- Alert Logic Console Release Notes
- Alert Logic console release notes
- Release date: December 11, 2019
- Release date: December 3, 2019
- Release date: November 6, 2019
- Release date: October 10, 2019
- Release date: September 24, 2019
- Release date: September 17, 2019
- Release date: September 13, 2019
- Release date: July 10, 2019
- Release date: June 12, 2019
- Release date: May 28, 2019
- Release date: April 25, 2019
- Release date: April 9, 2019
- Release date: April 5, 2019
- Release date: April 2, 2019
- Release date: March 12, 2019
- Release date: February 26, 2019
- Release date: November 28, 2018
- Release date: April 25, 2018
- Release date: April 20, 2018
- Release date: April 17, 2018
- Release date: week of April 9-13, 2018
- Release date: April 7, 2018
- Release date: May 30, 2017
- Release date
- Bug fixes
- Features
- Security
- Changes
- Notice
- Release date
- Bug fixes
- Features
- Security
- Changes
- Notice
- Release date
- Bug fixes
- Features
- Security
- Changes
- Notice
Alert Logic Console Release Notes
Alert Logic console release notes

Release date: December 11, 2019
Features
Alert Logic has released an improved version of the PCI Scan Disputes page. You can use the PCI Scan Dispute to submit disputes for vulnerabilities in non-compliant scan policies. For more information, see PCI Scan Disputes.
Release date: December 3, 2019
Features
Alert Logic now includes the option to configure webhooks, which allows Alert Logic incident notifications to be sent to any public-facing web server configured to handle HTTP callbacks. For more information, see Webhooks .
Release date: November 6, 2019
Features
Alert Logic has split multi-page reports into single-page reports to allow customers direct access to information. The reports were divided as follows:
Original Report Name | New Report Names |
---|---|
Vulnerable Host Explorer | Vulnerable Hosts Explorer |
Vulnerable Hosts Change Trends | |
Vulnerability Distribution Explorer | Vulnerability Distribution Explorer |
Vulnerability Change Trends | |
Network IDS Events Explorer | Network IDS Events Explorer |
Top Events Sources and Destinations | |
Log Collection | Log Collection |
Top 10 Log Collectors | |
IDS Traffic | IDS Traffic |
Top 10 IDS Assets | |
Customer Contacts | Escalation Contacts |
Notification Contacts | |
Incident Notification Contacts | |
Vulnerability Summary | Vulnerability Summary |
Top 10 Vulnerability Lists | |
Vulnerabilities List | |
TRI Summary | TRI Summary |
Top 10 TRI Lists |
Release date: October 10, 2019
Feature
Alert Logic updated the Saved Searches functionality to expand the options for setting notifications. Users can add one or more users from the same customer account to the list of notification recipients in the saved search panel. For more information, see Create Saved and Scheduled Log Searches.
Release date: September 24, 2019
Feature
Alert Logic released a new feature for customers with Essentials and Professional subscriptions.
The new Extended Endpoint Protection functionality from Alert Logic helps you control threats and manage incidents from employee workstations, points of sale, servers, and more. For more information, see About Alert Logic Extended Endpoint Protection and Get Started with Alert Logic Extended Endpoint Protection.
Release date: September 17, 2019
Feature
Alert Logic added a new feature to the scanning functionality, Scan Now. If you need to run a scan immediately, you can use the Scan Now feature on the Topology page. This scans the selected asset right away or as soon as possible, outside of the normal schedule. See Scan Now for more information.
Release date: September 13, 2019
Feature
- Alert Logic added five new compliance reports, located in the Compliance tab of the Reports page, that provide guidance for performing log searches to help demonstrate compliance with some 10.2 requirements of the Payment Card Industry Data Security Standard (PCI DSS):
- Alert Logic added a new report, Missing Agent Digest, to the Health report group in the Service tab of the Reports page. The Missing Agent Digest report provides insight into the daily issues related to hosts that are missing agents, including a comparison of missing agent statuses, top ten lists, and a list of hosts with missing agents. To learn more about this report, see Missing Agent Digest.
