Content Organized by Illuminate Version

For documentation regarding content specific to versions of Illuminate prior to 4.0, please refer to the following charts.

Version	Release Date	Content Packs Added	Graylog Version Compatibility
1.x	June 2020 - August 2021	Linux Auditbeat Microsoft Sysmon Microsoft Windows Security Microsoft O365 Okta Palo Alto 9.1x	Works for Graylog versions 3.3 through 4.1. Technology Packs (parsing pipelines) and Spotlights (dashboards, alerts, etc.) installed and managed via Content Packs system in Graylog.
2.0	October 19, 2021	Carbon Black Cisco ASA Cisco Meraki Fortinet Fortigate Microsoft Defender	Only works for Graylog versions 4.2 and above. Technology Packs now managed through Illuminate UI. Spotlights still managed via Content Packs system.
2.1	Feb 1, 2022	Symantec ProxySG
2.2	Apr 13, 2022
2.3	Jul 14, 2022	SonicWall NGFW Anomaly Detection (Core)
3.0	Oct 20, 2022	WatchGuard Firebox
3.1	May 18, 2023	Checkpoint Firewall pfSense Firewall Snort IDS	Only works for Graylog versions 5.0 and above. Technology Packs and Spotlights managed via Illuminate UI. Downloadable in-app for Graylog 5.1 and higher.
3.4	June 29, 2023	PowerShell Zeek Network Security Monitor	Only 5.0.3 and above
3.5	August 24, 2023	Juniper SRX Sophos XG Firewall/Router	Only 5.0.3 and above
4.0	TBD	Cisco Firepower NGIPS Crowdstrike Falcon EDR Microsoft Defender for Endpoint	Only 5.1.6 (TBD) and above

Illuminate Version Organized by Content

Product Name	Product Version Supported	Spotlight?	The Illuminate version when the content was added	All packs have a min. version of 5.0.3 (unless otherwise stated)
Apache	2.4	N	3.2.0	-
Bind DNS	9.18.1	N	3.2.0	-
Carbon Black Defense	(Oct 2021) (CB Defense does not have version numbers)	N	2.0.0	-
Checkpoint Firewall	R81.x.	Y	3.3.0	-
Cisco ASA	Up to 9.x	Y	2.3.0	-
Cisco Meraki	MX16.9+	Y	2.3.0	-
Defender	Current supported version supported by Microsoft		2.0.0	-
Fortigate	7.0 or later	Y	2.0.0	-
Juniper SRX	Junos OS 17.4	Y	3.5.0	-
Linux Auditbeat	7-8	Y	1.x	-
Microsoft DHCP	Windows 2016 and 2019	N	3.2.0	-
Office 365	Current version of O365 as supported by Microsoft and the Graylog Office 365 Log Events Operations Plugin	Y	1.x	-
Okta	Okta API version 2021.04.1	Y	1.x	-
Palo Alto	9.1+	Y	1.x	-
Pfsense	Sense CE edition 2.6 and OPNsense 23.1.	Y	3.3.0	-
Powershell	Windows 10, Windows 11, or Windows Server 2023 PowerShell 5.1 or 7	Y	3.4.0	-
Snort IDS	Snort 3 ONLY	Y	3.3	-
Sonicwall NGFW	6.5, 7.0+	Y	2.3.0	-
Sophos Firewall	18.x+	Y	3.5.0	-
Stormshield	2+	Y	3.1.0	-
Symantec Endpoint Protection	14.3.8268.5000	Y	3.2.0	-
Symantec ProxySG	9.x	N	2.3.0	-
Sysmon	12+	Y	1.x	-
Ubiquiti Unifi	UniFi OS 3.0+, Network 7.3+, and Protect 2.7+	N	3.2.0	-
Watchguard Firebox	12.x	Y	3.0.0	-
Windows Event Logs	Currently supported version of the Windows operating system Winlogbeat 7.x or NXLog 2.1	Y	1.x	-
Zeek	Zeek 5.0.9+ Filebeat 7.13+ (ndjson parser)	Y	3.4.0	-