3.3.0 Release notes - 8 June 2018
This section shows the most relevant improvements and fixes in version 3.3.0. More details about these changes are provided in each component changelog.
Logcollector now supports socket connection for log output mirroring. This feature allows to send the same event to the Wazuh manager and to a 3rd party log processor like Fluent Bit. You can find more information here.
The analysis engine includes new options for the plugin decoders to set the input offset with respect to the prematch expression or the parent decoder. See an example about this on this section. In addition, plugin decoders and multi-regex decoders can be used together.
We have also introduced an event formatter in the log collector to build custom events, this allows to add some data into the event.
As of this version, the timestamp of the alerts in JSON format will include milliseconds.
The implementation of the Agentless daemon has been improved for enhanced security.
Some other fixes and improvements have been introduced in the Framework and the Cluster.
The API now has filters by group on the
GET /agents call and by status on the
GET /agents/groups/:group_id and
GET /agents/groups/:group_id calls.
limit parameter has been modified to retrieve all items using
In addition to this, several bugfixes and performance improvements for the API have been added.
Wazuh app for Kibana
New design for the Overview and Agents tabs, following a breadcrumbs-based navigability to change between different sections.
New Reporting option, for generating logs about the current state of the visualizations on the Overview and Agents tabs.
New filters for agent version and cluster node on the Agents Preview tab.
Added a warning when your system doesn't have more than 3GB of RAM.
Several bugfixes and performance improvements.