This section shows the most relevant improvements and fixes in version 3.7.1. More details about these changes are provided in each component changelog:
This version comes with a new option for the FIM configuration. Now is possible to add extra Audit keys using <audit_key>
tag. It allows the who data engine to capture Audit events related to the key.
Wazuh 3.7.1 includes some other improvements:
- Restored the support for Amazon Linux on the
Vulnerability detector </user-manual/capabilities/vulnerability-detection/index>
. - Improved performance of the Remote service.
- Added IPv6 support for the
host-deny.sh
script fromActive Response </user-manual/capabilities/active-response/index>
. - Included more tracing information to the logs generated on debugging mode.
- The FIM engine now gives more descriptive messages when a file is not reachable.
The main highlights for the Wazuh app for Kibana include a new auto-complete feature for the Dev tools tab, so now the user can start typing an API request to see a list of suggestions.
../images/release-notes/3.7.1/kibana-features.png
In addition to this, some refinements and bugfixes were added for better stability and overall performance.
The main highlights for the Wazuh app for Splunk include support for extensions, new tabs for VirusTotal and CIS-CAT alerts, the Export as CSV button for several tables and the ability to execute PUT
, POST
and DELETE
requests on the Dev tools tab, along with GET
requests.
../images/release-notes/3.7.1/splunk-features.png
In addition to this, code refactoring, visual/ UI adjustments, and bugfixes were added for better stability and overall performance.