EventTracker 8.2 – Release Notes

The EventTracker engineering team continues to monitor changes in operation management, enterprise applications, and regulation compliance standards. Version upgrades are made based on customer feedback and experience in the field, providing you the best solution possible.

EventTracker 8.2 (Build 14)

  • Incident Tile Dashboard: Displaying latest incident occurrences as tiles.
  • Reports generated on Collection Point can be transferred and viewed on Collection Master.
  • Support for filtering events before archiving. This enables filtering of events generated by Direct Log Archiver.
  • Agent status report containing file details and update level can be generated from manager without the remote system credentials.
  • Initiating Log Search (from various modules like Behavior, Incidents etc.) in background and display status notification at page bottom.
  • Change Audit: Option to monitor only a set of registry paths specified by the user.
  • Grouping of Knowledge Object(s).
  • A different archive path can be provided for each Virtual Collection Point.
  • Unknown Processes: User can configure rules to consider the matching processes as safe. Example: User can configure a rule to consider all binaries signed by a specific publisher as safe.
  • Agent filters: Ability to provide complex criteria for “User” and “Source” fields using binary operators.
  • Enhancements in unknown process detection to consider DLL loads (ET81U16-012)
  • Behavior Rules: Selection of system groups while creating a rule.
  • Support for reporting events with FQDN.
  • Inclusion of Borderware as a reputation provider in attacker’s/targets dashboard.
  • Configurable option to search around computer name in Log Search.
  • Log Volume Report: Showing separate counts for Real time and File transfer events.
  • Performance enhancement in Log Search filter pivot to display results.
  • Option in Log Search to refine the results using ‘||’ and ‘&&’ operators.
  • Knowledge Object: Option to move a rule from one Knowledge Object to another.
  • TrapTracker:  Added MIBs for McAfee EPO.
  • Enhancement in extracting IP in behavior. (Update ET80U16-045)
  • Support for import/export of behavior rules.
  • Option to resend behavior data from collection point to collection master.
  • Changed the default IP Reputation provider from IPVoid to Borderware.
  • During installation, added an option in the trial version to register for free technical support.
  • Reports: Deprecated generation of reports in HTML and word formats. (Reports configured in older version will continue to get generated in these formats)
  • No longer using anonymous authentication for IBM XFE API (User needs to obtain API key and password from IBM XFE).
  • On changing the reputation provider, existing IP addresses are not checked with the newly configured provider.
  • Fix for EventTracker Receiver handle leak issue.
  • Fix for issue where event description is not being formatted. (Update ET81U16-023)
  • The duplicate alerts are getting added on applying update ET80U16-047.
  • Unable to import MIB files in TrapTracker.
  • EventTracker diagnostics: Backup and restore is throwing error when maximum number of backup files exceeds.
  • Direct Log Archiver fails to detect field boundaries for some W3C format files (Update ET81U16-009).
  • System type of windows 2012 R2 server is reported incorrectly.
  • Sending a file with name containing “-” via “send other files” option of agent DLA does not create the system name folder appropriately on manager agent.
  • Fix for the issue where “\r\n” is not recognized as a terminator for custom behavior rules.
  • Fix for issue where threshold level of alerts was not getting exported.
  • Fix for issues with USB Device Report.
  • Report Dashboard: Fix for Html Excel Viewer to handle reports containing header as description.
  • Fix for issue where Flex Reports were failing when configured with Template having lengthy regular expression.
  • Fix for the issue where Collection Point (backward compatible) site data is not displayed in Attackers dashboard.
  • DISA:
    • Windows 10
  • Microsoft:
    • Windows 10