v2.30.1
What's Changed
- Add field transforms : Transforms in Zircolite are custom functions that manipulate the value of a specific field during the event flattening process. For example, you can decode base64 encoded values, extract credentials from logs etc. A quick demo is avaialable below.
- Zircolite is now up to 10% faster
- Dockerfile has been updated to automatically update rulesets
- Docs have been updated
Warning
- Event forwarding to ELK, Splunk, etc. is deprecated
- Supported Python version is now 3.10
Field transforms demo
Zircolite-field-transforms.mp4
New Contributors
Contributors
nasbench