- 24 Mar 2022
- 25 Minutes to read
- Print
- DarkLight
- PDF
What's New in Axonius 3.11
- Updated on 24 Mar 2022
- 25 Minutes to read
- Print
- DarkLight
- PDF
Release Date: November-09-2020
Adapters
New Adapters
The following new adapters have been added in this release:
- Aruba Central
- Aruba Central is a unified cloud-based network operations, assurance and security platform that simplifies the deployment, management, and optimization of wireless, wired and WAN environments.
- This adapter fetches the following types of assets: Devices.
- bitFit
- bitFit is a business development and information technology company that collects all of your IT operations data and combines it into a unified cloud system.
- This adapter fetches the following types of assets: Devices, Users.
- BMC Atrium CMDB
- BMC Atrium CMDB stores information about the configuration items (CIs) in your IT environment and the relationships between them.
- This adapter fetches the following types of assets: Devices.
- HPE OneView
- HPE OneView is an integrated IT management solution that transforms compute, storage, and networking into software-defined infrastructure for task automation.
- This adapter fetches the following types of assets: Devices.
- IBM QRadar
- IBM QRadar is a Security Information and Event Management (SIEM) solution that enables security teams to detect, prioritize and response to threats across the enterprise.
- This adapter fetches the following types of assets: Devices.
- Intrigue
- Intrigue enables IT and Security teams with a complete and always up to date view of Cloud and Internet-exposed assets and exposures.
- This adapter fetches the following types of assets: Devices.
- iTop
- iTop is an open source ITSM solution allows management of configuration items and their relationships in a flexible CMDB.
- This adapter fetches the following types of assets: Devices, Users.
- Ivanti Endpoint Security
- Ivanti Endpoint Security, powered by Heat, provides application control, antivirus, patch management, and device control to protect endpoints.
- This adapter fetches the following types of assets: Devices.
- Kubernetes
- Kubernetes (K8s) is an open-source system for automating deployment, scaling, and management of containerized applications.
- This adapter fetches the following types of assets: Devices.
- LimaCharlie
- LimaCharlie provides endpoint-driven information security tools to run an MSSP or SOC, as well as APIs that allow users to build and monetize their own products.
- This adapter fetches the following types of assets: Devices.
- NetIQ Advanced Authentication
- NetIQ Advanced Authentication provides a centralized authentication framework that adds a strong level of authentication (MFA or 2 Factor).
- This adapter fetches the following types of assets: Devices.
- Pulse Connect Secure
- Pulse Connect Secure provides zero trust secured access from any device to applications and services in the cloud and data center.
- This adapter fetches the following types of assets: Users.
- Traps Endpoint Security Manager
- Traps Endpoint Security Manager (ESM) prevents advanced persistent threats (APTs) and zero-day attacks. Traps also provides protection for endpoints by blocking attack vectors before any malware is initiated or software vulnerabilities or bugs are exploited.
- This adapter fetches the following types of assets: Devices.
- VMware vRealize Operations (vROps)
- VMware vRealize Operations (vROps) delivers an IT operations management platform for private, hybrid, and multi-cloud environments that covers the physical, virtual and cloud infrastructure, including VMs and containers.
- This adapter fetches the following types of assets: Devices.
- Windows Server Failover Clustering (WSFC)
- Windows Server Failover Clustering (WSFC) is a feature of the Windows Server platform for improving the high availability (HA) of applications and services. WSFC is the successor to Microsoft Cluster Service (MSCS).
- This adapter fetches the following types of assets: Devices.
- Zerto
- Zerto is a data loss protection solution that provides disaster recovery, backup and workload mobility software for virtualized infrastructures and cloud environments.
- This adapter fetches the following types of assets: Devices.
For more details, explore the entire list of supported and integrated adapters.
Updated Adapters
The following adapters have been enhanced:
Adapters Page - Multiple enhancements:
- Added a new Connection Status column to the adapters table.
- This new column lets you view the number and the status of all the adapter connections for each adapter:
- Number of connections with errors.
- Number of adapter connections successfully connected.
- Number of inactive adapter connections.
- This new column lets you view the number and the status of all the adapter connections for each adapter:
- Modified the color palette that indicates the overall status of each adapter:
- Green - all the adapter connections for this adapter are successfully connected.
- Red - there is a connection error in at least one of the configured adapter connections for this adapter.
