Timeline
-
Timeline API. The choice of a data source for your projects became much more flexible. It is no longer mandatory to have a specialized connector for uploads from a certain 3rd-party system. Timeline API is the new supported data source offering numerous possibilities for direct data upload from applications or systems of your choice by establishing a direct connection on the API level. It allows you to: ·
- Upload data through the interaction with Timeline API endpoints.
- Establish a connection between your system and Timeline for receiving data processed by Timeline back into your system.
- Integrate Timeline with a 3rd-party application or system to make use of only the required Timeline features within your infrastructure, without the need to interact with the whole program. For example, automatize the upload-related tasks within your system, acting as the data source, or embed a calculated metrics display within your application's interface.
Get familiar with available resources, their endpoints, required parameters, and basic request and response examples in the illustrative form visualized by Swagger UI - API reference.
- New Dashboards. Dashboard now has a significantly improved user interface and enhanced functionality. Dashboard has undergone visible changes: its display acquired significant flexibility, its use became much more intuitive, and its possibilities are now linked to a larger number of Timeline analysis modules. Dashboard now looks and acts nearly similar to the operational board embedded in the Process view module, but keeps its great value as a separate feature, useful when it comes to assessing the results of performed analysis outside Timeline, or for continuous monitoring of process statuses.
Among the updates:
-
- New layout and tools to adjust it. Now you can tailor the dashboard's display to your needs. It is possible not only to move tiles and change their sizes separately, but zoom in and out all added tiles at once. The detached auto-layout button provides a mode that assists you in tile alignment.
-
Diagrams are introduced. These visualization elements allow showing illustrative representations of different Timeline modules on a dashboard, alongside metrics and charts. The following analysis modules are currently supported for dashboard display:
- Side-by-side comparison. Allows displaying a pre-configured comparison table as a tile.
- Path preview. Allows displaying a preview of paths in the project as a tile.
- Now it is possible to add Static content tiles with fully custom textual content. Add important notes directly to your dashboard.
- The number of tile types available by default is increased. You can now add easy-toconfigure histograms representing a large number of metrics supported by Timeline, without manually creating charts based on them.
- You can now clone an existing dashboard. You no longer need to create every dashboard configuration from scratch, if you need several common elements in more than one dashboard. Take an already existing one as a template, copy it, and then apply the required changes.
- Format improvements for Number charts. New formatting options are available for the chart configuration window as separate dialogs, offering detailed font and number format customization. Now you can add some branding to your charts.
- Attribute duration metric. A new metric type that allows measuring time gaps between attributes of an event. Now it is possible to calculate time spent on smaller and more detailed parts of a process, like when some actual working activity started, how long it continued, and when it stopped within a certain event. When Event duration (former Time interval measurement) metric calculates the time between two different events, Attribute duration gives a much deeper insight into the stages the event itself goes through before it is changed by a succeeding one. Attribute durations also help to define performance issues and their causes hidden inside events. For example, if the wait time for the actual work to start after the event occurrence is unexpectedly long, or if some event attributes are looped and do not allow the process to continue. These measurements can be visualized by a chart, so the conclusions made on these metric assessments are easy to illustrate and share.
- OpenID Connect authentication. Timeline 6.1 introduces the support of OpenID Connect, a protocol that extends the OAuth 2.0 capabilities with an option to collect some profile data of a user. You can use this technology to implement Single Sign-On in your infrastructure where the Identity Provider is Timeline itself.
- Email as multi-factor authentication method. Email is added as an alternative channel for multi-factor authentication. The Timeline authentication mechanism becomes more flexible and responsive to the needs of its users. Now SMS is not the only option to prove the user to be logged into an account, you can proceed with the confirmation using emails. It allows you to enclose the whole authentication process within your corporate structure and avoid possible complications related to mobile numbers.
- Silent installation on Linux. The Linux installer received an unattended mode. Now you can perform a silent installation on Linux by handing a configuration file to the installer script. The configuration file should contain the information that a user is required to provide during a common installation. This allows accelerating installations and updates if multiple target machines are involved and also provides room for automation of the installation process.
Task Mining
- New Definition editor. Task and Form editors are now combined in the same window - Definition editor. The common workspace makes it easier to switch between form and task editors and allows checking forms and defining tasks simultaneously. As these actions are closely related, joined editors streamline the whole workflow: make all the required changes on different levels and apply them at once to proceed with the analysis.
- Form-based timelines. It became possible to select which entities should represent timelines in a Task Mining project: forms or controls. This choice allows a higher abstraction level and a much more flexible approach to timeline-building activities. Now you can establish a scale of detailing in your project and look at the analyzed process from a different angle.
