Release Notes
You must upgrade to version 13.1 or later by April 30, 2023. After this date, earlier versions will completely lose graph functionality. |
12.1.7
Bug fixes
-
Fixed a bug in sentinl that caused the to and from fields for email actions to not save correctly.
-
Fixed a bug in sirenapi where a chart’s click handler would set the incorrect value to indicate which part of the chart was clicked.
-
Fixed a bug that caused multiple confirm messages when the user logs out.
-
Fixed a bug where scroll search was called without index parameter, which in certain situations could cause migrations to fail.
-
Fixed a bug that caused a user to see a notifier saying that the savedObject saved successfully after the user clicked 'Cancel' on the modal.
-
Fixed a bug that caused the dashboard filter counter to not update after the user selects dashboard filters.
-
Fixed an issue that caused inverse relations not to be visible on the graph browser.
-
Fixed an issue on 360 dashboards that caused filters to be excluded from count queries in certain scenarios and the incorrect count to be shown.
-
Fixed an issue that caused the input control visualization to exclude the Include hours/minutes option in created filter labels.
-
Fixed an issue that caused the graph browser to crash when selecting a node with an image if the timebar is enabled.
-
Fixed an issue about missing dependency that didn’t allow the i18n extract scripts to run successfully.
-
Fixed a regression that caused long numbers to not render properly even when the support for long numbers is enabled in Advanced Settings through the
siren:support-large-numbers
property. -
Fixed an issue that prevented the global search panel reopening after dragging and dropping a record on a dashboard.
-
Fixed an issue where a positive filter was being created when selecting the 'missing' bucket in the Tag Cloud visualization.
Security fixes
-
Fixed CVE-2022-47543. Modification of non-dataspaced objects is now restricted to admins only.
-
Fixed CVE-2022-47544. Script editing is now restricted to admins only.
Improvements
-
Added the capability to add a custom name for the aggregation layer in the enhanced coordinate map visualization.
-
Moved the dataspace ACL permissions to a separate section. This is to clarify that these permissions must be set explicitly and that setting the permission for
Any type
is not applied to a dataspace type. -
Object owner can now transfer object ownership to another user. Previously, this action was reserved for investigate admin_role.
-
Introduced a new investigate audit log entry category called security. Currently this is used to log change of ownership events.
12.1.6
Security fixes
-
The TLSv1 and TLSv1.1 protocols are no longer supported by Investigate.
-
The following weak ciphers are now blocked: TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384, TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA, TLS_RSA_WITH_AES_128_GCM_SHA256, TLS_RSA_WITH_AES_128_CBC_SHA256, TLS_RSA_WITH_AES_128_CBC_SHA, TLS_RSA_WITH_AES_256_GCM_SHA384, TLS_RSA_WITH_AES_256_CBC_SHA256, TLS_RSA_WITH_AES_256_CBC_SHA.
-
Upgraded vm2 dependency to version 3.9.11 to address CVE-2022-36067.
-
Upgraded canvg dependency to version 4.0.1.
Bug fixes
-
Fixed an issue in the Fields tab of the Datamodel page that causes a field with a configured formatter to always show as default.
-
Fixed an issue that caused sub-search filters to appear as dashboard filters in cloned dashboards with sub-searches.
-
Fixed a bug where it was possible to create a search object with
siren.parentId
with value equal to an empty string.
Improvements
-
Improved the performance of saved objects export operation when exporting objects from Management → Saved Objects → Export.
-
Added Thai language support in i18n.
-
Upgraded Node.js to version
14.21.1
. For the full list of fixes, see the 14.21.1 changelog.
12.1.5
Improvements
-
Added the investigate_access_control.session.idleLogoutTime parameter which can force a logout when the user is inactive for the configured period of time.
-
Added the ability to use the current page records to apply dashboard filters by hovering over a single record or selecting all with the header checkbox.
-
Added the systemSearch session audit entry type for all system generated search requests.
-
Improved Graph Browser logs. Document IDs added to the Graph Browser are now logged in the UI audit entries.
-
Added the ability to configure the region map to reload the layer configuration from investigate.yml at runtime.
Bug fixes
-
Fixed a regression that caused dashboards to appear out of their groups when migrating from an earlier version of Siren Investigate.
-
Fixed an issue that caused created objects to be logged as updates. Created objects, such as dashboards and visualizations, are now logged as a create in the savedObject audit.
-
Fixed an issue that caused an error when the dashboard URL, generated by a custom watcher with the alternativeTimeField, is opened.
