Skip to content

2025

What’s new in TeskaLabs LogMan.io v25.30

Release date: 02.10.2025

TeskaLabs LogMan.io v25.30 brings a range of new features, improvements, and important changes to the platform. This release focuses on enhanced management, automation, and user experience, while introducing several breaking changes that require attention during the upgrade.

You can find the full changelog on TeskaLabs GitHub.

Parser Builder

The new Parser Builder in LogMan.io v25.30 allows users to create and manage custom parsers directly from the Web UI. Analysts can now define parsing rules and test them in real-time on mocked data. This feature streamlines the process of adapting LogMan.io to new log sources and formats.

The Parser Builder screen contains an editor with syntax highlighting, real-time validation of parsing rules similar to the commonly used IDEs, and a testing environment where users can input sample log data to see how the parser processes it. Moreover, it is possible to see the output after each parsing process step, making it easier to debug and refine parsing logic.

Parser Builder Parser Builder

Automation of Correlations, Detections and Baselines

In LogMan.io v25.30, Correlations, Detections, and Baselines can be managed through the Detections screen. This service provides a user-friendly interface for monitoring and deploying Correlations, Detections, and Baselines. Managing advanced SIEM functionality is now possible without touching a single YAML file.

Detections Management Detections Management

Event Deduplication

Thanks to the deduplication functionality in LogMan.io v25.30, we can collect the logs redundantly on multiple collectors if the log source supports it. This feature helps to improve the efficiency of security operations by eliminating duplicate logs (e.g. from Cisco ASA or Fortinet firewalls) before they are processed and stored.

API Key Management

SeaCat Auth now supports API key management, enabling users to create, revoke, and manage API keys for secure access to LogMan.io services. This enhancement improves security and facilitates integration with other systems.

API Key Management API Key Management

What’s New in TeskaLabs LogMan.io v25.28

Release date: 13.08.2025

In LogMan.io v25.28, you'll find brand new alert management and color-coded layers in the Library. We are continuously extending integration possibilities, and there's also a gift for admins: All data retention can be managed from the WebUI, either selectively through Event Lane declarations or through Profiles that manage multiple or all datasets at once.

Application logging for software developers

Application logging is your first line of defense in cybersecurity monitoring and incident response. When implemented correctly, logs become powerful allies for security teams, enabling rapid threat detection, forensic analysis, and compliance reporting. However, poorly structured logs can become noise that obscures critical security events and hampers investigation efforts.

This guide explores key principles for implementing logging that seamlessly integrates with modern log management platforms while providing maximum value for cybersecurity operations.

What’s New in TeskaLabs LogMan.io v25.15

Release date: 13.05.2025

In this release, you’ll find updates that enhance how you manage lookups, assign risk scores, and replay archived data. Here’s a quick overview of what’s new in version v25.15 and why it matters for your security operations.

Smarter Lookups with Feed Integration

Lookups just got a serious upgrade. We've introduced a completely redesigned UI and a new lmio-feeds microservice that pulls data from threat intelligence feeds and stores it in lookups.

What’s new in the Lookup UI?

  • Import and export lookup entries with ease
  • Create feeds directly from the interface
  • Sort and filter lookup items for faster access
  • Support for special characters in lookup entries

Even better, lookups now support both tenant-specific and global scopes, meaning common indicators like IPs or domains can be shared across environments. You can also assign risk scores to individual items and perform automated tests—like checking for pending Windows tasks—to enrich your threat intelligence.