- Dark grey - there are only inactive connection for this adapter.
- Light grey - there are no configured connections for this adapter.
- Added a new Connection Status column to the adapters table.
- Absolute (Advanced Settings) - Added a new Fetch applications checkbox under the Absolute Configuration tab in the Advanced Settings for this adapter.
- This new checkbox lets you select whether to fetch device applications from the Absolute server.
- If enabled, all connections for this adapter will also fetch applications associated with the fetched devices.
- If disabled, all connections for this adapter will not fetch application data
- This checkbox is required.
- The default value for this checkbox is False.
- Amazon Web Services (AWS) (Advanced Settings) - Added a new Fetch VPCs as devices checkbox under the AWS Configuration tab in the Advanced Settings for this adapter.
- This new checkbox lets you select whether to add VPCs as devices assets.
- If enabled, all connections for this adapter will fetch VPCs from AWS. Each VPC will be added as a unique device.
- If disabled, all connections for this adapter will not fetch VPCs from AWS.
- This checkbox is required.
- The default value for this checkbox is False.
- Awake Security (Advanced Settings) - Added a new CIDR blacklist field under the Awake Configuration tab in the Advanced Settings for this adapter.
- This new field lets you specify a comma-separated list of CIDRs.
- If supplied, all connections for this adapter will not fetch devices their IP address is part of any of the CIDRs in the specified list.
- If not supplied, all connections for this adapter will fetch all devices.
- This new field is optional.
- The default value for this field is empty.
- Cisco Unified Communications Manager (UCM) (Advanced Settings) - Added a new Fetch inactive devices checkbox under the Cisco UCM Configuration tab in the Advanced Settings for this adapter.
- This new checkbox lets you select whether to fetch inactive devices from the Cisco UCM server.
- If enabled, all connections for this adapter will fetch inactive devices.
- If disabled, all connections for this adapter will not fetch inactive devices.
- This new checkbox is required.
- The default value for this checkbox is False.
- ESET Endpoint Security (Advanced Settings) - Added a new Exclude no 'Last Seen' devices checkbox under the ESET Configuration tab in the Advanced Settings for this adapter.
- This new checkbox lets you select whether to exclude devices that do not have 'last seen' indication.
- If enabled, all connections for this adapter will not fetch devices that do not have 'last seen' indication.
- If disabled, all connections for this adapter will fetch devices, even those do not have 'last seen' indication.
- This new checkbox is required.
- The default value for this checkbox is False.
- Google Workspace (G Suite) - Multiple enhancements:
- The G Suite by Google adapter has been renamed to Google Workspace (G Suite).
- Added a new Fetch MDM devices checkbox under the G Suite Configuration tab in the Advanced Settings for this adapter.
- This new checkbox lets you select whether to fetch MDM devices from Google Workspace.
- If enabled, all connections for this adapter will fetch MDM devices.
- If disabled, all connections for this adapter will not fetch MDM devices.
- This new checkbox is required.
- The default value for this checkbox is True.
- KnowBe4 (Advanced Settings) - Added a new User status whitelist field under the KnowBe4 Configuration tab in the Advanced Settings for this adapter.
- This new field lets you specify a comma-separated list of user statuses.
- If supplied, all connections for this adapter will only fetch users whose status is in the specified list.
- If not supplied, all connections for this adapter will fetch all users.
- This new field is optional.
- The default value for this field is empty.
- Microsoft Azure (Advanced Settings) - Added a new Fetch update deployments checkbox under the Azure Configuration tab in the Advanced Settings for this adapter.
- This new checkbox lets you select whether to fetch software update deployments from Microsoft Azure.
- If enabled, all connections for this adapter will fetch software update deployments.
- If disabled, all connections for this adapter will not fetch software update deployments.
- This new checkbox is required.
- The default value for this checkbox is False.
- Okta (Advanced Settings) - Multiple enhancements:
- Moved the Number of parallel requests field under the Okta Configuration tab in the Advanced Settings for this adapter to the Add Connection dialog for this adapter.
- Added a new Time in seconds to sleep between each request field under the Okta Configuration tab in the Advanced Settings for this adapter.
- This new field lets you specify sleeping time in seconds between each API request Axonius sends to Okta.
- If supplied, all connections for this adapter will use the specified time between API requests Axonius sends to this adapter.
