Log Correlation Engine 4.4.1 Release Notes

Transcription

Log Correlation Engine 4.4.1 Release Notes
Log Correlation Engine 4.4.1 Release Notes
The following notes describe the changes that are included in Log Correlation Engine (LCE) version 4.4.1, significant
enhancements to LCE, and information about upgrading.
General Upgrade Notes

As with any application, it is always advisable to perform a backup of your LCE installation and stored logs before
upgrading.

Detailed instructions and notes on upgrading are located in the Log Correlation Engine 4.4 Administration and
User Guide.

Upgrading to LCE version 4.4.1 from LCE version 3.x or earlier is not supported. An intermediate upgrade to LCE
4.2.2 must be performed before upgrading to LCE 4.4.1.

After upgrading to LCE version 4.4.1, the text-based configuration files (e.g., lce.conf) will be migrated to a
database and are no longer used.
Compatibility Notes

LCE version 4.4.1 is compatible with SecurityCenter version 4.6.2.2 or later. Older versions of SecurityCenter
will work with LCE 4.4.1 without issues, but will not support some new features.

LCE version 4.4.1 is compatible with LCE Clients version 4.0.0 or later. Older LCE Clients will not be able to log
in and send event data to LCE 4.4.1.

Prior to upgrading or deploying LCE 4.4.1 with High Availability, please contact Tenable Support at
support@tenable.com.

Please contact Tenable Support at support@tenable.com if you have any questions about compatibility issues.
File Names & MD5 Checksums
lce-4.4.1-el5.x86_64.rpm
lce-4.4.1-el6.x86_64.rpm
1a8c7056a8254c4883f456d83ee5f9e8
71d8f6e8c7c2a003599ed2e7e457a963
Application Notes
Improvements

Greatly enhanced indexer performance of normalized data

Increased default RSA key length of self-generated certificate to 2048 bits
Issues Addressed

Fixed an issue where silos did not roll at the configured value

Patched the LCE report proxy and web server to remove SSLv3 support (CVE-2014-3566)

Fixed an issue preventing some users from manually uploading a plugin file via the Web UI to update plugins
Copyright © 2014. Tenable Network Security, Inc. All rights reserved. Tenable Network Security and Nessus are registered trademarks of Tenable Network Security, Inc.

Fixed an issue where an Asset Summary displayed showed incorrect event counts

Fixed an issue where a client index could be re-used if the highest-indexed client was deleted

Fixed an issue where upgrading to LCE 4.4.x could cause duplicate entries in some configuration tables such as
Sampleable TASLs and Trusted Plugin
About Tenable Network Security
Tenable Network Security provides continuous network monitoring to identify vulnerabilities, reduce risk, and ensure
compliance. Our family of products includes SecurityCenter Continuous View™, which provides the most comprehensive
and integrated view of network health, and Nessus®, the global standard in detecting and assessing network data.
Tenable is relied upon by more than 24,000 organizations, including the entire U.S. Department of Defense and many of
the world’s largest companies and governments. We offer customers peace of mind thanks to the largest install base, the
best expertise, and the ability to identify their biggest threats and enable them to respond quickly.
For more information, please visit tenable.com.
Copyright © 2014. Tenable Network Security, Inc. All rights reserved. Tenable Network Security and Nessus are registered trademarks of Tenable Network Security, Inc.
2