EventTracker 8.1 – Release Notes

The EventTracker engineering team continues to monitor changes in operation management, enterprise applications, and regulation compliance standards. Version upgrades are made based on customer feedback and experience in the field, providing you the best solution possible.

EventTracker 8.1 (Build 9)

  • Unknown Processes Dashboard: Dashboard to display unknown processes based on safe list of file hashes.
  • Reports: Displaying excel reports in HTML format with sort and filter options.
  • Support for processing event trace log (.etl) file in Direct Log Archiver.
  • Reports: Add new options to set schedule for Daily and Weekly reports.
  • Added support for using IBM XFE as the IP Reputation provider
  • Added support for using MaxMind as the IP Geolocation provider.
  • User config: Provide option to search by user for user config and logo customization module.
  • Option to rotate Collection Point sites in Tear Away window.
  • Attackers dashboard: Option to add a logbook entry.
  • Importing processes to known safe / unsafe list.
  • Attackers dashboard: Option to add threat intelligence platforms.
  • Event id 2063 is generated daily to indicate non reporting systems.
  • Event id 2064 is generated daily to indicate license related warnings.
  • Ability to provide the column with System name for W3C format and CSV format in Direct Log Archiver
  • Ability to provide the column with System name and Date field for CSV format, when extract field from header is selected in Direct Log Archiver.
  • Removed ‘About’ link from Login page.
  • Attacks menu has been replaced with Threats.
  • Changed the default IP Geolocation provider from IPVoid to MaxMind.
  • Change Audit: In Change Audit>System Inventory, the tabs “Application Installed” and “Updates” has been removed.
  • Index Explorer: The Index Explorer option has been removed from the Tools menu.
  • On collection master, collection point cab details are stored in SQL server instead of MS Access database.
  • DOT NET version 4.5.2 is installed by default if DOT NET 4 is not available.
  • Systems: Some new default system groups has been added in Admin>Systems.
  • Diagnostic’s utility: Implemented rollover purging of backup files after reaching the maximum number of copies.
  • Behavior engine stops with access violation for activity names containing “%” symbol.
  • Specific Process throws Runtime error in Agent configuration.
  • Report Dashboard: ‘Status’ Graph not displaying graph as per status of the reports.
  • Logsearch: unable to delete extracted temp database.
  • Log search from target window comes up with No results were found.
  • Flex Dashboard: if user clicks on dashlet is not displaying data if X-series values contains special character.
  • Attacks dashboard fails to respond immediately even if data is not present.
  • Report Dashboard: Issue with changing the Export type of Reports.
  • Attacks Dashboard: Show target comes with no data.
  • Attacks dashboard shows ‘something went wrong’ even though data is available.
  • Behavior: Perform logsearch from Behavior custom rule comes up with no records found.
  • Targets Dashboard: Duplicate targets with different asset value.
  • Keyword Dashlet: user is not able to select the category while configuring dashlets.
  • Logsearch: Search fails for UNC path.
  • The attackers pin are not shown in the attackers map View.
  • Logsearch: search domain name having single special character. For ex: dot(.)
  • Reports: Report generation fails, if data cache folder is not present in archive folder.
  • Agent stops with exception while translating certain events with large number of characters in curly brackets ({}).
  • Fix for issue where Sparse matrix database is getting deleted if archive path is moved to a shared folder for remote indexing service. (Update ET80U15-032).
  • Custom behavior rules do not work if Standard column is selected as the activity name in the processing rule.
  • Wrong SQL version is being Shown in “EventTracker Pre-install check Summary”.
  • Fix for issue where Report generation fails in case of invalid collection point reference in report configuration.
DISA:
  • Microsoft Office Lync 2013
  • Windows 8 and 8.1
  • Windows 2012 and R2