chore(release): 5.0.0-beta.1

## [5.0.0-beta.1](v4.2.2...v5.0.0-beta.1) (2022-03-07) ### Features * **addon:** Add Decryption Log Support for PANOS 10 - PaloAltoNetworks#126 * **addon:** Cortex Data Lake HEC log support - PaloAltoNetworks#162 PaloAltoNetworks#176 * **addon:** PAN Quality Validation and Improvement * **addon:** Significantly improve and modernize CIM compliance * **app/addon:** Add Cortex XDR incident support to App and Add-on including new XDR Incidents dashboard - PaloAltoNetworks#166 * **app/addon:** Add IoT Security - PaloAltoNetworks#158 * **app/addon:** Feature/dynamic user groups - PaloAltoNetworks#150 * **app/addon:** Python 3 Support - PaloAltoNetworks#124 * **app/addon:** Support GlobalProtect log type in PANOS 9.1 - PaloAltoNetworks#118 * **app/addon:** Update pandevice to 0.14.0 - PaloAltoNetworks#145 ### Bug Fixes * **addon:** Add fields for GlobalProtect logs * **addon:** Add fields for GlobalProtect logs * **addon:** Add GlobalProtect SourceUserName - PaloAltoNetworks#209 PaloAltoNetworks#202 * **addon:** Add modinputs as tasks in app.manifest - PaloAltoNetworks#153 * **addon:** Add virus eventtype to malware CIM - PaloAltoNetworks#114 PaloAltoNetworks#138 * **addon:** Fix appserver/static files * **addon:** Fix CDL logs contained string 'null' in 'user' field - PaloAltoNetworks#187 * **addon:** Fix error from Minemeld automatic lookup * **addon:** Fix GlobalProtect logs dvc_name field * **addon:** Fix GlobalProtect logs dvc_name field * **addon:** Fix nav bar background color * **addon:** Fix src_user field contained destination user - PaloAltoNetworks#186 * **addon:** Fix typo in transform.conf ([PaloAltoNetworks#227](https://github.com/btorresgil/SplunkforPaloAltoNetworks/issues/227)) * **addon:** Fix user showing as unknown from GlobalProtect logs. - PaloAltoNetworks#217 * **addon:** Parse GP and Decryption logs w/ pan:firewall - PaloAltoNetworks#168 * **addon:** Parse GP and Decryption logs w/ pan:firewall - PaloAltoNetworks#168 * **addon:** Remove endpoint tags and eventtypes - PaloAltoNetworks#196 * **addon:** Remove port from `dest_name` field - PaloAltoNetworks#129 PaloAltoNetworks#128 * **addon:** Remove white space from GlobalProtect sourcetype - PaloAltoNetworks#131 * **addon:** Restore "unknown" string for empty 'user' field * **app:** Fix error after upgrade to 7.0.0: "Unknown search command 'panwildfirereport'" - PaloAltoNetworks#189 * **app:** Fix IoT Security dashboard filter - PaloAltoNetworks#181 * **app:** Fix panContentPack error. Fixes bug [PaloAltoNetworks#222](https://github.com/btorresgil/SplunkforPaloAltoNetworks/issues/222) - PaloAltoNetworks#225 * **app:** Incident counters flash in Splunk 8.1 - PaloAltoNetworks#163 * **app:** Incident counters flash in Splunk 8.1 - PaloAltoNetworks#163 * **app:** Remove endpoint from Data Model Audit dashboard - PaloAltoNetworks#218 * **app/addon:** correct user-id tag_user / untag_user * **app/addon:** Fix background color of logo - PaloAltoNetworks#141 ### Performance Improvements * **app:** Change simple XML to use JQuery 3.5 - PaloAltoNetworks#207 * **app:** Remove high cardinality fields from datamodel ### ⚠ MAJOR RELEASE CHANGES This is a major release Splunk dashboards and searches you have created might be affected by these changes. Please be prepared to test and adjust any dashboards not included with the App after upgrade. * **addon:** pan_traffic_start logs no longer included in CIM * **addon:** pan_traffic_end logs moved from Network Session to Network Traffic datamodel * **addon:** pan_threat event type now includes wildfire and data logs * **addon:** pan_file logs moved from Web to IDS datamodel * **addon:** pan_virus logs moved from Malware to IDS datamodel * **addon:** pan_wildfire logs moved from Malware to IDS datamodel * **addon:** pan_email removed from Email datamodel * **app:** Removes datamodel for GlobalProtect logs before PAN-OS 9.1 * **app/addon:** Removes Traps 4 support * **app/addon:** Deprecates Traps 5 and Traps 6 support * **app:** Removes support for legacy WildFire Report API * **app/addon:** Requires Splunk 8.0 or higher * **app/addon:** Replaces Adversary Scoreboard and Incident Feed dashboards with new XDR Incidents dashboard
btorresgil · Mar 7, 2022 · 238b9d8 · 238b9d8
1 parent 62bd45d
commit 238b9d8
Show file tree