Recording Service
-
Recording Service scalability. Log processing is optimized to accelerate screenshot handling and improve the distribution of the available resources. Now you can install separate entities called Agents on additional machines to extend the resources of your main server, where Recording Service is hosted. The processing will be distributed between the main server and these auxiliary agents, which leads to the new benefits:
- Screenshot-related processing can be accelerated by redistributing queues between agents.
- The number of standalone recorders handled simultaneously can be increased without losing performance.
- When the edge of available performance is reached, it is possible to redirect some of the required processing to additional servers, instead of upgrading the main one, which in some cases is more cost-effective.
Timeline
- Changed analysis modules order. The analysis modules in the drop-down list are now sorted alphabetically to ensure a more intuitive navigation.
- Operational board enhancements. The operational board in the Process view analysis module received the same enhancements as the Dashboard feature. It is now possible to add new types of tiles like representations of separate analysis modules or static text notes. At the same time, it retained its compactness and strong binding to the adjacent schema - the data on tiles is responsive to the Primary path view configuration.
-
Simulation analysis module updates. Simulation functionality is extended, and its internal mechanisms are improved. Among the changes:
- New timelines can be now saved in the project after running the simulation. You can add the timelines created after the changes you made in a simulation configuration to your project. As a result, you will get a new process image to analyze, which can be helpful for testing purposes, optimization decisions, or the metrics behavior in the updated process.
- Simulation schema validation is improved. Now the added milestone schema is subjected to additional checks. That helps to start the simulation only after making sure the schema is configured properly. For example, there are no nodes without transitions, etc.
- Simulation results display became more user-friendly. The headers of the results table no longer disappear when scrolling, which makes it easier to review the table values.
- RegEx support in manifest file for SFTP upload. Regular expressions support allows providing a naming convention for multiple files to process and load them at one time. Hardcoding a file name in a manifest is no longer the only option for SFTP upload. This also makes adding more new files to upload easier.
- Automatic set recalculations. Sets data update is now initiated automatically after a new data upload. You no longer need to start the calculation manually. The recalculated values are visible in the Sets window right after uploading data.
- Table update time in Repository. A timestamp of the latest upload is now shown on a repository table. It is always visible when a table was updated the last time.
- Metric multiplication by a constant number. It is now possible to provide a number instead of a metric name in the Derived metric editor. In this case, the action defined by the selected operand is applied to the metric and a provided constant number as if it were another metric. This allows multiplying metric values and visualizing some scaling expectations.
Task Mining
-
Form and Task editor improvements
- Search in Definition editor. You can now perform a search in Task and Form editors to find the exact forms, controls, or applications. The task definition becomes easier due to the ability to find the needed entity from a long list by its name.
- Frequency-based sorting for forms. Form editor now allows switching between alphabetical and Sort by frequency form orders. Sometimes the Timeline mechanism splits one actual form into several ones due to significant changes such as a scroll or a large drop-down list. To help you keep track of such cases, a new sorting method is now available to you. Its purpose is to show forms that often appear next to each other in a list adjacently.
- Highlights on screenshots. The area related to a user action is now marked on the corresponding screenshot of a form in the properties pane.
- Zebra striping for controls in Task editor. When you switch to the control-based log display, controls related to one and the same form now appear grouped and zebra-highlighted.
- Application collapsing in Form editor. You can now use the arrow near a Form header to expand or collapse forms within presented applications.
- Form selection in Task and Form editors. When you select a certain form in one of the editor tabs, the same form is automatically selected in the other one. With this change, you can easily find the form you want to change or include in tasks.
- Log selection in Definition editor. Timeline allows switching between logs and selecting a specific one in Definition editor. You can click the button next to the log ID to select a log from the list of uploaded logs or use arrows to switch between logs.
- Enhanced ignore mechanisms. If all controls within one form are ignored, the whole form will be marked as ignored. The same rule is applied when you ignore all forms in the application - the application becomes ignored too.
- All logs option in Form editor. In Form editor, you can select All logs to see the whole list of applications and forms across all uploaded logs. This option is not active in Task editor.
-
Other improvements
- Discover task mechanism improvements. The approach of the task suggestion feature is changed. The program analyzes the forms you selected, defines start and end ones, and considers the rest as Added. These forms are considered by the mechanism when defining tasks, but they are no longer required. As a result, Discover task creates all possible task instances using the list of the forms you defined skipping those that are not present in the involved log.
- Control level entities in ignored items list. The Ignored items list now can display more detailed event types, including control level options. All ignorable entities are now gathered in one place.
- Form unification. All manual changes in the logs in a project now apply to all new logs after their upload. For example, renamed applications or forms will appear with the updated names in new logs, if there are matching ones.
- Navigation between form instances and controls. Internal navigation between form instances and controls in the Task editor tab of the Definition editor is much easier now. You can navigate from a form to its previous or next instance in the log using the respective options of the context menu, opened by a right-click on a form. Navigation between controls is implemented in the same way.
