Reports and integrations

  • Open API: added ability to edit an alert note to the alerts endpoint.
  • Kafka data integration: added a new option to generate a log file for troubleshooting issues.
  • Improved the way sessions killed from the Fortinet FortiGate and Palo Alto Networks v10.1+ firewall integrations are stored. They used to be stored in the n2os.conf.user file, while now they are stored in the DB.
  • Content Packs can now contain Playbooks, as well as optionally including the associated alert rules.
  • Removed support for CheckPoint firewall integration in N2OS. The CheckPoint integration settings will not be restored upon rolling back from 23.3.0 to the previously installed version.
  • Added support for sending firewall rules to Palo Alto Networks (PANW) Next-Generation Firewalls (NGFW) in disabled state, allowing PANW users to study and enable rules on the PANW environment and at their discretion.
  • Open API Query endpoint: when using pagination, if the provided count value is higher than 10,000, no more than 10,000 items are returned. The maximum allowable page number is 1,000. Requests for pages beyond this limit will result in an error. Added API Best Practices section to the SDK User Manual.
  • Cisco ASA Firewall integration now gives the user the ability to manage inactive policies.
  • The Open API call /api/open/sensors/resources allows the user to retrieve the CPU usage, memory used, and disk used percentages.
  • The DNS Reverse Lookup data integration now sanitizes the hostname before using it as a node label.
  • MS endpoint configuration manager (SCCM) integrations: it is now possible to specify a custom port for the endpoint.
  • To extract the local license information using OpenAPI, invoke the following OpenAPI command while using the credentials of an admin user api/open/sensors/license.