Changelog

What's new in LogsDB

34 updatesSince Dec 2025RSS Feed

Filter:

Content

Windows Security Event IDs

Added comprehensive documentation for Windows Security Event IDs: 4672 (Special Privileges Assigned), 4688 (Process Creation), 4720 (User Account Created), and 4726 (User Account Deleted) with full field descriptions, SIEM configurations, Sigma rules, and detection use cases.

New Feature

Process Creation Logging (4688)

Detailed documentation for process creation events including command line logging, parent process tracking, LOLBin detection, encoded PowerShell detection, and Office macro execution monitoring.

New Feature

Account Management Events (4720/4726)

Added user account creation and deletion event documentation with backdoor account detection, off-hours monitoring, mass deletion alerts, and short-lived account tracking for forensic investigation.

Content

Palo Alto Networks Logs

Added complete documentation for Palo Alto Networks firewall logs: Traffic Log, Threat Log, URL Filtering Log, and WildFire Submission Log with full field descriptions, parsing patterns, and SIEM configurations.

New Feature

WildFire Submission Logs

Added WildFire cloud-based malware analysis logs with verdicts (malware, benign, phishing, grayware), file analysis details, SHA-256 hashes, and threat signatures.

New Feature

Palo Alto Log Samples

Added sample log files for all four Palo Alto log types with realistic security scenarios: network sessions, threat detections (CVEs, malware, C2), URL filtering events, and WildFire malware verdicts.

Improvement

New App Logo & Favicon

Updated the application logo and favicon with a new design. Added full favicon compatibility for Google, iOS (apple-touch-icon), Android, and PWA with multiple sizes (16px to 512px).

Bug Fix

Log Sample Downloads

Fixed file download API that was returning duplicate Content-Disposition headers causing browser errors.

New Feature

Security Hardening

Comprehensive security update: rate limiting (10 uploads/hour, 100 API requests/minute), anti-bot protection with challenge tokens and honeypot fields, input validation, and MIME type verification.

Improvement

Security Headers

Added Content-Security-Policy, Strict-Transport-Security (HSTS), X-Frame-Options, X-Content-Type-Options, and other security headers to protect against XSS, clickjacking, and MIME sniffing attacks.

Bug Fix

Security Vulnerabilities Fixed

Fixed ReDoS vulnerability in contribution routes, path traversal in file downloads, and unsafe JSON parsing. Updated Next.js to 14.2.35 to address multiple CVEs.

New Feature

Role-Based Access Control

Added RBAC system with user, contributor, and admin roles. Roles are configurable via environment variables.

New Feature

Log Sample Uploads

Contributors can now upload log files (.log, .txt) directly without authentication. Files are stored with metadata and publicly accessible.

New Feature

Browse Log Samples

New page to browse all uploaded log samples with filtering by technology and log type, pagination, and sorting options.

New Feature

View Samples on Log Pages

Each log type documentation page now has a 'View Samples' button linking to real-world log examples from the community.

Improvement

Sorting Options for Uploads

Sort uploaded log samples by date, file size, or name in ascending or descending order.

Improvement

SEO Optimizations

Dynamic meta titles for log sample detail pages, noindex for filtered pages to avoid thin content issues.

Stay Updated

Get notified when we add new log formats, tools, and features.

Watch on GitHub RSS Feed