What's new in EventSentry Light 5.1.1.92
Apr 27, 2024
- Bugfixes:
- Agent (Non-Collector): Fixed issue where the agent would use up an excessive amount of memory when using either Registry Tracking or Sysmon Integration and the configured database becomes unavailable
- ADMonitor: Fixed issue where the nightly archival process would not run when invalid files are encountered
- Configuration Assistant: Fixed issue where initialize a PostgreSQL database would sometimes require 2 attempts due to a missing schema
- Management Console: Fixed issue when applying certain JSON filters
- Network Services / NetFlow: Fixed issue where not configuring any conditions but having an AND evaluation logic would result in alerts being logged
- Web Reports: Fixed issue hovering on Performance Trends with multiple datasets under certain circumstances
New in EventSentry Light 5.1.1.90 (Apr 20, 2024)
- Bugfixes:
- Agent: Fixes regression bug from build 5.1.1.82 that may prevent disk space data from being recorded
- Agent: Minor fixes and improvements
- Management Console: Minor fixes and improvements
- Log Import Utility: Fixed issue where import may abort before completely parsing input file
New in EventSentry Light 5.1.1.86 (Apr 18, 2024)
- Bugfixes:
- Agent: Fixed issue where EventSentry agent would not start on Windows 2008
- Heartbeat Agent: Virtual machine status from Proxmox hosts now matches status from Hyper-V and VMWare hosts
New in EventSentry Light 5.1.1.84 (Apr 16, 2024)
- Management Console: Fixed issues with applying package updates
- Agent: Fixed issue where service may crash while stopping
New in EventSentry Light 5.1.1.82 (Apr 12, 2024)
- Features:
- Event Log Monitoring: Added content filter option to filter on file size
- Inventory: Added support for showing virtual machines from Proxmox hosts (requres SSH access)
- Bugfixes:
- Agent: Fixed issue were summary notifications would not work when certain event properties contain Non-Ascii characters
- Agent: Stability improvements
- Agent: IP addresses would be resolved to host names in compliance logon tracking, even if the option was disabled
- Agent: Fixed issue where a group-specific action would not work for disk space packages
- Agent: Fixed issue where digital signature of .sys files would not be properly determined
- Management Console: Added HTTP template for Microsoft Teams
- Management Console: Fixed issues where settings from heartbeat dialog would sometimes not be saved
New in EventSentry Light 5.1.1.74 (Mar 22, 2024)
- Bugfixes:
- Management Console: Improved package download and syncing mechanism
- Management Console: Fixed issue where having an empty event log package would always trigger a configuration save
New in EventSentry Light 5.1.1.72 (Mar 21, 2024)
- Features:
- Event Log Monitoring: Added content filter option to filter on digital signature status of a file
- Event Log Monitoring: Added content filter option to specify multiple text comparison tokens
- Compliance Tracking (Processes): Added option to check digital signature of executables at runtime
- Bugfixes:
- Agent: Fixed small memory leak with process tracking w/ collector setup
- Agent: Value comparison for anomaly detection is now case insensitive
- Agent: Anomaly engine stability improvements
- Agent: Fixed bug where agent would disconnect and not reconnect to collector when using minimal configuration
- Agent: Multiple improvements for client/collector connectivity
- Agent: Fixed bug where agent-side event log summary notifications were not working
- Agent: Only peform boot scan of event log if it is monitored
- Agent: Fixed bug where all installed browser extensions would sometimes be reported as added & removed within a short period of time
- Agent: Fixed issue where disk space overrides would not always work as expected
- Agent: Fixed bug where registry autorun monitoring would not work
- Collector: Fixed bug where agents would under rare circumstances send incomplete packets
- Collector: Fixed bug where .dump packet files were not properly written to disk
- Collector / Network Services: Fixed bug where SQL query was not properly closed when sending Network Services data through collector
- Management Console: Various UI improvements
- Database Import Utility: Fixed memory leak when importing .evtx files
- Built-In Database: Added warning files to database directories
- Web Reports: Improved readablility of Validation Script output when a script has failed
- Web Reports: Tomcat updated to v9.0.87
New in EventSentry Light 5.1.1.50 (Feb 1, 2024)
- Bugfixes:
- Collector: Improved performance by adding parallel inbound queue processing
- Collector: Updated TLS implementation, improved reliablity
- Agent: Validation scripts will now interpret ERRORLEVEL 998 as a WARNING result (instead of #2)
- Agent: "Kill Action" will automatically append .EXE extension if process to be killed has no extension
- Agent: Improved reliablity for account management and policy tracking under heavy event logging load
- Agent: Fixed bug with file access tracking when monitoring sub directories
- Agent: Fixed bug where removing/unassigning a performance counter previously required an agent restart
- Management Console: Fixed problems with package download & merging
- Management Console: Added button to recover a stalled/frozen PostgreSQL instance
- Database Purge Utility: Data to be purged can be filtered by host
- Web Reports: Tomcat updated to v9.0.85
- Web Reports: Java updated to v17.0.10
New in EventSentry Light 5.1.1.36 (Dec 19, 2023)
- Bugfixes:
- Heartbeat Agent: Improved overall reliablity of service
- Management Console: Fixed regression bug that would sometimes break HTTP-related tasks like checking for updates, downloading validation scripts etc
- Agent: Fixed bug where computer activity (Compliance Tracking/Account Management) would not be recorded
- Agent: Improved reliability of compliance logon tracking under extremely high event load
New in EventSentry Light 5.1.1.20 (Dec 2, 2023)
- Bugfixes:
- EventSentray: Fixed speed test on systems where UAC is active
- Agent: Fixed issue where configuration revision was not immediately available after deploying and agent for the first time
- Management Console: Minor bug fix on system health / file monitoring dialog
New in EventSentry Light 5.1.1.18 (Nov 30, 2023)
- Bugfixes:
- Agent: Fixed issue where some data was not written to the database when NOT using the collector
- Agent: Stability improvements when using permission inventory
- Management Console: Fixed issue where making changes on the collector dialog would immediately be reverted and not saved
- EventSentray: Internet Test dialog now includes Speed Test (download only)
New in EventSentry Light 5.1.1.12 (Nov 22, 2023)
- Bugfixes:
- Management Console: Fixed issue where deleting an action may incorrectly affect actions of existing filters
- Management Console: Improved accuracy of event id 1152 which is logged when the configuration is saved and shows changed items
- Management Console: Fixed issue with package download / syncing for filters with timer settings
- Management Console: Improved accuracy of collector stats when collector service changes status
- Management Console: Implemented help button on permission inventory dialog
- Collector: If an email is rejected by SMTP server because of an invalid recipient, then the email will not be resubmitted
- Agent: Improved chassis type detection for laptops
New in EventSentry Light 5.1.1.10 (Nov 16, 2023)
- Bugfixes:
- Agent: Fixed issue where authentication failures were not written to database when not using the collector
- General: Fixed issue where creating a maintenance schedule would set custom HB settings for a host, disabling monitoring
New in EventSentry Light 5.1.1.4 (Nov 9, 2023)
- Bugfixes:
- Management Console: Fixed regression bug where validation scripts time stamps were not read
- Management Console (light edition): Attempting to download an update would yield a certification validation error
- Agent: Fixed bug where print tracking could crash the agent if a long file name was printed (and processed by the Print Spooler)
- EventSentry Light: Binaries were not digitally signed
New in EventSentry Light 5.1.1.1 (Nov 8, 2023)
- Bugfixes:
- Management Console: Fixed bug in EventSentry Light were navigating to certain dialogs would crash the management console
- Management Console: Various UI tweaks
- EventSentray: Network throughput is now displayed in KBytes/sec instead of Bytes/sec
- Web Reports: Fixed issue where certain optional properties would prevent the service to start
- Web Reports: Updated German and Spanish translations
New in EventSentry Light 5.1.1.0 (Oct 31, 2023)
- Features:
- General: Anomaly Detection
- General: Permission (NTFS) Inventory
- General: All applicable health/compliance packages can now store data in multiple databases
- Management Console: New & Improved Package update engine
- Management Console: Find any item in tree with GoTo feature
- Management Console: Insertion strings are resolved to names when available
- Management Console: Fewer prompts to save configuration when no changes were made
- Management Console: Dialog for optimizing built-in PostgreSQL database
- Management Console: Filter rules can be applied directly to a filter dialog from JSON syntax
- Collector: Health stats are shown directly on collector dialog in management console
- Collector: Status page show latency and throughput
- ADMonitor: Now supports sending data through collector
- ADMonitor: Group inventory shows last modified date
- EventSentray: Includes Internet Test functionality and network usage chart
- Web Reports: Automated Maintenance Jobs (web-based)
- Web Reports: Added Database History tracking
- Web Reports: Updated look and feel of all forms
- Web Reports: Reorganized dashboard option menus to group form sections
- Web Reports: Redesigned Validation Script details to highlight status and script output
- Web Reports: Improved ARM64 support
- Web Reports: Optimized database lookups and logging framework
- Web Reports: Included more information on Database Usage page
- Web Reports: Added columns for dead rows, bloated indexes and last vacuum for PostgreSQL
- Web Reports: Various dashboard improvements, including new Acknowledge & Report tiles
- Web Reports: Added CMMC dashboards
- Web Reports: Added TISAX dashboard & reports
- Web Reports: Migrated to JRE 17 and Tomcat 9, improved ARM64 support
- Various bugfixes and optimizations
New in EventSentry Light 5.0.1 Build 144 (May 18, 2023)
- Bugfixes:
- Agent: Fixed bug where filter notes were not available as variable when using email action with collector
- Agent: Fixed bug where wrong host name is associated with file access tracking when not using the collector
- Heartbeat Agent: SNMP polling timeout interval is now customizable via registry
- Heartbeat Agent: Wrong group data is associated with service data when using collector
- Collector: Various tweaks to internal queue limits, debug logging and minor performance improvements
- Management Console: Fixed issue with welcome/summary dialog sometimes not showing
- Management Console: Fixed issue where log file filter could not be deleted
- Web Reports: Updated JRE to 1.8.0_372 and Tomcat to 8.5.88
- Built-In database upgraded to PostgreSQL v14.7.2
New in EventSentry Light 5.0.1 Build 130 (Mar 3, 2023)
- Features:
- Built-In Database: EventSentry now creates a 512Mb buffer file to aid in database recovery when database drive is full
- Bugfixes:
- Management Console: Various minor bug fixes and improvements
- Agent: Fixed bug with application scheduler
- Agent: Fixed bug where agent would continue to run deleted/removed validation scripts
- Agent: Fixed bug where installation date of a Windows patch would sometimes be reported incorrectly
- Web Reports: Updated JRE to 1.8.0_362 and Tomcat to 8.5.86
New in EventSentry Light 5.0.1 Build 120 (Dec 28, 2022)
- Features:
- HTTP Action can now utilize a proxy server
- Various summary dialogs can now be scrolled with a mouse wheel
- Bugfixes:
- Heartbeat Agent / Collector: Stability improvements when receiving configuration updates
- Collector: Improved loading & processing of .pbtmp files
- Agent: Fixed issue with dynamic package assignments
- Management Console: Fixed issue where performance counter could not be edited
New in EventSentry Light 5.0.1 Build 108 (Nov 17, 2022)
- Bugfixes:
- Management Console: Fixed bug where overwriting action on package level was not saved
- Management Console: Redesigned event log filter dialog for improved content filter visibility
- Built-In database upgraded to PostgreSQL v14.6
New in EventSentry Light 5.0.1 Build 104 (Nov 9, 2022)
- Bugfixes:
- Management Console: Fixed regression bug on event log filter dialog where a space could not be typed in some fields
- Management Console: Now prevents users from specifying the same event log filter content filter twice
- Management Console: Event Message Browser now displays latest version of event templates and lets users toggle between various versions when available
- Management Console: Various bug fixes
- Agent / Collector: Faster initial reporting of performance data after agent startup
- Heartbeat Agent: Log event id 11026 as warning on only when SSH connection was established
New in EventSentry Light 5.0.1 Build 98 (Oct 6, 2022)
- Features:
- Agent: File Monitoring: Added support for checksumming incremental log files
- Bugfixes:
- Agent: Fixed issue where print tracking would not work when not using collector
- Agent: Increased max length of connection string
- Agent: Optimized process tracking to do fewer WMI lookups
- Management Console: Increased reliability of configuration backups
- Management Console: Misc. minor bug fixes and enhancements (stability, UI)
- Heartbeat Monitor: Fixed issue where alert would not be cleared after a repeat alert
- Collector: Improved loading speed of backup files
- Web Reports: Fixed issues updating group account permissions
- Web Reports: Added new CMMC reports
New in EventSentry Light 5.0.1 Build 90 (Aug 30, 2022)
- Features:
- Heartbeat Agent: EXE/CMD-based performance counters can now be utilized
- Agent: Added /uninstallquiet command line option
- Management Console: Dynamically activated packages now have a different color
- Management Console: Added support for empty variables
- Web Reports: Compliance requirements have been updated to PCI-DSS 4.0 and CMMC 2.0
- Bugfixes:
- Agent: Fixed issue where agent would send some initial data twice to collector after the first connect
- Web Reports: Resolve sorting issue for compliance requirements subsections
New in EventSentry Light 5.0.1 Build 84 (Aug 16, 2022)
- Features:
- Agent: Performance Monitoring: Added ability to retrieve dynamic instances for EXE-based performance counters
- Management Console: Added inventory script to aid EventSentry support
- Bugfixes:
- Agent: Version number in Control Panel / Programs and Feature is now updated for MSI-based installations
- Agent: Fixed parsing issue with some HP disk configurations that would show RAID drives incorrectly
- Agent: Resolve additional Hyper-V statuses
- Agent: Fixed issue where PostgreSQL ODBC drivers would not be copied to remote agents with remote update
- Agent: Fixed issue where filter timer would not work with HTTP actions
- ADMonitor: Fixed issue where empty file caused frequent crashes of ADMonitor process
- Collector: Fixed issue where SMTP subject would sometimes not be displayed correctly
- Management Console: Encrypt authentication password even when authentication is not assigned to any hosts or groups
- Management Console: Fixed issue with filter test feature
- Agent, Management Console: Various small bugfixes and tweaks
- Built-In database upgraded to PostgreSQL v14.5
- Web Reports: Expanded Search tile selection to include Process Status
- Web Reports: Resolve rare issue where uptime calculation did not reflect full downtime
- Web Reports: Fixed menu quirks when configuring dashboard tiles
New in EventSentry Light 5.0.1 Build 62 (Jul 7, 2022)
- Bugfixes:
- Collector: Better throttling when loading items from disk queue
- Collector: Better file management when paging packets
- Collector: Various performance optimizations for higher throughput and lower resource usage
- Collector: Various bug fixes
- Agent: Minor collector communication improvements
- Installer: Only import license file when existing license is invalid
- Installer: Fixed issue where evaluation users would need to manually import license
- Web Reports: Improved mult-select functionality on Performance Trends
New in EventSentry Light 5.0.1 Build 50 (Jun 21, 2022)
- Bugfixes:
- Agent / Collector: Fixed issue where agent would not expire pending sent data, potentially resending already submitted data to the collector
- Management Console: Improved remote update functionality when mixing Windows and Non-Windows hosts in a group
- Management Console: Do not overwrite "Utilitze Collector" setting on remote hosts (heartbeat, network services)
- Significantly mproved performance of debug logging engine
- Installer: Fixed issue where web reports would always be installed, even when unselected
- Agent: HP Managed Hardware Inventory: Fixed incorrect data and false positives
- Agent: Fixed timing of process monitoring feature
- Built-In database upgraded to PostgreSQL v14.4
New in EventSentry Light 5.0.1 Build 36 (Jun 8, 2022)
- Bugfixes:
- Collector: More accurate outbound queue reporting
- Collector: Improved inbound queue paging algorithm
- Collector: Fixed issue where TLS certificate may automatically be re-created
- Collector: Various minor performance tweaks
- Agent: Improved process of reading collector backup files when agent is starting
- Agent: Fixed issue where incorrect number of physical drives would be displayed on Managed Hardware tab on newer HP servers
- Configuration Assistant: Added support for Microsoft SQL Server ODBC driver v18
- Management Console: Fixed issue where welcome dialog would sometimes not be displayed
- Management Console: Fixed issue where DB migration dialog would not show
