Hello there,

We are excited to start sharing our monthly newsletter that will be focused on new products features, integrations, use cases, upcoming events, and other relevant information.

In this release we have four product updates to share with you that are available in the latest release.

  • Flow Versioning and Publishing
  • Splunk Webhook
  • Slice and Dice
  • Searchability Enhancements

We hope you find this useful! Questions? Please reach out to us at: questions@logichub.com


Flow Versioning and Publishing

One of the highlights of this month’s newsletter is the release of “Flow Versioning and Publishing for Streams”. It is one of the new usability features that we are focussing on to allow the flow designer to create, update, and manage flows with the ability to undo, redo, and publish changes directly within the flow.

“It’s a key item that I need to be able to undo a change I just made” - now you can! You’ll see from the image below, that you can select which change you would like to move to and then choose from

  • Set As Latest or
  • Publish

Not only does it allow for mistakes to be corrected, but it also allows for staging and testing edits within your flow that is used in stream(s), before committing the changes into production.


Splunk Webhook

We have an on-demand function as one of the options within streams and to be able to utilize this within Splunk, we developed a Splunk Technical Add-On (Splunk TA). This allows for streams to be triggered automatically when a new notable is present, thereby reducing the wait time for automation to provide your results. It is also possible to supply additional data in a request body when making requests to the webhook address.


Data Slice and Dice

Have you ever wanted to choose a subset of the data that is specific to your needs from within a table… well with the Slice function you can do just that. Below you can see how we can take a table of data and work with a specific set of the data based upon the indices within that table. This gives the ability to pull the Top 5, the Last 50 or anywhere in between for any data in any column.

Example: Show the first 3 Destination IPs grouped by SourceIP

Figure 1: a screenshot of all of the destinations grouped by source, you’ll notice that there are many in the array

Figure 2: the slice function reduces the number of destination IPs returned per source IP to the first 3


Searchability Enhancements

We’ve enhanced the search function to make it more intuitive, in that it enables you to type in what you’re looking for and from there we present the available options based upon your input. See the examples below...

New Incident Type example:
Creating a new “Incident Type” with the Flow name of “Attack_Progress_Report”, we can limit the results by searching for keywords, in this case “Attack”:

New Event Type example:
Creating a new “Incident Type” with the Flow name of “Attack_Progress_Report”, we can limit the results by searching for keywords, in this case “Attack”:

We have added the enhanced search function to the following:

  • When Creating, Configuring or Modifying
    • Integrations
    • Connections
    • Destinations
    • Modules
    • Incidents
    • ThreatGPS
    • Streams
    • Conditional Execution
    • Event Types and more...

We have more exciting features coming in the future so look out for the June edition of our Customer Newsletter which we will send out during the last week of June. We will have more information regarding our presence at Black Hat USA 2019 happening August 3-8.

Regards,

Hamish Talbot
Director Customer Success
LogicHub, Inc.

Questions? Please email us at: questions@logichub.com
Technical Support: support@logichub.com