Release Notes for Snare Central v8.6.2

Owned by Svetlana Sheptiy
Last updated: Nov 05, 2024
3 min read

Snare Central v8.6.2 to be released on 5th November 2024.

Snare Central incorporates Reflector v3.2.1, Snare Agent Manager (SAM) v2.0.3, and Snare Enterprise Agent for Linux v5.8.1.

If the threat intelligence component is active, version 6.8.7 of ElasticSearch is activated.

The following licensed components are available: 

  • Snare Management Center (SMC)
  • Snare Management Center Client (SMC)
  • Agent Management Console (AMC)
  • Snare Advanced Analytics (SAA)
  • Cloud Logs Collection:
    • Office 365 Logs Collection
    • Amazon Web Services Log Collection
    • Oracle Cloud Log Collection

After upgrading to Snare Central v8.6.2, please reboot the server to apply kernel changes, as advised by Ubuntu.

Overview

Snare Central version 8.6.2 is a patch release that includes updated system packages, security patches, minor enhancements and bug fixes.

Please refer also to Release Notes for Snare Agent Manager (SAM) v2.0.1 , v2.0.2 and v2.0.3 included in this release.

Compatibility Note

Snare Agent Management v2.0.3 included in this version of Snare Central is compatible with the following versions of Snare Agent. 

SAM v2 FeatureSupported Snare Agent Versions
Agent Configuration Management (New)

5.8.0 or newer

Agent License Management

5.5.0 or newer

Remote Agent Upgrade

5.5.0 or newer

Agents Discovery using Network Scan

5.4.0 or newer

Please upgrade the Snare Agents to the latest version BEFORE upgrading the Snare Central, if you are using these features of SAM.

Features and Enhancements

  • Allowed non-admin users to create containers and create/configure Reports and Dashboards based on permission given from Manage Access Control.
    Non-admin users with change permissions to an Analytics Dashboard owned by Administrator, are able to change dashboard content, but not allowed to rename or delete the dashboard.
  • Allowed all users to create nested containers/directories on the Reports and Analytics Dashboards. Empty containers or directories will be deleted when the user logs out.
  • Improved upgrade process to better handle upgrade while scheduled jobs are running. In case the user is asked to try again later, the update package file is preserved, allowing users to retry the update without re-uploading the file.
  • Improved Queue button performance (load time reduced from minutes to seconds)
  • Support data improvements
  • Removed Oops image from 404 page for better compliance with AA accessibility standard

Security

  • System packages updated to mitigate security vulnerabilities.

    After upgrading to Snare Central v8.6.2, please reboot the server to apply kernel changes, as advised by Ubuntu.

  • Strengthened authorisation checks on direct routing to recently updated pages.

Bug Fixes

  • Fixed problem with Test button in the Group section for the Alert Manager to work even when System Alerts are disabled
  • Fixed "cloudmanager is Down" email alert being sent even if there is no cloud related license
  • Fixed queries that include the "AND NOT" operators and were not being parsed correctly
  • Fixed an issue where a newly created report's access control configuration stops working under specific circumstances
  • Fixed an issue where the imported Analytics Dashboard was missing Action menu items
  • User friendly error message will be shown when upgrade fails due to a scheduled job running
  • Resolved a problem with missing PDF and CSV attachments in emails
  • Optimised TCP memory settings to better handle large volumes of events from thousands of clients simultaneously, and prevent potential events loss
  • Fixed wrong LDAP query preventing to obtain correct value for super group
  • Fixed drag and drop feature on Reports
  • Fixed the broken objective access for POWERUSERS which was the result of the recently updated User Administration objective
  • Health Checker enhancements to better support agent behaviour sections for large number of agents. In previous version the Health Checker could take a long time to load, and Acknowledge button could be unresponsive if the number of Agents to report was very large
  • Fixed an issue where a report generation could get stuck if there are no matching fields
  • Fixed the Discard Old Events functionality that could keep some events
  • Fixed an issue where Analytics Dashboards were Missing after Side-By-Side Migration from a pre-v8.6 Snare Central server