Released on : 25 January 2021
Applies to Version : 9.3 Build 5
Download
Summary
EventTracker EDR Service Pack 1 for v9.3 Build 5.
Enhancements
- Allow the Parent Process hash along with Parent process name from EDR Dashboard.
- Provided option to add process hash while creating rule.
- Checkbox has been provided in pending processes for bulk action (Allow/Deny).
- Included below filter option in pending Analyst Review and Action Taken Processes.
- Location
- Opinion
- Product Name
- Signed By
- File Path
- Parent Process path
- Parent Process hash
Bug fixes
- EDR – Map view is removed from the EDR GUI.
- Process occurred from the group is not displaying under available group while allowing/denying the process.
- Globally approved process are not moving to the Action taken Process tab unless user refresh the EDR Dashboard page.
- Newly added groups are not listing under approved group if a process has been allowed globally.
- After taking bulk action like Allow/Deny All, processes are not moving to "Allowed/Denied Process" tab in EDR Process page.
- File description is missing in EventTracker EDR events.
NOTE:
- This update should be installed on the EventTracker Console/Manager system where EventTracker EDR feature add-on package (ET93U20-008) is available. Also ensure to install ET93U21-043 before installing ET93U21-044.
Who should read this document
Customers who use 9.3 Build 5
Severity
Medium
Affected software
EventTracker Web
Non-affected software
EventTracker Reports, EventTracker Agent, EventTracker Alerter, Event Correlator, EventTracker Daemon, EventTracker Elasticsearch Indexer, EnterpriseActivity, EventTracker EventVault, EventTracker Receiver, EventTracker Remote Installer, EventTracker Scheduler
Process to apply Update
- Download Update
- Place the Update ET93U21-044.exe in the destination computer.
- Execute the exe.