Release Notes for Snare Linux Agent v5.7.0

Owned by Svetlana Sheptiy
Last updated: Feb 28, 2023 by Andrew Madge
1 min read

Snare Linux Agent v5.7.0 was released on 27th January 2023.

Security Updates

  • 3rd party libraries upgraded: 
    • OpenSSL upgraded to version 3.0.7
    • Boost upgraded to version 1.79.0
  • Event Checksum, appended to events if enabled, was changed from MD5 to SHA3-512 hash

Customers, who have event checksum enabled, may need to adjust their event integrity validation tools to use SHA3-512 instead of MD5. 

New Features and Enhancements

  • Snare Enterprise Agent for Linux for Ubuntu 22.04 is now available
  • Snare Enterprise Agent for Linux for Debian 11 is now available
  • Snare Enterprise Agent for Linux for Red Hat Enterprise Linux version 9.0 (RHEL 9.0) is now available
  • Improved LEEF output format for Linux audit events (added cat, devTimeFormat, devTime and usrname fields)
  • Self-signed certificates generated by Snare Agent on demand will now be named "Snare Agent"
  • More detailed debug logging for when Snare Service receives a signal from OS

Bug Fixes

  • Agent now correctly parses Linux audit events which contain unquoted partial fields within audit records
  • Fixed validation of a0,a1,a2,a3 field values as text instead of numeric


User Guide

The following is an offline version of the User Guide related to this release.

For an up-to-date version refer to the online version here.