Blog Post
See All Blog Posts

Cogynt v2.13 Release Notes

By Andrew Davis

Cogility is delighted to announce that Cogynt version 2.13 is generally available for AWS customers as of March 2024. Please see what’s new below.

For more information, or to have your Cogynt instance updated, please contact us.

Data Management Tool

S3 Connector Builder

  • In addition to CSV source connectors, users can now build JSON source connectors.
  • New workflow and UI for building S3 connectors.
  • S3 connectors can now be exported and imported.
  • S3 connection can be tested before starting to help identify issues with connection or credentials while the connector is being built.
  • Data field mapping has become more automated, with an added ability to sample and extract schema from files in the source S3 bucket.

Authoring Tool

New Computations

  • Added new IP computation functions and operations so SMEs can construct more sophisticated cyber models.
  • Comparison operations will now resolve IP and their equivalent CIDR (i.e., x.x.x.x == x.x.x.x/32).
  • Added new mapping computations functions that allow SMEs and data scientists to perform more parallel transformations in a single event pattern, reducing repetitiveness and redundancy in models, and resulting a potentially lighter weight project.

User Experience Improvements

  • Improved loading times and performance throughout the Authoring application.

Model Documentation

  • Model documentation now exports directly as a PDF file.
  • Model documentation features are now accessible within the Authoring application, instead of being a separate application.

DevOps

O11y: Added Observability Dashboards for Services

In this release, we have enhanced the observability of our infrastructure by adding comprehensive dashboards for monitoring key services. These dashboards provide deep insights into the performance and health of the following components:

  • Redis: Monitor the performance and usage metrics of Redis instances.
  • Pinot: Gain visibility into the performance and queries of your Pinot clusters.
  • Flink: Monitor the status and performance of your Apache Flink applications.
  • Superset: Track the usage and performance of Superset dashboards and queries.
  • Postgres: Monitor the performance and health of your PostgreSQL databases.
  • Portworx: Monitor the storage performance and usage of your Portworx clusters.
  • Confluent: Track the performance and usage of your Confluent Kafka clusters.
  • Kubernetes: Gain insights into the resource usage and health of your Kubernetes clusters.
  • Istio: Monitor the traffic and performance of your Istio service mesh.

These observability dashboards provide real-time metrics, allowing you to quickly identify and address any issues. This helps ensure the reliability and performance of your services.

Workstation

  • Fixed a bug where too many tagged users on a comment would cause the collection interface to overflow off the widget boundaries.
  • Changed the logic for the system notification bell to always display a red bell indicator if there are > 0 active system notifications. Previously, it would only display a red icon if notifications were received while logged into the application.
  • Added pagination of tables of events found in Ingestion Settings, Data Delete Mode, and Event Decorations for performance improvements. As a result of the pagination changes, sorting on the Ingestion Settings table has been removed.
  • Added the ability to undo the removal of events from a collection.

User Management

Permissions

  • Simplified permissions for User Management:
    • A new permission for userManagement.users has been added.
    • Renamed permissions.role to userManagement.roles.
    • Renamed permissions.groups to userManagement.groups.
  • Removed permissions for users.role and users.groups, as these are now a part of userManagement.roles and userManagement.groups.
  • The permission users.accountStatus no longer appears, and has been incorporated into the new userManagement.users.

Layout

  • Implemented new Cogynt layout for User Management.
  • The left side navigation bar has been redesigned to have three pages: UsersRoles, and Groups.
  • The Users page has been updated with the new Standard Cogynt Data Grid and Data Viewer.

Audit Viewer

  • The application has been redesigned with the new Cogynt layout.
  • The table has been updated with the new Standard Cogynt Data Grid and Data Viewer.
  • The text search and date filter have been redesigned.

Known Issues

Authoring/HCEP

  • COG_filter is unstable and does not perform predictably. There is no workaround at the moment, so please avoid using COG_filter for the time being.
  • The contains function’s output in computations cannot be mapped when the series is a set.
  • The when function outputs nested arrays when both true and false arguments are arrays.
  • When duplicating event types containing a lexicon filter, lexicons fail to be duplicated.
  • Schema Discovery incorrectly recognizes integers as IP data types. When performing Schema Discovery, make sure to check that the system has assigned the correct data type to each field. Data type assignments can be corrected before saving.
  • When exporting model documentation, deployment fields in the event patterns section are incorrect.
  • When exporting model documentation, ingestion configuration is not yet included.
  • When exporting model documentation, the description and synonyms of a leaf node in a lexicon tree are not exported accurately.
  • When exporting model documentation, the connection lines and labels in computations and pattern diagrams can appear malformed.

Workstation

  • In some situations, clicking the checkmark button after editing a widget’s name may be difficult to register a mouse-click. A workaround to this is to press ENTER to submit your change.
  • The sort logic for Ascending and Descending order for the “Tag” option in the “Notifications Explorer” widget is inverted.
  • Re-ordering a Custom Field field template group below another group that contains no child rows does not work.
  • In some circumstances, a retracted pattern solution on the Drilldown widget may change color between blue and gray. Retracted pattern solutions are intended to always be gray.
  • There are rare situations in which the Drilldown widget may show outdated information for an event. If this happens, a reset should be performed to force the re-ingestion of Drilldown data.
  • After performing Dev Delete in Workstation, the list of projects in the project dropdown in the Admin screen may display incorrectly until after refreshing Workstation. In some situations, a deleted project may still appear until another deployment in Authoring is performed.

Audit Viewer

  • The date picker for the “Date Range” in Audit UI does not allow you to type in “AM” or “PM” manually. This can be circumvented by clicking the Calendar icon to select “AM” or “PM”.

Data Management Tool

  • S3 connectors are unable to read JSON files with ARRAY format. Please use NEWLINE-format JSON files if possible.
  • The Manual Entry form’s Event Type selection menu may have event types missing from the dropdown list.
  • S3 connector action buttons, including RunEdit, and Delete, are still available to users with read-only permissions.

Recent Related Stories

Industry Insights
Cogynt – Continuous Intelligence (Part 2)
To view the first part of this blog, click here. Continuous Intelligence Explained The goal of continuous intelligence is to be…
Read More
Blog
Cogynt v2.14 Release Notes
Cogility is delighted to announce that Cogynt version 2.14 is generally available for AWS customers as of July 2024. Please…
Read More
Blog
Cogynt v2.11 Now Available
We’re proud to announce the release of Cogynt v2.11. As always, this release packs a punch with new features and optimizations.…
Read More

Categories

Industry Insights (3)
Release Notes (4)
Company News (4)
Continuous Intelligence (4)
Counter-Insider Threat (3)
Real-time Analytics (3)
Decision Support (2)
Apache Open Source (2)
Cyber Security (3)

Connect