Version and Build Information - GFI EventsManager 8

	Forums Register Login My Profile Inbox Address Book My Subscription My Forums Member List Search FAQ Ticket List Log Out

Version and Build Information - GFI EventsManager 8

Logged in as: Guest

Users viewing this topic: none

Printable Version

All Forums >> [Networking & Security] >> GFI EventsManager >> Version and Build Information - GFI EventsManager 8

Page: [1]

Message

<< Older Topic Newer Topic >>

Version and Build Information - GFI EventsManager 8 - 26.Mar.2008 5:33:25 AM

Sven Berger

Posts: 184
Score: 0
Joined: 25.Feb.2008
Status: offline

This thread contains information regarding the changes within the various builds of the GFI EventsManager 8. Detailed information on each individual build can be found in the posts below.

Latest version of GFI EventsManager:- Version 8
Latest build of GFI EventsManager:- 20080318
The latest version of GFI EventsManager can be downloaded from: http://www.gfi.com/pages/files.htm

Build 20080318
Changes in this service release include:

NEW: Data can now be backed up from the backup database
FIXED: SNMP and Syslog servers options do not apply properly
FIXED: Rules settings are not imported after upgrading from GFI EventsManager version 7.1
FIXED: Command line tool "Exportdata.exe" does not export "Other events" to file
FIXED: Priority of rules may be lost after importing settings from an older version
FIXED: SNMP and Syslog servers may not start automatically after system reboot
FIXED: Command line tool: importdata.exe does not import data to another database on another server when using /dbname /dbserver parameters
FIXED: After upgrading from GFI EventsManager 7.1, GFI EventManager may collect Windows Events that have already been collected, resulting in duplicate events.
FIXED: Maintenance jobs are triggering immediately after upgrading from GFI EventsManager 7.1
FIXED: When using /id installation parameter, the silent installation fails unexpectedly
FIXED: In certain situations, exportdata.exe terminates unexpectedly
FIXED: Importing of filters for database operations fails
FIXED: Importing of sms server settings fails
FIXED: Various minor fixes in the Events Browser Object Access query definition in events browser