New in EventSentry Light 5.0.1 Build 28 (May 19, 2022)
- Bugfixes:
- ADMonitor: Fixed issue where ADMonitor Console and Viewer would not launch on 2012 R2
- Collector: Fixed handle leak with Syslog action (UDP)
- Collector: Agents will now get throttled data sent to collector if inbound queue exceeds 1500 items
- Installer: Fixed issue where installer doesn't detect installation of web reports
- Management Console: Fixed issue where downloading packages would overwrite actions of existing packages
- Management Console: Dynamic package assignment now support Windows Server 2022 and Windows 11
- Built-In database upgraded to PostgreSQL v14.3
- Agent: Output from validation scripts that exceeds limit is now truncated
- Agent: Fixed issue where FIM monitoring would show temporary show incorrect checksum under rare circumstances
New in EventSentry Light 5.0.1 Build 16 (Apr 19, 2022)
- Bugfixes:
- Agent (non-collector): Hardware information would not be stored in database
- Agent (non-collector): Incorrectly formatted date of installed application would prevent application from stored in software inventory
- Agent: Print tracking does not record print jobs (regression bug 5.0.1.12)
- Web Reports: Fixed issue where is rare circumstances Notes could not be submitted
New in EventSentry Light 5.0.1 Build 12 (Apr 15, 2022)
- Bugfixes:
- Heartbeat Agent: Stability improvements when utilizing collector
- Agent: Clearing filter (for timer filters) can now be configured without an action
- Agent: Various compliance tracking features have been optimized
- Web Reports: Fixed issue expanding heartbeat dashboard tile
- Web Reports: Added text dashboard tile
New in EventSentry Light 5.0.1 Build 6 (Apr 8, 2022)
- Features:
- Management Console: Added option to duplicate performance monitoring objects
- Bugfixes:
- Management Console: Editing disk space settings could crash the management console
- Management Console: Adding a Scheduled Tasks object would not work
- Management Console: Performing a "Check Status" action on some groups would result in inconsistent
New in EventSentry Light 5.0.1 Build 2 (Apr 8, 2022)
- Bugfixes:
- ADMonitor: Fixes index error with Microsoft SQL Server databases during installation/upgrade
- Management Console: Fixes issue where creating agent MSI files would not work
New in EventSentry Light 4.2.3 Build 150 (Mar 11, 2022)
- Bugfixes:
- Management Console: UI improvements in event log filter dialogs
- Heartbeat / Network Services: Fixed regression bug that resulted in empty MAC address database that could cause stability issues with both services (regression bug in build 4.2.3.146)
- Network Services / NetFlow: Fixed issue where packet count and packet size would be 0 for NetFlow v9 (regression bug in build 4.2.3.146)
New in EventSentry Light 4.2.3 Build 146 (Mar 9, 2022)
- Bugfixes:
- Agent: Fixed issue that could cause excessive CPU or memory usage under rare circumstances on hosts with extremely high event log usage
- Agent: Fixed bug where a configuration update could cause the agent to freeze monitoring under rare circumstances
- Agent: Fixed bug where agents not using a collector could freeze under rare circumstances
- Agent: Fixed bug with validation scripts schedule and UTC settings
- Agent: Various other stability improvements and optimizations
- EventSentray: Fixed bug where collector connection status would sometimes be inaccurate
- Collector: Improved reliability of automatic configuration update
- Collector: Limit number of temp files written
- Network Services: Traps can now be filtered based on the trap OID
- Network Services: Added support for variables in collector host name
- SNMP: SNMP v3 now support SHA512 for authentication
- SNMP: Added support for monitoring SNMP devices that do not provide system information
New in EventSentry Light 4.2.3 Build 136 (Dec 18, 2021)
- Bug fixes:
- Heartbeat Agent: Improved detection of agents not connected to collector
- Management Console: Minor bug fixes
- Web Reports: Updated JRE to 1.8.0_312
- Web Reports: Migrated from Log4j 1.2 to 2.16.0
- Web Reports: Increased decimal precision for floating number tiles
- Web Reports: Added support for searching NetFlow data with a high number of packet
New in EventSentry Light 4.2.3 Build 132 (Nov 5, 2021)
- Bugfixes:
- Collector: Fixed issue where emails containing performance charts and utilizing variables for recipients would send only the first email
- Collector: Fixes issue where collector would stop processing incoming packets, mostly on new installations (PostgreSQL-based databases only)
- Web Reports: Updated Tomcat to v8.5.72
- Agent/Web Reports: Floating point values are now always shown with fixed 8 point precision
- Agent: Algorithm for disk space alerts was improved to not supress valid alerts
- Agent: Stability improvements
- Built-In Database: Updated PostgreSQL to v9.6.23
New in EventSentry Light 4.2.3 Build 114 (Aug 3, 2021)
- Agent: Fixed bug where newly added validation scripts would run every minute regardless of schedule until agent was restarted
New in EventSentry Light 4.2.3 Build 106 (Jun 25, 2021)
- Features:
- Web Reports: Ability to reset threat intel data for an IP address
- Web Reports: Added Diskspace tile option to Dashboard
- Bugfixes:
- Network Services: NetFlow malicious IP alerts are logged per unique socket connection
- Agent (File Access Tracking): Rename and Move events are not properly identified if ReadAttributes is audited
- Agent: Event log performance improvements
- Agent: Boot sector changes now have a built-in threshold to avoid issues with defective drives
- Heartbeat Agent: Saving configuration would create superfluous heartbeat history entries
- General: Various bug fixes
- Web Reports: Added more details to OS CSV output on Hardware Inventory page
- Web Reports: Fixed logon limit on Logons Dashboard tile
New in EventSentry Light 4.2.3 Build 96 (May 26, 2021)
- Features:
- Heartbeat Agent: Heartbeat PING alerts now include downtime of a host and host notes
- Bugfixes:
- Collector/Agent: Fixed issue where collector and agent would not attempt a reconnection
- Management Console: Trailing tabs and spaces are automatically removed when importing hosts from text file
- Management Console: Improved script dialog layout
- Management Console: Fixed issue with error message about missing Winpcap shown even though npcap is installed
- Management Console: Fixed issue where deleting a host could incorrectly affect maintenance schedules for a different host
- Built-In Database: Updated PostgreSQL to v9.6.22
- Agent: Added support for detecting USB 3.1
- Web Reports: Updated directional range queries
- Web Reports: Fixed Dashboard logon limit results
New in EventSentry Light 4.2.3 Build 82 (Apr 7, 2021)
- Bugfixes:
- Fixed issue with installer not being able to verify its checksum when update was initiated via management console
New in EventSentry Light 4.2.3 Build 456 (Mar 2, 2021)
- Bugfixes:
- Added CMMC compliance reports and dashboard
- Support for the EventSentry PowerShell module
- EventSentrayImproved reliability when submitting support tickets via a collector email action
- AgentFixed issue where disk space monitoring could unnecessarily prevent configuration updates from being applied
- AgentVariables can now be used in performance counters
- Management Console / AgentQuery agent status may show incorrect configuration revision
- Management ConsoleExpired maintenance schedules assigned to groups now get removed automatically
- Multiple componentsImproved compatibility with Office 365 SMTP servers
- Multiple componentsMaintenance could be off by a few min under some circumstance
New in EventSentry Light 4.2.3 Build 40 (Feb 2, 2021)
- Features:
- Added ability for filter to only be active during or after boot process
- Added ability to edit tags for multiple hosts
- Bugfixes:
- Agent: Fixes regression bug from build 32 that breaks browser extension monitoring
- Management Console: Fixes issue with built-in validation scripts not updating
New in EventSentry Light 4.2.3 Build 32 (Jan 14, 2021)
- Bug fixes:
- Collector: Fixed issue where utilizing the malicious ip address check in an event log filter could crash the collector if threat intel was not enabled
- Collector: Fixed issue where malformed delimited log files could crash the collector
- Network Services: Stability improvements
- Web Reports: Added Recent Reports to menus
- Web Reports: Improved dashboard tile duplication
New in EventSentry Light 4.2.3 Build 26 (Jan 3, 2021)
- Bugfixes:
- Agent: Fixed handle leak when process action could not be launched
- Agent: Fixed issue where HTTP action would not be triggered by a timer filter
- Agent: Significantly reduced CPU utilization on systems with a large number of logon events
- Agent: Option to store non-local groups now also deletes unassigned packages
- Threat Intel: Custom block lists now also support specifying threat confidence and title
- EventSentray: Added agent version to tooltip
- Management Console: Improved sorting (filters, hosts) for strings starting with or including numbers
- Management Console: Performance counter preview now takes secondary counters into consideration as well
- Web Reports: Added Triggered Action context menu
- Web Reports: Improved Host Inventory SCSI visualization
- Web Reports: Resolved issue where under certain circumstances IP Activity Sysmon search would failover to a broad search
- Web Reports: Updated JRE to 1.8.0_275
New in EventSentry Light 4.2.3 Build 16 (Dec 12, 2020)
- IP addresses contained inside (event log) events can now be evaluated against known malicious IP addresses
- Additional black list sources for malicious IP address checks
- New SNMP monitoring options support monitoring CPU and memory metrics of VMWare ESXi hosts
- Web Reports: Performance tiles supports viewing performance data from multiple hosts
- Web Reports: Tiles can now be duplicated for faster dashboard setup
New in EventSentry Light 4.2.3 Build 14 (Dec 1, 2020)
- Features:
- Management Console: Text filters can now be loaded from a text file in log file monitoring, default web server IDS rules included
- Agent: Log file monitoring event id 8000 now includes text filter (if applicable) that triggered event
- Bugfixes:
- Collector: Fixed issue with unnecessary database activity during service startup
- Agent: Fixed issue where FIM would checksum files that should be ignored based on size during service startup
- Collector, Heartbeat Agent: Added sanity checks to reduce likelihood of service crash during service stop
- Agent: Fixed issue with wrong volume name shown in event id 10501
- Agent: Fixed issue where a configuration refresh could cause service crash if browser extension monitoring is active
- Web Reports: Fixed sorting by volume name on Diskspace Status
- Web Reports: Fixed drive search on Large Files
New in EventSentry Light 4.2.3 Build 6 (Nov 25, 2020)
- Bugfixes:
- Fixed issue with package download prompting certificate error
- Features:
- IP addresses contained inside (event log) events can now be evaluated against known malicious IP addresses
- Additional black list sources for malicious IP address checks
- New SNMP monitoring options support monitoring CPU and memory metrics of VMWare ESXi hosts
- Web Reports: Performance tiles supports viewing performance data from multiple hosts
- Web Reports: Tiles can now be duplicated for faster dashboard setup
New in EventSentry Light 4.2.1 Build 16 (Nov 4, 2020)
- Features:
- Heartbeat Monitor: Status alerts (events 11000-11002) now include the IP address of the remote host
- Management Console: Added ability to import and hide validation scripts packages
- Bugfixes:
- EventSentray: Now support Windows Server 2008 / Vista
- EventSentray: Fixed issue with incorrect memory usage on Windows Server 2008 / Vista
- Management Console: Fixed certificate issue with package download
- Management Console: Several minor bugfixes
New in EventSentry Light 4.2.1 Build 8 (Oct 19, 2020)
- Bugfixes:
- ADMonitor: Fixed regression bug that would show incorrect time stamps on AD user list page
- Agent: Fixed potential issue with compliance/security logon tracking component that could result in lack of processing and memory leak under rare circumstances
- Management Console: Validation Scripts packages can now be (un)hidden
- Management Console: Additional certificate validation for downloaded packages and scripts
- Installer: Fixed release notes link
New in EventSentry Light 4.1.1 Build 74 (Sep 22, 2020)
- Features:
- Network Services: Added support for IPFIX
- Bugfixes:
- Collector: Fixed issue where a corrupt temp file would prevent service from starting
- Collector: Fixed issue where the literal importance flag would not work for collector-enabled email actions
- Agent: Improved performance on domain controllers with a large amount of 4661 security events
- Agent: Event 10500 now includes volume name
- Agent: Registry Tracking: Added support for additional and removal of values
- Agent: Registry Tracking: Fixed issue where registry tracking would not work with Windows Server 2019
- Built-In Database: Updated PostgreSQL to v9.6.19
- Database Tools: Improved performance of es_db_purge for PostgreSQL database in some instances
- Management Console: Fixed bug in event message browser for Application and Services Logs
- Management Console: Various minor bug fixes and stability improvements
- ADMonitor: Fixed issue where certain group policy changes would not be parsed
- Web Reports: Updated to Tomcat 8.5.57
- Web Reports: Resolved issues export NetFlow data to CSV
- Web Reports: Fixed Automatic Services tile when computers were filtered
- Web Reports: Improved cookie flags when SSL is configured
- Web Reports: Updated ADmonitor validation when object is removed
- Web Reports: Fixed timezone offset for syslog messages
- Web Reports: Improved IP lookup for Collector Status hosts
New in EventSentry Light 4.1.1 Build 68 (May 13, 2020)
- Bugfixes:
- Installer: Fixed issue when installing on terminal servers
- Management Console: Fixed various issues when assigning/clearing credentials
- Management Console: Filtering events in built-in event viewer would not properly clear/reset
- Management Console: Other minor UI fixes
- Agent: Some runtime variables would not be resolved in URL of HTTP action
- Agent: Include session unlock events on console logon reports
- ADMonitor: Further improved handling of user status when monitoring sub domains
New in EventSentry Light 4.1.1 Build 64 (Apr 30, 2020)
- Bugfixes:
- ADMonitor: Fixed issue where user status update stalled until the ADMonitor service is restarted if user list update could not be updated in the DB
- ADMonitor: Fixed issue where SQL utility would terminate after certain group policy changes
- ADMonitor: Fixed issue where user list was inconsistent when monitoring sub domains
- Built-In Database: Updated PostgreSQL to v9.6.17
- Management Console: Improved remote agent update if agent executable is locked by other processes
- Management Console: Various stability improvements
- Management Console: "Show filters referencing this action" now includes exclude filters
- General: Added SNMP package for Canon imageRUNNER devices
- General: Improved rendering of email alerts on certain email clients (white lines should not be shown)
- Collector: Improved health check
- Network Services (ARP): Vendor name is now included when event id 701 is logged
- Web Reports: Added additional formats to Number tile
- Web Reports: Updated Unsupported Operating Systems compliance report
New in EventSentry Light 4.1.1 Build 54 (Apr 6, 2020)
- Management Console: Various minor fixes
- Heartbeat Agent: Fixed incorrect SQL statement
- Heartbeat Agent: Only disable SNMP polling of host if "Stop retrying SNMP polling if ..." is checked
- Heartbeat Agent (Light): Fixed issue with incorrect agent status
- Installer: Fixed security issue with external process being called without full path
- ADMonitor: Fixed issue where new ADMonitor would not find any domains (regression)
- Web Reports: Fixed default sender when sending events from the Event Search page
- Web Reports: Updated ADMonitor HTML email jobs templates to be more concise
New in EventSentry Light 4.1.1 Build 38 (Feb 24, 2020)
- Bugfixes:
- Agent: Large file enumeration is now disabled dynamically if it takes longer than 10 minutes twice in a row
- Agent / Host Inventory: Fixed battery capacity display that was displaying in mWh instead of mAh, percentages are now more accurate
- Agent / Host Inventory: Now identifies directly attached SSD drives
- Agent: Now retrieves schema and GUID cache via secure LDAP whenever possible
- Agent: Stability improvement during configuration re-read
- Collector: Additional stability improvements
- Collector: Improved license check to avoid invalid license warnings
- Collector: Improved how agent and configuration updates are distributed to clients
- Collector: Fixed issue where SMTP settings were not dynamicaly re-read during a configuration update
- Managemend Console: Show Filters Referencing This Action now includes filters that are configured to trigger all actions
- Web Reports: Upgraded to Tomcat 8.5.50 / JRE 1.8.0_242
- Web Reports: Fixed HTML summary report jobs
- Web Reports: Resolved issue where labels were missing from exported frequency charts
- Web Reports: Updated NIST 800-171 and PCI-DSS compliance reports
New in EventSentry Light 4.1.1 Build 22 (Jan 9, 2020)
- Bugfixes:
- Collector: Improved reliability and resolved stability issues
- Network Services: Resolved reliablity issues
- Heartbeat / SNMP Monitoring: Increased number of maximum instances for object from 100 to 250
- Management Console: Fixed bug where certain types of event log filters could not be deleted
- Management Console: Reduced number of prompts for saving configuration
- Management Console: Usability improvements for authentication and HTTP actions
- Agent: Fixed issue with wrong time zone name and offset on host inventory page when DST is not active. This also resulted in wrong local system time being displayed on event log detail dialog.