-
Fixed a bug that prevented access to the datamodel page if a user had permissions to a child search but not its parent.
-
Fixed an issue that caused custom watchers to fail when a dashboard uses a search query.
-
Fixed a bug that prevented a user from seeing other relations in the Relational Navigator when the user does not have permission to see one of the Entity tables.
-
Fixed a bug that caused the dashboards on the sidebar to not refresh when cloning a dashboard with the clone button from the top navigation bar.
-
Fixed a bug that removed the ability to use environment variable substitution when configuring Siren Investigate settings
-
Fixed a bug that made the system unresponsive when importing an entity table if it was misconfigured by setting siren.parentId to its own id.
12.1.4
Security fixes
-
Upgraded Node.js to version
14.20.1
. For the full list of fixes, see the 14.20.1 changelog.
Improvements
-
Improved the
getFirstRawFieldValue
template method to avoid multiple requests to the backend. -
The Siren API is now allowed to access a visualization’s most recent request/response for basic visualizations like histograms and pie charts.
-
Improved the
graphBrowserVis.expandByRelation
method to handle concurrent queries to not overload the backend. -
Added a new configuration setting
ingest.job_refresh_interval
to customize the job refresh interval in the Data Import application. -
Added the
updateItemsUI
andresetItemsUI
methods to theGraphBrowserVis
class in the Siren API. -
Added an option to save the contents of a Graph Browser visualization to an A0 PNG image when map mode is not enabled.
Bug fixes
-
Fixed an issue that caused incorrect column names to be shown when a customized column was hidden.
-
When saving entity tables or searches, there are no longer inconsistencies in determining whether the time field can be selected.
-
Roles are no longer missing from audit logs upon login when Siren Investigate was configured to use OpenID Connect for authentication.
-
Fixed an issue that caused the
sessionId
property to be missing from audit logs when Siren Investigate was configured to use OpenID Connect for authentication. -
The
_id
metadata field is now included when data is exported in CSV format. -
Fixed an issue that caused an error when filtering fields in the Record View.
-
Disabled the ability to store the
x-opaque-id
header value in audit logs. -
Fixed an issue that caused overlapping values in the Input Control visualization dropdowns.
-
Fixed an issue that scrolled the complete view when scrolling a tag formatter.
-
Fixed a bug in 360 dashboards that could prevent the data model graph from being displayed.
-
Record Table visualizations on 360 dashboards are now refreshed immediately after changing the join type.
-
Fixed an issue that could prevent the global time range from being applied to visualizations attached to the main search in 360 dashboards.
-
Fixed an issue that caused an unnecessary migration on
sidebaroptions
to be requested after creating some dashboards on an empty Siren Investigate installation. -
Fixed an issue that prevented saving virtual indices on datasources of type
federate
. -
Fixed an issue that prevented persisting the "Use global time filter" data model setting in 360 dashboards.
-
Fixed an issue that caused combined groups to not be selected when selecting all the elements of a graph browser.
-
Fixed an issue that would cause the creation of multiple objects of type
sidebaroptions
when restoring a Siren Investigate dump on version 12.0.6. -
Fixed a bug in the Tag Cloud visualization that created an incorrect filter when clicking on the label configured for the "Other" bucket.
12.1.3
Improvements
-
Added Esri Vector Tile support for Enhanced Coordinate Map.
-
Added a
returnOnlyNew`
argument the thegraphBrowserVis.expandByRelation
Siren API method. If set tofalse
, the method will return all the nodes resulting from the expansion, including existing nodes. The flag istrue
by default. -
The Investigate status API will now return code 503 when there is a problem with any of the application components.
-
When creating a new Enhanced Coordinate Map visualization, the default map type is now set to Shaded Geohash Grid and the Place markers off grid option is disabled by default.
Bug fixes
-
Fixed an issue that caused the Create Entity Table button on the Data Model to be disabled for up to 30 seconds when opening Investigate for the first time.
-
Fixed an issue where the mapping from the dynamic template for
req.headers.*
sub-properties in audit index was not correctly applied. -
When duplicate centroids are detected by the Enhanced Coordinate Map visualization a warning that suggests to disable the Place markers off grid option is displayed. This issue can happen when there are geopoint fields containing an array of locations in the dataset due to the Elasticsearch issue described in elastic/elasticsearch#24694.
-
Fixed an issue that caused pinned filters to not be applied when exporting data from a Record Table visualization.
12.1.2
Security fixes
-
Updated nodejs to v14.20.0. For the full list of fixes, see the 14.20.0 changelog.
