We are thrilled to announce Tenzir
v4.12, a feature-packed
release introducing numerous enhancements. Notable additions include list
unrolling, event deduplication, and the deployment of advanced pipeline
architectures with publish-subscribe. We've also added a download button,
extended support for UDP, and implemented many other refinements to improve your
experience.
Our latest v4.11
release delivers powerful automation features, such as scheduling pipelines in a
given time interval and sending pipeline data as emails.
We're thrilled to announce the release of Tenzir
v4.9, enhancing the
Explorer further to empower you with the capability of rendering your data as a
chart.
Tenzir v4.7 brings a new
context type, two parsers, four new operators, improvements to existing parsers,
and a sizable under-the-hood performance improvement.
Tenzir v4.6 is here, and
it is our biggest release yet. The headlining feature is the all-new context
feature, powered by the context and enrich operators and the new context
plugin type.
Here comes Tenzir v4.5!
This release ships a potpourri of smaller improvements that result in faster
historical query execution and better deployability.
Tenzir v4.4 is out!
We've focused this release on integrations with two pillars of the digital
forensics and incident response (DFIR) ecosystem: YARA and
Velociraptor.
Exciting times, Tenzir v4.3 is out! The headlining feature is Fluent
Bit support with the fluent-bit source and sink operators. Imagine
you can use all Fluent Bit connectors plus what Tenzir already offers. What a
treat!
We've just released Tenzir v4.2 that introduces two new connectors: S3 and
GCS for interacting with blob storage and ZeroMQ for writing
distributed multi-hop pipelines. There's also a new lines parser for
easier text processing and a bunch of PCAP quality-of-life improvements.
After our successful launch of app.tenzir.com of Tenzir v4.0 at
Black Hat, the new v4.1 release continues with several
enhancements based on early feedback. We bring to you a (i) new mechanism to
pause pipelines, (ii) a new operator to match Sigma rules, (iii) new operators
for in-pipeline (de)compression, and (iv) a revamp of the show operator.
VAST v3.0 is out. This release brings some major updates
to the the VAST language, making it easy to write down dataflow pipelines that
filter, reshape, aggregate, and enrich security event data. Think of VAST as
security data pipelines plus open storage engine.
VAST v2.4.1 improves the performance of queries when VAST
is under high load, and significantly reduces the time to first result for
queries with a low selectivity.
VAST v2.4 completes the switch to open storage formats,
and includes an early peek at three upcoming features for VAST: A web plugin
with a REST API and an integrated frontend user interface, Docker Compose
configuration files for getting started with VAST faster and showing how to
integrate VAST into your SOC, and new Python bindings that will make writing
integrations easier and allow for using VAST with your data science libraries,
like Pandas.
VAST v2.3.1 is now available. This small bugfix release
addresses an issue where compaction would hang if encountering
invalid partitions that were produced by older versions of VAST when a large
max-partition-size was set in combination with badly compressible input data.
We released VAST v2.2 🙌! Transforms now have a new name:
pipelines. The summarize
operator also underwent a facelift,
making aggregation functions pluggable and allowing for assigning names to
output fields.
VAST v2.1 is out! This release comes with a particular
focus on performance and reducing the size of VAST databases. It brings a new
utility for optimizing databases in production, allowing existing deployments to
take full advantage of the improvements after upgrading.
