Released on : 31 Aug 2018
Applies to Version : 9.0 Build 18
Download
Summary
Enhancement in Suspicious Activity for identification of new hash.
Other Enhancements
- EventTracker Agent configuration change to support allowing all the signed processes.
- EventTracker Agent service will load new delta of file structures (Hash, signer, product etc.) without restarting agent service.
- In suspicious activity monitoring added new structures parent process safe file and parent process unsafe file.
- Performance improvement in agent LFM for syslog relay configuration.
- Support for SHA-256 authentication in EventTracker Checkpoint with OPSEC_SDK_6.1.
- Support subscription-based connection mechanism in TAXII client using Anomali.
- Support for script file execution mechanism from EventTracker Monitoring Daemon.
- Support for storing the install time for syslog machine.
- Home Page enhancement: Refactor for loading dashlets with SQL instance as data source. (impacted to compliance and my dashboard).
- Fix for the socket bind issue on port 14506 with code optimization.
- Fix for the issue where 3221 event description coming single character.
- Fix for the issue where software install name coming single character.
- Fix for the issue where service monitoring is considering manual state service in event 3202/3203.
- Fix for the issue where in TCP mode GED folder file are coming with already in use error if connection is broken.
- Fix for the issue where license client is coming with Failed to get certificate's property.
Who should read this document
Customers who use 9.0 Build 18
Severity
Medium
Affected software
EventTracker Agent, EventTrackerWeb, EventTracker Receiver.
Non-affected software
EventTracker Reports, EventTracker Alerter, EventTracker Remote Installer, EventTracker Scheduler, EventTracker Elasticsearch Indexer, EventTracker EventVault, EnterpriseActivity.
Process to apply Update
- Download Update
- Place the Update ET90U18-023.exe in the destination computer.
- Execute the exe.