and legacy UI. |
ENG-41025 | 00472003 | Data now loads correctly in GUI once Elasticsearch is restarted. |
ENG-41011 | 00472003 | Cluster Index status now works as expected. |
ENG-41371 | 00473803 | Mistnet Events in the Incidents tab and the Hunt tab now load without any error. |