• Support
  • Forums
  • Blogs

Patch release 4.1.3


AlienVault Employee

AlienVault Open Source SIEM 4.1.3 + AlienVault USM Products 4.1.3



- Suricata updated to version 1.4.4, fixes a problem with Suricata crashing in High load environments

- Fixed an issue in some rules in the fortunate plugin where the date in the event was not being captured

- Fixed an issue in the alarm stats, the correct geoip information was not being assigned to some ip addresses

- Fixed an issue that prevented showing certain WIDS events in the WIDS UI

- Do not overwrite the device field in the agent when building the normalized event

- Fixed an issue when using multiple search criterias in the Advanced Search in the SIEM Events UI

- Updated method to refresh the information in the system entered through the Assets -> Hosts page

- New method in the Frameworkd to run queries against the SQL DB, huge performance improvement

- Increased error verbosity in the Advanced search in the SIEM Events UI

- Allow modifying the alarm group status when the alarm is still being correlated

- Enhanced usability in the Advanced Search in the SIEM console

- Remove dynamically non-allowed characters in the description and action fields (Policy actions)

- Fixed a permission issue when displaying alarms for users with only one net or one host associated

- Fixed wrong link in Dashboard in 'Last SIEM vs Logger Events' chart

- Fixed an issue when displaying the port groups in the policy form (Thanks Gibbo for reporting)

- Fixed an issue with the OCS automatic inventory not updating the inventory

- Increased error verbosity in the Vulnerability Scan interface

- Deleted deprecated script plugin_wizard.pl

- Updated text messages in several sections in the UI

- Fixed an issue with a search criteria not being applied when using the ports summary views in the SIEM console

- Removed deprecated option (Refresh dashboard)

- Removed deprecated option (Show welcome screen at next login)

- Removed deprecated options (SIEM DB configuration related)

- New validation method when entering a new ossec agent in the HIDS console

- Deleted deprecated permission templates

- New method to delete alarms and alarm groups as a background task

- Fixed a small issue when ordering policies (Thanks dmscuffham for reporting) 

- Improve error handling when importing assets in CSV format

- Allow non-admin users configuring a vuln scan using credentials

- Fixed several typos

- Display grouped alarms generated by correlation directives that are no longer enabled

- Allow adding more than 1024 ossec agents using the UI

- Added missing plugin_sid in the DB

- Display the proper hostname in the HIDS if available

- Fixed a problem displaying migrated policy rules in some environments 

- Do not overwrite user data fields when some mandatory fields can not be normalised when building the event

- Updated allowed characters in multiple forms

- Fixed a visualisation issue when  the character "|" was being displayed in the trees (e.g inventory tree)

- Some information contained in the directives was not been displayed properly in the UI

- Fixed an issue when parsing Snort output (Big thanks to Nabil Naim for reporting and helping us fixing this)

- Minor visualisation changes in the directive editor to ensure that all information is displayed properly 

- Clean host_software table when deleting a host

- Fixed an issue when displaying the RSS Dashboard module using a proxy

- Fixed several issues when using LDAP authentication (Download and send pdf reports, scheduler report,  and last login date not updated)

- Added Restart Server button in correlation -> Directives

- Store the interface in which the event was generated, if any

- Fixed custom tickets datetime field validation

- Keep checkbox selection criteria when using the alarms and alarm groups panels

- Fix html characters encoding in event detail

- Improved performance when displaying hundreds of agents in the HIDS console

- Updated filter for the opened ticket data in the status bar (Consider other statuses as closed statuses)

- Refresh status bar when creating, closing or deleting a ticket

- Fix a small issue when filtering certain events in the Real Time Event viewer

AlienVault Unified SIEM 4.1.3 only 



- Fixed an issue when replicating certain server information in multi hierarchy environments (AV-center

- Fixed a segmentation fault in the Indexer process

- Fixed a problem in the Watchdog when multiple plugin files are using the same plugin_id but monitor different processes

- Fixed a couple of visualisation issues in the Reporting modules

- Fixed an issue exporting logger data when using extremely complex filters

- Do not allow the user deleting the dealt context

- Small memory leak fixed in the Indexer process

- Fixed a problem with the agent truncating its log file when restarting

- Fixed a small issue when using text= in the logger search criteria 

- Accept ANY as a taxonomy product in correlation directives

Share post:


This discussion has been closed.