- If not supplied, all connections for this adapter will have no sleep time between API requests Axonius sends to this adapter.
- This new field is optional.
- The default value for this field is empty.
- Added a new Fetch users groups checkbox under the Okta Configuration tab in the Advanced Settings for this adapter.
- This new checkbox lets you select whether to fetch users groups.
- If enabled, all connections of this adapter will also fetch users groups details.
- If disabled, all connections of this adapter will not fetch users groups details.
- This new checkbox is required.
- The default value for this checkbox is True.
- Oracle Cloud - The Oracle Cloud adapter now fetches user assets as well as device assets.
- Rapid7 Nexpose and InsightVM (Connection Configuration) - Added a new Site name exclude list field in the Add Connection dialog for this adapter.
- This new field lets you specify a comma-separated list of site names to be excluded from data fetch.
- If supplied, Axonius will not fetch devices from the specified site names.
- If not supplied, Axonius will fetch devices from all site names.
- This new field is optional.
- The default value for this field is empty.
- Skybox Firewall Assurance (Advanced Settings) - Added a new Fetch firewall rules checkbox under the Skybox Configuration tab in the Advanced Settings for this adapter.
- This new checkbox lets you select whether to fetch firewall rules from this adapter.
- If enabled, all connections for this adapter will fetch firewall rules.
- If disabled, all connections for this adapter will not fetch firewall rules.
- This new checkbox is required.
- The default value for this checkbox is True.
- Splunk (Advanced Settings) - Added a new Fetch Splunk agent version checkbox under the Splunk Configuration tab in the Advanced Settings for this adapter.
- This new checkbox lets you select whether to fetch information about the Splunk agent version.
- If enabled, all connections for this adapter will fetch information about the Splunk agent version.
- If disabled, all connections for this adapter will not fetch information about the Splunk agent version.
- This new checkbox is required.
- The default value for this checkbox is False.
- Tenable.io (Advanced Settings) - Multiple enhancements:
- Added a new Tag key whitelist field under the Tenable.io Configuration tab in the Advanced Settings for this adapter.
- This new field lets you specify a comma-separated list of tag keys in Tenable.io.
- If supplied, all connections for this adapter will only fetch devices from Tenable.io with any of the tag keys provided in this list.
- If not supplied, all connections for this adapter will fetch all devices from Tenable.io.
- This new field is optional.
- The default value for this field is empty.
- Added a new Do not fetch devices with no MAC address and no hostname checkbox under the Tenable.io Configuration tab in the Advanced Settings for this adapter.
- This new checkbox lets you select whether to exclude fetching devices without MAC address and without hostname.
- If enabled, all connections for this adapter will only fetch devices having MAC address or hostname.
- If disabled, all connections for this adapter will fetch devices even if those do not have MAC address and no hostname.
- This new checkbox is required.
- The default value for this checkbox is False.
- Added a new Tag key whitelist field under the Tenable.io Configuration tab in the Advanced Settings for this adapter.
- Tenable.sc (Advanced Settings) - Multiple enhancements:
- Added a new Fetch SCAP scans checkbox under the Tenable.sc Configuration tab in the Advanced Settings for this adapter.
- This new checkbox lets you select whether to fetch data from SCAP scans.
- If enabled, all connections for this adapter will fetch data from SCAP scans.
- If disabled, all connections for this adapter will not fetch data from SCAP scans.
- This new checkbox is required.
- The default value for this checkbox is False.
- Added a new Repository name exclude list field under the Tenable.sc Configuration tab in the Advanced Settings for this adapter.
- This new field lets you specify a comma-separated list of Tenable.sc repositories. Repositories are databases within Tenable.sc that contain vulnerability data. For more details, see Tenable.sc - Repositories.
- If supplied, all connections for this adapter will not fetch vulnerabilities from repositories which are any of the comma-separated list of Tenable.sc repositories that have been defined in this field.
- If not supplied, all connections for this adapter will fetch any vulnerability regardless of their Tenable.sc repository.
- This new field is optional.
- The default value for this field is empty.
- Added a new Fetch asset groups checkbox under the Tenable.sc Configuration tab in the Advanced Settings for this adapter.
- This new checkbox lets you select whether to fetch information about asset groups.
- If enabled, all connections for this adapter will enrich devices information with data about asset groups.
