Version 2.0 of Echo changes some fundamental ways the Stack operates to provide increased performance, efficiency and use-case support.

Fresh look & feel

We’ve made Echo even nicer and simpler to use with a fresh design of its look & feel.

Some of the main changes: - Left side navigation - Top navigation bar for dashboard groups - An updated color palette

In previous version of Echo, while freetext search was at the core, it posed several limitations on the user, namely field based search. These limitations are now removed and users can freely search on both the entire document or based on specific fields.

For example, users can now search for events relating to specific vendors deviceVendor:Micorsoft.

Forensic investigation

Forensic investigation is now easier to perform with Echo, users can now search and visualizer the entire data set of raw data.

A new application named Forensics is now available and can be accessed from the left-side menu bar.

Data retention

Echo now offers a cascading data retention scheme allowing operators to close and then delete out-dated data based on a predefined interval or by % of free disk space.

By default, Echo will close (and free-up resources) indexes older than 14 days old and purge data from disk as it reaches 90% capacity.

Automatic backup

Starting with this version, Echo added a new stack part to handle cron based tasks, first being regular backup of its metadata to allow quick recovery.

Custom visualizations

Echo’s updated framework allows faster and simpler development of custom visualizations and workflow, feel free to contact us to learn more.