Hide file tree

Showing 6 changed files with 12 additions and 12 deletions.
diff --git a/Splunk_TA_paloalto/README.md b/Splunk_TA_paloalto/README.md
@@ -4,7 +4,7 @@ Palo Alto Networks Add-on for Splunk
 
 * **Add-on Homepage:** https://splunkbase.splunk.com/app/2757
 * **Authors:** Brian Torres-Gil, Paul Nguyen, Garfield Freeman - Palo Alto Networks
-* **Add-on Version:** 7.0.3
+* **Add-on Version:** 5.0.0beta1
 
 ### Description ###
 

diff --git a/Splunk_TA_paloalto/app.manifest b/Splunk_TA_paloalto/app.manifest
@@ -5,7 +5,7 @@
     "id": {
       "group": null,
       "name": "Splunk_TA_paloalto",
-      "version": "7.0.3"
+      "version": "5.0.0beta1"
     },
     "author": [
       {
@@ -22,7 +22,7 @@
         "IT Operations",
         "Security, Fraud & Compliance"
       ],
-      "developmentStatus": "Production/Stable"
+      "developmentStatus": "Beta"
     },
     "commonInformationModels": {
       "Authentication":"4.19.0",

diff --git a/Splunk_TA_paloalto/default/app.conf b/Splunk_TA_paloalto/default/app.conf
@@ -1,13 +1,13 @@
 [install]
 is_configured = false
 state = enabled
-build = 1281195361
+build = 1948520861
 splunk_supported = 8.1,8.0
 cim_supported = 4.x
 
 [launcher]
 author = Palo Alto Networks
-version = 7.0.3
+version = 5.0.0beta1
 description = The Palo Alto Networks Add-on allows a Splunk Enterprise administrator to collect data from Palo Alto Networks Next-Generation Firewall devices, Panorama, Advanced Endpoint Protection, Aperture SaaS Security, AutoFocus Threat Intelligence, and MineMeld.
 
 [ui]

diff --git a/SplunkforPaloAltoNetworks/README.md b/SplunkforPaloAltoNetworks/README.md
@@ -4,8 +4,8 @@ Palo Alto Networks App for Splunk
 
 * **App Homepage:** https://splunkbase.splunk.com/app/491
 * **Authors:** Brian Torres-Gil, Paul Nguyen, Garfield Freeman - Palo Alto Networks
-* **App Version:** 7.0.3
-* **Required Add-on (TA) Version:** Splunk_TA_paloalto 7.0.3
+* **App Version:** 5.0.0beta1
+* **Required Add-on (TA) Version:** Splunk_TA_paloalto 5.0.0beta1
 
 ### Description ###
 

diff --git a/SplunkforPaloAltoNetworks/app.manifest b/SplunkforPaloAltoNetworks/app.manifest
@@ -5,7 +5,7 @@
     "id": {
       "group": null,
       "name": "SplunkforPaloAltoNetworks",
-      "version": "7.0.3"
+      "version": "5.0.0beta1"
     },
     "author": [
       {
@@ -19,7 +19,7 @@
     "classification": {
       "intendedAudience": null,
       "categories": [],
-      "developmentStatus": "Production/Stable"
+      "developmentStatus": "Beta"
     },
     "commonInformationModels": null,
     "license": {

diff --git a/SplunkforPaloAltoNetworks/default/app.conf b/SplunkforPaloAltoNetworks/default/app.conf
@@ -5,13 +5,13 @@ label = Palo Alto Networks
 [launcher]
 author = splunkapp@paloaltonetworks.com
 description = The Palo Alto Networks App for Splunk is a set of reports and dashboards which provide visibility into the Palo Alto Networks Next-generation Firewall, Panorama, and Advanced Endpoint Security logs.
-version = 7.0.3
+version = 5.0.0beta1
 
 [package]
 id = SplunkforPaloAltoNetworks
 
 [install]
-build = 1281195361
-ta_dependency_version = 7.0.3
+build = 1948520861
+ta_dependency_version = 5.0.0beta1
 splunk_supported = 8.1,8.0
 cim_supported = 4.x