- If disabled, all connections for this adapter will not enrich devices information with data about asset groups.
- This new checkbox is required.
- The default value for this checkbox is False.
- Added a new Fetch SCAP scans checkbox under the Tenable.sc Configuration tab in the Advanced Settings for this adapter.
Reports Updates
The following updates have been made to the Axonius reports:
- Reports - Multiple enhancements:
- Added a new Private report checkbox to the Report configuration page.
- This new checkbox lets you configure a private report that includes:
- My Dashboard space charts.
- Private saved queries.
- Configuring a private report requires a the Use private reports permission under the Reports category.
- If enabled, the report will be private and can only be viewed, edited or delete by the user that created and owns that report.
- If disabled, the report will be a public report. Any user with the right report permissions can view, edit or delete that report.
- This checkbox is required.
- The default value for this checkbox is False.
- This new checkbox lets you configure a private report that includes:
- Added a new Access column to the Reports table.
- This new column lets you view the report access: Public or Private.
- Added a new Private report checkbox to the Report configuration page.
Enforcement Center Updates
The following updates have been made to the Axonius Security Policy Enforcement Center:
New Actions
The following Actions have been added:
- Send to Google BigQuery Table - Added a new enforcement action called Send to Google BigQuery Table under the Notify category.
- This new action takes the entities found in the saved query supplied as a trigger (or entities that have been selected in the asset table) and inserts those entities to the supplied Google BigQuery table. When used with a saved query as a trigger, only the fields configured in the saved query are inserted into the supplied table.
- This new action takes the entities found in the saved query supplied as a trigger (or entities that have been selected in the asset table) and inserts those entities to the supplied Google BigQuery table. When used with a saved query as a trigger, only the fields configured in the saved query are inserted into the supplied table.
- Tag Tenable.io Assets - Added a new enforcement action called Tag Tenable.io Assets under the Update VA Coverage category.
- This new action takes the saved query supplied as a trigger (or devices that have been selected in the asset table), and adds specified tags to Tenable.io assets or removes specified tags from Tenable.io assets.
- This new action takes the saved query supplied as a trigger (or devices that have been selected in the asset table), and adds specified tags to Tenable.io assets or removes specified tags from Tenable.io assets.
- Isolate in LimaCharlie - Added a new enforcement action called Isolate in LimaCharlie under the Execute Endpoint Security Agent Action category.
- This new action takes the saved query supplied as a trigger (or devices that have been selected in the asset table) and quarantines each of the query results entities (endpoints) from the network.
- This new action takes the saved query supplied as a trigger (or devices that have been selected in the asset table) and quarantines each of the query results entities (endpoints) from the network.
- Unisolate in LimaCharlie - Added a new enforcement action called Unisolate in LimaCharlie under the Execute Endpoint Security Agent Action category.
- This new action takes the saved query supplied as a trigger (or devices that have been selected in the asset table) and restores full network connectivity to each of the query results entities (endpoints).
- This new action takes the saved query supplied as a trigger (or devices that have been selected in the asset table) and restores full network connectivity to each of the query results entities (endpoints).
- Tag in McAfee ePolicy Orchestrator (ePO) - Added a new enforcement action called Tag in McAfee ePolicy Orchestrator (ePO) under the Execute Endpoint Security Agent Action category.
- This new action takes the saved query supplied as a trigger (or devices that have been selected in the asset table) and adds or removes a specified tag to each device entity in McAfee ePO.
- This new action takes the saved query supplied as a trigger (or devices that have been selected in the asset table) and adds or removes a specified tag to each device entity in McAfee ePO.
- Manage DNS Services - Added a new category to the Enforcement Center action library called Manage DNS Services.
- Remove Subdomain from DNS Made Easy - Added a new enforcement action called Remove Subdomain from DNS Made Easy under the Manage DNS Services category.
- This new action takes the saved query supplied as a trigger (or devices that have been selected in the asset table) and removes subdomain entry from DNS Made Easy for each of the query result entities.
- This new action takes the saved query supplied as a trigger (or devices that have been selected in the asset table) and removes subdomain entry from DNS Made Easy for each of the query result entities.
Updated Actions
The following Actions have been enhanced:
- Create ServiceNow Computer and Update ServiceNow Computer - Multiple enhancements:
- Added a new Use first IP address only checkbox to the Add Action dialog for this action.
