Release Notes for Snare Linux Agent v5.3.3

Enhancements and Updates

• OpenSSL upgraded to v1.1.1
• Allowing enabling and disabling of event checksum option from Agent's Web GUI, via Destination Configuration > Event Options > Append Checksum to Events
• If Event Checksumis enabled, it is appended at the end of the events in the standard optional field format: "EventChecksum=<checksum>"
• If Event Checksum is enabled in the configuration, the Agent will append the checksum to all events written to a file destination. In previous versions, event checksum was only appended to the events sent to network destinations
• New optional field EventSourceIDcan be appended to all events generated by Linux agent. The value of this field can be configured as free text (Destination Configuration > Event Options > Event Source ID). All events will be tagged when this option is selected as a method of adding additional meta data to the event so it is known to come from a specific system. This extra data is added to the Snare and Syslog log formats, including RFC 3164 and RFC 5424
• New Snare Logpage was added to Web UI, aiming to assist in real-time troubleshooting of Snare Agent operations.  The page displays critical errors and up to 1,000 most recent Agent log messages.  Logging Level can be set via Heartbeat & Agent Log 
• A new log type DHCP Log is added for Audit Log
• Applied pre-verification of certificate in strict certificate checking for SAM and TLS/TLS_AUTH destinations
• Extended support for LEEF format for Logaudit, FIM and RIM
• During the installation the users will now get a message with the link to the End User License Agreement (EULA). Updated Readme file toinclude the link to the Release Notes, rather than listing Version History in the file Added Day of Week support in the cron format used for scheduling FIM objectives. Note: Restricting both date and day of week is not supported
• Various bug fixes