• Support
  • Forums
  • Blogs

Update!

AlienVault v5.0.2 Hotfix is now available for OSSIM and USM Learn more

New Release!

AlienVault v5.0.1 is now available for OSSIM and USM Learn more

Patch release 4.3.1

Change Log - AlienVault USM v4.3.1 only
--------------------------------------------------------------------------

- Check network connection and version before license activation
- Improved error handling on alienvault-center
- Improved license webservices messages
- Fix: Table host_net_reference is not properly filled out after a new installation
- Logger console src/dst address bold font issues
- Javascript error in "Schedule Now" button
- Fixed an issue in the USM Reports: Asset SIEM events count and unique events mismatches
- Taxonomy Search in Logger doesn't work properly
- Logger console right overflow with the new design
- USM Report and Siem console IDM issues
- USM Report: Top n src/dst events PDF flags issue
- Minor bugs in USM Reports Scheduler
- Deleted a duplicate ossim-sem entry in /etc/cron.hourly/
- Fixed disk space management issue when the cached events are sent and deleted from the sqlite file

Change Log - AlienVault OSSIM v4.3.1 and AlienVault USM v4.3.1
--------------------------------------------------------------------------

- Removed unused editxml.php script from /directives
- Fixed a visualization issue with the alarm panel verlay
- Fixed: When a page is not found, Apache doesn't redirect to page 404.php
- Fixed Monit configuration:  server.log file wrong path 
- Curl packages updated (security)
- Fixed: Update Notice text is not correctly displayed
- Fixed: Asset Details issue in network with non-admin user
- Fixed: Schedule jobs reports produced doesn't have charts
- Fixed: Export a SIEM viewer to PDF doesn't show the graph
- Fixed: "Host properties" tab scroll in alarm detail has disappeared
- Fixed: Changing administration interface (parameter interface=) doesn't reconfigure interfaces
- Fixed: Different events from different hosts in different context are being mixed into same directive
- Fixed: Segmentation fault while deleting a remote server before removing it from the hierarchy
- Fixed: Ossim server Error message on creating user specific configuration
- Open firewall port for nfsen automatically
- Fixed: OCS windows agent doesn't have the correct ip address
- Fixed: ossec_av_format still exist for pre-4.2 customers
- Fixed: Not able to modify default policy in HA
- Improvements in the method to detect conflicting policy rules in the UI
- Multiple fixes in the OSSEC plugin
- Fixed: When we have a background task deleting events, the button "Clear SIEM Database" doesn't remove this task.
- Fixed: Email on ticket change not working
- Fixed: Framework SSL keys trimmed on alienvault-update
- Fixed: Alienvault forward doesn't refresh configuration properly
- Engine option is available in servers without engine.
- Alarms: Search and Filter minor fix
- Fixed: Wrong color in datatables header.
- Improved php login function
- Possible to scheduler nmap scan for a net that doesn't exist for the used sensor.
- Fixed: Back button doesnt work fine in Sensor status
- Fixed: Sensor status section doesn't work properly
- Reports: Geographic report module is showing a broken image
- Report: Asset siem port clouds 'not found' missing
- Fixed Grammar mistakes on "new sensor" texts
- Fixed: Some options shouldn't appear when importing host from a Nmap scan
- Fixed: Siem console error in src/dst floating info div
- Fixed: Vulnerabilities view-> Click on the hosts doesn't open the report
- Fixed: Reconfig messages dissapear earlier than expected (Alienvault Center)
- Review and unify mail methods
- The little map isn't displayed in the first login form
- Fixed: Minor bug in tree (Alienvault Center)
- Fixed: Ossec agent last used ip is not well parsed.
- Nfsen doesn't load secondary menu from right click mouse context menu
- Fixed: Issue when configuring gmail as relay
- Fixed: AlienVault Center redirects outputs to /dev/NULL
- Nfsen: Fixed Issues when parsing some variables
- Fixed: Adding a new sensor through web doesn't create new machine in center directly
- Fixed: Impossible to close grouped alarms
- Fix: It is possible to use the same ethernet address on different IP's in the same context
- Fixed an error when trying to discard a new sensor
- Alienvault center crash when upload the sql file
- Fixed a SQL syntax error during delete (backup process) 
- Prads updated to 0.3.2rc3
- Fix: In assets auto-discovery, the device type "general purpose" is not inserted in the database.
- Fix: Special characters are not allowed in directives using web editor
- Fix: Save comma separated multiple DNS ips in avcenter database
- Fixed a usability issue in the reports scheduler module
- Fixed: When you change any in Settings->My profile the web shows the list of users
- Fixed: In new template form, if you click on save button a few the system create some templates with the same name
- Fixed an error in trees of dashboard wizard.
- Fixed: Error in smtp relay password validation for alienvault-setup
- Fixed: Alarm list does not redirect to login screen when the session is expired
- Fixed PaloAlto plugin, URL rule. Sometimes the url isn't grabbed properly
- Fixed a Missing Link to OTX in Alarm Tooltip
- Fixed: Alarm date does not match in alarm list and alarm tooltip
- Display operating system in the Asset Details
- Fixed: "Stats" field of Alarm table doesn't update properly
- Fixed a Javascript error trying to clone tab
- Fixed an issue that created duplicated asset entries 
- HIDS UI improvement: Check availability of OSSEC agents before displaying them
- Asset Details: Removed description from Notes
- Fixed: Asset Details should appear when navigating from the tree structure 
- Fixed several XSS security fixes
- Fixed: User interface URLs parameters validation issue
- Impossible to write directive name if we have an error
- Improve the process of deleting hosts and networks 
- Fixed: Some JS errors are displayed when editing Locations
- Fixed: User creation form shows duplicated sensors
- Fixed: Duplicate unique src and dest ip's
- Alienvault Center log information about Server and IDM
- Fixed minor bugs in Wireless Section
- Vulnerabilities Dashboard Tab shows wrong submenus
- Fixed a small issue when removing a sensor
- Fix: Cancel button in Entity form doesn´t redirect properly
- Fix: MAC addresses were not been displayed on Asset Properties
- Fix: Alienvault Center not using VP ip (OSSEC deployment)
- Fixed an issue with Nagios events not displaying SRC and DST addresses.
- Fix: Wrong layout in Import Hosts and Imports Nets
- More verbosity in the remote server connection
- Fix: Auto-generated Tickets priority does not coincide with vulnerability severity
- Fixed an issue when deleting a vuln scan job
- Fixed: Primary & Secondary menus disappear when knowledge DB field is modified
- Fixed an issue when deleting events grouped by unique IP addresses 
- Fixed icon to delete hosts in the UI
- Fixed an issue when large Host Databases not exporting to CSV
- Fixed an issue with Logrotate not rotating  some server logs.

Comments

  • I'm on 4.3.3.1  ossec-single-line sid 18154 ("ossec: Mulitple Windows error events) displays source address as 0.0.0.0 instead of actual in event.
Sign In or Register to comment.