- Form browsing position reflected in Task editor. If you navigate to a form different from the one you opened initially in the Form control level window, the form selection in the Task editor will be changed accordingly and moved to the correct event. This way you no longer need additional actions to select the form that draws your attention after a closer look, your viewing position will be reflected in the Task editor.
- Hotkeys for switching Forms and Controls. If you often need to switch between Form and Control log representations in Definition editor, you can now do it faster and easier. The levels became responsive to hotkeys in the Task editor tab: "F" - for form level, "C" - for control level.
Recording Service
-
Internal mechanism updates. Recording Service features are constantly optimized and improved. In Timeline 6.1, the following changes are introduced:
- The timing of screenshot captures is improved to make them more illustrative and informative in a context, for example, screenshots for combo boxes. Also, the methods of screenshot capturing are optimized to exert less load on the CPU when processing large amounts of data.
- Form instance-defining mechanisms are improved to handle periodically occurring and complex content forms better. As a result, form instances definition became smarter and more precise.
- SSL connection to a remote database. Recording Service now supports SSL connection to remote databases to ensure easy and flexible access options, responsive to your infrastructure. This also means support for corporate solutions, for example, EnterpriseDB.
Timeline
- The updated order of events is not considered when building queries.
- Only the current URL of the customer's portal is now visible when embedding Timeline into iframe.
- Standard deviation value is now clearly visible in the Time range analysis module when hovering the mouse over a certain time range.
- Attribute names are no longer fully capitalized after being uploaded to a project. Now they are displayed exactly as they are in the source data.
- Values in columns with the data type "Number" are now sorted correctly in the Breakdown analysis module.
- The Customize button in Chart editor becomes available immediately after a chart preview appears and remains active all the time.
- Favorite dashboards are now sorted alphabetically by default.
- ETL Table Spreadsheet export no longer overflows the memory.
- The name of the sender is now shown along with the email address in the account invitation letters if First name and Last name are provided in the account details.
- Special characters are now supported in email addresses for registration.
- Logo images are now uploading correctly during the registration of a new OAuth client.
Angular vulnerability. A known vulnerability of AngularJS later than 1.7.0 is present in Timeline, which uses AngularJS 1.8.2. The vulnerability exposes Timeline to regular expression denial of service attacks by providing a custom locale that makes it possible to assign a very long string to a certain locale parameter, which in turn blocks the browser. More about the vulnerability here: https://github.com/advisories/GHSA-m2h2-264f-f486
Timeline itself does not make use of the vulnerable custom locale, never configures the vulnerable parameter in any locales with any value, and certainly not with a user-provided string. It is still possible for the user to set this parameter, but not via Timeline, only via the developer console of the browser. Even if that happens, the effect is visible only in the user's browser and only in the actual session. It does not have any effect on any other user, or even the user's own browser after refreshing the page. Since the impact of this vulnerability is negligible, we decided not to fix it, considering our ongoing work of phasing out AngularJS from Timeline altogether.
d3-color vulnerability. A known vulnerability of the d3-color module version 2.0.0 is present in Timeline. The vulnerability may expose the program to regular expression denial of service attacks by providing an option to manually define colors. More about the vulnerability here: https://github.com/advisories/GHSA36jr-mh4h-2g58 Timeline uses the d3-color module within the Nivo library. To exploit the vulnerability, the user should have the ability to define colors on charts rendered by Nivo. Timeline users cannot set colors for entities that use the d3-color module in Nivo charts. This way, Timeline itself eliminates the risk of configuring vulnerable parameters in charts.
ansi-regex vulnerability. A known vulnerability of ansi-regex, which is exposed to Inefficient Regular Expression Complexity, appears with the globally installed ansi-regex package in the AWS lambda base image. More about the vulnerability here: https://github.com/advisories/GHSA-93q8-gq69-wqmw Timeline does not use the package provided in the image.
axios vulnerability. Axios is a promise-based HTTP client for the browser and Node.js, it is used by several Timeline features. Axios is vulnerable to Cross-Site Request Forgery (CSRF) due to inserting the X-XSRFTOKEN header using the secret XSRF-TOKEN cookie value in all requests to any server when the XSRF-TOKEN cookie is available, and the withCredentials setting is turned on. If a malicious user manages to obtain this value, it can potentially lead to the XSRF defense mechanism bypass. Timeline itself is not affected by the issue, as withCredentials axios config values are always false by default. Some requests are initiated with credentials included, but Timeline uses the XMLHttpRequest framework for those and not axios. The vulnerability is reported in several GitHub issues, you can refer to the first of them for details: https://github.com/axios/axios/issues/6006
Comments
0 comments
Please sign in to leave a comment.