Change Log - AlienVault USM v4.3.2 only --------------------------------------------------------------------------
- Fixed: Wrong log directory permissions on machines migrated from v3 to v4 - Fixed: Logger doesn't compress the raw logs - Fixed: Cannot display raw logs - error in the month field ("u" not allowed) - Removed deprecated contact support form - Fixed: Agent's dictionary files do not shrink when assets are removed from the DB - Security: Fixed possible xss in logger query parameter - Improved product registration error messages
- Fixed: OpenVAS scanner stops running in 1% - Adding more than 1 ntp server should not be allowed from UI - Fixed: Unable to forward using VPN - Fixed: Alienvault Rserver sync does not work over VPN - Fixed: Web displays an error in HIDS view when no sensor is inserted - Fixed: PRADS plugin does not parse timestamp, causes errors in Agent - Fixed: fprobe doesn't send to the right host/port - Agent error: Unable to read plugin configuration (malwaredomainlist-monitor) - Default networks should not be automatically inserted after updating a platform without networks configured - Vulnerabilities count mismatches between vuln section and asset details - Fixed memory leak on ossim-server when managing unknown plugin_sid's - Fixed memory leak on correlation backlog expiration - Fixed: ossim-server does not forward events to more than one USM - Fixed: OSSEC package missing dependency configuration in Sensor profile - Fixed: OSSEC Events show 0.0.0.0 IP values - Fixed: OSSEC single line generic rule doesn't use destination field - Fixed: [OSSEC] DST_IP is not captured for "Excessive number of events" log entry - Fixed: [OSSEC] DST_IP is not captured for "Windows Logon Success" log entry - Fixed: [OSSEC] Tomcat dst_ip is not captured - Fixed: OSSEC plugin does not parse all messages. - Fixed: ossec-single-line plugin doesn't catch hostnames with '-' character properly - Fixed: ossec-single-line plugin does not parse auth logs correctly - OSSEC Integrity checksum issue - Limit of ossec agents increased - Fixed: No pagination in OSSEC for agentless page - Fixed: Ossec Server IP is configured wrongly when VPN is enabled - Fixed: User without manager privileges can't see the dashboards - Fixed: Netflows graphs display "any protocol" information only - Fixed: PRADS plugin falsely creates new assets - Fixed: Error when editing "Manage event references" - Fixed:Problem when configuring local sensor to report using its VPN address in AllinOne profiles - Fixed: Updating the Sensor VPN IP also modifies the priority value - Fixed: Web doesn't check smb credentials when the password contains special characters - Fixed issue with the nagios remote viewer - Fixed: Blank page in UI after changing the ntop interface - Fixed: Desktop notifications don't work for new alarms - Fixed: No data found in assets inventory tree - "Priority Threshold" configuration issue - Fixed: Password is spelt wrong in Ldap configuration - Fixed: From/to host matching in correlation ignores hosts - Fixed: From/to negated host matching in correlation doesn't work - Fixed: Scheduled reports do not attach the report - Fixed: Keywords not populating in email message when creating an action - Fixed: 'New Ticket" (Action) problems under Alarms -> View Grouped panel - Fixed: Wrong syntax check error (invalid character) in 'Asset Search' - Fixed: Assets tree shows weird network association - Taxonomy info issue when cloning a Directive - Fixed: ParserLog (ossim-agent) can catch only a part of the lines (without \n) - Apache errors found related to "timeline analysis on Siem console" - Fixed: Firefox (v22) ask to remember your password when using the Search option - Fixed: Firefox (v22) doesn't reload the web after creating a new directive - Fixed: Firefox (v22) not show the back button on sensor details - Fixed: Problem importing network csv file - Fixed: The Remote Interfaces web form is too large - Fixed: Apache error 500 in "Sensor status" section - Fixed of several typos in the Web User Interface - Security fix: Improved validation in several forms to provide consistent processing of user submitted data"'
This discussion has been closed.
From the Blog
Kate Brew Oct 5, 2015
Log All The Things, but don’t Alert Unless it’s Actionable Read More >