Changelog

Track every improvement we ship

v0.12.0June 2026SIEM, Service Intelligence & MCP
  • FeatureLogPulse SIEM: real-time detections, MITRE ATT&CK coverage, risk-based alerting, and a Notables triage workflow
  • FeatureThreat intelligence: IOC store, manual watchlists, Spamhaus ASN-DROP feeds, and a threat landscape with geo map and IOC enrichment of risk events
  • FeatureUEBA behavior baselines with impossible-travel, first-seen, and volume-spike detection
  • FeatureSOAR response actions gated behind propose-and-approve, so the AI proposes and a human approves before anything runs
  • FeatureSigma rule import: transpile and bulk-import SigmaHQ rules to LPQL, with ~3,000 rules bundled as managed content packs
  • FeatureService Intelligence: entity discovery, service mapping, KPIs, anomaly detection, and blast-radius analysis
  • FeatureOAuth-secured MCP server: connect Claude and other AI agents to your read tools, plus propose-and-approve write tools for detections, alerts, KPIs, and pipelines
  • FeatureCloud connectors for Entra ID, Microsoft 365, and AWS CloudTrail, with canonical cloud-audit normalization
  • FeatureAI-driven notable investigations with auto-close, re-investigate, and server-side log-pattern compression
  • FeatureFull invoicing system: VAT invoices with PDF, VIES validation, and AI credit top-ups
  • FeatureAmazon Bedrock as an AI provider for EU/GDPR (AVG) data residency
  • ImprovementConsolidated Security and Observability hubs with tabbed navigation
  • FixGeoIP enrichment now loads reliably at worker startup via the ClickHouse dictionary
v0.11.0May 2026Unified Workspace & Agent Fleet
  • FeatureUnified Workspace bringing AI investigation and LPQL search together under /workspace with split and inline canvas layouts
  • FeatureSource-and-time scope picker to target investigations across logs, dashboards, pipelines, alerts, and lookups
  • FeatureQuick Ask overlay: ask Byte from anywhere via the header button or Ctrl+I, replacing the old slide-out
  • FeatureAgent Fleet management: bulk upgrades, one-click remote actions, and Vector run-state with last-heartbeat visibility
  • FeatureManaged Proxmox VE pipeline template with a guided setup wizard
  • FeatureOnboarding tour and getting-started checklist on the home page
  • FeatureNew input types including auditd and Proxmox syslog, plus built-in parser templates on the Fleet page
  • FeatureWorkspace Activity feed merging searches and sessions, plus a Saved + Recent LPQL library
  • ImprovementReal-time toast notifications over a shared SSE stream, with reconnect that keeps investigations live across page navigation
  • ImprovementBrotli/gzip response compression and AI prompt caching for faster, cheaper queries
  • FixQueries are now killed on client disconnect, freeing ClickHouse resources mid-stream
v0.10.0April 2026AI Investigator, v2
  • FeatureByte: rebranded AI assistant (formerly Copilot) integrated in dashboard and header
  • FeatureWorkspace knowledge tools: investigator now draws on saved data models, services, and parser rules
  • FeatureProactive get_system_health_snapshot tool for single-pass health checks
  • FeatureScope checks and honest insight-mode reporting in AI investigations
  • Featureupdate_panel / remove_panel events on the investigation canvas
  • Improvementisolated-vm sandboxing for safer pipeline execution
  • ImprovementPulse animation on PulseCanvas for live log visualisation
  • ImprovementLogTable events mode with richer parsed-field and attribute rendering
  • ImprovementStats queries and visualizations overhaul for faster dashboards
  • FixIPv4-mapped IPv6 handling in BLOCKED_IP_RANGES
v0.9.0March 2026Visual Pipelines & Kubernetes
  • FeatureVisual Pipeline editor with drag-and-drop node library
  • FeatureKubernetes integration via Helm chart
  • ImprovementLPQL syntax highlighting in docs
  • FeatureVector agent support
v0.8.0February 2026
  • FeatureAI Anomaly Detection with Modified Z-Score algorithm
  • FeatureCloud integrations (Azure DevOps, GitHub Actions, Railway)
  • FeatureHTTP API with batch ingestion
  • ImprovementCustom dashboard widgets
v0.7.0January 2026
  • FeatureLPQL query language with pipe-based commands
  • ImprovementClickHouse-powered search (<200ms P95)
  • FeatureMulti-tenant architecture
  • FeatureAPI key management
v0.6.0December 2025Alpha
  • FeatureCore log ingestion pipeline
  • FeatureBasic search & filtering
  • FeatureUser authentication
  • FeatureInitial dashboard

We use cookies to analyze site traffic and improve your experience. No cookies are placed without your consent. Privacy Policy