Skip to content

29/10/2018

This release provides new investigation features for SIC operators to optimize their workload while improving the quality of their analysis.

SIC Application

New page to display either sources or targets implied in alerts

In order to qualify alerts, SIC operators need to have more information about nodes involved in an alert. The new “source/target” page allows one to gain insights on a node. In addition to statistics such as the number of alerts raised by that node or the number of referenced incidents, It also provides the list of the most meaningful alerts and incidents that leads to that node.

Bulk actions on alerts

SIC operators often apply the same treatment to multiple alerts, for example to change their statuses. To enhance user experience, the ability to perform bulk actions on alerts. This features speeds up the work of SIC operators by avoiding the repetition of the same operation several times. It allows operators to focus more deeply on alerts.

SEKOIA.IO

Enhanced datastore performances and resiliency for Docker Swarm servers

All our virtual machines, which includes servers that are taking part of the Docker Swarm cluster, stores their data on “datastores”. In order to improve resiliency and performance from an I/O perspective, we have added new datastores. This means that if one of the datastore is overloaded, this won’t have a negative impact on the whole platform.

If you have any concerns, feel free to contact us at support@sekoia.io.