Released on : 31 Aug 2018
Applies to Version : 9.0 Build 18

Enhancement in Suspicious Activity for identification of new hash.

Other Enhancements

  • EventTracker Agent configuration change to support allowing all the signed processes.
  • EventTracker Agent service will load new delta of file structures (Hash, signer, product etc.) without restarting agent service.
  • In suspicious activity monitoring added new structures parent process safe file and parent process unsafe file.
  • Performance improvement in agent LFM for syslog relay configuration.
  • Support for SHA-256 authentication in EventTracker Checkpoint with OPSEC_SDK_6.1.
  • Support for script file execution mechanism from EventTracker Monitoring Daemon.
  • Fix for the issue where 3221 event description coming single character.
  • Fix for the issue where software install name coming single character.
  • Fix for the issue where service monitoring is considering manual state service in event 3202/3203.
  • Fix for the issue where in TCP mode GED folder file are coming with already in use error if connection is broken.
  • Fix for the issue where license client is coming with Failed to get certificate's property.


This Update should NOT be used on the EventTracker Console/Manager system. This Update should only be used for systems that have only EventTracker Agent installed on them. Please use the Update ET90U18-023 on the EventTracker Console/Manager system.

Who should read this document
Customers who use 9.0 Build 18


Affected software
EventTracker Agent

Non-affected software
EventTracker Reports, EventTracker Alerter, EventTracker EventVault, EventTracker Scheduler, EventTracker Remote Installer, EventTracker Web, EventTracker Receiver.

Process to apply Update

  1. Download Update
  2. Place the Update ET90UA18-023.exe in the destination computer.
  3. Execute the exe.