- This new checkbox lets you select whether the first IP address will be added to the ServiceNow computer.
- If enabled, only the device's first IP address will be added to the ServiceNow computer.
- If disabled, all the device's IP addresses will be added to the ServiceNow computer.
- This new checkbox is required.
- The default value for this checkbox is False.
- Added a new IP addresses delimiter delimiter to the Add Action dialog for this action.
- This new field lets you specify the delimiter to separate between multiple IP addresses added to the ServiceNow computer.
- If supplied, the specified delimiter will be used to separate between multiple IP addresses added to the ServiceNow computer.
- If not supplied, the default delimiter will be used to separate between multiple IP addresses added to the ServiceNow computer.
- This new field is optional.
- The default value for this field is /.
- Added a new Use first MAC address only checkbox to the Add Action dialog for this action.
- This new checkbox lets you select whether the first MAC address will be added to the ServiceNow computer.
- If enabled, only the device's first MAC address will be added to the ServiceNow computer.
- If disabled, all the device's MAC addresses will be added to the ServiceNow computer.
- This new checkbox is required.
- The default value for this checkbox is True.
- Added a new MAC addresses delimiter delimiter to the Add Action dialog for this action.
- This new field lets you specify the delimiter to separate between multiple MAC addresses added to the ServiceNow computer.
- If supplied, the specified delimiter will be used to separate between multiple MAC addresses added to the ServiceNow computer.
- If not supplied, the default delimiter will be used to separate between multiple MAC addresses added to the ServiceNow computer.
- This new field is optional.
- The default value for this field is /.
- Added a new Use first IP address only checkbox to the Add Action dialog for this action.
- Create Cherwell Computer and Update Cherwell Computer - Multiple enhancements:
- Added a new Use first IP address only checkbox to the Add Action dialog for this action.
- This new checkbox lets you select whether the first IP address to be added to the Cherwell computer.
- If enabled, only the device's first IP address will be added to the Cherwell computer.
- If disabled, all the device's IP addresses will be added to the Cherwell computer.
- This new checkbox is required.
- The default value for this checkbox is False.
- Added a new IP addresses delimiter delimiter to the Add Action dialog for this action.
- This new field lets you specify the delimiter to separate between multiple IP addresses added to the Cherwell computer.
- If supplied, the specified delimiter will be used to separate between multiple IP addresses added to the Cherwell computer.
- If not supplied, the default delimiter will be used to separate between multiple IP addresses added to the Cherwell computer.
- This new field is optional.
- The default value for this field is /.
- Added a new Use first MAC address only checkbox to the Add Action dialog for this action.
- This new checkbox lets you select whether the first MAC address to be added to the Cherwell computer.
- If enabled, only the device's first MAC address will be added to the Cherwell computer.
- If disabled, all the device's MAC addresses will be added to the Cherwell computer.
- This new checkbox is required.
- The default value for this checkbox is True.
- Added a new MAC addresses delimiter delimiter to the Add Action dialog for this action.
- This new field lets you specify the delimiter to separate between multiple MAC addresses added to the Cherwell computer.
- If supplied, the specified delimiter will be used to separate between multiple MAC addresses added to the Cherwell computer.
- If not supplied, the default delimiter will be used to separate between multiple MAC addresses added to the Cherwell computer.
- This new field is optional.
- The default value for this field is /.
- Added a new Use first IP address only checkbox to the Add Action dialog for this action.
- Create Ivanti Service Manager Computer and Update Ivanti Service Manager Computer - Multiple enhancements:
- Added a new Use first IP address only checkbox to the Add Action dialog for this action.
- This new checkbox lets you select whether the first IP address to be added to the Ivanti Service Manager computer.
- If enabled, only the device's first IP address will be added to the Ivanti Service Manager computer.
- If disabled, all the device's IP addresses will be added to the Ivanti Service Manager computer.
- This new checkbox is required.
- The default value for this checkbox is False.
- Added a new IP addresses delimiter delimiter to the Add Action dialog for this action.
- This new field lets you specify the delimiter to separate between multiple IP addresses added to the Ivanti Service Manager computer.
- If supplied, the specified delimiter will be used to separate between multiple IP addresses added to the Ivanti Service Manager computer.