Build 20080218

NEW: Extended support for various devices by adding SYSLOG rules for Juniper Networks devices
NEW: Select all SQL servers option from the "Add SQL servers� dialog
NEW: Export query results directly to CSV from event browsers
NEW: Possibility to filter on "Rule Name� in reports from Report Pack
NEW: Comprehensive sets of on SNMP traps and SQL Server Audit filters
NEW: All the data from SQL server audit columns appear in description panel
FIXED: Server name does not appear in Database Server Groups after restarting the application (Windows Vista)
FIXED: SQL Server Audit Browser -> Find Events -> Filter for "Date" column works incorrectly
FIXED: SQL Server Audit -> rule is triggered even if you set "Outside the normal operational time" (Window Vista)
FIXED: SQL Server Audit -> SQL Server Group Properties -> Operational Time -> for all collected events, the value for 'In work hours' column is 'NO' whether time intervals are marked or unmarked
FIXED: Rule -> A message appear when try to create a new action profile
FIXED: SQL Server Audit -> rule changes do not refresh in real time (Windows Vista)
FIXED: The shortcuts on the "logon information" window in the installation kit are not working
FIXED: SQL Audit rules -> Changing the security type does not work properly
FIXED: The number of events in SQL Audit Browser does not change if you right click -> "refresh" (Windows Vista)
FIXED: SQL Audit -> Not all events are collected (Windows Vista)
FIXED: SQL Server Audit -> events are collected with wrong credentials (inherited) on a SQL 2008 server (Windows Vista)
FIXED: The service does not start if the database server is not configured
FIXED: Jobs from Database Operations are not imported when upgrading from ESM 7.1 to ESM 8.0
FIXED: Cannot delete jobs from "Database Operation"
FIXED: From the Quick Start Dialog -> "Configure Event Sources" status appears "Not configured" even for SQL Servers that are added for Scanning
FIXED: SQL Server Audit -> events are not processed correctly if all the default processing rules are checked and inherited (Windows Vista)
FIXED: Syslog isn't on the global event count
FIXED: The last job from the database operations are not deleted
FIXED: physical date/time does not appear in some events in the same w3c log file (Windows Vista)
FIXED: SQL Server Audit -> Big delays between changes in configuration (Windows Vista)
FIXED: Windows Event Browser -> Find events -> Filters do not work
FIXED: When collecting w3c logs, collecting does not stop after the computer is disabled, and collects all the events from a certain w3c file (Windows Vista)
FIXED: SQL Audit - If you scan with rules no statistics appear on monitor
FIXED: SQL Server Audit -> Changes to default classification actions are not applied to rule processing until service is restarted (Windows Vista)
FIXED: The user interface does not start on Windows XP SP1
FIXED: SNMP Traps Messages -> Find Events >filter for "Date column" work incorrectly
FIXED: Windows Events Browser -> Different results for a query with the same condition in Security category and the all events section
FIXED: Database Operation -> A schedule job doesn't start automatically at specified hour
FIXED: Crash on network interruption
FIXED: All the data from SQL server audit columns should appear in Description panel
FIXED: ESM Instance changed isn't update at next scan
FIXED: When upgrading from ESM 7.1 to ESM8 email alerts doesn't work
FIXED: Schedule settings for Database Operation are not imported
FIXED: The refresh for custom logs queries in "Windows Events Browser" does not work when importing settings
FIXED: The user interface crashes in some situations
FIXED: Refresh does not work for events in "Event browsers" when importing settings
FIXED: Scheduled Database Operations do not disappear when importing configurations
FIXED: W3C events -> At collecting events, value for "In work hours" column is always "No"
FIXED: Emails not coming for EVT events gathered
FIXED: Export events gathered to a CSV file
FIXED: Some event fields are not exported correctly to a CSV file
FIXED: SQL Server Audit -> "Application name" is not stored correctly in the database on certain events (Windows Vista)
FIXED: W3C events -> Queries -> "Failed to connect the database" appears for a wrong value for "S-port" field
FIXED: W3C events Browser -> "There are no events in the current log� appears if try to sort via "CS-uri Stem" or 'CS-uri Query" columns
FIXED: Database operations are running every time I restart ESM service
FIXED: Enable\Disable "Computers Groups" does not work
FIXED: Computer properties -> ESM crashes if check "Process using this rule set" and rule set aren't checked
FIXED: Problem with storing credentials for ESM users
FIXED: Component Configuration Quick Start -> Configure administrator account -> Status remains "Not configured" even Administrator account is configured
FIXED: SQL Audit -> events are not collected after system restart
FIXED: SNMP Traps -> Trap OID not displayed correctly in browser (Windows Vista)
FIXED: Sometimes SMS Alert properties are applied only after the service is restarted (Windows Vista)
FIXED: Saving filters in events browsers might trigger an error if the name of the filter is the same of another existing one even if it is on a different group

Changes in GFI EventsManager 8.0 (from version 7)

NEW: Ability to collect and process the events specific to Vista and Longhorn.
NEW: Seamless integration of Vista/Longhorn events with the existing features like filters, rules, browsers and database operations.
NEW: Support for processing SNMP traps version 1, 2 and 3.
NEW: Standard MIB translation included.
NEW: Support for processing SQL Server events through SQL Audit.
NEW: Support for processing SNMP traps and SYSLOG messages on TCP.
NEW: The console can now be accessed in read-only mode.
NEW: Users and groups can be assigned read-only or full privileges to work with the configuration console.
NEW: There is a new log file which records all the actions performed by the user in the configuration console.
NEW: Various user interface elements have been optimized for better usage.
NEW: Reports from the previous version have been updated to work with Windows Vista events as well.
NEW: New generic Windows Events report with the possibility to filter on Event ID.
NEW: Generic SNMP traps report.
NEW: Generic report for SQL Server audit
NEW: Added tab page settings for SQL Audit groups.
FIX: Configuration related crashes.
FIX: Error leading to database string truncation in certain cases.
FIX: Error regarding the synchronization loss between UI and service.
FIX: Internal case of access violation.
FIX: A memory leak.

