Skip to main content

 

Every month, the integrations team work on new and updated collectors for you, and I collect them all in this Catalog Update. This post contains new and updated collector information as well as links to their respective pages in our Documentation portal. Be advised that some pages in Documentation may not be available at the time of posting but will be added as soon as they are available. To request new collectors or an update to an existing collector, please open a support ticket through the Support Portal. You can also visit the new Resources Portal, a single page for all your customer resources!

 

Table of Contents

 

Updated Collectors

Forcepoint SWG Collector v2.1.0

  • Changed
    • The DevoCollectorSDK Python package (devo-collector-sdk) has been updated from "1.16.2" to "1.16.3"
  • Fixed
    • Updated datetime_key in swgweb service to fix delay in events
    • Allowed override datetime_key and id_key from user config

Microsoft Defender ATP Endpoint Collector v2.3.0

  • Changed
    • Refactored the code to use the SDK Template1CollectorPuller
    • Refactored all the puller logics
    • Updated the persistence logic, added new param in the persistence to avoid duplicates
    • Added unit-tests
    • Updated docker base image to 1.6.0

Cortex XDR Collector v2.3.0

  • Improvements
    • The DevoCollectorSDK Python package (devo-collector-sdk) has been updated to "1.16.3"
    • Upgraded the docker base image to 1.6.0
  • Fixed
    • Added timeout in the requests call to fix the unresponsive API issue

Google Workspace Reports Collector v1.13.0

  • Changed
    • Updated docker base image to 1.6.0
  • Added
    • Added a new service with application_name: vault for Google Vault audit logs

BigID Collector v1.3.0

  • Changed
    • Updated the Docker base image to 1.6.0
  • Fixed
    • Fixed token expiration validation to properly check if 24 hours (86400 seconds) have elapsed since token creation

SOCRadar Collector v2.0.0

  • Improvements
    • Refactored the code to use Template1CollectorPuller
    • Upgraded Docker base image to 1.6.0
    • Added Unit tests and added user_guide
    • Upgraded DCSDK to 1.16.3

Abnormal Security Collector v2.2.0

  • Changed
    • The DCSDK Docker base image has been updated to "1.6.0"
    • Upgraded the DCSDK to v1.16.3
    • Changed initial_start_time_in_utc to optional field

Microsoft Defender ATP Endpoint Collector v3.1.0

  • Changed
    • Added a migration guide because of persistence incompatibility
  • Fixed
    • Fixed the issue with advance hunting service
    • Fixed the issue with GCC high environment
    • Fixed missing issue with alerts service

Okta Collector v2.0.0

  • Changed
    • Refactored the code to use the latest DCSDK 1.16.3
    • Upgraded persistence to use initial_log_id to avoid duplicates

Menlo Security Collector v1.5.0

  • Changed
    • Refactored the code to use the latest DCSDK 1.16.3
  • Added
    • Fixed the bug for start date more than 30 days old

Radware CWAF Collector v1.1.0

  • Changed
    • Refactored the code to use the latest DCSDK 1.16.3
  • Fixed
    • Fix the persistence update issue after each API call
    • Added optional param to handle waiting period on API failure

Trend Micro Vision One Collector v1.5.2

  • Changed
    • Refactored the code to use the latest DCSDK 1.16.3
  • Added
    • Fixed collector persistence issue when collector is paused for more than 5 days

Trellix ePO Collector v1.3.0

  • Changed
    • Updated DevoCollectorSDK to version 1.16.3
    • Updated docker base image to 1.6.0
  • Fixed
    • Override url issue

Airlock Digital Collector v1.1.0

  • Changed
    • The DCSDK Docker base image has been updated from "1.2.0" to "1.6.0"
    • The DevoCollectorSDK Python package (devo-collector-sdk) has been updated from "1.11.1" to "1.16.3"
  • Added
    • Added admin_logs service

CyberArk Identity Collector v1.5.0

  • Changed
    • Upgraded SDK image base to 1.6.0
  • Added
    • Added new service siem_audit_events
    • Added group base pulling mechanism

SailPoint IdentityNow Collector v1.5.0

  • Changed
    • The DevoCollectorSDK Python package (devo-collector-sdk) has been updated to "1.16.3"
    • Upgraded SDK image base to 1.6.0
  • Fixed
    • Fixed invalid token issue by handling token expiry time
Be the first to reply!