New in EventSentry Light 4.1.1 Build 1 (Jan 7, 2020)
- NetFlow: Measure/Alert on amount of data transferred to/from malicious IPs
- Utilize output from command line utilities for performance data
- Send data from Network Services & Heartbeat Agent to collector
- Detect pending reboots & BitLocker
- Analyze battery health
- ADMonitor: Send password reminders directly to end users
- ADMonitor: Additional dashboard tiles
- Web Reports: Consolidated changes report
- Web Reports: Monitor database purge activity
- Web Reports: Acknowledge Syslog messages
- Web Reports: Easier navigation through event messages
- Web Reports: UI Updates
- Web Reports: Transition to OpenJDK
- Web Reports: CJIS Compliance Reports
New in EventSentry Light 4.0.3 Build 48 (Nov 27, 2019)
- Resolves an issue in build 4.0.3.46 where binaries were not digitally signed. Otherwise build 4.0.3.46 and 4.0.3.48 are identical.
New in EventSentry Light 4.0.3 Build 46 (Nov 22, 2019)
- Bugfixes:
- Agent: Fixed issue with "expand remaining fields" delimited log file monitoring option
- Agent: Stability improvements
- Collector: Fixed issue with MSSQL databases that could cause the service to crash
- ADMonitor: Fixed email alerts
New in EventSentry Light 4.0.3 Build 32 (Sep 11, 2019)
- NetFlow: Fixed issue where threat alerts were generated even when disabled
- NetFlow: Fixed issue where threat intel was only download when event log alerts were enabled
- Network Monitoring: Added ContextName, EngineID and ContextEngineID as SNMP authentication options
- Network Monitoring: A valid uptime counter is no longer required
- Management Console: Improved stability and performance of built-in event viewer for large event logs
- Management Console: Fixed issue when downloading packages
- Management Console / Collector: Improved resetting shared secret
- Collector: Stability improvements including startup and shutdown
- Collector: Fixed issue with custom event fields being reset
- Agent: Improved self-update process
- Agent: Fixed bug where a file access tracking delete event could cause the agent to crash
- ADMonitor/Agent: Fixed various issues with Japanese character sets
- Web Reports: Upgraded Tomcat to 8.5.45
- Web Reports: Added Source IP to Logon Failures summary
- Web Reports: Updated Japanese translations
- Web Reports: Optimized Dashboard loading
New in EventSentry Light 4.0.3 Build 16 (Jun 24, 2019)
- Collector: To prevent data loss, incoming data is paged to disk when outbound queue is too high
- Agent: Filters in chain packages now support thresholds and insertion string overrides
- Agent: Added new feature to optionally remove non-local groups from the agent configuration
- Agent: Stability improvements
- Agent: Increased max length of variable content to 512 characters
- Agent: Resolved various issues with the "event log full detection" system health feature
- Management console: Fixed issue where saving the configuration would take a long time if the database password contained a $ character
- Management Console: Various UI bug fixes and improvements
- Management Console: Fixed issue when generating MSI file
- Heartbeat Agent: Improved ping response tracking chart when remote host is unavailable
- Heartbeat Agent: Improved agent status detection for hosts not communicating with collector
- Built-In Database: Updated PostgreSQL to v9.6.14
- Log Import Utility: Fixed issue when importing delimited log files and non-lookup text values
- All components: Added support for reserved characters in database action passwords
New in EventSentry Light 4.0.3 Build 6 (May 22, 2019)
- Bugfixes:
- Management Console: Password is now masked in database action dialog
- Management Console: Fixed issue where adding 96 or more database / event log filters to Syslog dialog would cause crash
- Management Console: Fixed issues when creating/moving event log filters into folders
- Management Console: Increased number of scheduled task filters from 32 to 64
- Management Console: Fixed & extended Tools -> Options -> Features dialog
- ADMonitor: Improved setup dialog and error checking
- Agent: Stability improvements
- Installer: Fixed crash dump collection settings for 64-bit processes on some systems
- Built-In Database: Updated PostgreSQL to v9.6.13
New in EventSentry Light 4.0.3 Build 2 (May 3, 2019)
- Bugfixes:
- NetFlow: Fixed regression bug that caused sFlow packets not to be processed
- Management Console: Fixed issue with TEST button on HTTP action dialog
- Evaluation: Fixed issue during installation that would errouneously state that no network device licenses are installed
New in EventSentry Light 4.0.3 Build 1 (May 3, 2019)
- Features:
- Network Services: Added Syslog TCP+TLS receiver
- NetFlow: Switched & improved threat detection to use OTX cache and AbuseIPDB lookups (may require subscription)
- Agent: Added GET request option to HTTP requests
- Web Reports: Added regex parser to generic search tile
- Web Reports: Added NetFlow IP threat context
- Web Reports: Added additional NetFlow threat fields
- Bugfixes:
- ADMonitor: Fixed issue where enabling monitoring of sub domains would not work
- ADMonitor: Improved ADMonitor installation in configuration assistant and management console
- NetFlow: Fixed issue with processing sFlow packets under certain circumstances
- Sysmon Process Tracking: Added indexes to speed up search performance
- Heartbeat Agent: Fixed issue where service would crash if no database was configured
- Agent: Fixed issue where agent could not self-update via collector if %TEMP% variable points to a different drive than %SYSTEMROOT%
- Web Reports: Fixed custom time range when switching from Summary to Detailed
- Web Reports: Improved MySQL 8 support
New in EventSentry Light 4.0.1 Build 2 (Mar 28, 2019)
- ADMonitor
- Track all changes to Active Directory objects down to the attribute level with before and after values
- Monitor group policy changes
- User inventory to help identify idle, administrative and other problematic accounts
- New Features:
- Visual overhaul of the EventSenry management console
- NetFlow threat and port scan detection
- Track IP addresses in the web reports
- Improved Features:
- Web Reports: Various tweaks throughout for better usability
- Event Log Monitoring: Filter timers can now support linking events using different insertion strings
- Log File Monitoring (delimited): Convert columns representing a date and time to a native timestamp field
- Log File Monitoring (delimited): Support for fields enclosed in quotes
- Performance Monitoring: Counters can be configured to only keep the current value in the database
- Performance Monitoring: A new "alert" flag supports queries and dashboard tiles that return any performance counter in an alert state
- Software History: Now shows user who (un)installed packages for MSI-based software packages
- Under the Hood:
- Various fixes and tweaks to NetFlow/sFlow and bandwidth monitoring
- Many other bug fixes and stability improvements throughout the product
New in EventSentry Light 3.5.1 Build 54 (Feb 16, 2019)
- Bug fixes:
- Management Console: Resolved HTTP issue with package download, version check and feedback dialogs
- Management Console: Fixed issue where MSI generation would not work on FIPS-enabled systems
- Agent: Fixed issue where agent would connect to non-collector database action even though it was not referenced by any package
- Agent: Fixed issue for users who installed build 44 or 46 in where collector-initiated configuration updates would not be applied by remote agents
- Agent: Fixed issue where creating a new action and filter would only work after an agent restart depending on the order they were created
- Heartbeat Agent: Fixed issue in EventSentry Light where heartbeat agent would only monitor 3 hosts
- Documentation: Several updates to installation requirements, credits and EULA
- Built-In Database: Updated PostgreSQL to v9.6.12
New in EventSentry Light 3.5.1 Build 48 (Jan 21, 2019)
- Management Console: Fixed regression bug from build 3.5.1.44 that would cause remote agents to ignore configurations updates sent by the collector
New in EventSentry Light 3.5.1 Build 46 (Jan 18, 2019)
- Bugfixes:
- Management Console: Fixed regression bug from build 3.5.1.44 that would invalidate configuration update files in some cases, causing remote agents not be able to start.
New in EventSentry Light 3.5.1 Build 44 (Jan 17, 2019)
- Bugfixes:
- Agent: File access tracking now utilizes event 4659 to detect some file deletes
- Agent: Large file detection now runs with at dynamic, slightly random intervals
- Agent: Improved Regex Insertion String override functionality
- Agent: Fixed issue where EventSentry Agent entry in control panel would only show up for the user who ran the MSI installer
- Agent: Fixed issue where memory modules would not show up on host inventory page when not using collector
- Agent: Fixed issue where GELF Syslog packets were not sent with UTC timestamp
- Agent: (Total) disk space for volumes with an active quota is now obtained correctly
- Collector: Improved reliability during large data transfers, improved warning messages for missed acknowledgments
- Collector: Support for variables in database connection string
- Heartbeat/SNMP Monitoring: Fixed issue where service would not apply correct settings after saving
- Network Services: Fixed issue where service would not apply correct settings after saving
- Management Console: Resolved issues with Maintenance Now feature that would not work under some circumstances
- Management Console: Improved usability of built-in event viewer while scrolling
- Management Console: Various small UI fixes
- Built-In Database: Updated PostgreSQL to v9.6.11
- Web Reports: Updated number formatting for Heartbeat Availability
- Web Reports: Fixed offset when displaying Ping graphs with non-UTC timestamps
New in EventSentry Light 3.5.1 Build 32 (Oct 26, 2018)
- Bugfixes:
- Agent: Fixed issue where agent would use WMI to query for process command line parameters when monitoring 4688 events, putting pressure on the WMI service
- Agent: Fixed issue where the current audit status would be inaccurate when using the collector
- Agent: Fixed issue where disk space alerts contain incorrect limit if dynamic limits are enabled
- Agent: Fixed issue where the wrong threshold was calculated & displayed in 10509 events
- Agent: Improved process action to enforce runtime timeout even when capturing output is not desired
- Agent: Increased the maximum size of the internal GUID cache
- Agent: Numbers are now supported in variables
- Collector: Improved reliability of automatic agent update deployment
- Collector: Collector now logs warning or error events if the queue size is too large
- Collector: Fixed issue that would prevent collector service from shutting down gracefully
- Collector: Fixed issue that would cause a secondary collector service to shut down when receiving a configuration update
- Management Console: Fixed issue where the 64-bit management console would not let users save the configuration when run on a remote host
- Management Console: Various minor tweaks to the UI
- Network Services: Improved handling of sFlow packets when monitoring multiple interfaces
- Heartbeat Agent: SNMP devices without system information set can now be monitored
New in EventSentry Light 3.4.1 Build 78 (Jun 12, 2018)
- Collector: Fixed issue where certain process tracking events could crash the service
- Collector: Database performance enhancements
- Heartbeat Agent: SNMP monitoring on hosts that support SNMP but are not responding to SNMP requests in a timely fashion will be automatically disabled
- Heartbeat Agent: Tweaks to better support MySQL databases
New in EventSentry Light 3.4.1 Build 68 (May 26, 2018)
- Agent: Fixed issue with Syslog action not properly encoding UTF8
- Agent: Fixed issue where agent would not properly apply configuration settings on non-English systems
- Agent: Fixed issue where agent would not record account management changes after 1024 changes have occurred (affects non-collector only)
- Agent: Improved performance of agent-side lookup cache
- Agent: Fixed issue where collector client would not be able to reconnect to collector
- Agent: Fixed issue where under rare circumstances the agent would not properly import a configuration update received from the collector if receiving an agent update at the same time
- Collector: Fixed issue where host id would not show up on collector status page if agent connected from different IP addresses
- Collector: Fixed issue where certain changes to variables would not be applied to collector without a service restart
- Network Services / Management Console: Fixed issue where any error retrieving SNMP data from a remote host would be a "SNMP v3 Authentication" error
- Built-In Database: Updated PostgreSQL to v9.6.9
- Web Reports: Added ability to limit the number of records included in a scheduled report
- Web Reports: Fixed potential error on the Switch mapping summary page
New in EventSentry Light 3.4.1 Build 58 (Apr 24, 2018)
- Bug fixes:
- Collector: Fixed bug that could result in incoming data being indefinitely cached and not written to the database
- Collector: Improved connectivity with clients connected via high latency networks
- Collector: Fixed issue where large files would be incomplete on hosts with more than one volume
- Collector: Fixed issue where setting a variable on a group would not work
- Collector: Fixed issue with automatic agent updates
- Collector: Various speed and reliability improvements
- Management Console: User interface has been improved on High-DPI displays
- Management Console: Fixed bug when adding licenses
- Management Console: Various minor improvements to the user interface
- Configuration Assistant: User interface has been improved on High-DPI displays
- Agent: Improved reliability of the current service status in the web reports
- Agent: Fixed issue where dynamic package assignments would not work in some scenarios
- Agent: Fixed issue where old items in process/console logon backup files could cause the feature to stop working when not using collector
- Agent: Fixed issue with backup file for account management when not using collector
- Network Services: Fixed issue where ARP history would not be populated in database
- Network Services: Switch port mapping now supports VLANs from most Cisco switches
- Network Services: Fixed minor issues with bandwidth utilization
- Network Services: Bandwidth utilization now supports sFlow (approximate)
- Network Services: Improved handling of the NFSPEED variable
- Installer: Fixed issue where the customized web reports URL gets overwritten with every update/upgrade
- Database Import Utility: Added support for importing .evt files from older NetApp devices
- Web Reports: Fixed issue with Inbound / Outbound legend for NetFlow Bandwidth
- Web Reports: Updated date formatting when custom range is used and exported to inline PDF
- Web Reports: NetFlow dashboard tile now includes Top N city, subdivisions and country
- Web Reports: Resolved issue where an empty JAVA_HOME system environment variable could prevent the service from starting
- Web Reports: Added additional validation to Group Heartbeat Status tile
- Web Reports: Improved Heartbeat Uptime calculation when using a custom range
- Web Reports: Fixed Syslog tile time formatting when UTC is not enabled
New in EventSentry Light 3.4.1 Build 38 (Feb 15, 2018)
- Bug fixes:
- Collector: Fixed issue where CPU and memory utilization could slowly increase over time and some systems and cause the service to stop working
- Collector: Now accepts remote NetBios host names even when hosts are added as FQDN
- Collector: Fixed issue where collector could crash at runtime when large number of hosts are added to configuration
- Agent: Fixed issue where agent would incorrectly report 10803 event after configuration updates, indicating that the required audit settings could not be applied.
