• Support
  • Forums
  • Blogs

Update!

AlienVault v5.0.2 Hotfix is now available for OSSIM and USM Learn more

New Release!

AlienVault v5.0.1 is now available for OSSIM and USM Learn more

Patch Release v4.3.3

Change Log - AlienVault USM v4.3.3 only
--------------------------------------------------------------------------

- Improve mongodb periodic host snapshot performance
- Fixed: problem when adding entities for an user
- Fixed: HA replication can't make mysql backup (space problem)
- Fixed: When a logger in HA change is not possible to see the remote logger from the SIEM
- Fixed:HA replication deletes rsa keys from both servers
- Fixed: Mysql replication is broken by ossim-reconfig because the ip allowed for the user replication is changed
- Fixed: Execution of the HA ssh-copy-id script is forbidden by lshell (illegal command inside)
- Fixed: Ossim-reconfig --mysql_replication doesn't stop Cron process
- Fixed: The support script doesn't capture the server log
- Fixed: Sensor fails to send events to the lower priority server when the higher one fails
- Fixed: Trying to activate a trial using an expired email doesn't show any error
- Fixed error when checking from web UI internet connection through proxy
- Fixed error when getting license through proxy
- Fixed: Proxy configuration files are not written in alienvault-reconfig
- Fixed: Invalid 'Success' message when activating license through a proxy
- Fixed a problem when creating custom filter into raw logs
- Fixed: The resend alarms from custom directives doesn't inherit the alarm taxonomy
- Fixed: Problem with predefined search into logger filter
- Fixed: Logger doesn't show expected events after executing a query for a deleted host
- Fixed: Problem with the Forwarder handling the cache
- Fixed: Incorrect agent version when it has only two components x.y
- Minor typo in USM reports
- Fixed: Incorrect "pie" graph with more than 1 module
- Fixed: Adding event types to a DS group from the SIEM view fails
- Change path of mysql error log in the support script


Change Log - AlienVault OSSIM v4.3.3 and AlienVault USM v4.3.3
--------------------------------------------------------------------------

- Increase PHP session maximum life time
- Fixed error in monitor rules
- Fixed: Agent cannot parse monitor rule commands from the server
- Fixed: Sending new alarms to syslog option from web interface doesn't work
- Fixed: snmpd wrong configuration autogenerated by ossim-reconfig
- Typo in the AlienVault Center command help
- Fixed: Nmap-monitor events appear on web with wrong time
- ossim-server init script fail because incorrect parsing or flawed logic
- Fixed: Updating vpn connected sensors through alienvault center doesn't work
- Fixed: The upgrade process using alienvault-center proxy does not work
- Conflicting Emerging's rules for Suricata and Snort should be disabled by default
- Fixed: Array validation can be skipped using OSS_NULLABLE
- Fixed: The same network can be defined multiple times using different octet combinations
- Fixed: Defining the same port multiple times produce a DB error
- Fixed: Defining the same host multiple times with different octet combinations makes the hosts take IP 0.0.0.0
- Fixed: ossim server doesn't load directives than uses a negated port
- Threat Intelligence Data Source 'Add New Group' link issue has been fixed
- Fixed: Advanced Search allows creating any kind of query when user is admin
- Fixed: When an user deletes data sources from DS Group, web deletes permanently without confirmation
- Fixed incorrect query in the framework
- Fixed: Invalid proxy user and pass written in curlrc file
- Security fixes (XSS) in Web User Interface
- Scheduling nmap scans of multiple network issue
- Fixed: OCS default scheduled task not launched
- Fixed: Error when another user try to change the details of the admin user
- Fixed: Rendering problem in Web Interface: Deployment status - active inventory
- Fixed: Cannot delete events from web interface
- Fixed: Don't set directive events as alarm until qualification is calculated
- Fixed: Error returned reviewing events from dashboard TOP graphs
- Fixed: Update notice displayed in Center for old machines (uuid not in DB)
- Fixed OSSIM report: user activity doesn't work
- Fixed: Vulnerabilities Report doesn't show hostname of scanned machines properly
- Fixed: Blank page displayed after selecting "French" as language of the Web Interface (Firefox)
- Minor typo in Web User Interface
- Fixed: Missing OTX info at Source/DST tabs
- Typo in web user interface (error message)
- Fixed: Agentless OSSEC incorrectly configures use_su for Cisco config checks
- Fixed: Directive editor doesn't accept symbols
- Fixed Javascript error (GB_onclose2 undefined)
- Fixed: Problem with the ticket mail notification
- Prads memory leak on connection deallocation fixed
- Prads memory leak on get_app_name fixed

Comments

  • Is this a patch for version 4.3.3 which is 4.3.4 or is this the release notes for patch 4.3.3?  A little confused on this since it was just posted yesterday and 4.3.4 was release yesterday .
  • when there will be the possibility to set up a different retention period for different types of logs? like ids 2 mounth and firewal only 24 h ?

    there are some plans for upgrading the correation method, for example for negation rules or conditional rules?
  • We are running 4.3.4, and it appears to have a memory leak.

    Over a 24-36 hour period I have watched the memory usage increase, followed by swap usage increase, followed by server instability.

    Is this 4.3.3 a patch that I can apply, or is this already applied because I am running 4.3.4?
  • Hi Russ,

    This is Sandip.
    Is mango DB available in this release? and do we just need to configure it?

    Or do we need to install it manually?


    Regards,
    Sandip

  • The alienvault ossim 4.3 system contains mongodb database?

Sign In or Register to comment.