Our Solution
Back
OUR SOLUTION
Capabilities
Predict, prevent, detect, and respond
How It Works
People, platform, and process
Use Cases
By threat, environment, or industry
Talk to a Cybersecurity Advisor
See how we deliver managed threat protection
WHY NETSURION
Back
WHY NETSURION
Key Business Benefits
Powerful yet practical cybersecurity
Industry Leadership
Perennial recognition for innovation
Customer Success
Driven to be your trusted partner
Partners
Back
PARTNER PROGRAM OVERVIEW
Partner Program Benefits
Our solutions are built for service providers
Become a Partner
Grow your cybersecurity practice
Insights
Back
VIEW ALL INSIGHTS
Articles
Read the latest from our blog
SOC Catch of the Day
Real stories of threats we reel in daily
Cybersecurity Q&A Videos
Answering your toughest cybersecurity queries
Webcasts & Events
Join us in-person or online to learn more
Company
Back
MEET NETSURION
Leadership
Meet our management team
News
Press releases and news stories
Careers
Check out our current openings
Contact Us
Talks to sales or support
MyNetsurion
Support
Partner Portal
Contact Us
EventTracker 7.5 – Release Notes
Documentation
Latest Version Docs
Product Guides
Knowledge Packs
Software Updates
Version 9.x
Version 8.x
Version 7.x
Version 6.x
Supported Devices
Online Training
Online Help
EventTracker 9.x
Home
Customer Support
EventTracker 7.5 – Release Notes
The EventTracker engineering team continues to monitor changes in operation management, enterprise applications, and regulation compliance standards. Version upgrades are made based on customer feedback and experience in the field, providing you the best solution possible.
EventTracker 7.5 (Build 53)
Bug Fixes
Agent configuration fails to modify only CPU performance in System Monitor.(Update ET74U13-017)
Fix for the LFM issue where log rotation is not getting detected and access denied while opening EventTracker Agent configuration UI. (ET74U14-024)
Fix for count mismatch when searched from trending in basic logsearch. (ET75U13-006)
Fix for agent-less issues. (Update ET75U13-007)
Fix for no data shown in incident tabular view when non-admin user logs in. (ET75U13-008)
Fix for data display issues in incident dashboard. (ET75U13-010)
Optimizations in data transfer between Collection Point and Collection Master.(ET75U13-011)
Fix for blocking of report generation when license usage violation happens. (ET75U13-013)
Support for custom separator in DLA and fix for issues in log search.(ET75U13-014)
Fix for user permission issues in incident, log search, reports & dashboard application.(ET75U13-015)
Fix for unquoted service path issue in EventTracker Remote Agent Installer. (ET75U13-016)
Fix for unquoted service path issue in Change Audit Remote Agent Installer. (ET75U13-017)
Fix for logbook reference issues in reports and config assessment. (ET75U14-018)
Fix for issue where EventTracker Agent service fails to start on Windows 2000 system. Fix for issue in upgrading 64-bit agent from 32-bit EventTracker Console. (ET75U14-019)
Fix for handling of browser pop-ups when pop-up blocker is enabled.(ET75U14-020)
Agentless deployment fix for some regional settings. (ET75U14-022)
Fix for log search showing wrong date validation message in UK time-zone.( ET75U14-025)
Behavior engine is considering the event id of previously defined custom rule if event id is not specified in a newly created custom rule.
Agent does not read windows event logs if it is deployed on windows server 2003 or below, using the default etaconfig_Servers.ini or etaconfig_Workstations.ini under “Custom config”.
Improper pop up message is displayed during traffic analyzer report generation.
Diagnostic fails to show all CP details at CM console if cab is not received from any CP at first time.
On deleting the VCP port from Manager Configuration the respective config file is not removed from remote installer folder.
The configured scheduled scripts details are retained.
Netflow volume and utilization tab is shown blank on EventTracker web.
Fix for scheduled report Run Now not working for certain regional settings. (ET75U14-035)
Fix for the issue where scheduling of weekly report for the selected week day was not getting saved. (ET75U14-037)
Feature Enhancements
Added support for IIS Express.
Revamped installation experience with a new default installation type that needs minimal user input.
Added support for users in list management. (ET75U13-012)
Feature for customizing the application logo for each user.(ET75U14-027)
Option to purge the transaction logs on hourly basis in Diagnostic.
Updated the description of event id 2257 to indicate the resource type.
Three types of installation options: Standard, Collection Point & Custom.
Added filter exception for event id 1074 for source “USER32” in default agent configuration and server template.
Added SMTP STARTTLS (Explicit TLS) support in mail client. (ET75U14-038)
EventTracker 7.5 (Build 29)
Bug Fixes
Performance enhancements in NCM. (Update ET73U13-104)
EventTracker Diagnostic Change Request
Diagnostics utility displays warning for stopped service even if the feature is not available in license.