- Management Console: Minor usability improvements
- Built-In Database: Updated PostgreSQL to v9.6.7
New in EventSentry Light 3.4.1 Build 34 (Jan 20, 2018)
- Bugfixes:
- Installer / Management Console: Fixed bug where license files converted to Unicode would not be recognized as valid license files
- Installer: Tweaks to the default configuration
- Agent: Log file context feature which was added in 3.4 is now configurable
- Agent: Installed PowerShell versions are now available in software inventory
- Agent: Fixed issue where virtual memory devices wouldn't show up on the host inventory page for Hyper-V VMs
- Agent: Truncated VM path length if it exceeds max DB schema length
- Agent: Now always attempts to obtain process command line if not present in 4688 event. Command line is available through $STR9 variable
- Agent: Fixed issue where environment settings were not retained if sensor was connected on machine where EventSentry was installed
- Agent: Improved logging and debug logging
- Agent: Fixed bug with network action incorrectly reusing text from previous alerts
- Collector: Improved handling of non-ascii characters in email subjects
- Collector: Improved matching of collector-side thresholds by lowercasing unique identifiers
- Management Console: Increased the number of entries for scheduled tasks monitoring, limit is now enforced in management console
- Management Console: Changed various summary dialogs
- Management Console: Fixed issue were events from remote host are not formatted correctly for sources only present on the remote host
- Management Console: Fixed issue deploying agent to newer remote Windows 10 hosts
- Heartbeat Monitoring: Improved algorithm which automatically disables SNMP monitoring for unreliable hosts
- Network Services: Improved handling of NetFlow bandwidth interface association for scenarios where data from multiple interfaces is sent over a single Netflow UDP connection
New in EventSentry Light 3.4.1 Build 16 (Dec 6, 2017)
- Bugfixes:
- Built-In Database: Updated PostgreSQL to v9.6.6
- Agent: Fixed issue where dynamic package assignment (OS) would not work under some circumstances
- Agent: Fixed issue where saving the configuration could the same application scheduler schedule multiple times under certain circumstances
- Agent: Increased stability when refreshing the configuration
- Agent: Fixed issue that would prevent event logs with a name longer than 64 characters from being monitored
- Heartbeat Agent: Fixed issues where saving the configuration could cause stability issues
- Heartbeat Agent: Service will no longer attempt to negotiate SNMP v3 when not SNMP v3 credentials are available
- Heartbeat Agent: Additional tweaks to prevent "Frozen" service status
- Management Console: Minor tweaks to user interface and default settings
- Management Console: Fixed issue where package updater would indicates that packages had updates, even though no updates were available
- Network Services: Fixed issue where bandwidth calculation would not work reliably when no SNMP authentication credentials are assigned to NetFlow exporter
- Collector: Fixed issue where collector would issue an incorrect warning indicating an automated agent updates not possible for a remote host
- Web Reports: Delimited log files page now shows computer, path and file on summary view
- Web Reports: Fixed NetFlow issue with US map rendering
- Web Reports: Added ability to import/export notes, e.g. when migrating to a different database
- Web Reports: Improved links on host inventory page
- Web Reports: Fixed issue with dashboards running too hot
- Web Reports: Improved German translation
- Web Reports: Various formatting improvements
New in EventSentry Light 3.4.1 Build 8 (Nov 17, 2017)
- Bug fixes:
- Installation: Fixed issue on Windows 10 Fall Creators edition where 64-bit services would not start
- Installation: Fixed default installation to include monitoring of common non-standard event logs
- General: Removed "Use Latest Driver" option for database actions, this feature is now always enabled
- Management Console: Fixed issue where Reset Shared Secrets was not shown when host had SNMP error
- Network Services: Fixed issue where some NetFlow data would cause the service to terminate
- Network Services: Improved input validation for NetFlow data
- Agent: Fixed issue where an agent would not check in with collector often enough if agent was transmitting no or very little data
- Heartbeat Agent: Fixed issue where agents are reported as frozen when no HW/SW inventory package is assigned or configured to write to the DB and no collector is configured
- Web Reports: Improved Maintenance Wizard layout
- Web Reports: Fixed date range selection while switching modes
- Web Reports: Updated predictive search on Logon Failures page for Source Computer
New in EventSentry Light 3.4.1 Build 1 (Nov 6, 2017)
- Security:
- Collector-side thresholds extend the agent-side threshold capabilities and support detecting network-wide patterns like lateral movement
- Additional capabilities to detect and prevent against new types of Ransomware infections, including variants that modify the boot sector.
- Actual audit settings on a Windows host can sometimes deviate from group policy settings - due to conflicts, errors and so forth. A new Audit Policy Status page periodically inventories the current audit settings so you can verify the actual audit settings.
- NIST 800-171 compliance reports
- A new user activity tracking page makes seeing all activity by a user easier than ever!
- Integrations:
- EventSentry agents can now be integrated with many open source and commercial log solutions with additional Syslog options - even custom JSON formatting is supported!
- New Monitoring Features:
- The new software version check feature identifies outdated software on your network to help you reduce your attack surface. This new feature supplements the software inventory component.
- UPS & Battery monitoring now inventories all attached UPS batteries as well as integrated batteries (laptops) regardless of the manufacturer
- BIOS changes are now detected
- Network Monitoring:
- Response Time page now includes packet loss percentage
- NetFlow monitoring now supports calculating the bandwidth of an interface, including additional statistics such as packet count, bytes per packet and more.
- Improved Features:
- A new navigation menu in the web reports enhances usability
- Log file monitoring alerts (events) now include 3 lines before and after a line matched
- Disk space alerts now include a list of the largest files and folders of a volume
- Growl action now supports multiple recipients
- Under the Hood:
- Web reports are now available in 64-bit and support running larger reports
- Web reports utilize Java 8
- The speed of all dashboards and other pages in the web reports has been dramatically improved
- Managing the configuration through the collector is more reliable
- Many other bug fixes and performance improvements
New in EventSentry Light 3.3.1 Build 130 (Nov 4, 2017)
- Security:
- Collector-side thresholds extend the agent-side threshold capabilities and support detecting network-wide patterns like lateral movement
- Additional capabilities to detect and prevent against new types of Ransomware infections, including variants that modify the boot sector.
- Actual audit settings on a Windows host can sometimes deviate from group policy settings - due to conflicts, errors and so forth. A new Audit Policy Status page periodically inventories the current audit settings so you can verify the actual audit settings.
- NIST 800-171 compliance reports
- A new user activity tracking page makes seeing all activity by a user easier than ever!
- Integrations:
- EventSentry agents can now be integrated with many open source and commercial log solutions with additional Syslog options - even custom JSON formatting is supported!
- New Monitoring Features:
- The new software version check feature identifies outdated software on your network to help you reduce your attack surface. This new feature supplements EventSentry's software inventory component.
- UPS & Battery monitoring now inventories all attached UPS batteries as well as integrated batteries (laptops) regardless of the manufacturer
- BIOS changes are now detected
- Network Monitoring:
- Response Time page now includes packet loss percentage
- NetFlow monitoring now supports calculating the bandwidth of an interface, including additional statistics such as packet count, bytes per packet and more.
- Improved Features:
- A new navigation menu in the web reports enhances usability
- Log file monitoring alerts (events) now include 3 lines before and after a line matched
- Disk space alerts now include a list of the largest files and folders of a volume
- Growl action now supports multiple recipients
- Under the Hood:
- Web reports are now available in 64-bit and support running larger reports
- Web reports utilize Java 8
- The speed of all dashboards and other pages in the web reports has been dramatically improved
- Managing the configuration through the collector is more reliable
- Many other bug fixes and performance improvements
- Bugfixes:
- Heartbeat Agent, Collector: Now utilize the "Use latest installed driver" option in database configuration dialog in order to use the newest MSSQL ODBC driver
- Agent: Fixed issue that could prevent an application schedule from executing
- Heartbeat Agent: Fixed issue where it could take two monitoring cycles to determine a remote agent status
- Management Console: Fixed issue when downloading and importing packages
- Management Console: Fixed bug when moving computer item onto previous computer item
- Management Console: Fixed bug where clicking on "Add Host" link on group summary page would crash the console under certain circumstances
- Collector: Fixed issue where FQDN version of host names would be added to computer search list under certain circumstances
- Web Reports: Added NIST 800-171 reporting
- Web Reports: Optimized configuration resource utilization
New in EventSentry Light 3.3.1 Build 124 (Oct 5, 2017)
- Bugfixes:
- Agent: Fixed issue where agent would not log connection error events when unable to connect to SMTP server (non-collector) Agent: Numerical insertion string comparison in event log filters now removes thousand separator characters
- Agent: Fixed issue with software inventory not always populating when agent starts
- Agent: Improved insertion string variable resolution for values containing line feeds when passing arguments to a process as the command line
- Agent: Fixed memory leak when using filter chain feature in conjunction with a high volume of events
- Agent: Fixed issue where event logs from "Application & Services" could not be backed up
- Agent / Collector: Fixed issue where FQDN name was stored in database when UTC is disabled
- Collector: Fixed issue where secondary collector would not restart after initial installation without registry fix
- Web Reports: Fixed DST-related job scheduling issue for jobs that run every X hours
New in EventSentry Light 3.3.1 Build 114 (Sep 1, 2017)
- Bugfixes:
- Configuration Assistant: Fixed issue where MSSQL-based databases could not be created without invoking manual steps
- General: Fixed issue where EventSentry would not work properly with Linux-based MySQL databases due a bug involving case sensitivity
- Web Reports: Simplified rendering of timestamps for more clarity
New in EventSentry Light 3.3.1 Build 112 (Aug 15, 2017)
- Bug fixes:
- Built-In Database: Updated PostgreSQL to v9.6.4
- Fixed issue where EventSentry patch would not update the built-in 9.6.x PostgreSQL database to latest version
- Agent: Fixed issue where agent would not be able to successfully connect to multiple collectors
- Agent: Fixed issue where a adding/removing a service or driver would cause issues with the inline configuration re-read
- Collector: File Access Tracking: Fixed issue where random data would be displayed in the checksum field for data records which did not have a checksum
- Management Console (Light Version Only): Fixed issue where importing a configuration would result in an error message
- Management Console (Light Version Only): Fixed issue where importing packages would crash the management console under some circumstances
New in EventSentry Light 3.3.1 Build 106 (Aug 1, 2017)
- Bugfixes:
- Network Services: Fixed issue that could cause service to crash after startup under some circumstances
- Agent: Fixed issue that would cause problems with a configuration update triggered by the addition or removal of a service
- Agent: Fixed issue where current folder monitoring status would not be written to the database
- Database Import Utility: Improved debug logging when utility is ran in batch mode for easier troubleshooting
- Web Reports: Resolve issue where Performance Status would revert back to Last 3 days
- Web Reports: Improved performance counter validation
New in EventSentry Light 3.3.1 Build 104 (Jul 14, 2017)
- Bugfixes:
- Network Services: Fixed issue which would prevent some data from being cached properly while the database was temporarily unavailable
- Network Services: Fixed other reliability issues
- Database Import Utility: Improved debug logging
- Collector: Fixed issue which would prevent some data from being cached while a PostgreSQL-based database was temporarily unavailable
- Agent: Fixed issue where a configuration update could result in a deadlock blocking the agent
- Management Console: Fixed issue where deleting a log file filter would not persist after saving the configuration
- DB Purge Utility: Improved logging for MSSQL databases
New in EventSentry Light 3.3.1 Build 96 (Jun 23, 2017)
- Bug fixes:
- Agent: Fixed bug where $STR variables would not be resolved correctly for HTTP actions
- Agent: Fixed bug which would cause configuration updates to not work or block monitoring
- Agent: Stability improvements
- Agent: Fixed issue which could trigger event id 12000 (new software installed) for software that is already installed
- Agent: Fixed issue where uninstalling 64-bit agent from command line does not work with /collectorclient option is used
- Agent: Increased internal GUID cache size to prevent unnecessary LDAP query on busy domain controllers
- Network Services: Fixed issue where byte count would be zero for ASA/IPFix protocol
- Network Services: Improved throughput and efficiency
- Management Console: Fixed issue where console would always prompt to save when exiting
- Management Console: Fixed issue where removing a threshold from a filter would not persist
- Heartbeat Agent: Fixed issue where uptime report would indicate a reboot of a SNMP-based device even though that device had not been rebooted
New in EventSentry Light 3.3.1 Build 84 (May 27, 2017)
- Database Import Utility: Changed location of debug log file for log import utility
- NetFlow: Fixed incorrect port output for ICMP traffic
- Agent: Fixed bug where an incorrect file monitoring configuration could crash the agent
- Agent: Fixed bug where user rights assignments would not to be recorded correctly when using collector
- Agent: Fixed issue where agent would utilize all CPU usage on a single core while collector is unreachable
- Agent: Fixed issue where a configuration update could cause an agent crash in performance monitoring
- Agent: Fixed issue where file checksums would not be generated in File Access Tracking under some circumstances
- Agent/Management Console: Fixed issue where events without an associated message dll would not render text correctly for Non-English language OS
- Management Console: Fixed issue where resource utilization of 64-bit agent would not be displayed on Services dialog
- Heartbeat Agent: Fixed issue where agent status would be frequently logged as idle
- Built-In Database: Updated PostgreSQL to v9.6.3
New in EventSentry Light 3.3.1 Build 70 (Apr 27, 2017)
- Network Services: Improved throughput performance in NetFlow component
- Network Services: Added support for Cisco ASA firewalls
- Network Services: ARP alert event id 700 now includes IP address when available
- Built-In Database: Updated PostgreSQL to v9.6.2
- Management Console: Increased the maximum number of groups to 512
- Management Console: Increased the size of the package import dialog
- Management Console: Improved resonsiveness of performance counter dialogs
- Management Console: Support for 64-bit performance thresholds
- Management Console: Fixed real-time display of 64-bit values
- Management Console: Fixed issues when sorting an event log
- Management Console: Fixed issue when installing an additional collector service
- Management Console: Group type can now be set when adding a group
- Management Console: Various stability & usability improvements
- Collector / Agent: Added support for Syslog RFC 5424 format
- Agent: Fixed bug that would not launch embedded scripts through a process action correctly
- Agent: Decreased the time it takes the service to stop in most scenarios
- Agent: Decreased the time it takes for the agent to apply a new configuration
- Agent: Added "not equal to" condition for performance counter / SNMP monitoring
- Agent: Fixed bug that would prevent event id 12001 from being logged
- Agent: Slightly improved the performance of file checksum generation
- Agent: Events regarding the (un)installation of software now include the host platform (32 vs 64 bit)
- Agent: Fixed bug where terminating a process would not work under some circumstances
- Agent: Reduced the memory consumption for agents running on busy domain controllers (non-collector)
- Heartbeat Agent: Fixed issue where the HB agent would not automatically reread an updated configuration after being saved in the management console
- Web Reports: The ACL of the main web reports directory is now secured to prevent unauthorized read access
- Web Reports: Added preference option for 24-hour clock
- Web Reports: Added NetFlow support for Cisco ASA
- Web Reports: Updated mobile JSON feed with improved performance counter detection
- Web Reports: Fixed issue where report could be run with no limit
- Web Reports: Improved trend links under Internet Explorer
- Web Reports: Added support for LDAPS
- Web Reports: Added 45 minute search option
- Web Reports: Included Delimited Log File support to Search tile
- Web Reports: Revamped weather tile
- Web Reports: Improved boolean support across database types
- Web Reports: Adapted eventnumber for logons searches
- Web Reports: Enhanced predictive search for CJK languages
- Web Reports: Updated Japanese translations
New in EventSentry Light 3.3.1 Build 42 (Feb 5, 2017)
- Bugfixes:
- Management Console: Multiple hosts can now be deleted or moved in the management console with the remote update feature
- Management Console: Improved usability of license dialog
- Agent: Fixed issue where agent would log event 1050 even when database action is using the collector
- Agent: Fixed issue where custom event message in a filter with one or more line breaks would not work
- Agent: Filter chaining (non-sequenced) works even when exclude filters are contained in the package
- Agent: General stability improvements
- Collector: Tweaked configuration transfer method to agents
New in EventSentry Light 3.3.1 Build 36 (Jan 27, 2017)
- Bug fixes:
- Management Console: IP addresses are now annotated in built-in event viewer, similar to collector emails
- Management Console: Fixed issue where application would crash on hosts with no Internet connectivity under specific circumstances
- Management Console / Collector: Fixed issue where "Enhanced Security" setting in database action would not work and still transfer connection string to agent(s)
- Collector: Fixed rare issue where collector service would not start
- Collector / Network Services: Services can now read a 64-bit configuration if a 32-bit configuration does not exist
- Collector: Fixed issue where certain event-based variables would not work in emails sent by collector
- Collector: Fixed issue where non-routable IPs would prevent a reverse lookup in collector emails
- Agent: Added ability to override title and message for "Network" action
- Agent: Removed now obsolete configuration option for supporting pre-2003 hosts in "Network" action
- Agent: Fixed potential buffer overflow
- Agent: Various improvements throughout codebase to improve performance and stability
- Agent: Fixed issue where excluding processes under "Compliance/Process Tracking" when using the collector would result in unnecessary data packets being sent to collector
- Agent: Fixed issue where agent would not start - or start very slowly - and use a large amount of CPU time on Hyper-V VMs with only one vCPU.
