Released on : 31 Aug 2018
Applies to Version : 9.0 Build 18
Download
Summary
Enhancement in Suspicious Activity for identification of new hash.
Other Enhancements
- EventTracker Agent configuration change to support allowing all the signed processes.
- EventTracker Agent service will load new delta of file structures (Hash, signer, product etc.) without restarting agent service.
- In suspicious activity monitoring added new structures parent process safe file and parent process unsafe file.
- Performance improvement in agent LFM for syslog relay configuration.
- Support for SHA-256 authentication in EventTracker Checkpoint with OPSEC_SDK_6.1.
- Support for script file execution mechanism from EventTracker Monitoring Daemon.
- Fix for the issue where 3221 event description coming single character.
- Fix for the issue where software install name coming single character.
- Fix for the issue where service monitoring is considering manual state service in event 3202/3203.
- Fix for the issue where in TCP mode GED folder file are coming with already in use error if connection is broken.
- Fix for the issue where license client is coming with Failed to get certificate's property.
Note
This Update should NOT be used on the EventTracker Console/Manager system. This Update should only be used for systems that have only EventTracker Agent installed on them. Please use the Update ET90U18-023 on the EventTracker Console/Manager system.
Who should read this document
Customers who use 9.0 Build 18
Severity
Medium
Affected software
EventTracker Agent
Non-affected software
EventTracker Reports, EventTracker Alerter, EventTracker EventVault, EventTracker Scheduler, EventTracker Remote Installer, EventTracker Web, EventTracker Receiver.
Process to apply Update
- Download Update
- Place the Update ET90UA18-023.exe in the destination computer.
- Execute the exe.