TOC & Recently Viewed

Log Correlation Engine 4.4.1 Release Notes - 10/28/2014

The following notes describe the changes that are included in Log Correlation Engine (LCE) version 4.4.1, significant enhancements to LCE, and information about upgrading. A PDF file of these release notes is also available here.

General Upgrade Notes

  • As with any application, it is always advisable to perform a backup of your LCE installation and archived logs before upgrading.
  • Detailed instructions and notes on upgrading are located in the Log Correlation Engine 4.4 Administration and User Guide.
  • Upgrading to LCE version 4.4.1 from LCE version 3.x or earlier is not supported. An intermediate upgrade to LCE 4.2.2 must be performed before upgrading to LCE 4.4.1.
  • After upgrading to LCE version 4.4.1, the text-based configuration files (e.g., lce.conf) will be migrated to a database and are no longer used.

Compatibility Notes

  • LCE version 4.4.1 is compatible with SecurityCenter version 4.6.2.2 or later. Older versions of SecurityCenter will work with LCE 4.4.1 without issues, but will not support some new features.
  • LCE version 4.4.1 is compatible with LCE Clients version 4.0.0 or later. Older LCE Clients will not be able to log in and send event data to LCE 4.4.1.
  • Prior to upgrading or deploying LCE 4.4.1 with High Availability, please contact Tenable Support at support@tenable.com.
  • Please contact Tenable Support at support@tenable.com if you have any questions about compatibility issues.

File Names & MD5 Checksums

File MD5
lce-4.4.1-el5.x86_64.rpm 1a8c7056a8254c4883f456d83ee5f9e8
lce-4.4.1-el6.x86_64.rpm 71d8f6e8c7c2a003599ed2e7e457a963
LCE-Server-4.4.1-HyperV.zip e6bec0fb2902b9e605d62025f093d2c7
LCE-Server-4.4.1-VMware.ova eacd85eb0a577eedc59d5498450d9652

Application Notes

Improvements

  • Greatly enhanced indexer performance of normalized data
  • Increased default RSA key length of self-generated certificate to 2048 bits

Issues Addressed

  • Fixed an issue where silos did not roll at the configured value
  • Patched the LCE report proxy and web server to remove SSLv3 support (CVE-2014-3566)
  • Fixed an issue preventing some users from manually uploading a plugin file via the Web UI to update plugins
  • Fixed an issue where an Asset Summary displayed showed incorrect event counts
  • Fixed an issue where a client index could be re-used if the highest-indexed client was deleted
  • Fixed an issue where upgrading to LCE 4.4.x could cause duplicate entries in some configuration tables such as Sampleable TASLs and Trusted Plugin

Copyright 2017. Tenable Network Security, Inc. All rights reserved. Tenable Network Security, Nessus, SecurityCenter Continuous View, Passive Vulnerability Scanner, and Log Correlation Engine are registered trademarks of Tenable Network Security, Inc. All other products or services are trademarks of their respective owners.