TOC & Recently Viewed

Log Correlation Engine 4.6 Release Notes - 8/20/2015

The following notes describe the changes that are included in Log Correlation Engine (LCE) version 4.6.0, significant enhancements to LCE, and information about upgrading. A PDF file of these release notes is also available here.

General Upgrade Notes

  • As with any application, it is always advisable to perform a backup of your LCE installation and archived logs before upgrading.
  • Detailed instructions and notes on upgrading are located in the Log Correlation Engine 4.6 Administration and User Guide.
  • Prior to upgrading to LCE 4.6.0, ensure that your "Feed Expiration" is not expired and your "Activation Status" is "Licensed" by logging in to the LCE web interface, clicking on "Health and Status", then clicking on "Plugins". If these fields are not valid, then LCE 4.6.0 will cease to run until a new activation code is applied.
  • The only supported upgrade path is from LCE 4.4.x to LCE 4.6.0. If you have deployed LCE < 4.4.x, please perform an intermediate upgrade to LCE 4.4.x, then upgrade to LCE 4.6.0.

Compatibility Notes

  • LCE version 4.6.0 is compatible with SecurityCenter version 4.6.2.2 or later. Older versions of SecurityCenter will work with LCE 4.4.1 without issues, but will not support some new features.
  • LCE version 4.6.0 is compatible with LCE Clients version 4.0.0 or later. Older LCE Clients will not be able to log in and send event data to LCE 4.6.0
  • Prior to upgrading or deploying LCE 4.6.0 with High Availability, please contact Tenable Support at support@tenable.com.
  • Please contact Tenable Support at support@tenable.com if you have any questions about compatibility issues.

File Names & MD5 Checksums

File MD5
lce-4.6.0-el5.x86_64.rpm 77c498fa3a714aeea1da765357da21ae
lce-4.6.0-el6.x86_64.rpm fdfd7b4bf1be3326d04f3b314475144c
lce-4.6.0-el7.x86_64.rpm ad5f0065441d9ce4d76ed70dfc634fcc

New Features and Improvements:

Improvements

  • TLS TCP Syslog: LCE can now receive encrypted reliable syslog data from verified senders.
  • DHCP Client Support: LCE 4.6.0 introduces DHCP client support. LCE Clients (version 4.6.0+) can be authorized once and will be recognized even if the endpoint receives a new IP address.
  • Simplified licensing: The lce.key file is no longer required; the activation code now provides the license and the plugin subscription.
  • Simplified offline registration and plugin update: Follow the instructions at https://plugins.nessus.org/v2/offline-lce.php to perform offline activation and plugin updates.

Issues Addressed:

  • Fixed a log engine deadlock and memory leak associated with importing statistical info-level vulnerability data every two hours
  • Removed support for SSLv3 on all interfaces, removed support for TLSv1 on most interfaces, and tightened accepted cipher suites
  • Fixed an issue where offline plugin updates occasionally failed
  • Fixed an issue where LCE would return incorrect results to SecurityCenter if IPv6 ranges were included in a Repository

Copyright 2017. Tenable Network Security, Inc. All rights reserved. Tenable Network Security, Nessus, SecurityCenter Continuous View, Passive Vulnerability Scanner, and Log Correlation Engine are registered trademarks of Tenable Network Security, Inc. All other products or services are trademarks of their respective owners.