- Configuration Assistant: Creating databases on Microsoft SQL Server non-default instances is now more intuitive.
- Web Reports: Welcome wizard now detects if JavaScript has been disabled
- Web Reports: Added NetFlow Network Traffic JSON for inbound and outbound traffic
- Web Reports: Updated sort indicators for detailed results
- Web Reports: Improved dashboard iteration inheritance
- Web Reports: Ensured correct url encoding when switching between Summary and Detailed views
- Web Reports: Optimized resource usage when running report jobs
- Web Reports: Fixed issue where search dashboard tile would ignore the percentage field
- Web Reports: Updated Tomcat to version 7.0.73
New in EventSentry Light 3.3.1 Build 22 (Jan 4, 2017)
- Bugfixes:
- Agent: Fixed issue where records captured by file access tracking would under some circumstances, mostly PostgreSQL, would not be written to the database when not using the collector
- Agent: Fixed issue where physical disk info wouldn't be written to database when not using the collector
- Agent: Fixed issue where physical disks, controller and RAID information would not be detected correctly with newer versions of HP Insight Management
- Agent: Fixed issue where host would not be detected as a VM when running Server 2016
- Management Console: Improved display of licenses
- Heartbeat Agent: Alert email indicating that the EventSentry service is stopped is now less sensitive and not triggered during installations and upgrades
- Web Reports: Improved translation for Polish, Dutch, Spanish and Portuguese
- Web Reports: Included detection for unconfigured iLO cards
- Web Reports: Renamed file fields on File Access page with query support
- Web Reports: Fixed frequency chart rendering when exported as PDF
New in EventSentry Light 3.3.1 Build 18 (Dec 21, 2016)
- Bug fixes:
- Agent: Fixed issue where an invalid database action in service monitoring could crash the agent
- Agent: Agent now logs event id 1075 when a self-update completed successfully
- Network Services / NetFlow: Fixed issue where the number of bytes would not be logged for NetFlow v9 under some circumstances
- Network Services: Status of the NetFlow daemon is now logged with event id 112, similar to Syslog & SNMP components
- Network Services: Fixed issue when evaluating NetFlow with an existing full license
- Management Console: Improved usability of desktop action dialog
- Management Console: Added template for Slack to HTTP action dialog
- Collector: Fixed issue with when overriding email subject
- Collector: Fixed issue where local agent would not communicate with collector after an initial installation until the configuration was saved once in the management console
- General: Improved email subject of some EventSentry alerts with new installations
- Web Reports: Updated German translation
- Web Reports: Fixed Diskspace trends formatting
- Web Reports: Fixed exception error on NetFlow summary page when viewing average data
New in EventSentry Light 3.3.1 Build 12 (Dec 14, 2016)
- NetFlow with support for NetFlow v1, v5, v9 & sFlow. NetFlow supports visualization, geolocation, alerts, correlation with workstation logon events to map flows to ActiveDirectory users, filtering and more
- Web Reports - Notes & Documentation: Web reports users can submit notes to document infrastructure updates, maintenance, fixes and more. Documentation files can be uploaded and associated with hosts
- Web Reports: New security features
- Web Reports: New dashboard tiles
- Web Reports: Treemap visualization available for most pages
- Web Reports: Updated look and improved menu
- Deployment: Agents using the collector can receive configuration and agent binary updates automatically through the collector without user intervention.
- Deployment: MSI installers can now be created in a few seconds directly from the management console (requires free WiX Toolset)
- Agent: A 64-bit agent is now available for 64-bit Windows
- Agent: Removed limit and improved management of custom event logs
- Agent: Support for chaining events
- Agent / Collector: Emails containing IP addresses sent through collector can be enhanced to display geolocation and reverse lookup data inline.
- Agent: Emails from security event log will automatically be enhanced with descriptions for many status and error codes
- Agent: Database performance of delimited log files has been significantly improved
- Agent: Insertion strings of events can be created or replaced using regular expressions
- Agent: Install date of software is now available for most software even if it was installed before EventSentry
- Heartbeat Agent: Agent status is now retrieved directly from collector and/or database for faster and more efficient monitoring
- Network Services: Database performance for Syslog component has been improved for MSSQL databases
- Network Services: License count for network devices is now more accurately enforced
- Database: Built-In database now uses PostgreSQL v9.6, optional upgrade path is available
- Configuration: Improved out-of-the-box filter rules for less noise
- Management Console: Remote configuration can now removed when uninstalling an agent even when remote registry service is unavailable
New in EventSentry Light 3.2.1 Build 89 (Nov 9, 2016)
- Database: Updated built-in PostgreSQL database to 9.1.24
- Agent: Fixed issue where removing a sevice could crash the agent when using collector
- Agent: Fixed issue where binary data was not sent with Syslog action when using the collector
- Agent: Improved error handling of delimited log files and increased max allowed size of new files
- Agent: Fixed issue with incorrect CPU virtualization support flag in hardware inventory when using collector
- Agent: Various stability improvements
- Management Console / Agent: Fixed issue where Non-English performance counter descrpitions would not display correctly in management console and alerts
- Management Console: Fixed issue where pushing the configuration would result in an error message related to the eventsentry_svc_in.reg file
- Management Console: Fixed issue where duplicate computers would use up licenses
- Management Console: Fixed various issues when opening .evt files
New in EventSentry Light 3.2.1 Build 86 (Sep 30, 2016)
- Bugfixes:
- Network Services: Updated MAC Vendor database
- Management Console: Minor tweaks and improvements
- Management Console: Adding a license no longer requires a restart of the management console
- Management Console: Fixed issue when viewing event logs with very high number of events
- Agent: Fixed bug where Hyper-V VMs were not properly detected and/or updated
- Agent: Fixed bug in log file monitoring which could cause collector to crash
- Agent: Improved online configuration updates (1035 event)
- Agent: Fixed issue where product type wasn't written to the account management and policy compliance tracking pages when using collector
- Agent: Fixed issue where an incorrect event was logged by the directory monitoring / file count feature
- Heartbeat Agent: Fixed issue where heartbeat status would not be updated when using a MySQL database
- Agent / Collector: Added option to send Syslog data in UTF8 format
- Database: Updated built-in PostgreSQL database to 9.1.23
- Web Reports: Fixed timezone rendering on trend pages
- Web Reports: Improved time rendering when a computer is selected on error and failures dashboard tile
- Web Reports: Resolved potential XSS vulnerability on trends
- Web Reports: Reclassified specific client error codes to 400 Bad Request instead of generic 500 error
- Web Reports: Fixed various security issued
New in EventSentry Light 3.2.1 Build 76 (Aug 12, 2016)
- Bug fixes:
- Agent: Reduced impact on DB performance for configurations monitoring many performance counters
- Agent: Fixed issue where some compliance tracking data would not be cached correctly during temporary database outages
- Management Console: Improved handling of copy/cut/paste when editing items in the tree view
- Management Console: Fixed issue with remote update performed on "Groups" level
- Management Console: Fixed bug where hidden packages would still show up on summary screen, clicking would result in an application crash
- Collector: Fixed issues with some variables not being resolved correctly for email actions
- Collector: Fixed issue where text file action routed through collector would not update output file frequently enough
New in EventSentry Light 3.2.1 Build 66 (Aug 12, 2016)
- Bug fixes:
- Management Console: Fixes a regression bug where adding a computer through the "Edit" dialog will result in an empty string being added to the group, requiring the user to edit the empty string. This is a complete patch but only affects the file eventsentry_gui.exe. It is not necessary to apply this patch if you are running 3.2.1.64 and not adding new hosts to the configuration. You may contact support to obtain a patched eventsentry_gui.exe instead of applying the full patch
New in EventSentry Light 3.2.1 Build 64 (Aug 12, 2016)
- Bug fixes:
- Collector: "File" action would not work when channelled through the collector
- Collector: Fixed bug where overriding an email message body would not resolve insertion string variables
- Collector: Fixed issue where $IPADDRESS variable would not be resolved for SMTP actions channelled through the collector
- Agent: Fixed issue where content filters using a numerical comparison chained with OR may not work as expected
- Agent: CPU count would be incorrect on some pages in the web reports when not using the collector
- Agent: Improved reliablity when agent frequently connects and disconnects from the collector
- Agent: Increased field storage size for HTTP action and fixed bug which prevented utilization of full field size
- Agent: Fixed issue where agent may crash when a service is removed
- Management Console: Fixed bug when minimizing the ribbon
- Management Console: Fixed bug when performing a remote update action without the extensive network check enabled when host has at least one TCP port checked.
