Plugins Feed Update - 2018-07-17
USM Appliance Plugins Feed Release Notes
Warning: This plugin feed release needs AlienVault 5.1 or greater.
New plugins availableHIDS rules and decoders
- Added new plugin for Arcon Arcos (arcos).
- Added new plugin for SoftEther VPN Project (softether).
How to enable new HIDS rules
- Added new rules to generate alarms for each access mask value.
- Updated windows USB rules to change wmic command.
- Updated SecureAuth (secureauth) plugin to support new log format.
- Updated HP Switch (hp-switch) plugin to parse logs that were matching with generic rule.
- Updated Cylance CylancePROTECT (cylance) plugin to handle new fields.
- Updated Cisco Router (cisco-router) plugin to parse username for SYS events.
- Updated Check Point FireWall (fw1-alt) plugin to add a missing SID and to support new logs.
- Updated Huawei IPS (huawei-ips) plugin to match new logs.
- Updated AlienVault-HIDS (ossec-single-line) plugin to support new wmic command and to parse new logs format.
- Updated zScaler Nanolog (zscaler) plugin to support new log format.
- Updated Peplink Balance Multi-WAN Router (peplink-balance) plugin to parse new log lines.