- 24 Mar 2022
- 12 Minutes to read
- Print
- DarkLight
- PDF
What's New in Axonius 3.8
- Updated on 24 Mar 2022
- 12 Minutes to read
- Print
- DarkLight
- PDF
Release Date: August-17-2020
Adapters
New Adapters
The following new adapters have been added in this release:
- Kolide Fleet
- Kolide Fleet is an open source osquery manager.
- This adapter fetches the following types of assets: Devices.
- openDCIM
- openDCIM is a free open-source Data Center Infrastructure Management solution.
- This adapter fetches the following types of assets: Devices, Users.
- Symantec Data Center Security (DCS) Server Advanced
- Symantec Data Center Security Server Advanced delivers security detection, monitoring, and prevention capabilities for both physical and virtual server infrastructures.
- This adapter fetches the following types of assets: Devices.
For more details, explore the entire list of supported and integrated adapters.
Updated Adapters
The following adapters have been enhanced:
- All Adapter Connections - Discovery Configuration Tab - Multiple enhancements:
- Added a new Every x hours option to Repeat scheduled discovery to the adapter custom discovery configuration.
- If selected, the adapter custom discovery will run every number of hours defined in the in the Repeat scheduled discovery every (hours) field.
- Renamed the Enable custom discovery schedule to Enable custom scheduling of discovery for this adapter and moved under the Adapter Custom Scheduling section to clarify that this scheduling is on the adapter level and will apply to all connections that don't have a custom connection scheduling.
- Added a Connection Custom Scheduling section with a Enable custom scheduling of discovery per adapter connection checkbox.
- If enabled, the Scheduling Configuration tab will be visible in all connections for the adapter.
- This tab lets you configure a separate custom scheduling for each adapter connection.
- If disabled, the Scheduling Configuration tab in each adapter connection will not be visible.
- This field is required.
- The default value for this field is False.
- If enabled, the Scheduling Configuration tab will be visible in all connections for the adapter.
- Added a new Every x hours option to Repeat scheduled discovery to the adapter custom discovery configuration.
All Adapter Connections - Adapter Connection Custom Scheduling - Added a new Scheduling Configuration tab for each adapter connection.
- This new tab lets you configure a separate custom scheduling for each adapter connection.
- This new tab will be visible only if the Enable custom scheduling of discovery per adapter connection checkbox ,under the Discovery Configuration tab in the Advanced Settings for the adapter, is enabled.
- Added a new Enable custom scheduling checkbox under this tab.
- If enabled, Axonius will fetch data from this adapter connection only as part of the connection custom schedule.
- Axonius will not fetch data from this adapter connection as part of the adapter custom schedule (if exists) and not as part of the global discovery cycle.
- If disabled, Axonius will fetch data from this adapter connection from the adapter custom schedule, if exists. Otherwise, the data will be fetched as part of the global discovery cycle.
- This new checkbox is required.
- The default value for this checkbox is False.
- If enabled, Axonius will fetch data from this adapter connection only as part of the connection custom schedule.
- If the Enable custom scheduling checkbox is enabled, the Repeat scheduled discovery field lets you select the repeat option for the scheduled discovery:
- Every x hours - The connection custom discovery will run every number of hours defined in the in the Repeat scheduled discovery every (hours) field.
- Every x days - The connection custom discovery will run at the time specified in Scheduled discovery time field every number days defined in the Repeat scheduled discovery every (days) field.
- Days of week - The connection custom discovery will run at the time specified in Scheduled discovery time field in the selected days of week.
- This field is required.
- The default value for this field is:
- The configured custom scheduling in the adapter level, if enabled.
- Every x days - if the custom scheduling at the adapter level is disabled.
- Amazon Web Services (AWS) (Connection Configuration) - Added a new Advanced Configuration File field to the Add Connection dialog for this adapter.
- This new field lets you upload an advanced configuration file of key/value pairs in a JSON format.
- If supplied, when connecting to the source, Axonius will also consider the configuration in the uploaded file in addition to the values specified in the various fields of the connection for this adapter.
- If not supplied, when connecting to the source, Axonius will only consider the values specified in the various fields of the connection for this adapter.
- This new field is optional.
- The default value for this field is empty.
- Google Cloud Platform (GCP) (Advanced Settings) - Added a new Security Command Center organizations field to the Google Cloud Platform Configuration tab in the Advanced Settings for this adapter.
- This new field lets you specify a comma-separated list of organization names.
- If supplied, all connections for this adapter will fetch Security Command Center device assets and their associated vulnerabilities from the specified list of organizations.
- If not supplied, all connections for this adapter will not fetch any Security Command Center device assets.
- This new field is optional.
- The default value for this field is empty.