-
Upgraded the
moment
dependency to version 2.29.4 to address CVE-2022-31129. -
Upgraded the
vm2
dependency to version 3.9.10 to address CVE-2021-23449 and additional security fixes with no advisory. -
Upgraded the
jszip
dependency to version 3.10.0 to address CVE-2021-23413.
Bug fixes
Record View
-
Fixed an issue that could prevent the Record View from displaying edited records after upgrading Siren Investigate.
Data Model
-
Fixed an issue that prevented fitting the Data Model graph correctly when clicking on the button to center it.
-
Fixed an issue that caused the count in the Relations tab to be wrong in the presence of self relations.
-
Fixed an issue that caused the icon in the sidebar to be updated before saving changes to an entity table / search.
Dashboards
-
Fixed an issue that caused filters to not be applied correctly on 360 dashboards having a child entity table as the main search.
Visualizations
-
Fixed an issue that prevented the the entity table selector in the configuration panel from working when a previously used field was removed from the underlying index.
-
Fixed an issue that could cause the Timeline visualization to not display data when changing the dashboard time range.
Graph Browser
-
Addressed an issue that required to execute
bin/investigate upgrade
after creating a new Graph Browser visualization and restarting Investigate.
Improvements
Record View
-
Added the ability to open, pan and zoom images.
Graph Browser
-
Added two new Siren API methods to manipulate Graph Browser visualizations,
reCount
andentitiesWithNoCounts
. Learn more.
Visualizations
-
Added an option to incorporate geohash bucket sizes when showing a heatmap to the configuration of the Enhanced Coordinate Map visualization.
12.1.1
Bug fixes
Data Model
-
Fixed bidirectional links on data model graph showing arrows in only one direction.
-
Fixed an issue that prevented editing documents in "Use same index mode" on entity tables pointing to existing Elasticsearch indices.
-
Fixed an issue where some changes in the Data Model Options tab were not being saved.
-
Fixed unlinked nodes positioning themselves away from the others when selecting the hierarchy layout on the Data Model graph.
Graph Browser
-
Fixed an issue that prevented sorting graph nodes by count when one or more edges were part of the selection.
Record Table
-
Fixed an issue that prevented sorting data by a scripted date field.
Record View
-
Fixed an issue that prevented the deletion of a NLP annotation in the record view.
-
Fixed an issue that prevented changes to NLP annotations to be displayed before clicking on the Save button in the record view.
Dashboard
-
Fixed an issue that prevented exporting to PDF dashboards containing visualizations with characters outside of latin1 character set.
-
Fixed an issue that caused a wrong search request to be generated after creating a negated filter having multiple values by holding CTRL/CMD.
-
Fixed a bug that hid the value input box when editing a filter if the dashboard was not associated with a saved search.
-
Fixed a Dashboard 360 issue where, in certain conditions, the wrong query would be generated if there was a negative filter or a query saved with an entity table.
-
Fixed a regression in Dashboard 360 where certain disabled filters saved with a visualization were incorrectly injected into the generated queries.
Web services
-
Fixed an issue that prevented loading web service plugins built without the web services generator.
Miscellaneous
-
Fixed an optimization failure when
siren_scripting.enabled
is explicitly set to false in the configuration.
Improvements
Data Model
-
Clicking on the circular layout button now applies a circular layout rather than a concentric layout.
-
Data model tabs now indicate if there is an error without needing to change to another tab.
Graph Browser
-
Limited the number of input nodes for Common Communicators to 4 to reduce browser freezing.
Auditing
-
Now requests sent from the dev-tools panel are being logged when
siren_audit
is enabled.
Reporting
-
A more detailed error stack trace has been added when template scripts fail. Now, the line and stack trace are displayed to the user.
12.1.0
New features
Custom record views
You can now create custom views for your documents in the Overview tab of the Record View by writing template scripts. Learn more.
Reporting
Template scripts can also be used to generate reports from Elasticsearch documents in many different formats (PDF, HTML, Word and more) through integration with jsreport. Learn more.
Filter to dashboard
You now have the option to apply the filters from one dashboard to another dashboard associated to the same entity table. Learn more.
Security fixes
-
Upgraded Node.js to version
14.19.1
. For the full list of fixes, see the 14.19.1 changelog. -
Upgraded
url-parse
to version1.5.9
to address CVE-2022-0691. -
Upgraded
prismjs
to version1.27.0
to address CVE-2022-23647. -
Upgraded
moment
to version2.29.2
to address GHSA-8hfj-j24r-96c4.