Release date: July 10, 2019
Feature
- Alert Logic has revamped the following three compliance reports, located in the Compliance tab of the Reports page, to help you demonstrate compliance with some requirements of the Payment Card Industry Data Security Standard (PCI DSS):
- The PCI Requirement 6.6 report provides web application firewall (WAF) deployments, traffic, incidents, and attacks that help demonstrate compliance with Requirement 6.6. For more information about this report, see PCI Requirement 6.6.
- The PCI Requirement 10.5.1 report provides a list of the current log management users that help you demonstrate compliance with Requirement 10.5.1. For more information about this report, see PCI Requirement 10.5.1.
- The PCI Requirement 11.4 report shows Network IDS incidents and customer escalation contacts that help you demonstrate compliance with Requirement 11.4. For more information about this report, see PCI Requirement 11.4.
- Alert Logic added four new compliance reports, located in the Compliance tab of the Reports page, that provide available documentation and compliance artifacts to help demonstrate compliance with some requirements of the PCI DSS and the Health Insurance Portability and Accountability Act (HIPAA) Security Audit, which include the following:
- The PCI Requirement 10.6.1 report provides log review incidents and log management incidents that help you demonstrate compliance with Requirement 10.6.1. For more information about this report, see PCI Requirement 10.6.1.
- The HIPAA 164.308(a)(1)(ii)(D)—Information System Activity Review report provides the log review and log management incidents that help demonstrate compliance with HIPAA 164.308(a)(1)(ii)(D). For more information about this report, see HIPAA 164.308(a)(1)(ii)(D)—Information System Activity Review.
- The HIPAA 164.308(a)(6)(ii)—Response and Reporting report provides available documentation and compliance artifacts that help you demonstrate compliance with requirements of HIPAA 164.308(a)(6)(ii). For more information about this report, see HIPAA 164.308(a)(6)(ii)—Response and Reporting.
- The HIPAA 164.308(a)(5)(ii)(C)—Login Monitoring report provides available documentation and compliance artifacts that help you demonstrate compliance with requirements of HIPAA 164.308(a)(5)(ii)(C). For more information about this report, see HIPAA 164.308(a)(5)(ii)(C)—Login Monitoring.
- Alert Logic added the Health report group, which includes two new reports, to the Service tab of the Reports page. The Health reports provide valuable summary and trending data on the health status of protected networks and assets collecting log or network data, which include the following:
- The Network Health Status Digest report provides insight into the daily issues related to protected networks in your environment, including a comparison of health statuses, top ten lists, and total number of open remediations for each network. For more information about this report, see Network Health Status Digest.
- The Collection Issues Digest report provides insight into the daily issues related to log data collection and Network IDS traffic, including a comparison of health statuses, top five lists, and a list of open remediations to fix configuration issues. For more information about this report, see Collection Issues Digest.
Release date: June 12, 2019
Feature
Alert Logic manual mode deployments now include a Cross-Network Protection option, which allows networks to connect and use resources from a network with an assigned appliance for Network IDS or scanning. This centralizes the appliances that provide protection to your account, which allows your organization to reduce infrastructure costs. For more information, see Cross-Network Protection.
Release date: May 28, 2019
Features
Alert Logic added significant updates to the Log Search functionality, including the following features:
- You can organize saved searches into groups. For more information, see Group options.
- After you move searches to trash, you can restore or permanently delete them. For more information, see Restore or permanently delete a saved search.
Release date: April 25, 2019
Feature
- Alert Logic added the Health console, which consist of pages on the summary of your environment, detailed health information of your networks, appliances, and agents with suggested configuration remediations, and the option to subscribe to health summary alerts. For more information, see Health.
- Alert Logic deployments now include a Network IDS Whitelist option that allows you to select networks for whitelisting. For customers who were previously subscribed to Alert Logic legacy products, and have upgraded to SIEMless Threat Management, your Network IDS whitelist will be migrated to the new experience.
