Reduced the CSV lookup generation to 24 hours with a 7-day lookback since ComputerName is now included in the FLTR data stream.

Changed inputs to use wildcard() as needed. Input something like *HTTP* to find http, HTTPS, HttPs, etc.

Minimum LogScale version increased to 1.103.0 to include filter alerts.

Made updates to data formatting in the queries.

Optimized dashboard queries related to detections.

Added the missing recon_apps.csv file and associated references.

Changed the MITRE content to weigh the values around severity instead of just count.

Added "Search - Acquire Host Details" to the dashboards and interactions.

Added "Audit - Falcon UI Audit Logs" to monitor your Falcon audit logs from FLTR.

Fixed a typo in the Linux health dashboard.

Bumped the minimum LogScale version to 1.96.0 to match released features.

Added several example alerts.

Enabled "Require user input before searching" for most of the dashboards. You can use * as an input if needed.

Enabled interactions for all dashboards where applicable. Clickable widgets!

Renamed titles with "AID" to "AgentId" for consistency.

Renamed "Inventory" and "File Vantage" dashboards for consistency.

Renamed the "Windows" dashboards to put them under the "OS" category.

Renamed a large number of saved queries to make the description more accurate.

Added a zUsbNormalize() user function to normalize USB events to human-readable names.

Added new queries from other internal packages.

Bumps minimum required version of LogScale to 1.85.

Added the query name as a comment at the beginning of each query.

Dashboard fixes where groupBy value links were incorrect due to field renaming.

Interactions for file hashes.

Query optimizations in a few places where the default() function is used.

Added additional optimizations to zCommunityId, which now includes detection events.

Added a zCommunityId user function to calculate the Community Id.

Added Event Interactions for ContextProcessId and TargetProcessId.

Added a Processes - Outbound Connections From a Process Name query that is based on CVE-2023-23397.

Dashboard updates for a future release of the FLTR parser.

Minor dashboard fix where the legend was missing.

Initial public release.