DISA
google_chrome23windows_v1r2_stig_benchmark_20130827
microsoft_dotnet_framework4_v1r1_benchmark
windows_7_v1r16_stig_benchmark
windows_2008_r2_dc_v1r8_stig_benchmark
Feature Enhancements
Collection Points may send either incidents only or archives only or both to their Collection Master(s)
Unified licensing across all sites is now available
Metered license model is now available for MSP partners
Advanced Log Search page is redesigned
Behavior module dashlets updated to better reflect the processing
CIDR representation of IP addresses is allowed in Behavior dashlet filters
Behavior module can be reset by an administrator; this restarts the learning period
Users can be designated Admin-Read only, a new role
Incidents tabular view, when an incident search results are shown, bulk acknowledge is available
StatusTracker now allows concept of scheduled maintenance window. In this time, state changes do not cause alerts
Exported results from EventVault Explorer now include a summary page
Logbook entries can now be marked as closed so that further entries are not permitted
Log Search results can be instantly appended to existing or new logbook entries
Logbook Field names are now configurable
Option for monthly reports is available
Report calendar can be filtered by user
Knowledge Additions
New benchmarks added in Configuration Assessment
Microsoft SCM
Windows 7
Win7SP1 Bitlocker
Win7SP1 Computer
Win7SP1 Domain
Windows 2008 R2 SP1
WS2008R2SP1 AD Certificate Services
WS2008R2SP1 DHCP Server
WS2008R2SP1 DNS Server
WS2008R2SP1 Domain
WS2008R2SP1 Domain Controller
WS2008R2SP1 File Server
WS2008R2SP1 Hyper-V
WS2008R2SP1 Member Server
WS2008R2SP1 Network Access Services
WS2008R2SP1 Print Server
WS2008R2SP1 Remote Desktop Services
WS2008R2SP1 Web Server
New Active Directory Reports
AD-DisabledUserAccounts
AD-DomainComputers
AD-EnabledUserAccounts
AD-ExpiredUserAccounts
AD-InactiveUserAccounts
AD-NeverLoggedInUsers
AD-PasswordExpiredUsers
AD-RecentlyLoggedInUsers
AD-UserAccountdetails
AD-UserAccountPasswordNeverExpires
New Categories/Alerts
EventTracker: Published reports deleted
EventTracker: Behavior data reset performed
Task Scheduler: Task failed to start
Task Scheduler: Task finished
Task Scheduler: Task started
EventTracker: Logbook Email sent.
Updated category: EventTracker: RSS feed added
Added new category: EventTracker: Logbook config changes
Removed category: EventTracker: Change audit access history launched.
Added new pre-defined behavior rule for “Logon Activity”.
Modified category: EventTracker: Collection master deleted.
EventTracker: Change audit integrity violation status changed
EventTracker: Change audit access history launched
EventTracker: Change audit changed objects authorized
EventTracker: Behavior rule deleted
EventTracker: Collection point deleted
EventTracker: Collection Point cab files deleted
EventTracker: Collection master port setting changed
EventTracker: Config assessment policy results deleted
EventTracker: List entity added
EventTracker: List entity deleted
EventTracker: List entity updated
EventTracker: Correlation rule added
EventTracker: Correlation rule inactivated
EventTracker: Correlation rule modified
EventTracker: EventVault cabs deleted
EventTracker: EventVault explorer configuration modified
EventTracker: EventVault flex history database purged
EventTracker: Incident acknowledged
EventTracker: Incident unacknowledged
EventTracker: IP reputation lookup configuration added
EventTracker: IP reputation lookup configuration deleted
EventTracker: IP reputation lookup configuration activated-Inactivated
EventTracker: IP reputation lookup settings modified
EventTracker: Log book entry added
EventTracker: Log book entry modified
EventTracker: Logbook activity Inserted
EventTracker: Logbook activity modified
EventTracker: Logbook attachment Deleted
EventTracker: Logbook attachment inserted
EventTracker: Logbook investigation complete
EventTracker: Logbook reference deleted
EventTracker: Logbook reference inserted
EventTracker: Logbook referenced attachment deleted
EventTracker: Logbook entry reopened
EventTracker: Change audit policy schedule added
EventTracker: Change audit policy schedule modified
EventTracker: Change audit policy schedule deleted
EventTracker: RSS feed added
EventTracker: RSS feed deleted
EventTracker: RSS feed Modified
EventTracker: Report sent via Email
New Features
Unified Risk based View of Incidents across sites
Threat Intelligence Feed Management
SNMP v3 support for receiving/sending INFORM and traps is now available
Feature to permit any user provided script to be executed on a schedule
Active Directory reports for users, computers
Index Explorer allows power users to browse all created indexes including those within the sparse matrix. Options are available to disable indexing of hex, SID and GUID values.