- Alert Logic added an Expedite Scan Capability in topology which expedites scans on individual assets when your organization requires specific assets to be scanned immediately. Alert Logic moves expedited scans ahead of their schedule to the next available time. For more information about expedite scans, see Topology.
- Alert Logic added a new report, the PCI Requirement 10.6 (Incidents) report, which provides log review and log management incidents to help demonstrate compliance to Requirement 10.6 of PCI DSS. For more information about this report, see PCI Requirement 10.6 (Incidents).
- Alert Logic added a new report, the PCI Requirement 11.4 report, which provides Network IDS incidents and customer escalation contacts to help you demonstrate compliance to Requirement 11.4 of the PCI DSS. For more information about this report, see PCI Requirement 11.4.
Release date: April 9, 2019
Feature
- Alert Logic updated scan frequency and scheduling to allow you to schedule internal vulnerability scans and external vulnerability scans separately. For more information, see Manage Scans and Scan Results.
- When you add assets to a Data Center deployment, you can now inform Alert Logic that your network equipment is configured to SPAN or another port mirroring feature. If you select this option, you avoid duplicating Network IDS traffic reported to Alert Logic while allowing Alert Logic to analyze the traffic passing through the port mirroring feature. For more information about Data Center assets, see Add assets.
Release date: April 5, 2019
Feature
- Alert Logic updated the CIS AWS Foundations Benchmark report in the Alert Logic console to support Level 1 and Level 2 of the latest version (1.2.0) of the CIS AWS Foundations Benchmark. Users can now asses their AWS accounts against the latest CIS AWS Foundations Benchmark guidelines, including multi-factor authentications, AWS Config auditing, review of VPC peering network rules, review of IAM policies, access key rotation, and other improvements. For more information about the CIS AWS Foundations Benchmark report, see Reports Guide.
- Alert Logic updated the incident notes in the Incidents page to include the name of the Alert Logic analyst who provided the notes and the name of the user who has updated the incident. The notes appear in the Audit Log of the Investigation Report and Recommendation pages, and in the Evidence page. For more information about incident notes, see Investigation Report.
- Alert Logic now includes Alert Logic analyst notes in email notifications for incident escalations. This allows users to see the analyst notes provided in the Incidents page immediately without having to log into the Alert Logic console. For information about incident notifications in the Alert Logic console, see Incident notifications.
Release date: April 2, 2019
Feature
Alert Logic added notifications for incidents originating from Amazon GuardDuty findings. GuardDuty is a threat detection service that continuously monitors for malicious activity and unauthorized behavior to protect your AWS accounts and workloads. The Alert LogicAmazon GuardDuty integration lets you view GuardDuty findings in the Alert Logic console Incidents page.
The Incidents page allows you to configure notifications for incidents based on their threat levels. With the added notification support, all GuardDuty incidents are available by their threat levels. For guidance and information about GuardDuty findings severity, which corresponds to Alert Logic threat level, see Amazon documentation for GuardDuty findings and severity. For information about incident notifications in the Alert Logic console, see Incident notifications
Release date: March 12, 2019
Features
- Alert Logic updated scan scheduling to allow more control of your scan schedules. You can schedule how often and when to perform vulnerability scans and discovery scans for each of your deployments. For more information, see Manage Scans and Scan Results.
- For customers who were previously subscribed to Alert Logic legacy products, and have upgraded to SIEMless Threat Management, you can access your legacy scan results and archived reports. For more information, see Manage Scans and Scan Results.
- Alert Logic added a new report, Network IDS Traffic, which provides visibility into the Network IDS traffic volume and collections processed in your environment. For more information, see IDS Traffic.
- Alert Logic updated the IAM Role policy documents for Amazon Web Services (AWS) deployments. If your customer account provides the SIEMless Threat Management products, Alert Logic recommends you update your existing deployments to use IAM roles created with the most current policy documents. For more information, see Update your IAM roles
Release date: February 26, 2019
Features
- Alert Logic now offers Log Review service with SIEMless Threat Management. Log Review creates incidents, which appear on the Incidents page and in notification emails. Some Log Review incidents are escalated by an Alert Logic security analyst, and the rest appear as info level incidents.
