• Support
  • Forums
  • Blogs
A New Community Experience is Coming! For more information, please see our announcement.

Plugins Feed Update - September 18, 2018

AVPluginsAVPlugins

AlienVault Employee
+5
Plugins Feed Update - 2018-09-18
2018-09-18

USM Appliance Plugins Feed Release Notes

New plugins available
  • Added new plugin for Preempt Security Behavioral Firewall (preempt-fw).
  • Added new plugin for Power Admin File Sight (pa-filesight).

HIDS rules and decoder
How to enable new HIDS rules
  • Updated logon-logoff rules to differentiate an event between User and Computer.

Issues fixed
  • Updated ESET (eset) plugin to add new rules to parse events correctly.
  • Updated Microsoft Sysmon (sysmon-nxlog) plugin to parse new logs.
  • Updated Fortinet FortiGate (fortigate) plugin to parse new format events and "devid" field in some rules and add one more plugin sid and change device field in a rule.
  • Updated Duo Two-Factor Authentication (duo-2fa) plugin to parse new log samples.
  • Updated Digital Defense Incorporated Frontline Vulnerability Manager (ddi-frontline) plugin to solve whitespace issue.
  • Updated AlienVault-HIDS (ossec-single-line) plugin to add new rule for AVAPI login and differentiate an event between User and Computer.
  • Updated FireEye MPS (fireeye) plugin to parse new events.
  • Updated Check Point Media Encryption and Port Protection (checkpoint-mepp) plugin to parse more fields.
  • Updated IBM Aix Audit (aix-audit) plugin to parse new logs.
  • Updated VMware View Administrator (vmware-view-admin) plugin vendor to be consistent with the rest of VMware plugins.
  • Updated Barracuda Next Gen Firewall (barracuda-ng) plugin to correctly parse new logs.
Tagged:

Share post:

Sign In or Register to comment.