- Heartbeat Agent: Fixed bug where large monitoring interval would cause service to stop monitoring hosts
- Web Reports: Improved warranty checks
- Web Reports: Fixed CSV output by adjusting the block size
- Web Reports: Added SourceIP to LogonByType Summary view
- Web Reports: Fixed issue where grouped summary section links would not always match a valid translation resulting in an exception
- Web Reports: Improved group by rendering when values are empty
- Web Reports: Fixed error handling when original event cannot be found in the database
- Web Reports: Updated Tomcat to version 7.0.69
New in EventSentry Light 3.2.1 Build 50 (Aug 12, 2016)
- Bug fixes:
- Agent: Fixed regression bug with log file monitoring which caused inconsistent results with configured filters
- Agent: Improved automatic installation and upgrade of ODBC drivers when not using collector
- Agent: Improved group membership detection when agent is configured only with a IP which is not the primary IP of an interface
- Agent: Fixed issue where editing embedded scripts would cause some associated application schedules or process using an embedded script to not launch
- Heartbeat Agent: More switches are now supported by switch inventory
- Web Reports: Fixed CSV output with large datasets
New in EventSentry Light 3.2.1 Build 44 (May 30, 2016)
- Bug fixes:
- Web Reports: Fixed XSS vulnerability on SNMP Traps search page
- Web Reports: Added report for HIPAA/PCI
- Web Reports: Adjusted last date calculation for scheduled jobs
- Web Reports: Updated default event formatting
- Web Reports: Fixed x-axis for Diskspace Trends when UTC has not been enabled
- Web Reports: Renamed Hardware menu item to Hardware / OS
- Web Reports: Collector Status tile now directly links to the Collector Status page
- Web Reports: Fixed hover tooltip on heatmaps
- Web Reports: Added an option to increase the height of heatmaps
- Agent: Improved disk space alerting when disk space usage continously exceeds and falls below a preset threshold
- Agent: Fixed issue where IPv6 source addresses were discarded and not shown in various compliance tracking reports
- Agent: Added support for $LICENSEE variable for email subject, header & footer
- Heartbeat Agent: Improved error handling when monitoring hosts via SNMP
- Heartbeat Agent: Fixed issue where service would crash when it was configured to use a disabled database
- Management Console: Improved remote update for mixed groups which contain Windows as well as Non-Windows hosts
- Management Console: Improved error message when AD-linked groups cannot be queried
- Management Console: Fixed various issues with wizards
- Database: Updated built-in PostgreSQL database to 9.1.22
- General: Fixed issue where MAC address vendor db (for ARP daemon) hasn't been updated
- General: Fixed issue where MAC address vendor db wasn't included in EventSentry Light
- General: Various upates to the documentation
New in EventSentry Light 3.2.1 Build 30 (Apr 25, 2016)
- Bug fixes:
- Agent: Changes to services are now logged under the severity configured under the "Addition/Removal" category
- Collector: Fixed issue where resolving variables would sometimes not work
- Management Console: Fixed issue where configuration changes would not be picked up by the agent running on the same host as the management console
- Management Console: Added new option to hide the command which was executed
- Management Console: Added new option to reset the shared secrets of a remote agent by clicking the computer name
- Management Console: Fixed issue where an embedded script in mixed case would not properly save other scripts
- Heartbeat Agent: Remote agent status is now retrieved from database prior to attempting to retrieve status from remote agent
- Heartbeat Agent: Fixed issue where an invalid SNMP OID could cause the heartbeat agent to crash
- Heartbeat Agent: Now logs events when the HB Agent cannot connect or write to the database
- Web Reports: Fixed PDF formatting when exporting charts with legacy non-UTC enabled datasets
- Web Reports: Updated user caching to prevent collisions
New in EventSentry Light 3.2.1 Build 22 (Apr 25, 2016)
- Bug fixes:
- Agent: Fixed issue where agent would not start on Windows XP
- Agent: Improved resource utilization of agent and domain controllers by optimizing event log parsing and suppressing unneeded LDAP queries
- Agent / Collector: Agent now disconnects from collector after periods of inactivity
- Heartbeat Agent: Improved detection of unreliable network connectivity where agent status monitoring is not possible
- Heartbeat Agent: Fixed issue where uptime would not be updated in database for SNMP hosts
- Collector: Resolved issue in file access tracking where LogonID is not written to database
- Collector: Resolved issue where communicating with SMTP server which require authentication would not work
- Management Console: Significantly improved the speed of the "Prepare Configuration file" stage of remote update, resulting in signifanctly faster remote update experience
- Management Console: WMI service is no longer paused when deploying and/or upgrading remote agent(s)
- Management Console: Fixed issue when defining new variables
- Management Console: Fixed issue where performance counter descriptions would not be scrollable for built-in packages
- Management Console: Improved searching for filters which use an event id range
- Management Console / Collector: Added option to reset shared secret for a single host
- Database: Updated built-in PostgreSQL database to 9.1.21
- Database: Changed default MySQL driver to a version which works reliably with EventSentry, fixed issues in configuration assistant pertaining to MySQL
- Web Reports: Adapted SOX requirements
- Web Reports: Empty report categories are now automatically removed
- Web Reports: Page-level context menus now group the report categories
- Web Reports: Improved caching for user accounts
- Web Reports: Added additional cookie validation
- Web Reports: Fixed X-axis time representation on the Dashboard
- Web Reports: Improved pagination on the Logon Console page
New in EventSentry Light 3.2.1 Build 8 (Apr 25, 2016)
- Bug fixes:
- Collector: Fixed issue where connections from agent(s) would be rejected if the reverse lookup of the remote IP would not match the host name specified in the management console
- Agent: Fixed an issue where the agent would attempt to connect to a remote collector after service startup even if a connection is not necessary
- Web Reports: Improved "Last Seen" info on Inventory - Host page
New in EventSentry Light 3.2.1 Build 6 (Apr 25, 2016)
- Bug fixes:
- Agent: Fixes issue in Email action (legacy HTML) where select font would not apply
- Installer: Fixes issue where updating from 3.1 to 3.2 through management console would neither properly evaluate the installed license nor trigger the configuration assistant after the upgrade is complete
- Installer: Fixed issue where installer would take an unusually long time towards the end of the installer when upgrading (speed improves starting with the 2nd upgrade)
- Web Reports: Improved CSV Export when exporting all pages of a resultset
- Web Reports: Fixed search query generation when multiple conditions are added to the search directly
New in EventSentry Light 3.2.1 Build 4 (Apr 25, 2016)
- Bug fixes:
- Management Console: Added export option for offline agent deployment
- Collector: Improved handling of shared secrets to prevent incorrect connection rejection
- Web Reports: Added ability to remove specific log file revisions with maintenance wizard
- Web Reports: Added missing translations for some languages
- Agent: Fixed issue where uninstalling agent from command line would result in a crash
- Agent: Added command-line option to remove locally stored collector security settings when uninstalling agent
New in EventSentry Light 3.2 (Apr 25, 2016)
- Features:
- Central collector service which enables a 3-tier architecture between an action (e.g. database, email server) and the EventSentry agents. Supports compression and secure data transmission via TLS encryption.
- Management Console: Ability to import computers from a network (subnet) scan
- Management Console / Remote Update: Record activity in log files
- Management Console / Remote Update: Toggle fields in result list
- Management Console: Export all configured filters to CSV file
- Switch inventory with switch port to MAC/hostname mapping
- Detection of highest supported USB version
- Ability to reduce the size of security events in the database by removing common, static footers
- Web Reports: Additional language support for French, Dutch, Spanish, Polish, Portuguese and Italian
- Web Reports: Out-of-the-box compliance reports for PCI-DSS, FISMA, Sarbanes Oxley, HIPAA and GLBA
- Web Reports: Improved & faster performance trend reporting with ability to display multiple trend charts on a single page
- Web Reports: New Bulk assignment for easier report management
- Web Reports: Report jobs can be saved to a folder
- Web Reports: Improved host inventory page now shows switch port (if available), USB version and VM hosts (if available)
- Web Reports: Health matrix displays computer notes
- Web Reports: Improved usability throughout
- Web Reports: Improved connection pool support
New in EventSentry Light 3.1.1 Build 112 (Feb 3, 2016)
- Bug fixes:
- Agent: Fixed issue where some custom event logs may not be monitored after a configuration update is pushed to the agent
- Agent: Fixed regression bug originally fixed in 3.1.1.90 with the scheduled task inventory
- Agent: Fixed issue which would prevent an entire drive from being monitored with file checksum monitoring
- Web Reports: Updated Tomcat to 7.0.67
- Web Reports: Fixed issue in with short-running jobs
- Web Reports: Improved bulk computer assignment in Account Manager
- Web Reports: Moved Source IP to separate column on Logon pages
- Web Reports: Fixed File Checksum search field mappings
New in EventSentry Light 3.1.1 Build 108 (Feb 3, 2016)
- Bug fixes:
- Agent: Fixed rare issue which would cause high CPU utilization
- Agent: Fixed issue where 64-bit software wouldn't be detected if 32-bit version of same software is installed
- Agent: Misc optimizations
- Management Console: Fixed bug where sorting computers would not be saved
- Management Console: Fixed bug where a deleted log file definition would remain in the configuration after saving
- Management Console: Fixed bug where processing a group with and ID of >= 255 would not work
- Configuration Assistant: Database initialization can now be skipped
- Configuration Assistant: Improved MySQL ODBC driver installation
- Web Reports: Fixed issue renaming/reordering Dashboards
- Web Reports: Improved rendering of the most recent value on Performance Dashboard tiles
- Web Reports: Resolved empty searches Group Changes page when values are present
- Web Reports: Health Matrix / Network Status is now more responsive
- Web Reports: Updated scheduling of short-interval report jobs
New in EventSentry Light 3.1.1 Build 104 (Oct 21, 2015)
- Bug fixes:
- Agent: Agents will assign themselves to an "Unknown" group instead of assigning themselves to the first group in the configuration when the agents cannot find an entry for their host name in an existing group
- Heartbeat Agent: Timing optimizations when monitoring the agent status on hosts with a slow link or on hosts not running Windows
- Management Console: Event Log Packages now show in correct order when right-clicking an event in the built-in event viewer and creating an include/exclude filter
- Installer: Fixed rare issue where the PostgreSQL ODBC driver would trigger a host reboot during the EventSentry installation
- Built-In Database: Updated to PostgreSQL v9.1.19
New in EventSentry Light 3.1.1 Build 100 (Oct 6, 2015)
- Bugfixes:
- Agent: Added/fixed support for executing powershell scripts through the application scheduler or actions
- Agent: Fixed issue where an action may be triggered even if it is disabled
- Agent: Fixed issue where the debug log file of the agent would continue to grow, exceeding the maximum configured size
- General: Increased size the max number of groups to 384
- Web Reports: Updated Tomcat to v7.0.64
- Utilities: Added UTC support es_db_agent_status.exe
New in EventSentry Light 3.1.1 Build 90 (Aug 27, 2015)
- Bugfixes:
- Agent: Fixed potential security vulnerability which would give a local user temporary access to the EventSentry configuration file during a remote update action
- Agent: Fixed issue with scheduled task inventory on Windows 2003 which would result in duplicate and incorrect alerts. IMPORTANT: Upgrading to this build will generate a one-time "new task detected" alert for each installed task on a 2003/XP machine
- Agent: Added support for $IPADDRESS variable
- Management Console: Improved support for managing large number of hosts
- Management Console: Other minor bug fixes
- Web Reports: Added output for binary data in event log detail dialog
- Web Reports: Modifying search now resets the back to first page
- Web Reports: Improved database connection pool limit
- Web Reports: Optimized job scheduler
- Web Reports: Improved Maintenance Wizard reliability with Oracle
- Web Reports: Removed documentation class which contained potential vulnerabilities
New in EventSentry Light 3.1.1 Build 85 (Jul 31, 2015)
- Bugfixes:
- Agent: Fixed issue where agent may issue invalid performance alerts after startup
- Agent: Fixed issue where agent may not start if configuration contains more log file packages than event log packages
- Agent: Improved performance of logon tracking as well as parsing of remote host name values for some events
- Agent: Fixed issue where agent may generate incorrect performance alerts immediately after starting
- Agent: Fixed issue where agent may not start if the number of log file packages is greater than the number of event log packages in the configuration
- Agent: Improved how the agent reports the SNMP sender id when sending SNMP traps
- Agent: Fixed issue where malformed volume name could prevent disk space status from being updated
- Heartbeat Agent: Fixed issue where service was caching incorrect host statuses in temp file when shutting down
- Heartbeat Agent: Improved ping response time tracking trend charts when remote host is unavailable
- Heartbeat Agent: Fixed issue where repeat alerts may not be generated
- Heartbeat Agent: Fixed issue where configuration updates would not always work reliably, especially when the polling interval was low and/or the number of monitored hosts was large
- Heartbeat Agent: Fixed issue where remote agent status would show up as "Unknown" indefinitely
- Management Console: Improved cleaning up orhpaned registry values
- Management Console: Fixed issue with remote update when working with a large EventSentry configuration
- Management Console: Fixed issue where invalid authentication settings would cause a crash under certain circumstances
- Management Console: Now pulls host names in FQDN format from AD when configured in global options
- Web Reports: Fixed menu formatting when user has limited access
- Web Reports: Resolved issue where Environment reports would periodically be empty
- Web Reports: Fixed error when removing the last dashboard
- Web Reports: Improved searches for acknowledged events
- Web Reports: Fixed issue when adding Group Allowed pages with Internet Explorer
- Web Reports: Improve HB Status tile when selecting multiple groups
- Installer: Fixed issue where upgrading from v2.91 would result in a duplicate installation
- Built-In Database: Updated to PostgreSQL v9.1.18
New in EventSentry Light 3.1.1 Build 60 (May 30, 2015)
- Bug fixes:
- Agent: Fixed issue where incorrect access mask was displayed on File Access Tracking report
- Agent: Fixed regression issue where uninstalled software would not be detected
- PostgreSQL: Updated to version 9.1.16
- Management Console: Additional usability improvements and sanity checks
- Web Reports: Updated Tomcat to 7.0.62
- Web Reports: Fixed File Access search when clicking Delete events
- Web Reports: Added Memory Used/Free percent to Mobile API
- Web Reports: Fixed Search tile data range with Service Status queries
- Web Reports: Improved handling of averages on Performance Status when no value is present
New in EventSentry Light 3.1.1 Build 54 (May 16, 2015)
- Features:
- Agent: Added option to database actions to log more database-related connectivity errors to event log with event id 532
- Bug fixes:
- Management Console: Fixed issue when testing filter rules with built-in event viewer
- Management Console: Fixed issue where credentials for GROWL action where not saved
- Management Console: Increased max MIB count to 128
- Management Console: Added maximum timeout of 5 min per host in remote update
- Agent: Fixed issue where agent would store duplicate events in database due to incorrectly analyzing the return code from ODBC driver
- Agent: Added ability to use variables in content filters
- Agent: Fixed several issue with log file monitoring to improve reliability
- Agent: Improved reliability of caching events when remote database is unavailable and agent is restarting
- Agent: Fixed issue with software inventory/alerts where multiple versions of the same software installed on a single computer would not report correctly and/or trigger incorrect uninstallation notices
- Heartbeat Agent: Optimized temp file storage for improvement performance on networks monitoring large number of hosts
- Heartbeat Agent: Improved how threads are automatically allocated
- Heartbeat Agent: Improved detection of hosts which cannot be queried via SNMP or agent status
- Heartbeat Agent: Fixed issue were disk space status wouldn't be updated for SNMP monitored hosts
- Network Services: Improved reliability
- Web Reports: Updated JRE to version 1.7.0.79
- Web Reports: Updated Tomcat to version 7.0.61
- Installer: Fixed issue when installing to terminal servers
New in EventSentry Light 3.1.1 Build 29 (Feb 27, 2015)
- Features:
- Agent: SMTP action can now connect to SSL/TLS SMTP servers with an unsigned certificate (configurable)
- Management Console: Simplified patch installation process
- Web Reports: Usability improvements
- Bug fixes:
- Heartbeat Agent: Improved SNMP polling and slow link detection
- Heartbeat Agent: Fixed issue where notes for network devices would not show up in web reports (e.g. Health Matrix)