NOTEFetch Security Command Center device assets and their associated vulnerabilities requires the following organization-level roles to each of the specified organizations:
1. Security Center Findings Viewer role.
2. Security Center Assets Viewer role.
Or Alternatively, Security Center Admin.
- Microsoft Azure AD (Advanced Settings) - Added a new Do not fail if Intune token has expired checkbox to the Azure AD Configuration tab in the Advanced Settings for this adapter.
- This new checkbox lets you select whether to fail all the connections for this adapter if the Intune token expires.
- If enabled, all connections for this adapter will not fail if the Intune token expires. Instead, the connection will work in a "regular" mode (non-Intune).
- If disabled, all connections for this adapter will fail if the Intune token expires.
- This checkbox is required.
- The default value for this checkbox is False.
NOTEAxonius will create a daily system notification, starting 14 days before the intune token is about to expire.
- Qualys Cloud Platform (Connection Configuration) - Moved the Qualys Tags Whitelist field under the Qualys Configuration tab in the Advanced Settings for this adapter to the Add Connection dialog for this adapter.
- VMWare Workspace ONE (AirWatch) (Advanced Settings) - Multiple enhancements:
- Added a new Fetch devices not enrolled checkbox to the AirWatch Configuration tab in the Advanced Settings for this adapter.
- This new checkbox lets you select whether to fetch devices that are not enrolled from VMWare Workspace ONE server.
- If enabled, all connections for this adapter will also fetch devices that are not enrolled.
- If disabled, all connections for this adapter will not fetch devices that are not enrolled.
- This checkbox is required.
- The default value for this checkbox is True.
- Added a new Fetch device apps checkbox to the AirWatch Configuration tab in the Advanced Settings for this adapter.
- This new checkbox lets you select whether to fetch device applications from VMWare Workspace ONE server.
- If enabled, all connections for this adapter will also fetch applications associated with the fetched devices.
- If disabled, all connections for this adapter will not fetch application data.
- This checkbox is required.
- The default value for this checkbox is True.
- Added a new Fetch device networks checkbox to the AirWatch Configuration tab in the Advanced Settings for this adapter.
- This new checkbox lets you select whether to fetch device networks from VMWare Workspace ONE server.
- If enabled, all connections for this adapter will also fetch networks data associated with the fetched devices.
- If disabled, all connections for this adapter will not fetch networks data.
- This checkbox is required.
- The default value for this checkbox is True.
- Added a new Fetch device notes checkbox to the AirWatch Configuration tab in the Advanced Settings for this adapter.
- This new checkbox lets you select whether to fetch device notes from VMWare Workspace ONE server.
- If enabled, all connections for this adapter will also fetch notes associated with the fetched devices.
- If disabled, all connections for this adapter will not fetch notes.
- This checkbox is required.
- The default value for this checkbox is True.
- Added a new Fetch device tags checkbox to the AirWatch Configuration tab in the Advanced Settings for this adapter.
- This new checkbox lets you select whether to fetch device tags from VMWare Workspace ONE server.
- If enabled, all connections for this adapter will also fetch tags associated with the fetched devices.
- If disabled, all connections for this adapter will not fetch tags.
- This checkbox is required.
- The default value for this checkbox is True.
- Added a new Fetch device profiles checkbox to the AirWatch Configuration tab in the Advanced Settings for this adapter.
- This new checkbox lets you select whether to fetch device profiles from VMWare Workspace ONE server.
- If enabled, all connections for this adapter will also fetch profiles associated with the fetched devices.
- If disabled, all connections for this adapter will not fetch profiles.
- This checkbox is required.
- The default value for this checkbox is True.
- Added a new Fetch devices not enrolled checkbox to the AirWatch Configuration tab in the Advanced Settings for this adapter.
Enforcement Center Updates
The following updates have been made to the Axonius Security Policy Enforcement Center:
New Actions
The following Actions have been added:
- Send JSON to Amazon S3 - Added a new enforcement action called Send JSON to Amazon S3 under the Notify category.
- This action takes the saved query supplied as a trigger (or entities that have been selected in the asset table), creates a JSON file, and sends it to a specific Amazon Simple Storage Service (Amazon S3) bucket.
- This action takes the saved query supplied as a trigger (or entities that have been selected in the asset table), creates a JSON file, and sends it to a specific Amazon Simple Storage Service (Amazon S3) bucket.
Updated Actions
The following Actions have been enhanced:
Send Slack Message - Added a new Results display format field to the Add Action dialog for this action.
- This new field lets you select the display format of the results in the Slack message: JSON or table.
- JSON format includes the details of the top 5 assets.
- Table format includes the details of the top 20 assets.
- This new field is required.
- The default value for this field is JSON.
- This new field lets you select the display format of the results in the Slack message: JSON or table.
