Log Correlation Engine 4.4.1 Release Notes - 10/28/2014
The following notes describe the changes that are included in Log Correlation Engine (LCE) version 4.4.1, significant enhancements to LCE, and information about upgrading. A PDF file of these release notes is also available here.
General Upgrade Notes
- As with any application, it is always advisable to perform a backup of your LCE installation and archived logs before upgrading.
- Detailed instructions and notes on upgrading are located in the Log Correlation Engine 4.4 Administration and User Guide.
- Upgrading to LCE version 4.4.1 from LCE version 3.x or earlier is not supported. An intermediate upgrade to LCE 4.2.2 must be performed before upgrading to LCE 4.4.1.
- After upgrading to LCE version 4.4.1, the text-based configuration files (e.g., lce.conf) will be migrated to a database and are no longer used.
- LCE version 4.4.1 is compatible with SecurityCenter version 126.96.36.199 or later. Older versions of SecurityCenter will work with LCE 4.4.1 without issues, but will not support some new features.
- LCE version 4.4.1 is compatible with LCE Clients version 4.0.0 or later. Older LCE Clients will not be able to log in and send event data to LCE 4.4.1.
- Prior to upgrading or deploying LCE 4.4.1 with High Availability, please contact Tenable Support at firstname.lastname@example.org.
- Please contact Tenable Support at email@example.com if you have any questions about compatibility issues.
File Names & MD5 Checksums
- Greatly enhanced indexer performance of normalized data
- Increased default RSA key length of self-generated certificate to 2048 bits
- Fixed an issue where silos did not roll at the configured value
- Patched the LCE report proxy and web server to remove SSLv3 support (CVE-2014-3566)
- Fixed an issue preventing some users from manually uploading a plugin file via the Web UI to update plugins
- Fixed an issue where an Asset Summary displayed showed incorrect event counts
- Fixed an issue where a client index could be re-used if the highest-indexed client was deleted
- Fixed an issue where upgrading to LCE 4.4.x could cause duplicate entries in some configuration tables such as Sampleable TASLs and Trusted Plugin