- If not supplied, the default delimiter will be used to separate between multiple IP addresses added to the Ivanti Service Manager computer.
- This new field is optional.
- The default value for this field is /.
- Added a new Use first MAC address only checkbox to the Add Action dialog for this action.
- This new checkbox lets you select whether the first MAC address to be added to the Ivanti Service Manager computer.
- If enabled, only the device's first MAC address will be added to the Ivanti Service Manager computer.
- If disabled, all the device's MAC addresses will be added to the Ivanti Service Manager computer.
- This new checkbox is required.
- The default value for this checkbox is True.
- Added a new MAC addresses delimiter delimiter to the Add Action dialog for this action.
- This new field lets you specify the delimiter to separate between multiple MAC addresses added to the Ivanti Service Manager computer.
- If supplied, the specified delimiter will be used to separate between multiple MAC addresses added to the Ivanti Service Manager computer.
- If not supplied, the default delimiter will be used to separate between multiple MAC addresses added to the Ivanti Service Manager computer.
- This new field is optional.
- The default value for this field is /.
- Added a new Use first IP address only checkbox to the Add Action dialog for this action.
Device and User Tables Interface Updates
The following updates have been made to the device and user tables related capabilities in Axonius:
Saved Query References - Modified the way saved queries reference other saved queries when selected from the Query Wizard (via the Saved Query field).
- The reference is now a direct reference, meaning any change in the referenced saved query will automatically be propagated.
- The reference is now a direct reference, meaning any change in the referenced saved query will automatically be propagated.
Query Wizard - Multiple enhancements:
Add/Remove Field to Column - Added a new Add Field to Column / Remove Field from Column button to each expression in the Query Wizard.
- This new button lets you easily add or remove fields as columns in the Devices/Users table directly from the Query Wizard.
- A column will be always added as the second column in the table.
- This button is enabled once a field is selected for the expression.
- This button state (Add or Remove) is determined by whether the field already exists as a column in the table.
Duplicate Row - Added a new Duplicate Row button to each expression in the Query Wizard.
- This new button lets you duplicate rows in the Query Wizard.
- The Duplicate Row button on the first row duplicates the entire block and on inner rows it duplicates only the selected row.
Source Drop Down - Complex Field (displayed as OBJ)
- Added AND/OR and Parentheses buttons to Complex Fields expressions.
- These new buttons lets you query on assets with a specific complex field that meet complex criteria involving 'AND' and 'OR' conditions.
- Added NOT button to Complex Fields expressions.
- These new button lets you query on assets with a specific complex field that does not meet some of the specified criteria.
- These new button lets you query on assets with a specific complex field that does not meet some of the specified criteria.
- Added AND/OR and Parentheses buttons to Complex Fields expressions.
Source Drop Down - Asset Entity (displayed as ENT)
- Added AND/OR and Parentheses buttons to Asset Entity expressions.
- These new buttons lets you query a specific asset entity (a device or a user entity fetched from a specific adapter connection) that meets complex criteria involving 'AND' and 'OR' conditions.
- Added NOT button to Asset Entity expressions.
- These new button lets you query a specific asset entity (a device or a user entity fetched from a specific adapter connection) that does not meet some of the specified criteria.
- These new button lets you query a specific asset entity (a device or a user entity fetched from a specific adapter connection) that does not meet some of the specified criteria.
- Added AND/OR and Parentheses buttons to Asset Entity expressions.
Added the 'preferred' fields to the Aggregated Data selected in the Adapter drop-down.
- These new fields lets you query for devices based on any preferred field.
- These new fields lets you query for devices based on any preferred field.
Added a new Adapter Connection Label field to each adapter selected in the Adapter drop-down.
- This new field lets you query for devices or users with specific adapters data based on the Adapter Connection Label.
- This new field lets you query for devices or users with specific adapters data based on the Adapter Connection Label.
Added a new Adapter Connection Label field to each adapter selected if Asset Entity (displayed as ENT) source option is selected.
- This new field lets you query devices or users with specific asset entity data based on the Adapter Connection Label.
- This new field lets you query devices or users with specific asset entity data based on the Adapter Connection Label.
Added two new operators for the OS: Distribution field: < and >.
- These two new operators lets you query for devices with Windows versions less or higher than the compared version.
- These two new operators lets you query for devices with Windows versions less or higher than the compared version.