Breaking Changes
Saved objects
-
The
index-pattern
saved object type has been removed; the methods that were previously exposed byIndexPattern
instances are now part of theSavedSearch
interface.
Migration to Babel 7
-
Siren Investigate is now built with Babel 7; if you made any custom plugin it is recommended to test it on a pristine Siren Investigate 12.1 instance before upgrading.
Deprecations
Discover
-
The Discover application has been deprecated and will be removed in a future release. The buttons to create and save child searches from the Discover application have been removed.
Improvements
Auditing
-
Added a configuration option that allows customization of the Elasticsearch fields to be put in data export audit log entries. Learn more.
Data model
-
Enabled granular editing of relations in the Relations tab. When saving or deleting a relation the changes will now be applied immediately.
-
Improved the performance of the relations tab with a high number of relations.
-
Added a button to aggregate multiple relations between two entities into a single link showing the number of relations. In this mode, the individual relation names are displayed in a tooltip.
-
When transforming data it is now possible to test the transformation against any of the sample source documents.
Dashboard
-
It is now possible to use a visual date/time picker when creating filters on date fields.
-
When editing a visualization on a dashboard, you can now save it and return immediately to the dashboard by clicking on a Save and return button.
-
The tooltips showing data model explanations on 360 Dashboards are now enabled by default.
-
Modified 360 Dashboards to include documents from both the target and the source entity when self relations have the same label in both directions.
-
Replaced the graph based widget to pick relations in the 360 Dashboard data model configuration with a simpler dropdown based widget.
Record Table
-
Added options to rearrange the columns of the table to the column context menu.
Record view
-
It is now possible to use a visual date/time picker when editing date fields.
-
It is now possible to add multiple values to a field when editing a document in the record view.
Graph Browser
-
Links that represent self relations on the same field are now automatically hidden when the source and the target are the same node.
-
Added explicit drag and drop handles to the lens listing.
-
Added an option to the
Node to edge by fields
lens configuration that allows you to automatically expand intermediate nodes when creating edge links.
Relational Navigator
-
Added a configuration option that allows you to group relations having the same label into a single button.
-
Modified the relation links to include documents from both the target and the source entity when self relations have the same label in both directions.
-
Removed the automatic capitalization of relation links.
Development
-
The EUI library dependency has been upgraded to version 34.6.0 .
Bug fixes
Auditing
-
Fixed an issue that caused
data
requests initiated by the Graph Browser to be classified ascount
requests. -
Fixed an issue that caused
dataExport
requests to be assigned to theHOME
dataspace instead of the current one.
Data Model
-
Fixed an issue that prevented child searches from inheriting the search query and filters from their parent.
-
Suppressed an unnecessary warning which was appearing after saving changes to a child search.
-
Fixed an issue in the data import flow that caused leading zeroes in fields to be automatically stripped.
Graph Browser
-
Fixed an issue that caused nodes created by a time/location lens to not disappear when disabling the lens.
-
You can now use custom icons in node glyphs.
-
Fixed an issue that could cause a node to edge lens to not be applied automatically when adding nodes to the graph.
-
Fixed an issue that could cause a fatal error when switching between two dashboards with a Graph Browser visualization in map mode.
-
Fixed an issue that would cause all the nodes to be expanded when no checkbox was selected in the expansion dialog.
-
Adjusted the formula to determine the size of nodes at high zoom levels to minimize overlapping.
-
Fixed an issue that prevented the deletion of edges created by
Node to edge by fields
lens instances. -
Fixed an issue that prevented opening the record view of nodes containing spaces in the
_id
field.
Enhanced Coordinate Map
-
Fixed an issue that would cause unnecessary rendering operations while changing the configuration of a visualization.
Scripting
-
Fixed an issue that could cause a fatal error when editing a script containing JSX fragments.
Record Table
-
Fixed an issue that caused a wrong search request to be generated after creating a negated filter having multiple values by holding CTRL/CMD.
Dashboard
-
Fixed an issue that caused a wrong confirmation dialog to appear after deleting a dashboard whilst in edit mode.
-
Fixed an issue that prevented nodes from being added to a Graph Browser visualization when dragging a dashboard with a modified state.
-
The explanation tooltip for visualizations in 360 Dashboards is now enabled by default following recent performance improvements.
Miscellaneous
-
Added the
investigate_core.search.max_buckets
configuration setting. This setting prevents aggregations with a large number of buckets from being processed by visualizations and freezing the browser. The default value of the setting is 1000. -
Improved the Elasticsearch periodic health check to wait for the ACL index to be ready in addition to the main Siren Investigate index.