< Message edited by owenb -- 15.Apr.2009 7:35:10 AM >

_____________________________

Sven Berger
GFI Software - www.gfi.com
Messaging, Content Security & Network Security Software

Post #: 1

RE: !!!! Eventsmanager 8 Version and Build Information - 26.Mar.2008 5:35:45 AM

Sven Berger

Posts: 184
Score: 0
Joined: 25.Feb.2008
Status: offline

Latest version of GFI Eventsmanager:- Version 8.0

Latest build of GFI EndPointSecurity:- 20080218

A new build of GFI EventsManager (build 20080218) has been uploaded.
Changes in this build include:

NEW: Extended support for various devices by adding SYSLOG rules for Juniper Networks devices
NEW: Select all SQL servers option from the �Add SQL servers� dialog
NEW: Export query results directly to CSV from event browsers
NEW: Possibility to filter on �Rule Name� in reports from Report Pack
NEW: Comprehensive sets of on SNMP traps and SQL Server Audit filters
NEW: All the data from SQL server audit columns appear in description panel
FIXED: Server name does not appear in Database Server Groups after restarting the application (Windows Vista)
FIXED: SQL Server Audit Browser -> Find Events -> Filter for "Date" column works incorrectly
FIXED: SQL Server Audit -> rule is triggered even if you set "Outside the normal operational time" (Window Vista)
FIXED: SQL Server Audit -> SQL Server Group Properties -> Operational Time -> for all collected events, the value for �In work hours� column is �NO� whether time intervals are marked or unmarked
FIXED: Rule -> A message appear when try to create a new action profile
FIXED: SQL Server Audit -> rule changes do not refresh in real time (Windows Vista)
FIXED: The shortcuts on the "logon information" window in the installation kit are not working
FIXED: SQL Audit rules -> Changing the security type does not work properly
FIXED: The number of events in SQL Audit Browser does not change if you right click -> "refresh" (Windows Vista)
FIXED: SQL Audit -> Not all events are collected (Windows Vista)
FIXED: SQL Server Audit -> events are collected with wrong credentials (inherited) on a SQL 2008 server (Windows Vista)
FIXED: The service does not start if the database server is not configured
FIXED: Jobs from Database Operations are not imported when upgrading from ESM 7.1 to ESM 8.0
FIXED: Cannot delete jobs from "Database Operation"
FIXED: From the Quick Start Dialog -> "Configure Event Sources" status appears "Not configured" even for SQL Servers that are added for Scanning
FIXED: SQL Server Audit -> events are not processed correctly if all the default processing rules are checked and inherited (Windows Vista)
FIXED: Syslog isn't on the global event count
FIXED: The last job from the database operations are not deleted
FIXED: physical date/time does not appear in some events in the same w3c log file (Windows Vista)
FIXED: SQL Server Audit -> Big delays between changes in configuration (Windows Vista)
FIXED: Windows Event Browser -> Find events -> Filters do not work
FIXED: When collecting w3c logs, collecting does not stop after the computer is disabled, and collects all the events from a certain w3c file (Windows Vista)
FIXED: SQL Audit - If you scan with rules no statistics appear on monitor
FIXED: SQL Server Audit -> Changes to default classification actions are not applied to rule processing until service is restarted (Windows Vista)
FIXED: The user interface does not start on Windows XP SP1
FIXED: SNMP Traps Messages -> Find Events >filter for "Date column" work incorrectly
FIXED: Windows Events Browser -> Different results for a query with the same condition in Security category and the all events section
FIXED: Database Operation -> A schedule job doesn't start automatically at specified hour
FIXED: Crash on network interruption
FIXED: All the data from SQL server audit columns should appear in Description panel
FIXED: ESM Instance changed isn't update at next scan
FIXED: When upgrading from ESM 7.1 to ESM8 email alerts doesn't work
FIXED: Schedule settings for Database Operation are not imported
FIXED: The refresh for custom logs queries in "Windows Events Browser" does not work when importing settings
FIXED: The user interface crashes in some situations
FIXED: Refresh does not work for events in "Event browsers" when importing settings
FIXED: Scheduled Database Operations do not disappear when importing configurations
FIXED: W3C events -> At collecting events, value for "In work hours" column is always "No"
FIXED: Emails not coming for EVT events gathered
FIXED: Export events gathered to a CSV file
FIXED: Some event fields are not exported correctly to a CSV file
FIXED: SQL Server Audit -> "Application name" is not stored correctly in the database on certain events (Windows Vista)
FIXED: W3C events -> Queries -> "Failed to connect the database" appears for a wrong value for "S-port" field
FIXED: W3C events Browser -> "There are no events in the current log� appears if try to sort via "CS-uri Stem" or 'CS-uri Query" columns
FIXED: Database operations are running every time I restart ESM service
FIXED: Enable\Disable "Computers Groups" does not work
FIXED: Computer properties -> ESM crashes if check "Process using this rule set" and rule set aren't checked
FIXED: Problem with storing credentials for ESM users
FIXED: Component Configuration Quick Start -> Configure administrator account -> Status remains "Not configured" even Administrator account is configured
FIXED: SQL Audit -> events are not collected after system restart
FIXED: SNMP Traps -> Trap OID not displayed correctly in browser (Windows Vista)
FIXED: Sometimes SMS Alert properties are applied only after the service is restarted (Windows Vista)
FIXED: Saving filters in events browsers might trigger an error if the name of the filter is the same of another existing one even if it is on a different group

_____________________________

Sven Berger
GFI Software - www.gfi.com
Messaging, Content Security & Network Security Software

(in reply to Sven Berger)

Post #: 2

RE: !!!! Eventsmanager 8 Version and Build Information - 26.Mar.2008 5:37:26 AM

Sven Berger

Posts: 184
Score: 0
Joined: 25.Feb.2008
Status: offline

What's new in Eventsmanager 8?

GFI EventsManager version 8 builds on version 7.1 whilst increasing the range of systems and devices that can be monitored through various log types including Windows events, Syslog, W3C and SNMP traps generated by heterogeneous network sources.
The new features being introduced with version 8 include the following:

SNMP Traps: GFI EventsManager now supports Simple Network Management Protocol ver.3 which is the language spoken by low level devices such as routers, sensors, firewalls, etc. Through SNMP users can now monitor a whole range of hardware devices on their infrastructure with the ability to report on the health and operational status of each device.
Support for new Devices: MIB definition files contain information about hardware device properties and are usually provided by equipment manufacturers. Since GFI EventsManager is now capable of importing generic MIB files, it can practically support any hardware models that rely on SNMP messaging, as soon as these become available. By default GFI EventsManager also ships with MIB definitions for the following vendors: Cisco, 3Com, IBM, HP, Check Point, Alcatel, Dell, Netgear, SonicWall, Juniper Networks, Arbor Networks, Oracle, Symantec, Allied Telesis and others.
SQL Server Auditing: GFI EventsManager now supports SQL server auditing for all commercial and free versions of SQL Server including 2000, 2005, 2008, MSDE and SQL Express. Auditing allows the user to track and report on SQL server activity such as: Running of SQL statements, altering DB tables, attempts to access data without necessary privileges, etc. This can ensure data in SQL servers is authentic and thus reliable.
Support for Windows Vista & Windows Server 2008: GFI EventsManager can now be installed on, and collect events from Windows Vista and Windows 2008. Although these new platforms use a different log format, GFI EventsManager presents events from various operating systems in the same manner, thus allowing the user to get used to a common structure, irrespective of the platform being monitored.
Extended support for various devices by adding SYSLOG rules for Juniper Networks devices
Select all SQL servers option from the �Add SQL servers� dialog
Export query results directly to CSV from event browsers
Possibility to filter on �Rule Name� in reports from Report Pack
Comprehensive sets of on SNMP traps and SQL Server Audit filters
All the data from SQL server audit columns appears in description panel

Useful GFI EventsManager links:
Overview | Features | Download trial | Pricing

_____________________________

Sven Berger
GFI Software - www.gfi.com
Messaging, Content Security & Network Security Software

(in reply to Sven Berger)

Post #: 3