- Agent: Fixed issue where setting a max number of events per email would send blank emails under certain circumstances
- Management Console: Fixed issue where filter rules test would not work correctly with custom event logs
- Management Console: Fixed issue where computers would be removed from AD-linked groups when performing certain actions on a single host in that group
- Management Console: Fixed issue where AD-linked groups would not be refreshed during application startup
- Management Console: Improved responsiveness of remote update dialog while a lengthy remote update operation is in progress
- Management Console: Fixed issue when adding a performance counter to an existing would yield an error message under certain circumstances
- Management Console: Fixed issue where setting remote update preferences to ES$ share would cause issues when pushing the configuration
- Management Console: Fixed issue where certain events would not be formatted correctly when connecting to remote event logs under certain circumstances
- Agent / Management Console: Fixed issue where testing or executing processes with certain command line arguments would not work
- Database Purge Utility: Removing old data from MS SQL Servers is now significantly faster
- Web Reports: Improved rendering of stack bar chart
- Web Reports: Fixed issue where record count in email subject would be inaccurate under certain circumstances
New in EventSentry Light 3.1.1 Build 17 (Feb 27, 2015)
- Features:
- Agent: Added ability to count files in folder
- Installer: Added proxy support (requires setup in IE)
- Bugfixes:
- General: Added Windows 8.1 and Server 2012R2 to dynamic package activation options
- Log Import Utility: Fixed potential issue when importing unicode log files
- Web Reports: Improved computer dashboard customizations
- Web Reports: Fixed 'since' calculation when UTC is disabled
- Web Reports: Fixed issue when deleting last dashboard
- Web Reports: Updated JRE to 1.7.0-76
- Installer: Miscellaneous fixes and improvements
New in EventSentry Light 3.1.1 Build 14 (Jan 3, 2015)
- Features:
- Agent: Added ability to report all data under an alias name instead of host name
- Web Reports: Added option for login prompt
- Web Reports: Added "Last Scan Duration" field to heartbeat status
- Bugfixes:
- Heartbeat Agent: Improved / fixed issue when monitoring hosts connected via low latency link
- Heartbeat Agent: Fixed issue where moving hosts with authentication between groups would require a heartbeat agent restart
- Web Reports: Fixed German translation
- Web Reports: Updated Tomcat to version 7.0.57
- Installer: Minor fixes and tweaks
New in EventSentry Light 3.1.1 Build 9 (Dec 19, 2014)
- Bugfixes:
- Agent: Resolves issue where absolute disk space limits would not work
- Management Console: Resolves issue where importing a 3.0 configuration backup file could not be imported
- Management Console: Updated SNMP trap daemon icon to avoid confusion
- Web Reports: Fixed security issues
- Web Reports: Fixed issue where events could not be acknowledged in rare circumstances
- Web Reports: Fixed full screen mode in dashboard in IE 11
New in EventSentry Light 3.1.1 Build 6 (Dec 19, 2014)
- Bugfixes:
- Installer: Resolved issue where license key would not be imported/accepted during installation/upgrade when software restriction policies are in place
- Installer: Resolved issues when adding/removing the web reports component
- Agent: Added sanity checks to prevent crash when service is being stopped
- Management Console: Fixed various issues with EventSentry Light to prevent crash
- Heartbeat Agent: Resolved issue where remote agent status was displayed as "Unknown" when IPC$ was configured as the authentication preference
- Web Reports: Fixed Group-level filtering for Syslog Hosts
- Web Reports: Added patch install date column to patch inventory page
New in EventSentry Light 3.1 (Dec 19, 2014)
- Windows & General Monitoring:
- Task Scheduler inventory and change detection
- Large File enumeration
- Inventory of virtual machines (Hyper-V & ESX)
- HTTP action now supports POST/PUT for better interoperability with web-based APIs
- Disk space monitoring now supports multiple disk space packages assigned to a single host
- Improved remote update / host management, especially of Non-Windows hosts in management console
- Heartbeat & SNMP Monitoring:
- Process Monitoring support for SNMP-enabled hosts
- Improved router functionality, configure routers based on IP subnet
- Status change detection and uptime calculation is more reliable
- Overall stability improvements in the heartbeat agent
- Web Reports:
- Support for multiple dashboards, including automatic iteration between dashboards
- Dashboards can be shared
- Support for graphical gauges (Clock, meter, number, bullet)
- New heatmap tile for uniquely visualizing log, syslog and performance data
- New generic search tile supports embedding data from any feature in dashboard
- Support for TV mode and dark/light theme in dashboard
- Various tweaks and improvements to existing dashboard tiles
New in EventSentry Light 3.0.1 Build 134 (Nov 18, 2014)
- Bugfixes:
- Management Console: Fixed issue introduced in build 3.0.1.132 which would break most HTTP-related functionality (e.g. version check)
- Agent: Fixed issue introduced in build 3.0.1.132 which cause issues with the HTTP action
- Web Reports: Fixed issue where directory names would be incorrect if the same file would be processed on the same host in 2 different directories at the same exact time
New in EventSentry Light 3.0.1 Build 132 (Nov 17, 2014)
- Bugfixes:
- Agent: Fixed issue where agent would not format security events correctly after a reboot prompted by a hotfix installation which makes changes to the security event log publisher
- Agent: Fixed issue with summary notifications
- Heartbeat Agent: Added additional OIDs for obtaining CPU usage
- Network Services: Trap bindings as OIDs are now resolved
- Network Services: Fixed issue with enum-style trap bindings
- Network Services: Fixed issue where white-listing MAC addresses would have no effect
- Management Console: Fixed memory leak in built-in event viewer when refreshing and/or filtering results
- Web Reports: Updated JRE to v1.7.0.72, updated Tomcat to v7.0.56
- Web Reports: Added TargetAccount as search option on group changes page
- Web Reports: Fixed time-zone issue on y-axis on error trend chart
New in EventSentry Light 3.0.1 Build 128 (Oct 25, 2014)
- Bugfixes:
- Network Services (ARP): Fixed duration of learning period to 2 weeks
- Network Services (ARP): Updated MAC vendor database
- Installation: Fixed issue where built-in PostgreSQL database service could not be registered on Non-English operating systems
- Management Console: Fixed issue where removing a log file could cause a crash
- Management Console: Fixed issue where removing credentials could cause a crash
- Agent: Increased maximum buffer for HTTP actions
- Agent: Fixed issue with performance trend clear events showing incorrect values
- Web Reports: Added support for empty search queries
- Web Reports: Fixed single character wildcard before dash queries
- Web Reports: Updated JRE to 1.7.0.72 and Tomcat to 7.0.56
- Web Reports: Resolved issue when testing SMTP settings
- Web Reports: Fixed disk calculation on very large disks
- Web Reports: Updated trend tiles on Dashboard to be clickable
New in EventSentry Light 3.0.1 Build 120 (Aug 24, 2014)
- Bugfixes:
- Agent: Fixed issue where service could exhibit very high CPU usage due to a bug in the disk prediction module
- Agent: Fixed issue where filtering severity of compliance tracking "Logon by Server Type" would not work as expected
- Agent: Increased the maximum number of installations EventSentry can cache to avoid false install/uninstall events
- Installation: Deactivating database purge would setup an invalid System Health package
- Web Reports: Computer is now included on Detailed Delimited Log File reports
- Web Reports: Updated jQuery version
- Web Reports: Line breaks are now escaped on Summary pages to improve link-based query building
- Web Reports: Fixed issue with Performance Trend reports when sent as HTML jobs
New in EventSentry Light 3.0.1 Build 114 (Aug 1, 2014)
- Bugfixes:
- Agent: Fixed issue where agent would attempt to connect to databases which are not in use
- Agent: Optimized communication with database for MSSQL and MySQL databases
- Network Services: Fixed issue where ARP alerts were not always generated
- Network Services: Improved ability to recover gracefully from db connectivity issues
- Network Services: Improved logging when network services are unable to communicate with database for an extended period of time
- Heartbeat Service: Improved timeout settings
- Web Reports: Fixed issue when Blocking Pages for a user account
- Web Reports: Resolved issue with monthly jobs calculation
- Web Reports: Improved job loading process
- Web Reports: Added valuefloat search field to performance pages
- Web Reports: Improved initial session preferences when using Remember Me
- Web Reports: Fixed C/F conversion on Environment Trends
- Web Reports: Updated JRE 1.7.0.65 and Tomcat 7.0.54
- Web Reports: Fixed x-axis time interval when exporting charts
- Web Reports: Improved field mappings on Logon Failures page
- Web Reports: Added column for Source IP to Logon Failures page
- Web Reports: Additional sanitation applied to report strings
- Web Reports: Increased default connection timeout
- Web Reports: Various security improvements
New in EventSentry Light 3.0.1 Build 106 (Jun 19, 2014)
- Agent: Better detection for latest version of HP Insight Manager
- Agent: Improved network failure reasons for some compliance tracking events
- Agent: Terminating child processes from application scheduler now works with unlimited process nesting levels
- Management Console: Improved various group and computer summary screens for variables and hosts with SNMP errors
- Management Console: Fixed issue when deleting first performance counter in the package
- Management Console: Added "Inherit" button to variable dialogs
- Heartbeat Service: SNMP: Fixed issue when querying SNMP counters with multiple instances on some SNMP Agents (e.g. pfSense)
- Heartbeat Service: SNMP: Fixed issue when using secondary non-SNMP counters in conjunction with multiple-instance SNMP counters
- Installer: Fixed issue with setting up automatic purge job when initializing EventSentry with MS SQL Server database and using built-in authentication
- Web Reports: Fixed issue when searching for Logon Type Unlocked
- Web Reports: Updated detailed hardware CSV output
- Web Reports: Resolved issue when setting permissions with the Account Manager
- Web Reports: Improved uptime calculation
- Web Reports: Event number in various compliance tracking pages is now clickable
New in EventSentry Light 3.0.1 Build 98 (May 17, 2014)
- Bugfixes:
- Management Console: Application Scheduler time outs larger than 60 seconds would not be saved correctly
- Management Console: Adding log file from right pane could crash management console
- Management Console: Performance counter preview now supports instances
- Agent: Event IDs can now be negated in a filter
- Agent: Event IDs can now be specified with a range in a filter
- Agent: Reduced memory consumption and improved scalability for file checksum monitoring
- Network Services / Heartbeat: Fixed issue where service would sometimes not recover from a temporary loss of db connection
- Web Reports: Trend pages will now export PDFs to landscape mode
- Web Reports: Improved Remember Me functionality when logging in
- Web Reports: Fixed issue with CSV output where in rare cases the first line would appear in the header
- Web Reports: Recent Events tile only looks at the last 3 days
New in EventSentry Light 3.0.1 Build 86 (Apr 26, 2014)
- Bugfixes:
- Installer: Fixed issue where installer running in patch mode would re-install previously unselected components
- Management Console: Fixed issue where app would crash on startup on systems with missing/corrupt performance counter settings
- Management Console: Fixed comment submission to myeventlog.com
- Agent (new feature): Added ability to ignore certificates in HTTP action
- Agent (new feature): Dynamic package assignment options now supports wildcards for service names
- Agent: Fixed issue where invalid temp entry would disable console logon tracking on a host
- Agent: Fixed issue where pushing configuration updates after renaming a group would cause package assignment issues on some remote hosts
- Web Reports: Fixed issue with uptime calculation when setting a custom range
- Web Reports: Corrected sorting of duration on the Processes search
- Web Reports: Updated default sorting on Software Inventory
- Web Reports (new feature): Added last value option to the Performance tile on the Dashboard
- Web Reports: High Processes tile has been renamed to Process Performance
- Web Reports (new feature): Added Handle Count to Process Performance tile
- Web Reports: Resolved issue where Report History was logged twice
- Web Reports: Updated JRE to 1.7.0.55
New in EventSentry Light 3.0.1 Build 78 (Apr 12, 2014)
- Bugfixes:
- Agent: Text Action now supports custom delimiter
- Agent: Event IDs can now be specified in ranges (e.g. 4628-4656)
- Agent: Added option for email action to keep space character in HTML emails
- Agent: Fixed issue where maintenance schedules set on a per-computer basis would not be applied to email or pager actions
- Agent (File Checksum Monitoring): Fixed issue where recurring scan would run more often than necessary
- Agent (Compliance Tracking): Fixed issue where ip address DNS lookup would not work on some hosts
- Agent (Compliance Tracking): Fixed issue where source IP address would not correctly show up for some events
- Agent (Application Scheduler): When terminating child processes, only processes which start after the parent processes will be terminated
- Management Console: Dragging and dropping a filter over collapsed event log packages now features a delay before automatically expanding them
- Management Console: Dragging and dropping an item can be aborted with the ESC key
- Management Console: Fixed issue where sorting actions could cause issues when overriding actions on a package basis
- Network Services: SNMP enumeration values are now resolved from MIB files in SNMP trap objects
- Built-In PostgreSQL Database: Fixed OpenSSL "heartbleed" vulnerability (CVE-2014-0160)
- Misc: Added support for SQL Server Native Client 11
- Web Reports: Added ability to customize disk error/warning levels
- Web Reports: Improved Disk Alert tile to include (Errors Only, Errors & Warnings, or Lowest #)
- Web Reports: Added Managed Hardware tile
- Web Reports: Visual improvements to services, disk space, heartbeat and managed hardware tile
- Web Reports: Architecture has been added to the Computer Inventory
- Web Reports: Fixed issue with the Diskspace Trends PDF output
- Web Reports: Added Source IP to Compliance pages
- Web Reports: Fixed generated time when UTC has not been enabled
- Web Reports: Increased performance when exporting results to CSV
- Web Reports: Improved reset password process
- Web Reports: Resolved issue where in some cases the Range would not be displayed for PDF reports
- Web Reports: Updated Tomcat (to v7.0.53) and charting library
New in EventSentry Light 3.0.1 Build 67 (Mar 27, 2014)
- Bugfixes:
- Agent: Significantly optimized event log scanning engine for Server 2008 and higher for higher throughput
- Agent: Optimized file monitoring engine
- Agent: Various optimizations to slightly reduce memory consumption
- Agent: Optimized boot scan
- Agent: $GROUP variable is now resolved in email header/footer when processing RESCAN events
- Agent: Fixed issue with overnight recurring schedules
- Agent: Pushing a config during recurring issue could cause events not to be recognized
- Agent: Fixed issue where logon tracking would generate duplicate key sql errors when using the built-in PostgreSQL database
- Agent: Fixed rare issue where service monitoring would generate many false alerts
- Web Reports: Fixed issue on the Network Status page when performance instances do not exist
- Web Reports: Added sorting by Percent on the Diskspace Status page
- Web Reports: Resolved issue where TargetAccount menus were not loading correctly on the User Account Changes page
- Remote Update Utility: Now supports /force switch to push config updates even when no changes have been made
- Network Services ARP: Resolved SQL error messages
- Removed several issue in web reports and configuration assistant when using Oracle
- Fixed issue where the management console would now accept a trial key to extend an existing trial
- Updated built-in database to PostgreSQL v9.1.13
New in EventSentry Light 3.0.1 Build 46 (Mar 1, 2014)
- Bugfixes:
- Regression Bug: Installer and binaries where not correctly digitally signed
- Regression Bug: Authentication set on individual hosts would not work most of the time
- Management Console: Fixed issue where removing some health object from a package would not work properly
- Management Console: Unsuccessfully connecting to a remote host would crash the management console
- Management Console: Fixed issue where browsing for performance counters with instances would not work
- Agent: Removed obsolete resource check
- Agent: Increased maximum length of process command line in application scheduler to 1024 characters
- Heartbeat Agent: Stability improvements
New in EventSentry Light 3.0.1.40 (Mar 1, 2014)
- Bugfixes:
- Agent: File Access Tracking now supports wildcards when using "Normalize Only" Event Analysis setting
- Agent: Improved handling & automatic recovery when agent experiences connectivity issues with database
- Agent: Filter packages are now processed in the same order as shown in the management console, Catch-All rules still apply
- Agent: Fixed issue where recurring schedule would run more often than necessary when using overnight recurring schedules
- Management Console: Fixed & improved proxy support
- Management Console: Various usability improvements
- Management Console: Added -Run Now- option to configuration backups, and increased the max. number of config backups
- Management Console: Fixed issue where connecting to remote 2003 event logs would sometimes not work from 2008 or higher.
