Release Notes for Snare Epilog Agent v5.0.2

Enhancements

• Changes were made to validation of 'Access Configuration', SAM IP field. Previously hostname validation was limited to accept numeric values. Changed to accept fully qualified domain names. As a result, fields depending on ip/hostname validation will accept wider range of inputs that include FQDNs in addition to IPs.
• Alters references for Evaluation Licenses to Temporary Licenses.
• Added text on the License page in the UI to aid users using SAM or standalone licensing.

Security Updates

• Added better log validation to handle invalid characters and cross-site scripting. In particular the CustomLogName field is now limited to Alphanumeric characters, underscores, hyphens and periods only. Pre-existing Logs containing invalid characters will be ignored for security reasons.

Bug Fixes

• Notification and warning on Snare agents has been changed to to allow syslog_5424 format on port 514. As a result of this change, notification and warning will no longer appear for valid syslog format's when using port 514.
• Fix a potential for memory corruption of event data being sent via TCP, TLS or UDP when under very heavy loads.
• There was an issue in previous release of the snare agent where it was not properly handling the objectives during upgrade to latest release. Due to this issue, objectives may not be available after upgrade. This issue is fixed in this release and now snare properly handles the objectives during upgrade and all objectives are available after upgrade.
• Snare agent warning and notification messages has been changed to issue warning for selecting non-TAB delimiter for SNARE format(Snare Server destination). As a result of this change, new warning's will be issued when non-TAB delimited for SNARE format (for Snare Server destination) is selected.
• Added extra validation for log format string: -As a result below chars are not accepted in Windows: ^<>:"\/| -More than one % is not allowed -Two or more consecutive * chars (**) are not allowed.