- Alert Logic added a new report, Monthly Log Review, which provides a monthly summary analysis of your Log Review incidents. For more information, see Monthly Log Review Report.

Release date: November 28, 2018
Features
Alert Logic has launched an integration with the new Security Hub offering from AWS. See Integration with AWS Security Hub for more information.
Release date: April 25, 2018
Bug fixes
- This release resolves an issue with updating agent policies. The issue is resolved and users can create and update agent policies as normal.
- This release resolves an issue with events, incidents, and blocking alert rules. To access the pages, click CONFIGURATION, then click Notifications, and then select the type of alert rule you want to create.
- This release resolves cosmetic issues with page layout on several configuration screens, and the Zones and Host Groups screens.
- This release resolves an issue that redirected users when they clicked a link to an incident.
- This release resolves an issue with updating block requests in the incidents panel.
- This release updates an error message that appears when a read-only user tries to access unauthorized tools or content.
- This release resolves an issue with list filters on the sources pages. All filters appear as intended now.
- This release resolves an issue with a link in the PCI Dispute system.
Features
- This release adds a time zone selection field to the New Source menu. You must choose a time zone to create a source.
Release date: April 20, 2018
Bug fixes
- This release resolves an issue where Azure deployments did not show protected hosts associated with the deployment.
- This release resolves cosmetic issues with page sizing and scrolling.
- This release resolves an issue in the menu to add a new certificate. For some users, the menu timed out before they were done filling in all the information. This issue has been resolved.
- This release resolves an issue with the Save button on the correlation policy and flat file log sources screens for certain deployments. The Save button now displays and works as expected.
Features
- This release adds a feature that displays the full name of the account you are viewing in the Alert Logic console.
Release date: April 17, 2018
Bug fixes
- This release resolves an issue with user time zone settings.
- This release resolves an issue where the host metadata displayed the private IP as a public IP.
- This release resolves an issue with viewing log messages within cases.
- This release resolves compatibility issues with Internet Explorer version 11.
- This release resolves an issue that caused the Alert Logic console to display an error when users tried to turn a host into a protected host.
- This release resolves an issue with appliances and agents filtering on Azure deployments.
- This release resolves an issue where metadata was missing on some log sources.
- This release resolves an issue with the Save button on the correlation policy editing screen.
Features
- This release adds a feature that allows users to select the customer account they want to use in the Statistics tab of Scans.
Release date: week of April 9-13, 2018
Bug fixes
- This release resolves an issue with retrieving SSL certifications.
- This release resolves an issue with the search function.
- This release resolves a cosmetic issue with the layout of the Scans Dashboard page.
- This release resolves an issue with the reporting system in the Alert Logic console. All users can now access reports normally.
- This release resolves an issue with the forgotten password link on the login page.
- This release resolves an issue with incident and event counts on the dashboard pages. All counts are now accurate.
- This release resolves an issue with cached pages causing certain links to redirect users. The issue is resolved, and all links and navigation tools work as expected.
- This release resolves issues where the Alert Logic console did not work normally for users who accessed it from certain browsers. The issue is resolved, though if you continue to experience issues, use Google Chrome.
- This release resolves an issue where an internal Alert Logic feature appeared to customers as a dead link. The link no longer appears for non-Alert Logic users.
- This release resolves an issue where users could view data on the Scan dashboard for all accounts for which the user had access. The issue is resolved, and customers now only see data for the selected account.
Features
- This release adds multiple ID numbers to identify incidents and events.
- This release adds a feature that allows allowing users to easily share links to events.
- In the Alert Logic console, click SEARCH, and then click Events. In the list that appears, find the event you want to share, and then click the share icon (
) in the Share column. A new browser tab opens and shows event details. The URL in the new tab is a direct link to the event details page.