- Light Edition: Fixed issue where monitoring sub folders would also be disabled
- Heartbeat Agent: Service will now only attempt to determine whether SNMP is supported on non-Windows devices once. Installer: Fixed issue where installing EventSentry with SQL Server Express would initially create an invalid configuration for the web reports
- Log Import Utility: Fixed issue where importing event log files would sometimes not work
- Web Reports: Added ability to sort Heartbeat Status by availability
- Web Reports: Included support link to customize logging or change warranty checking
- Web Reports: Resolved issue with empty query results for users in Japan
- Web Reports: Fixed duration calculatio
New in EventSentry Light 3.0.1.26 (Mar 1, 2014)
- Bugfixes:
- Management Console: Fixed crash when connecting to a remote host
- MySQL: Fixed issue in configuration assistant and es_db_purge.exe utility
- Command Line Purge Utility: Fixed UTC support
- Command Line Purge Utility: Fixed issue where username/password parameters would not be recognized
- Agent: Fixed issue where package assignments on a remote agent would sometimes be incorrect after one or more computers were removed from a group
- Agent: Increased buffer size for the HTTP action when processing large events
- Agent: Fixed issue where agent would crash when WMI would not return a display adapter
- Agent: HTTP return code 302 is now acceptable with HTTP action
- Web Reports: Background warranty checks are now configurable
- Web Reports: Optimized Account Manager and Network Status to support large datasets
- Web Reports: Fixed event dialog positioning for certain events
- Web Reports: Resolved issue where "Remember Me" would expire to soon in some cases
- Web Reports: Fixed Dashboard formatting for Retina displays
New in EventSentry Light 3.0.1.20 (Mar 1, 2014)
- Bugfixes:
- Management Console: Fixed bug where summary schedules were converted incorrectly from v2.93 and earlier
- Installer: Installer can now be run on Windows XP
- Installer: Fixed issue where web reports configuration would get misconfigured during patch upgrade
- Installer: Older rollback directories are now automatically removed
- Heartbeat Agent: Fixed SNMP issue when retrieving data from tables with empty instances
- New Feature: Added MIB and default package for HWg-STE ethernet-based environment sensors
- Web Reports: Fixed uptime calculations for international customers
- Web Reports: Resolved issue with status reports when using the Current timeframe
- Web Reports: Added option to return 1,000 records per page when using the Detailed mode
- Web Reports: Improved legacy comment support in the new web reports
- Web Reports: Resolved issue with frequency charts on the Process Tracking page with very large numbers
New in EventSentry Light 3.0.1.16 (Mar 1, 2014)
- Bugfixes:
- New Feature: Maintenance schedules can now apply to email and/or pager actions as well
- Agent: Fixed bug where variables wouldn't be correctly resolved in email header and footer
- Agent: Fixed issue where quotes in command line arguments for application scheduler would be incorrectly removed
- Agent: In the legacy HTML format the category column would incorrectly be called "Source"
- Agent: Fixed & improved IP lookup in various compliance tracking features
- Management Console: Fixed issue where initial agent deployment would not work if license key was incorrectly pasted from email
- Web Reports: Fixed issues on Logon By Type page
New in EventSentry Light 3.0.1.9 (Mar 1, 2014)
- Bugfixes:
- Management Console: Fixed minor issue on filter summary dialog
- Agent: Fixed issue where events would appear twice in "ASCII" style email Web Reports: Fixed issue when writing warranty information to postgres databases
- Web Reports: Fixed various issues with commenting and acknowledging events
- Web Reports: Fixed issue with warranty checks
New in EventSentry Light 3.0.1.7 (Mar 1, 2014)
- Bugfixes:
- Web Reports & Managment Console: Resolved minor Section 508 compliance issues
- Agent: Resolved issue where EventSentry service would not start with trial licenses
New in EventSentry Light 3.0.1.5 (Mar 1, 2014)
- Bugfixes:
- Agent: Fixed issue were adding/removing programs after a configuration would not always be detected
- Agent / Web Reports: Historical data for mount points is now stored in DB and shown on disk status and disk trends
- Heartbeat Agent: Fixed issue where numerical IDs would be resolved incorrectly if the corresponding MIB wasn't loaded and the configuration was updated
- Web Reports: Fixed issues with warranty information tile
New in EventSentry Light 3.0.1.2 (Mar 1, 2014)
- Bugfixes:
- Management Console: Editing packages would crash app when ribbon was disabled
- Agent: Internet Explorer version was not detected properly, and duplicate entries were shown in software inventory
New in EventSentry Light 3.00 (Mar 1, 2014)
- Web Reports:
- Scheduled Jobs: Receive reports via email
- PDF & JSON Output
- UTC Support
- Cross-platform: Supports Windows, Linux and OS X
- Complex queries for all features
- Full API
- Easier installation & setup
- Better dashboards
- Better summary pages
- Flash is no longer required
- Access control with LDAP integration
- Network Monitoring (Heartbeat Agent):
- Poll SNMP counters (integrates with performance monitoring)
- Retrieve disk space information from SNMP-enabled hosts
- Retrieve basic system & hardware information from SNMP-enabled hosts
- Retrieve uptime from SNMP-enabled hosts
- Windows Monitoring:
- Log file monitoring supports sub folders
- Recurring filters now support time intervals
- Compliance "Logon By Type" tracking can exclude logons by computer accounts
- Event Log filters can override email subject & message body
- Packages can by dynamically assigned based on platform (32bit vs 64bit)
- Threshold filters can utilize insertion strings
- Disk space prediction feature (predicts when disk will be full)
- Identify reasons why hosts were shut down or rebooted
- Desktop notification supports Growl
- Network notification supports remote desktop services
- Application scheduler support process isolation
- New email format "HTML Modern"
- Management Console:
- Includes ribbon & visual improvements
- New authentication manager
- Better filter search functionality
- Many common tasks have been simplified
- Improved built-in event viewer for Application & Services Logs
- Hour / Day configuration has been simplified
- Feature Utilization dialog
- Network Services:
- ARP daemon detects & tracks new MAC addresses and MAC to IP mappings
New in EventSentry Light 2.93.1.82 (Sep 4, 2013)
- Bugfixes:
- Fixed issue in license manager that would require some users to re-enter one or more license keys after applying patch for build 2.93.1.81
- Fixed issue in es_db_purge when purging event log data on PostgreSQL
- Various fixes in web reports
New in EventSentry Light 2.93.1.81 (Aug 29, 2013)
- Bugfixes:
- Agent: Fixed issue where admin detection in Console Logon Tracking feature would not work on domain controllers when the NetBIOS domain name would not match the DNS domain name
- Agent: Improved reliability of process tracking feature when tracking a high volume of processes
- Agent: Increased the max. number of applications the agent can capture in the software inventory
- Agent: Improved stability of the file monitoring feature
- Agent: Added detection for Windows 8.1 and Windows Server 2012 R2
- Network Services: Fixed issue where temporary database outages would not be handled correctly
- Management Console: Bug fixes for the built-in event viewer on Vista and later
- Remote Update Utility: Bug fixes
- Installer: Fixed issues in the database schema which would, in some cases, result in errors when upgrading from an earlier version of EventSentry
New in EventSentry Light 2.93.1.75 (Jun 1, 2013)
- Bugfixes:
- Agent: Added detection of DELL(c) OpenManage 64-bit tools
- Agent: Fixed issue where parsing backup event from logon tracking would crash the agent
- Agent: Fixed issue where certain applications would only show up as GUIDs in software inventory
- Agent: Fixed issue with log file monitoring when using wildcards in file names
- Remote Update Utility: Fixed issue where the status of the remote agent would not be properly detected when there was no configuration change
- Web Reports: Several bug fixes
New in EventSentry Light 2.93.1.65 (Apr 5, 2013)
- Bugfixes:
- Database: Updated to PostgreSQL v9.1.9 to fix security issue. Note that only the installer will upgrade PostgreSQL, the patch will NOT upgrade PostgreSQL.
- Agent: Significant performance improvements with log file monitoring feature when monitoring directories with large amount of log files (e.g. 1000+).
- Agent: Bug fixes for file monitoring
- Agent: Performance improvements to compliance logon tracking
- Agent: Boot scan and debug logging can now be configured on a per-host basis via registry
- Configuration Assistant: Added support for built-in Windows authentication when initializing and/or updating MSSQL databases
- Remote Update Utility: Improved stability and fixed bug where utility would retry failed hosts even when instructed not to
- Configuration: Added new event log package which excludes common audit failures by default
- Web Reports: Several bug fixes and performance improvements
New in EventSentry Light 2.93.1.55 (Mar 13, 2013)
- Bugfixes:
- Remote Update Utility: Improved & documented return codes
- Remote Update Utility: Fixed issue where event logged by utility would not log updated & failed hosts correctly
- Management Console: Fixed issue where deleting a group would corrupt group-set variables for some groups
- Agent: Fixed issue where processes started by agent (to perform hardware inventory on select server brands) would never exit
- Agent: Fixed issue where non-English performance counters would not be monitored
- Database Import Utility: Message box is no longer displayed when tool is launched with command-line parameters
New in EventSentry Light 2.93.1.49 (Feb 5, 2013)
- Bugfixes:
- Agent: Fixed potential race condition where agent would crash on hosts with high event logging activity
- Agent: Fixed issue where SNPP (pager) action would incorrectly send multiple pages
- Management Console: Maintenance schedules can now start & end at midnight to indicate a full day
- Management Console: Fixed issue where some computers would not be able to be updated through remote update
- Management Console: Fixed issue where deleting a computer while in a RDP session would crash the management console
- Database: Added missing index for temperature/humidity table
New in EventSentry Light 2.93.1.43 (Jan 11, 2013)
- Bugfixes:
- Management Console: Fixed issue where renaming a group would duplicate the group
- Network Services: Fixed issue where the first TCP-based syslog message would be logged with the wrong facility and severity
- Agent: Fixed issue where some performance counters would not be loaded on certain hosts
- Agent: Fixed issue with delimited log file monitoring
- Agent: The logging of 1041 events, when problems monitoring an event log are encountered, has been improved. A new 1051 event has been introduced.
- Remote Update Utility: Fixed issue where only the first 1000 computers would be retrieved
- Web Reports: Windows 8 and Server 2012 hosts were not displayed correctly on some pages
New in EventSentry Light 2.93.1.37 (Dec 4, 2012)
- Bugfixes:
- Agent: Fixed issue with delimited log file monitoring where "Merge remaining fields" would not work as expected
- Agent: The pipe character can now be used inside filters for log file monitoring
- Agent: Fixed issue memory leak in file checksum monitoring
- Agent: Fixed issue where list of filters for file checksum monitoring would be truncated
- Agent: Added two new built-in secondary performance counters [CpuCountLogical], [CpuCountPhysical]
- Agent: Size of debug log file can now be adjusted with registry value
- Agent: Added Windows 8 and Windows Server 2012 to list of Operating Systems for automatic package assignment
- Agent: Fixed issue where performance alert would never be cleared
- Web Reports: Improved Health Matrix
- Web Reports: Fixed issue with maintenance wizard
- Web Reports: Fixed issue with PostgreSQL
- Network Services: Syslog data sent over TCP is now parsed correctly
- Network Services: Displaying binary data has been improved for SNMP traps
New in EventSentry Light 2.93.1.27 (Oct 19, 2012)
- Bugfixes:
- Agent: Improved performance monitoring to work around performance DLLs exhibiting handle and/or memory leaks
- Agent: After applying this patch, Windows 2003 machines should no longer require Microsoft hotfix 938135
- Agent: CPU usage of performance monitoring feature has been significantly reduced
- Agent: Fixed issue where service monitoring would sometimes stop working after a configuration update was applied
- Agent: File Access Tracking would not properly track files configured under "Exclude" when set to "Track all activity"
- Agent: Fixed race condition with file checksum monitoring
- Management Console: Insufficient licenses when using AD-linked groups could crash management console
- Management Console: Downloading new packages has been re-enabled for users who upgraded from earlier versions of EventSentry to 2.93.1
- Management Console: Misc. fixes
- Patch: Fixed issue where patch would make web reports inaccessible and require users to manually run script
- Web Reports: Misc. fixes
New in EventSentry Light 2.93.1.21 (Oct 4, 2012)
- Bugfixes:
- Agent: Fixed issue where agent would not start during boot on select hosts
- Agent: Stability improvements when configuration update is received
- Management Console: Fixed bug where changing the schedule type of an application schedule would not be saved correctly
- Management Console: Fixed issue where events would not be displayed correctly in built-in event viewer when total number of events was below 500
- Web Reports: Fixed issue where sending emails would not work correctly with gmail
- Web Reports: Fixed several issues when using the built-in PostgreSQL database
- Installer: Updated to new version of built-in PostgreSQL (requires update with full installer)
- Installer: Fixed issue where upgrades would not be detected correctly
- Database Import Utility: Fixed issue where import would fail
New in EventSentry Light 2.93.1.17 (Sep 22, 2012)
- Bugfixes:
- Agent: Fixed issue in SMTP action with ASCII email output when certain fields were unchecked
- Agent: Fixed potential crash during configuration update while application scheduler scripts were running
- Agent: Security events would not be parsed correctly on Windows Server 2012
- Fixed issue on select Win2k3/XP machines where agent or management console would not start due to invalid performance settings in registry
- Management Console: Removing a performance object from health package would save
- Management Console: Minor bug fixes and visual tweaks
New in EventSentry Light 2.93.1.9 (Sep 11, 2012)
- Bugfixes:
- Heartbeat Agent: Fix regression bug from 2.93.1.8 - when monitoring multiple TCP ports, only the first configured port would be monitored and heartbeat status would always show a warning
- Agent: Service status changes performed by "Service Monitoring" would always be logged as informational events, regardless of configuration
New in EventSentry Light 2.93.1.8 (Sep 8, 2012)
- Bugfixes:
- Improvements to patch and installer
- Fixed memory leak and potential crash in agent
- Heartbeat Agent: Fixed issue when host was set configured as router in group
- Management Console: Several small bug fixes
- Web Reports: Failed logical disks are now shown on overview page
New in EventSentry Light 2.93.1.6 (Aug 11, 2012)
- Bugfixes:
- Installer: Fixed issue when adding components with non-default installation folder Web Reports: Fixed issue with Japanse translation, added French translation Web Reports: Fixed issue with Logon Failures report Fixed MySQL issues with es_db_purge.exe and es_db_agent_status.exe Fixed issue where patch would crash Fixed issue when saving log file package changes Changed default PostgreSQL ODBC driver to Unicode Fixed issue with performance monitoring where agent would crash after startup Heartbeat Agent: Resolved issue where hosts with dynamic IP address (DHCP) would sometimes not be monitored correctly
New in EventSentry Light 2.93.1.5 (Aug 1, 2012)
- Bugfixes:
- Fixed various issues where changes in configuration would not be permanently saved
- Regression: Fixed issue where $FILTER variable would not include folder name
- Fixed security issue in health matrix
- Fixed issue where too many MIBs would be configured in a default installation
- Fixed issue where incorrect PostgreSQL ODBC driver would be setup in a new installation
- Fixed issue where installer would not work correctly when run on a host with terminal services enabled
- Tweaked performance monitoring interval to adjust dynamically, when obtaining performance counter values would take longer than expected
- Added new database utility which can detect agents not writing to the database
- Fixed database issue in network services
- Other fixes to installer, web reports and agent
New in EventSentry Light 2.93.1.2 (Jul 3, 2012)
- Bugfixes:
- Resolved critical issue in Heartbeat Monitor: Host that is offline may not be reported as ERROR
- Resolved issue with language translation in web reports