March 2024
Analytics & Reporting Cloud
Version: 4.8
Mar 28, 2024
New Features
-
DG Rule Component List Editing
You can now add values to or delete values from component lists that you created in the DGMC directly from the Administration & Configuration pane in Fortra. To access component lists in Fortra, click Event Detection > Watchlists on the Administration & Configuration pane. For more information, refer to “Updating Component Lists” in the online help.
Enhancements
-
Policy Option Renamed Event Detection
To more closely align with the content of the option, Fortra renamed the Policy entry on the Administration & Configuration pane to Event Detection. The contents of the option remain the same—Detection Rules, Event Filters, and Watchlists.
-
Enhanced Administration & Configuration Pane
To prepare for upcoming efforts to streamline workflows, Fortra made minor enhancements to the Administration & Configuration pane. The enhancements include changes to align our portfolio of products to a unified user experience, removing feature icons from the menu options, and listing the options in alphabetical order.
Fixes
-
Resolved a problem where the Sample Match icon was not being displayed for send mail events in tables. In addition, it was not being displayed for email attachments.
-
Resolved an issue where it was not possible to view the details for an incident.
-
Resolved a problem with the DG Insights report where the format of the report was not correct. It did not match earlier versions and was not possible to read.
February 2024
Analytics & Reporting Cloud
Version: 4.7.0
Feb 25, 2024
New Features
-
DG SCIM API Available for External Access
System for Cross-Domain Identity Management (SCIM) is an open standard that allows automation of user provisioning. Already in use by the Digital Guardian product, the DG SCIM API implementation is now accessible so you can use it for your custom identity management integrations. For additional information, refer to “Custom SCIM Connector” in the online help.
Enhancements
-
Enhanced Incident Details Timeline
-
Improved organization—the enhanced timeline allows you to consolidate all relevant events into a single, easy-to-read display. This helps you gain a comprehensive overview of the sequence of events, making it easier to identify patterns, dependencies, and potential issues.
-
Enhanced analysis—the enhanced timeline expands to include more details, enabling you to delve deeper into each event and gain a better understanding of its context. This can help you identify the root causes of incidents, track progress, and make informed decisions.
-
Efficient communication—the enhanced timeline provides a concise display that enables you to communicate complex information more effectively. It allows stakeholders to grasp the sequence of events and understand the impact of each event on the overall situation quickly. This can be particularly useful while managing incidents or when sharing updates with stakeholders.
-
Streamlined collaboration—the enhanced timeline provides a shared reference point for all stakeholders involved in an incident. It helps align efforts, facilitates collaboration, and ensures everyone is on the same page. This can lead to improved coordination, faster decision-making, and more efficient problem-solving.
-
Scalability—the expandable timeline accommodates additional events as they occur without cluttering the display, allowing you to maintain a clear overview as new information becomes available.
-
-
Enhanced Bundle Replay for Stability and Performance
To enhance stability during bundle replays, ARC imposes a 120-day time limit on the replay process. In a single replay request, you can revisit up to 120 days of data. To replay more than 120 days, create multiple requests. For instance, to replay an entire year of data, generate four separate replay requests.
Fixes
-
Resolved an issue where a custom report is not applying the nested filter for the report correctly, returning incorrect data.
-
Resolved an issue where a streaming profile that specified the server process time was not applying the specified time format.
December 2023
Version: 4.6.0
Dec 6, 2023
New Features
-
Added and Enhanced Data Export Formats. To make exporting data from ARC more straightforward and improve performance, there are now three export formats, not two: JSON, JSON Table, and JSON Flattened Table. If you have existing export profiles that use the previous JSON format, they will now use JSON Flattened Table format so the exported data will be the same.
Fixes
-
Resolved a problem where the ANY and ALL filter operators were not working as expected in an ARC filter.
-
Resolved a problem where a customer’s detection was not matching or filtering on entries as expected.
-
Resolved an issue in which a customer’s scheduled reports were not honoring the where clauses in filters, causing the reports to include incorrect information.
-
Resolved an issue where underscore characters (_) in domain names were causing Azure AD LDAP sync not to work for a customer.
-
Resolved a problem that prevented reporting about component status from Computer Inventory information.
September 2023
Version: 4.5.0
September 6, 2023
New Features
-
Added Download Attachments Option on Incident Details Workspace
When you are working with one or more incidents in the Incident Details WS, you can now download the files attached to the incidents. The Download Attachments option downloads the files as a ZIP archive to a location you specify.
-
Added a <Repeat> XML Tag Option for Email Templates
To provide more flexibility in email templates, a new Repeat option is available when you create or edit an email template. Clicking Repeat adds the <repeat> </repeat> XML tags to the subject line or body of the template. Adding the tags allows the template to return variables, such as source file name, for multiple incidents in the email automatically.
Enhancements
-
Reconfigured the Incident Details Workspace
To ease using the Incident Details Workspace to investigate and analyze events, updated the organization and content to provide more direct access to information about the incident, including the ability to download files attached to the incident.
Fixes
-
Resolved an issue where the Insights Workspace does not display the central graph when there is a large number of classified files reported.
-
Resolved an issue where the intended recipients do not receive detection rule email alerts when the alert email uses a customer’s custom email template.
-
Resolved a problem in a customer’s enterprise where they were seeing computers in reported events that were missing policy names, and some alarm names reported as unknown, on the details pane for an event.
-
Resolved an issue where a customer found that a filter to exclude certain events by Policy Name unexpectedly excluded events that did not involve rule violations.
-
Resolved an issue where the columns in the tables on the Incident Details workspace displayed a sort indicator arrow where sorting is not supported.
August 2023
Version: 4.4.0
August 26, 2023
Features
There are no new features in this release.
Enhancements
This is a maintenance release. It includes enhancements for stability, usability and performance.
Fixes
This release does not include any fixes for customer-reported problems.
June 2023
Version: 4.3.0
June 6, 2023
Enhancements
-
Enhanced the implementation of the Investigation Workspace to make using it smoother, more responsive and faster to generate or update
-
Reduced the time it takes to display the workspace on initial load and improvedresponsiveness to user interactions
-
Enhanced the animations displayed during workspace updates
-
Improved the long-term stability of the workspace
Fixes
-
Resolved an issue where a customer’s ARC detection rules were not honoring the regex entries in the classification name field. Regex entries worked in other fields.