AWS Autodiscovery Features
To opt in to our new AWS autodiscovery API, you will need to set an environment variable and configure new permissions for the Console's AWS API credentials. For more details, consult the resource discovery guide.
Automatic Archived Alert Deletion
We've introduced a feature that permanently deletes the oldest archived alerts from the Console Server database. This deletion is enabled by default to mitigate database storage issues. Customers who require their archived alerts to remain in storage should contact Capsule8 Support before upgrading to Console 4.4. This deletion will not affect alerts in third party storage (e.g. Amazon S3.)
Customers using Policy Configuration should be aware of a behavior change. Previous functionality was limited to assigning one policy to one sensor; this release introduces functionality to configure multiple sensors at once.
Previously assigned Policy Configuration on sensors that match the Assigned Resources will be replaced with defaults or a matching Policy Set. (This does not mean /etc/capsule8/capsule8-analytics.yaml file will be modified; rather, that any Policy Configurations previously assigned from the console will be replaced.)
If you want to keep a previous Policy Configuration for a sensor, you can disable policy_input for that sensor, or copy the yaml from your existing Console before upgrading and paste it into a Policy Set after upgrading.
Consult our Dynamic Policy Configuration guide for details.
RBAC and 3rd-party Authentication
A new limited-permission role called
default has been added to the Capsule8 Console. New users authenticating through 3rd-party services like Google, Okta, or LDAP will be assigned the