Release Notes for Snare Central v8.4.3
Release Notes for Snare Central v8.4.3
- Svetlana Sheptiy
- Andrew Madge
Owned by Svetlana Sheptiy
Mar 16, 2022
Snare Central v8.4.3 will be released on 16th March 2022.
Snare Central incorporates the Agent Management Console (AMC), Reflector v3.0.3, Snare Agent Manager (SAM) v1.5.2, and Snare Enterprise Agent for Linux v5.5.1.
If the threat intelligence component is active, version 6.8.7 of ElasticSearch is activated.
Overview
Snare Central version 8.4.3 is a patch release that includes updated system packages, security patches, minor enhancements and bug fixes.
Security
- Explicitly removed and disabled log4j2 components linked to log4j vulnerability.
See the Snare Log4j/Log4Shell vulnerability CVE-2021-44228 for more details. - Updated policykit-1 package to version 0.105-20ubuntu0.18.04.6 to mitigate vulnerability CVE-2021-4034
- Updated samba packages to version 2:4.7.6+dfsg~ubuntu-0ubuntu2.28 to mitigate vulnerability CVE-2021-44142
Features and Enhancements
- Improved parsing of Trend Micro Deep Security logs, recognised in Snare Central as TrendDSM log type
- Snare Central appropriately detects if running on AWS EC2 and sets kernel parameters appropriately
- Included libsnmp-dev package in Snare Central
Bug Fixes
- Upgrade process will now preserve STIG settings if STIG is enabled
- Fixed LDAP authentication Test button to work properly for large domain names
- Fixed an issue with the Firewall Backup option of the "Firewall Setup" section of the "Configuration Wizard" that prevented the backup from being created correctly
- Fixed parsing issue where Event ID field was empty for some Windows events received in Snare v2 format
- Fixed parsing issue where MS DNS logs received in Snare format had missing Time field
- Fixed parsing issue where MS DNS logs received in Snare v2 format had missing details
- Fixed parsing of DHCP logs sent from Snare Agent
- Fixed an issue in AMC that prevented the correct calculation of configuration differences between agents
- Fixed "Arbitrary Data Import" functionality. Data now uploads and imports correctly
- Resolved an issue where the server time displayed in the Web UI does not match the actual server time
- Resolved a problem that could cause duplicate user accounts and groups after a side by side migration
- Fixed a problem that prevented the correct Elasticsearch configuration at installation and upgrade time
- Corrected NFS mount options in Disk Manager
- Improved performance of Reflector statistics graphs
- Improvements to Health Checker to be able to change disk thresholds for mounted NAS devices
- Improved table layout in PDF reports to better fit large data on the page and avoid columns being cut off
- Fixed periodic deletion of old PDF reports from PDF-Archive directories
- Updated terminal signal handling and restart procedures for the Snare Collector
- Validating queries in the event search objective, should take much less time on systems with large datastores
- Additional service and reflector-level system validation has been added to further contain corrupted data from rogue rsyslog clients that have an incorrect template definition
- Increased verbosity for legacy metadata generation function
- Fixed Multi-Table reports that occasionally returned no data
, multiple selections available,
Related content
Release Notes for Snare Central v8.4.2
Release Notes for Snare Central v8.4.2
More like this
Release Notes for Snare Central v8.4.4
Release Notes for Snare Central v8.4.4
Read with this
Release Notes for Snare Central v8.4.5
Release Notes for Snare Central v8.4.5
More like this
Release Notes for Snare Central v8.3.1
Release Notes for Snare Central v8.3.1
More like this
Release Notes for Snare Central v8.5.4
Release Notes for Snare Central v8.5.4
Read with this
Release Notes for Snare Central v8.3.0
Release Notes for Snare Central v8.3.0
More like this