New features in 8.9.0
The following are the new features available with the Xprotect version 8.9.0 released on the 21st of August, 2020:
Audit logs for API requests made for important tasks performed on Xprotect
On the Settings > Audit Logs page, see the Audit logs for the API requests made for the important tasks performed on Xprotect.
-
The entity related to the task is listed in the Category column and task is listed in the Actions column. See the following table for the categories and actions that generated Audit logs.
Category (entity)
Action (task) Groups
Create Group, Edit Group and Delete Group Hosts Register Host, Install Agent, Upgrade Agent, Delete Host, Modify Tag, Move Host to Group, Self Protect On, and Self Protect Off
MD5s
Add MD5 Override, Edit MD5 Override, and Delete MD5 Override
Policies
Create Policy, Save Policy, Clone Policy, Save Policy, and Save and Publish Policy.
-
The status of the API request made for the task is listed in the Status column. The statuses are - Success, Failed, and Partial Success. Hover over a 'Failed' and 'Partial Success' API requests to see the reason for failure or partial success.
-
The Timestamp column displays the date and time when the API request for the task was sent and the Action By column displays the Xprotect user who performed the task.
-
Click the 3-dot menu of an Audit log and click View JSON to see the payload of the API request for the task that generated the Audit log.
Enhancements to 'Run Command on hosts from Xprotect'
Use the following enhancements available on the Commands page.
-
Click the 3-dot menu of the command or host and click Run Again to run the command again, on the same host.
-
Click the Copy button in the Command column to copy the command to the local clipboard.