Add Custom Data - Added a new Field type field to the Add Action dialog for this action.
- This new field lets you select the custom field type: String or Boolean.
- If String is supplied, the Field value field lets you specify a free-text value for the custom field.
- If Boolean is supplied, the Field value field lets you select the custom field value: Yes or No.
- This field is required.
- The default value for this field is String.
Enrich User Data with Have I Been Pwned - Added a new Domain whitelist field to the Add Action dialog for this action.
- This new field lets you specify a comma-separated list of email domains.
- If supplied, Axonius will request Have I Been Pwned to check only users from the given query whose email is in the specified list.
- If not supplied, Axonius will request Have I Been Pwned to check all users from the given query.
- This field is optional.
- The default value for this field is empty.
Create Cherwell Computer - Multiple enhancements:
- Added a new Additional fields field to the Add Action dialog for this action.
- This new field lets you specify additional fields to be added as part of the Cherwell computer as key/value pairs in a JSON format. For example: {"field1": "value1", "field2": "value2"}.
- If supplied, Axonius will add the specified fields and values to the created computer in Cherwell. If one of the specified fields is invalid, the request might fail.
- If not supplied, Axonius will not add any additional fields to the created computer in Cherwell.
- This field is optional.
- The default value for this field is empty.
- Added a new Axonius to Cherwell field mapping field to the Add Action dialog for this action.
- This new field lets you specify additional fields to be added to the Cherwell computer based on the device's Axonius fields. The input should be key/value pairs in a JSON format. For example: {"axonius_field1":"cherwell_field1", "axonius_field2":"cherwell_field2"}.
- If supplied, Axonius will add the specified fields and values to the created computer in Cherwell. If one of the specified fields is invalid, the request might fail.
- If not supplied, Axonius will not add any fields to the created computer in Cherwell, beyond the default field mapped from Axonius.
- This field is optional.
- The default value for this field is empty.
- Added a new Additional fields field to the Add Action dialog for this action.
Update Cherwell Computer - Multiple enhancements:
- Added a new Additional fields field to the Add Action dialog for this action.
- This new field lets you specify additional fields to be added as part of the Cherwell computer as key/value pairs in a JSON format. For example: {"field1": "value1", "field2": "value2"}.
- If supplied, Axonius will add the specified fields and values to the updated computer in Cherwell. If one of the specified fields is invalid, the request might fail.
- If not supplied, Axonius will not add any additional fields to the updated computer in Cherwell.
- This field is optional.
- The default value for this field is empty.
- Added a new Axonius to Cherwell field mapping field to the Add Action dialog for this action.
- This new field lets you specify additional fields to be added to the Cherwell computer based on the device's Axonius fields. The input should be key/value pairs in a JSON format. For example: {"axonius_field1":"cherwell_field1", "axonius_field2":"cherwell_field2"}.
- If supplied, Axonius will add the specified fields and values to the updated computer in Cherwell. If one of the specified fields is invalid, the request might fail.
- If not supplied, Axonius will not add any fields to the updated computer in Cherwell, beyond the default field mapped from Axonius.
- This field is optional.
- The default value for this field is empty.
- Added a new Additional fields field to the Add Action dialog for this action.
Device and User Tables Interface Updates
The following updates have been made to the device and user tables related capabilities in Axonius:
Devices and Users pages - Added a new Edit System Default option to the Edit Columns menu.
- This option enables users to control the default system view and also the user default view for new users.
- This option enables users to control the default system view and also the user default view for new users.
Query Wizard - Added a new regex function to Text, IP and Version fields.
- This new function lets you query these fields with regular expressions.
- This new function lets you query these fields with regular expressions.
Administrator Settings Interface Updates
The following updates have been made to administrator settings in Axonius:
- Lifecycle Settings - Added a new Historical Snapshot Scheduling Settings section.
- The Enable daily historical snapshot checkbox has been moved under this section.
- The Enable daily historical snapshot checkbox has been renamed to Enable scheduled historical snapshot to make it clear it lets you enable and configure the historical snapshot schedule.
- Added a new Historical snapshot schedule field.
- This new field lets you select the historical snapshot schedule option:
- Every discovery cycle - When this option is selected, historical snapshot data will be saved as part of every discovery cycle. Historical snapshot data is saved only for the first discovery cycle on each calendar day.
- Every x days - When this option is selected, historical snapshot data will be saved every number days as specified in the Repeat scheduled historical snapshot every (days) field.
- Days of week - When this option is selected, historical snapshot data will be saved in the selected days of week as specified in the Repeat scheduled historical snapshot on field.
- This new field is required.
- The default value for this field is Every discovery cycle.
- This new field lets you select the historical snapshot schedule option: