TOC & Recently Viewed

Recently Viewed Topics

Log Correlation Engine 5.0.6 Release Notes - 6/26/2018

Improvements

  • The diagnostics tool diag now records firewall configuration information, as well as additional directory information useful in diagnosing directory permissions problems.
  • The admin utility, in /opt/lce/tools/es-helper-scripts/, now takes an additional option, --filter-tracelog--errors-exceptions. This filters the Elasticsearch tracelog and prints a succinct chronological listing of error messages and exceptions; in such a listing, redundant and non-actionable lines are excised.
  • The rectify-disk-utilization utility, in /opt/lce/tools/es-helper-scripts/, is new. Intended for recovery from a full-disk situation, this utility helps an operator to bring disk usage to below 90%, in two phases:
    • erases non-critical files
    • as needed, repeatedly prompts operator to clear the oldest silo.
  • The harmonize-datastore utility, in /opt/lce/tools/es-helper-scripts/, has been revised for greater robustness, as well as extended scope: it now corrects any errors in mapping of aliases to Elasticsearch indexes.

Resolved Items

  • Authorized clients may lose authorization once disconnected.
  • Authorization does not follow a client across an IP change.
  • Daemon lced may terminate abnormally if size of the current silo far exceeds 20GB.
  • Daemon lce_tasld becomes unstable and fails to produce TASL events, if a particular volume and pattern of input events are encountered.
  • Daemon lced may terminate abnormally if a version 5 client fails to complete its login sequence.
  • Excessive alerts generated when the lceddaemon detects that a client’s IP has changed.
  • Installer improperly rejects certain versions of the OpenJDK JVM.
  • Incorrect numbering of silos created by the `import_logs` utility.

File Names & MD5 Checksums

File MD5
lce-5.0.6-el5.x86_64.rpm 3928e3e6f41f2b1beb67a64f28912ca5
lce-5.0.6-el6.x86_64.rpm 128b99c052101b9f86bd0bd3626bf27a
lce-5.0.6-el7.x86_64.rpm 8f8bac072500675bd6db69dd0624074c

Copyright 2017 - 2018 Tenable, Inc. All rights reserved. Tenable Network Security, Nessus, SecurityCenter, SecurityCenter Continuous View and Log Correlation Engine are registered trademarks of Tenable, Inc. Tenable, Tenable.io, Assure, and The Cyber Exposure Company are trademarks of Tenable, Inc. All other products or services are trademarks of their respective owners.