1.5.2
Version 1.5.2: April 4, 2016
- Fixed a typographical error in the transforms.conf file for web reputation events. Thank you to Chris Bell for reporting it.
Version 1.5.1: March 28, 2016
- Fixed an issue with "Intrusion Prevention Rule Updated" events not having their sourcetype modified.
- Fixed an issue where in some cases a space was included immediately after "CEF:" in the syslog output from Deep Security.
- Removed all inputs from the application itself to make it compatible with Splunk Cloud and to follow Splunk best practices for monitoring files.
Version 1.5.0: March 27, 2016
- Added a single UDP input to handle all Deep Security messages (UDP:1514). The sourcetype is dynamically changed according to the event content.
- Added "Firewall Events by Location" to the "Deep Security Firewall Dashboard" to map the source IP for firewall events.
- Added "Intrusion Prevention Events by Location" to the "Deep Security Intrusion Prevention Dashboard" to map the source IP for intrusion prevention events.
Version 1.4.0: January 2, 2014
- This is the initial release of the Trend Micro Deep Security for Splunk app.