v10.4.1-202405031218

UTMStack 10.4.1 Release Notes

Minor changes:

• Using new source of correlation rules

v10.4.0-202404241632

UTMStack 10.2.2 Release Notes

This update enhances UTMStack's stability, security, and functionality through critical bug fixes and improvements. We have focused on addressing issues reported by our users and identified through our continuous monitoring, improving the overall user experience and the application's resilience against errors and security threats.

Summary of the bug fixes included in this release:

• Dashboard and Alerts Accuracy: The Overview dashboard displayed incorrect alert values, ensuring accurate monitoring and alerting capabilities.
• Rule History and Filtering: Resolved a problem with rule history filter conditions, improving the accuracy and usability of incident rule history views.
• Integration and Alert Management: Addressed an issue where integration disconnected alerts were triggered too frequently, reducing unnecessary notifications and improving alert management.
• Incident Rules Enhancement: Added a default agent for incident rules, facilitating smoother operation and implementing incident response strategies.
• Log Explorer Stability: Fixed a crash in the log explorer query functionality, enhancing the stability and reliability of log exploration and analysis.
• Incident Response Automation: Improved incident response automation by allowing it to run in default agents, enhancing the efficiency and effectiveness of automated incident responses.
• UI Improvements: Enhancing user interface interaction and usability for Incident response creation.
• Application Stability: Addressed an Auditor module crash issue, improving the application's stability and reliability.
• Logout: Adding logout observable, ensuring users a more reliable logout process.

Security and Stability Enhancements:

• Resolved an issue with the incorrect installation command for Linux environments, streamlining the installation process.
• Enhanced error handling for operational issues, improving application resilience.
• Addressed security configuration issues, ensuring users with the role ROLE_USER maintain stable connections.
• Fixed synchronization issues related to alert properties in down data sources, providing accurate alert management.

v10.3.0-202403041523

What's Changed

• Fixed Processed logs values still in the pipeline detail view (#470) by @mjabascal10 in #481
• Bugfix/10.2/474 ad auditor is not capturing all user creation events by @mjabascal10 in #498
• 10.3 by @mjabascal10 in #496
• Bugfix Datasource's view refresh time is causing that you can't add notes and groups sometimes (#468) by @mjabascal10 in #510
• Moving changes from main to RC by @c3s4rfred in #512
• Fix email alerts after migrating to opensearch by @c3s4rfred in #515
• Updating macos guide by @c3s4rfred in #519
• Fixed Incidents "Execute command" tab is causing a console error when looking for status property by @mjabascal10 in #522
• Updating azure guide by @c3s4rfred in #524
• Updating RC with last changes by @c3s4rfred in #529
• Updating azure guide, correcting steps 6,7 and 11 by @c3s4rfred in #535

Full Changelog: v10.2.3-202402162320...v10.3.0-202403041523

v10.2.2-202402071105

UTMStack 10.2.2 Release Notes

This update enhances UTMStack's stability, security, and functionality through critical bug fixes and improvements. We have focused on addressing issues reported by our users and identified through our continuous monitoring, improving the overall user experience and the application's resilience against errors and security threats.

Summary of the bug fixes included in this release:

• Dashboard and Alerts Accuracy: The Overview dashboard displayed incorrect alert values, ensuring accurate monitoring and alerting capabilities.
• Rule History and Filtering: Resolved a problem with rule history filter conditions, improving the accuracy and usability of incident rule history views.
• Integration and Alert Management: Addressed an issue where integration disconnected alerts were triggered too frequently, reducing unnecessary notifications and improving alert management.
• Incident Rules Enhancement: Added a default agent for incident rules, facilitating smoother operation and implementing incident response strategies.
• Log Explorer Stability: Fixed a crash in the log explorer query functionality, enhancing the stability and reliability of log exploration and analysis.
• Incident Response Automation: Improved incident response automation by allowing it to run in default agents, enhancing the efficiency and effectiveness of automated incident responses.
• UI Improvements: Enhancing user interface interaction and usability for Incident response creation.
• Application Stability: Addressed an Auditor module crash issue, improving the application's stability and reliability.
• Logout: Adding logout observable, ensuring users a more reliable logout process.

Security and Stability Enhancements:

• Resolved an issue with the incorrect installation command for Linux environments, streamlining the installation process.
• Enhanced error handling for operational issues, improving application resilience.
• Addressed security configuration issues, ensuring users with the role ROLE_USER maintain stable connections.
• Fixed synchronization issues related to alert properties in down data sources, providing accurate alert management.

v10.2.1-202401291332

UTMStack 10.2.1 Release

This update addresses several critical bugs and improves the application's stability and security.
Among the critical updates are fixes to installation commands on Linux, error-handling enhancements, and updates to security configurations.

Summary of the bug fixes included in this release:

• Resolved an issue with the incorrect installation command for Linux environments.
• Fixed a bug where the application could not assign the requested address, leading to operational issues.
• Addressed a crash in the detail view alert when a data source is disconnected.
• Fixed the issue where a down data source showed an open detail in the view.
• Fixed the issue in the security configurations where users with the role ROLE_USER get disconnected.
• Fixed an issue where the properties host and IP of an alert created for a down data source override in the sync process.
• Rectified the emission issue with the logout observable.

v10.2.0-202401151925

Major Changes

• Added "User Auditor" feature.

Minor Changes

• Multiple bug fixes.
• Multiple dependencies update.

v10.1.0-202312131645

Major Changes

• Added buffering to correlation data I/O.
• Multiple improvements to process more incoming data more efficiently

Minor Changes

• The rule execution is skipped until the correlation receives data related to the rule.
• Rules are required to include a string list field that includes the data types the rule relates to.

v10.0.0-202309081203

Major Changes

• Start installing upon execution.
• Use a YAML config file to configure installation.
• Generate YAML config file with autogenerated parameters.
• Resume installation.
• Update stack if already exists.
• Using Swarm for container orchestration.
• Can work as a library for other projects.
• Generate certificates on execution.
• Installing Cockpit for easy system management.
• Removed LDAP connection for Active Directory.
• Removed OSSEC.
• Added incident response automation to agents.
• Using multiple pipelines.
• Removed Suricata.
• Removed deprecated containers.
• Populate modules with sample data.
• Added initial setup wizard.

Minor Changes

• Checking distribution.
• Checking min disk space.
• Automated releases with GitHub Actions.
• Updated Go to v1.20 and dependencies.
• Added CHANGELOG.md.
• Updated SECURITY.md.
• Updated EULA.
• Generating Connection Key.
• Setting up default base URL based on hostname.