- Caching Queries - If the new query caching setting is enabled, and a query results are retrieved from cache:
- Added a new Last updated indication for queries.
- This new indication specifies the last time the query was executed and from when the displayed query results are updated.
- Added a new Refresh Query button.
- This new button lets you re-execute the query to recalculate the query results.
- This new button lets you re-execute the query to recalculate the query results.
- Added a new Last updated indication for queries.
Cloud Asset Compliance Updates
The following updates have been made to Cloud Asset Compliance:
- CIS Oracle Cloud Infrastructure Foundations Benchmark v1.0 - Added support for the CIS Oracle Cloud Infrastructure Foundations Benchmark v1.0.
- The new supported benchmark helps compare your Oracle Cloud Infrastructure configuration against the CIS Oracle Cloud Infrastructure Foundations Benchmark v1.0 and report on any identified gaps.
- This benchmark contains consensus best practices that can help safeguard systems against today’s evolving cyber threats and are important for evaluating your organization’s cloud security posture.
- The benchmark consists of 7 recommendations rules in 3 distinct categories.
- Added support for Affected Asseted for relevant rules in the Identity and Access Management and Networking Categories
Administrator Settings Interface Updates
The following updates have been made to administrator settings in Axonius:
- Lifecycle Settings - Added a new Scheduled historical snapshot time field to the Every x days and to the Days of week scheduling options under the Historical Snapshot Scheduling Settings section.
- Every x days - When this option is selected:
- Historical snapshot data will be saved at the time specified in Scheduled historical snapshot time field every number days defined in the Repeat scheduled historical snapshot every (days) field.
- Historical snapshot data will not be saved as part of any discovery cycle.
- Days of week - When this option is selected:
- Historical snapshot data will be saved at the time specified in Scheduled historical snapshot time field in the selected days of week as specified in the Repeat scheduled historical snapshot on field.
- Historical snapshot data will not be saved as part of any discovery cycle.
- Every x days - When this option is selected:
- Global Settings - Added a new Calculate preferred fields every X hours field under the Aggregation Settings section.
- This new field lets you specify the number of hours between each recalculation of preferred fields values.
- The preferred field displays the most authoritative value for a specific piece of information when there are multiple values for a given asset. For example, the Preferred Host Name field will have the most common host name value out of all the Host Name field values for any given device.
- The preferred fields values are calculated as part of each global discovery cycle and also every number of hours as specified.
- This new field is required.
- The default value for this field is 6.
- GUI Settings - Multiple enhancements:
Added a new Cache Settings section with a Enable caching on recently used queries toggle switch under the GUI Settings tab.
- This new section lets you cache recently used queries.
- If switched on, each executed query will be cached for the time specified in the Cache Time-to-Live (TTL) in minutes field. This means that a query that was recently executed will not be executed again. The results for that query will be loaded from the previous query execution.
- If switched off, besides the last executed query, queries will not be cached and the query results will not be retrieved from cache.
- Added a new Cache Time-to-Live (TTL) in minutes field.
- This new field lets you specify the time for which the cache of each query will be kept. Once this time has passed, the query will be executed again and will not load previous results.
- This new field is required.
- The default value for this field is 60 minutes.
- If Enable caching on recently used queries is enabled, the Perform a query every keypress settings checkbox will be disabled.
Added a new Custom logo for reports file upload control under the System Settings section.
- This new setting lets you define a custom logo to be used in the reports PDF files.
- If a logo is uploaded, the created report file will include that logo in the header and footer of every page of the report.
- If a logo is not uploaded, the created report file will include the Axonius logo.
- This file upload control is optional.
- The default value for this file upload control is empty.
- Identity Providers Settings - Added a new Automatically redirect all logins to the identity provider checkbox under the SAML-Based Login Settings section.
- This new checkbox lets you select whether to automatically redirect all users to the configured SAML identify provider.
- If enabled, any user that will try logging into Axonius will be automatically redirected to the configured SAML identify provider.
- To access the Axonius login page without being redirected, use the following URL: https://[Axonius host name / IP address]/?redirect=false
- If disabled, any user that will try logging into Axonius will need to manually click the 'Login with SAML' option to login with configured SAML identify provider.
- This new checkbox is required.
- The default value for this checkbox is False.
- System Settings Toggle Switches - Replaced all section enabler checkboxes to toggle switches.