Release Notes for Snare Central v8.2.0

Owned by Andrew Madge
Jul 08, 2020
3 min read

Snare Central v8.2.0 was released on 29th April, 2020.

Snare Central incorporates the Agent Management Console (AMC), the v2.3.3 Reflector, the v1.3.3 Snare Agent Manager (SAM), and the v5.3.3 Snare Enterprise Agent for Linux.

If the threat intelligence component is active, version 6.8.7 of ElasticSearch is installed.

Overview

Snare Central version 8.2.0 introduces a new Dashboard, as well as a number of enhancements and bug fixes. This is the second step in our journey towards renewing the User Interface and enriching the user experience for the Snare Central users.

User Interface updates 

Dashboard

The new Snare Central Dashboard provides system health indicators and events collection statistics, allowing quick and easy access to critical data and quicker response to the emerging issues.

For detailed description of the new Dashboard functionality please refer to the Dashboard page in the User Guide for Snare Central.

v8.1.0v8.2.0

Total Events Plotted per 15 minutes

This page has been removed from the Status sub-menu, as this functionality is now available on the Dashboard.

Features and Enhancements

  • Added a Password History setting in the Wizard (under Security Setup > Password Security Controls, if Activate Enhanced Password Security is enabled).
    This setting allows to configure the number of recently used passwords the user should not reuse when setting up a new password. Previously, the number of stored previous passwords was hard coded to 5
  • Added Reflector destinations status section on the Snare Health Checker page. This section displays destination details and statistics. In case a destination turns unavailable, Health Checker will detect this and turn red
  • Log data generated by the IIS 2012 variant is now supported
  • Removed Health Checker MSWINEVTX warning when it is irrelevant. 
  • Improved robustness of Disk Manager to deal with cases when VirtualDisk was added and immediately removed
  • Characters from the following languages are now supported in PDFs generated by Snare Central:
    Western Europe, Eastern/Central Europe, Baltic, Cyrillic, Greek, Turkish, Arabic, Simplified and Traditional Chinese, Hebrew, Japanese, Korean and Thai
  • Unicode characters are now supported in the Snare Central objective match terms
  • Added mechanism preventing user from doing side-by-side migration to a lower version
  • Changed shell prompt to reflect snare hostname setting
  • Support Data generated by the Snare Central has been extended to include output of systemctl command
  • Added a new 5GB resizable file system MetaData for internal usage by Snare Central

Bug Fixes

  • Resolved an issue where real time alerts were not being displayed in the objective results page
  • Fixed an issue that prevented login into Snare Central when the username contains a dot character
  • Improved handling of Netscaler logs that contain a User field, without corresponding user data
  • Fixed validation of the LDAP Distinguished Name
  • Excluded SnareIndex and SnareCache file systems from Disk Manager and Health Checker alerts, as they are designed to be near full (99% disk capacityon normal operation
  • The volume of non-error service notification logs has been reduced for queries
  • Fixed a problem in "Manage Access Control" objective that prevented the correct assignment of ACL to LDAP groups
  • Made changes so that auditd is not enabled unless STIG is active
  • Fixed Samba sharing of SnareArchive
  • Fixed side-by-side migration issue that could lead to duplicated menu options when migrating from v7.5.0
  • Fixed the issue where the System Status icon could take a long time to update. The Heath Checker will now run every 1 minute
  • Various minor bug fixes

User Guide

The following is an offline version of the User Guide related to this release.

For an up-to-date version refer to the online version here.