- You may also click an event to view the event details page. From the event details page, click the share icon (
) at the top of the page. The A new browser tab opens, and the URL in the new tab is a direct link to the event details page.
- In the Alert Logic console, click SEARCH, and then click Events. In the list that appears, find the event you want to share, and then click the share icon (
Release date: April 7, 2018
Features
Alert Logic updated the Alert Logic console to provide a single login and universal navigation for all products and subscriptions. This update allows you to easily find everything you need in one place across the entire Alert Logic portfolio. The top-level navigation is organized around functional categories (incidents, remediations, search, reports), and is subscription-aware, which means you see only the content relevant to your organization. In addition, you can access all of your Alert Logic products, across all your data-residencies, within one portal. Other features in this release include:
- The upgraded reporting console provides richer, interactive reports. The new reporting console is intuitively organized and easily searchable. Incident Analysis reports provide valuable insights and trending data for incidents created from all subscribed detection sources (Network IDS, Log Management, Web App IDS, and Amazon GuardDuty). Service Summary reports provide summary information and visibility into product configuration, product status, and security outcomes from your subscribed services.
- Enhanced portal navigation improves your ability to find everything you need across the entire Alert Logic portfolio. The top-level navigation is organized around functional categories (incidents, remediations, search, reports), and is subscription-aware, so you see only the content relevant to your organization.
- Streamlined Deployments page the Deployments page provide a single menu to create, view, and edit deployments for all Alert Logic products. In addition, for Cloud Insight Essentials customers:
- You can use CloudFormation templates to easily create the IAM roles necessary to create Cloud Insight and Cloud Insight Essentials.
- Deployment tiles clearly display the level of assessment chosen for your deployments.
- You can use the new Guided Mode to create Cloud Insight deployments for which you determine where to deploy scanning instances in your infrastructure.
- Role-based user permissions allow you to quickly and easily provision new users and modify existing permission levels using an industry standard, role-based model. This enhancement allows you to assign users to one of five of the following roles
- Administrator
- Owner
- Power User
- Support/Care
- Read-only
- Multi-factor authentication (MFA) adds a second layer of protection to your login. This opt-in feature enables you to further protect your organization from compromised credentials. MFA gives you the option to decide to enable the feature either at the account level if you wish to make MFA mandatory, or on a per individual user level. Alert Logic leverages Google Authenticator on mobile phones as the technology for the hardware-based authentication.

Release date: May 30, 2017
Bug fixes
None
Features
- Alert Logic updated the Alert Logic console for the Cloud Defender suite of products, specifically for Log Manager and Threat Manager. Access to the Classic UI and the ability to switch between the two is currently available. For more information, click Improved Experience for Cloud Defender Console | Software Updates.
Security
None
Changes
None
Notice
None
Release date
March 16, 2017
Bug fixes
- N/A
Features
The Alert Logic login page now allows you to reset your password. An update to the login page includes color scheme modifications and a highly requested feature – the ability to reset your password.
NOTE: If you lock your user interface account after multiple failed login attempts, you cannot use the password reset function to unlock your account. You must contact your service provider or the Alert Logic help desk to unlock your account.
Security
- N/A
Changes
- N/A
Notice
- N/A
Release date
February 16, 2017
Bug fixes
- N/A
Features
- This release adds a customer selector that allows you to select one customer or a parent customer and all of its child customers.
- This release decouples the page load from query execution.
Security
- N/A
Changes
- N/A
Notice
- N/A

Release date
June 6, 2016
Bug fixes
- N/A
Features
- This release provides a new web technology update and a new web CSS theme that is applied to the current web portal. This does not affect navigation, menu, or workflow, as this is only a web skin update.
- This release provides a new task and notification bar, as well as an AWS account IDs page for Threat Manager customers with agents and appliances installed within an AWS account.
Security
- N/A
Changes
- A new CSS theme applied to the current NGUI
- A new operating system (from Debian Squeeze to CentOS 6.7)
- PHP version upgraded to 5.6.20
- Support to the latest version of TLS (TLS 1.2)
Notice
- N/A