• Support
  • Forums
  • Blogs

What We're Working On - USM Appliance


AlienVault Employee
Updated Date: March 7, 2018

Product teams should be like restaurants with open kitchens. Rather than bring your next meal or software update from behind a mysterious curtain, we’d like to give you a sneak peek into what we’re up. So here are a few things you can expect in upcoming releases.

In late July, we'll be releasing Version 5.6. This release will contain a completely rewritten SIEM view that should both improve query performance and resolve numerous defects. In addition, we'll be rolling in some additional upgrades aimed at improving NIDS functionality. 

Moving into the rest of 2018, here are some other exciting things that we'll be rolling out for the Appliance platform:

    • A configuration option to stream logs from the USM Appliance Logger to an ELK stack
    • An OS Upgrade
    • Efforts to fix defects and add new features to Reporting
    • Synchronization of Alarm Status and Label changes with USM Central
    • Support for JSON plugins
    • Support for asset identification in DHCP environments
    • Continued investment in test automation to improve product and upgrade stability
    • Numerous other defect fixes and more!


    AlienVault considers various features and functionality prior to any final generally available release. As such, comments given in this forum are not (nor should they be interpreted to be) a commitment from AlienVault that it will deliver any specific feature or, if it delivers such feature, any time frame when that feature will be delivered. AlienVault is always trying to improve and enhance its products. All discussions herein are based upon AlienVault’s current interests, and product team plans and priorities can change at any time.

    Share post:


      • A configuration option to stream logs from the USM Appliance Logger to an ELK stack
      ^ This will be nice.  We are currently doing this on our USM box, but it would be nice for this to be a supported feature (likely more efficient too)
    • hi avuseraccount, how are doing that? 
      we are searching for the same function.


    • I am interested in this as well @avuseraccount
    • Hi , is  there any update coming for Dashboard ? currently we are using Dashboard with Reports 2*2on Multi monitor of 50' Display 

      2*2 each Report contains  Reports such as AV Malware Details /Firewall Malware / Action Taken /AD Login Failures etc but 

      Font Size is too small to see, 
      Default Report Font is not good for huge Display, especially for Dashboard on large Display 
      Ability to remove Area such as "Date Range /Asset selected" which got appended or Dashbaord Report 

      • Support for asset identification in DHCP environments
      Wow, finally. Looking forward to see it. Does OSSIM also be updated with those features?
    • hi guys, any news when you will be release the 5.6 version?
    • BBBanks - we are planning for release of 5.6 before the end of May, we`ll update is this changes! 

    • hi fergal...time is running :) .... its end of March..... have you got a release note what are you plan to integrate in 5.6?  
    • Hi All!

        Any word on the 5.6 update?  Last day of May and still chugging along on 5.5.1.
    • No one received an update from fcollins?
    • I don't mind all this postponing (i do a little), even though it was originally scheduled for end Q1, maybe even earlier. What troubles me most is the lack of communication. 

      - Is this related to the End-of-Sale notice? 
      - Does the USM appliance get less attention now that new customers aren't able to purchase USM?

      Not meeting a loosely given deadline isn't that bad. Leaving us in the dark, however, is.

      Could we please get an update on the matter?

      Kind regards,


    • I second Mark's thoughts here. We have serious discussions with our auditor, as a central part of the security infrastructure was not updated for over 6 months, no release date is available and the vulnerability scanner is full of alerts on the AlienVault appliance.

      This situation is very difficult to explain to our customers.

      Please provide an update on this!


    • Hi,

      Same there, some auditors of my clients advice to change the Alienvault USM or OSSIM for another product with a clear release line and maintenance.
    • Wouldn't let be paste link. 

      AT&T is acquiring AlienVault.
    • i am not sure if it s a good option or not.
      the current delay with the release planning and we have still the feeling that almost all resources are going just in the cloud product.

      is at&t also forcing cloud products? 
    • Not sure if you all received this. but i got this mail 2 days ago. 


      pleased to inform you that we’re close to releasing v5.6 of AlienVault USM
      Appliance. We're looking forward to providing better query performance within
      the SIEM view in addition to numerous defect fixes and vulnerability patches as
      part of this release.

      advance of the release, the USM Appliance Product Team wanted to notify you of
      some pre-checks that will be performed before the update process proceeds. We
      implemented these checks to ensure that the appliance is in a healthy state and
      that the update to v5.6 will progress smoothly. If any of these checks
      "fail", the update process will not start and you will be presented
      with an error message.

      avoid any delay in applying your update, review the list of of pre-checks below
      to troubleshoot on your own or contact AlienVault Support for assistance. Our
      team of technical support engineers would be happy to check your system to
      uncover any issues.

      • Free space check
        - The Appliance must have at
        5 GB of free disk space available. In addition, this
        check accounts for whatever additional disk space is required to perform
        the migration of the alienvault.extra_data table. 

      • Appliance is on v5.2 or higher

      • Verify MySQL is in good state and critical errors do
        not exist

      expecting the release to be fully tested and generally available within two
      weeks. Please contact us at [email protected] with any
      questions or concerns and stay tuned for more features and improvements for the
      Appliance platform throughout 2018 and beyond!

      The AlienVault Product Team"
    • Sure hope this update mitigates all the findings found from doing a VA scan. Currently sitting at 20+ vulnerabilities. 
    Sign In or Register to comment.