TOC & Recently Viewed

Recently Viewed Topics

Log Correlation Engine 4.8.2 Release Notes - 12/21/2016

The following notes describe the changes that are included in Log Correlation Engine (LCE) version 4.8.2, significant enhancements to LCE, and information about upgrading. A PDF file of these release notes is also available here.

General Upgrade Notes

  • As with any application, it is always advisable to perform a backup of your LCE installation and archived logs before upgrading.
  • Detailed instructions and notes on upgrading are located in the Log Correlation Engine 4.8 User Guide.
  • Supported upgrade paths:
    • 4.6.x > 4.8.2
    • 4.8.x > 4.8.2

Compatibility Notes

  • LCE version 4.8.2 is compatible with SecurityCenter version 4.6.2.2 or later. Older versions of SecurityCenter will work with LCE 4.8.2 without issues, but will not support some new features.
  • LCE Server 5.x is compatible with all Clients.

  • LCE Server 4.8.x is compatible only with LCE Client 4.x.
  • Please contact Tenable Support at support@tenable.com if you have any questions about compatibility issues.

File Names & MD5 Checksums

File MD5
lce-4.8.2-el5.x86_64.rpm f7cdbc9767dd08844a47d7e4f0313393
lce-4.8.2-el6.x86_64.rpm 44bff90a989884c717f89ae24e53966b
lce-4.8.2-el7.x86_64.rpm 96e5e9cb821303c141702a80999efa37

New Features and Improvements:

  • Added configuration backup and restoration scripts to /opt/lce/tools/
  • Added hardware information to the debugging file
  • Added bounds to the memory and host information consumed by the stats service
  • Added SQLite3 pragmas for safer synchronous access to configuration, status, client, alert, and plugin databases
  • Clarified workflow in the quick setup UI to guide users to enter a code and "Apply" it, or explicitly "Skip" that step

Security Enhancements:

  • Updated OpenSSL to 1.0.2j
  • Updated libcURL to 7.51.0
  • Updated SQLite3 to 3.15.2

Resolved Items:

  • Fixed an issue that caused installs to fail and report proxy services to fail to start after the RHEL 7 host was patched with glibc-2.17-157.el7
  • Fixed an issue where vulnerability severity values for some plugins were invalid
  • Fixed an issue where processing plugin updates could crash the web server
  • Fixed an issue where the TASL service did not reinitialize if include or exclude networks were reconfigured
  • Fixed an issue where processing certain logs with a certain user database could restart the log engine
  • Fixed an issue where normalized database indexing could stop due to a race condition
  • Fixed an unbounded memory consumption issue in the query service when using the text search filters
  • Fixed an issue where Assets with zero IP addresses had incorrect event counts in the Asset Summary screen of SecurityCenter
  • Removed excessive log spam when parsing the user tracking database
  • Removed from the UI syslog sensors that have not received data within the past two weeks
  • Fixed a UI issue where the "Override Sensor Name" feature could not be toggled and saved

Copyright 2017 Tenable, Inc. All rights reserved. Tenable Network Security, Nessus, SecurityCenter, SecurityCenter Continuous View and Log Correlation Engine are registered trademarks of Tenable, Inc.  Tenable, Tenable.io, Assure, and The Cyber Exposure Company are trademarks of Tenable, Inc.  All other products or services are trademarks of their respective owners.