• Production: Precinct-master-270

Build published to WitFoo Library due for automatic installation at 3/14/2019 1600 (CST)

Video Overview


  • Cloud assisted cluster configuration
  • Proxy support across all integrations
  • Data restriction on data roles enforced by user configured SQL criteria
  • User defined data roles
  • Cisco Umbrella Retrospective analysis (using other artifact sources)
  • Custom login security banner/disclaimer (Feature request:
  • Searchable Annotations (Feature request:


  • Cisco OpenDNS Umbrella (API) (see:
  • Fortigate (syslog)
  • Vectra Cognito (syslog)
  • Elastic Filebeats (agent)
  • OSSEC (syslog)
  • Malwarebytes Anti-malware


  • Superintendent Orchestration service replaces start scripts
  • Database optimizations for search speed
  • Disk I/O optimizations
  • Username extraction from Winlogbeats
  • Reduced CPU requirements for data evolution
  • Kafka optimizations
  • Support for knowledge worker based licensing
  • Support of up to 64TB storage on All-in-One
  • Vertical Scale optimizations
  • Restrict WitFoo Readiness Score to < 2.0 when CSC compliance is not yet at 100%
  • Detailed health metrics and notifications


  • Disk cleanup not always handling correctly
  • Data evolution can fail in certain deployment configurations
  • WitFoo Readiness Score can calculate incorrectly

RSS Feed for release notes is:

Email notifications for WitFoo Release Notes can be subscribed to here: