TOC & Recently Viewed

Recently Viewed Topics

Log Correlation Engine 5.0.4 Release Notes - 4/24/2018

The following notes describe the changes that are included in Log Correlation Engine (LCE) version 5.0.4, significant enhancements to LCE, and information about upgrading.

Improvements:

  • More detailed diagnostic messages traced when updating plugins from feed.
  • Fine-grained trace selector mechanism now available, to facilitate troubleshooting of client login/dispatch. Selectors provided are:
    • LCEfgts__CLIENT_PACKETS: Trace all packet-level activity for the specified IPs.
    • LCEfgts__CLIENT_REGISTER: Trace all client registration changes (login, logout, disconnect, etc.) for clients coming from specified IPs.
    • LCEfgts__EVENT1_FIELD: Trace all clients-sent events whose event1 field equals one of the specified strings.
  • Extensive tracing of filters and alerts enforced by TASL engine now available, to facilitate troubleshooting of custom plugins.
  • Added --sort-by-rowid option to the list-clients utility.

Resolved Items:

  • Utility migrateDB-toES fails to properly delete 4.8.x silos on command.
  • Configuration maladjustment possible when resetting active DB path from web UI.
  • Alarming tracelog message emitted by several utilities at shutdown.
  • Daemon lce_queryd terminates abnormally if encounters archive snapshots with extended-format filenames.
  • Daemons lced and lce_queryd may terminate abnormally if archive DB is stored on a CIFS-mounted filesystem.
  • Corrupt data output by lce_client_manager -D, under certain conditions.
  • Utility migrateDB-toES shows a confusing interactive prompt.
  • Malformatted data output by es-helper-scripts/archival --show, if host timezone is not GMT.

 

File Names & MD5 Checksums

File MD5
lce-5.0.4-el5.x86_64.rpm 7c5c45d432094787e0d2023342e8435e
lce-5.0.4-el6.x86_64.rpm 591a87e3165005198c76f57b7bc4302c
lce-5.0.4-el7.x86_64.rpm f24bf2f2c23db487a97c7c49d2e15fcd

Copyright 2017 - 2018 Tenable, Inc. All rights reserved. Tenable Network Security, Nessus, SecurityCenter, SecurityCenter Continuous View and Log Correlation Engine are registered trademarks of Tenable, Inc. Tenable, Tenable.io, Assure, and The Cyber Exposure Company are trademarks of Tenable, Inc. All other products or services are trademarks of their respective owners.