Recently Viewed Topics
The following notes describe the changes that are included in Log Correlation Engine (LCE) version 4.8.2, significant enhancements to LCE, and information about upgrading. A PDF file of these release notes is also available here.
General Upgrade Notes
- As with any application, it is always advisable to perform a backup of your LCE installation and archived logs before upgrading.
- Detailed instructions and notes on upgrading are located in the Log Correlation Engine 4.8 User Guide.
- Supported upgrade paths:
- 4.6.x > 4.8.2
- 4.8.x > 4.8.2
- LCE version 4.8.2 is compatible with SecurityCenter version 18.104.22.168 or later. Older versions of SecurityCenter will work with LCE 4.8.2 without issues, but will not support some new features.
LCE Server 5.x is compatible with all Clients.
- LCE Server 4.8.x is compatible only with LCE Client 4.x.
- Please contact Tenable Support at firstname.lastname@example.org if you have any questions about compatibility issues.
File Names & MD5 Checksums
New Features and Improvements:
- Added configuration backup and restoration scripts to /opt/lce/tools/
- Added hardware information to the debugging file
- Added bounds to the memory and host information consumed by the stats service
- Added SQLite3 pragmas for safer synchronous access to configuration, status, client, alert, and plugin databases
- Clarified workflow in the quick setup UI to guide users to enter a code and "Apply" it, or explicitly "Skip" that step
- Updated OpenSSL to 1.0.2j
- Updated libcURL to 7.51.0
- Updated SQLite3 to 3.15.2
- Fixed an issue that caused installs to fail and report proxy services to fail to start after the RHEL 7 host was patched with glibc-2.17-157.el7
- Fixed an issue where vulnerability severity values for some plugins were invalid
- Fixed an issue where processing plugin updates could crash the web server
- Fixed an issue where the TASL service did not reinitialize if include or exclude networks were reconfigured
- Fixed an issue where processing certain logs with a certain user database could restart the log engine
- Fixed an issue where normalized database indexing could stop due to a race condition
- Fixed an unbounded memory consumption issue in the query service when using the text search filters
- Fixed an issue where Assets with zero IP addresses had incorrect event counts in the Asset Summary screen of SecurityCenter
- Removed excessive log spam when parsing the user tracking database
- Removed from the UI syslog sensors that have not received data within the past two weeks
- Fixed a UI issue where the "Override Sensor Name" feature could not be toggled and saved