TOC & Recently Viewed

Log Correlation Engine 4.6.1 Release Notes - 12/1/2015

The following notes describe the changes that are included in Log Correlation Engine (LCE) version 4.6.1, significant enhancements to LCE, and information about upgrading. A PDF file of these release notes is also available here.

General Upgrade Notes

  • As with any application, it is always advisable to perform a backup of your LCE installation and archived logs before upgrading.
  • Detailed instructions and notes on upgrading are located in the Log Correlation Engine 4.6 Administration and User Guide.
  • The supported upgrade path is from LCE 4.4.x to LCE 4.6.1 and LCE 4.6.0 to LCE 4.6.1. If you have deployed LCE < 4.4.x, please perform an intermediate upgrade to LCE 4.4.x, then upgrade to LCE 4.6.1.

Compatibility Notes

  • LCE version 4.6.1 is compatible with SecurityCenter version 5.1 or later. Older versions of SecurityCenter will work with LCE 4.4.1 without issues, but will not support some new features.
  • LCE version 4.6.1 is compatible with LCE Clients version 4.0.0 or later. Older LCE Clients will not be able to log in and send event data to LCE 4.6.1
  • Prior to upgrading or deploying LCE 4.6.x with High Availability, please contact Tenable Support at support@tenable.com.
  • Please contact Tenable Support at support@tenable.com if you have any questions about compatibility issues.

File Names & MD5 Checksums

File MD5
lce-4.6.1-el5.x86_64.rpm 8c0eab51916a56a3506d142a9e17def3
lce-4.6.1-el6.x86_64.rpm 6752d203651a3df5a05fe3c31571946e
lce-4.6.1-el7.x86_64.rpm 05bf787561f882b51de2bc702cd871aa
LCE-Server-HyperV-20141110-1155.zip 8aefceb133da8c88b89b37628d8fad1a
LCE-Server-VMware-20160119-2330.ova 19cd0f5cbec93ef016c87845bab24cdc

New Features and Improvements:

  • Added a multi-threaded option for the log_importer tool to allow faster import of large sets of data. Use "-j" or "--jobs" to specify the number of threads.
  • Improved performance over LCE 4.6.0 by moving TASL processors to a separate, new TASL Engine process. The process can be monitored, started, and stopped along with other LCE Server components using the LCE UI.
  • Added support for the Web Query Client.

Issues Addressed:

  • Fixed an issue where a successful plugin update could cause the web server to hang.
  • Fixed an issue where "Event Rules" could be cleared in the UI when modified.
  • Fixed an issue that caused the Query Interface to hang if a query was performed with certain special characters in a specific order.
  • Fixed an issue in the log_importer tool encountered if /opt/lce/tmp/ and the archive directory were not on the same filesystem.
  • Fixed an issue where the Text Indexer could become stuck on a certain database entry.
  • Fixed an issue on RHEL7 where services would not restart on reboot.
  • Fixed an issue where the UI prevented re-registration from the Feed Settings page if the Activation Code was unchanged.
  • Fixed a few resource leaks in the Query Interface and the Log Engine, and excessive memory usage by the lce_client_manager tool.

Copyright 2017. Tenable Network Security, Inc. All rights reserved. Tenable Network Security, Nessus, SecurityCenter Continuous View, Passive Vulnerability Scanner, and Log Correlation Engine are registered trademarks of Tenable Network Security, Inc. All other products or services are trademarks of their respective owners.