Feeds:
Posts
Comments

Archive for October, 2012

Siem_System

ImmuneSecurity (now called Logpoint) proudly presents LogInspect™ version 5.1.1. This version contains numerous enhancements as well as some bug fixes.

The highlights for this release are:

  • Introduction of LI Lite for distributed collection of logs from remote locations.
  • Higher availability of logs from the main LogInspect can be made by creating a copy of a repo in the remote LogInspect.
  • Introduction of tenants for effective object management between various organizational units.

Enhancements

A selection of the major enhancements of LogInspect™ v5.1.1 is listed below in detail.

Devices and Collection

  • Logs can be forwarded into the system from different platforms using the Distributed Collector. This support is available for LI Lite at the moment.
  • IPv6 support is extended to the following collectors and fetchers: SNMP fetcher, sflow collector,FileInspect collector, SNMP trap collector and the netflow collector.
  • The CIDR IP address, is supported for all of the collectors.
  • Log parser’s pattern can be validated by checking against the example message.
  • SNMP fetcher works for leaf OIDs.

Search and Queries

  • Fields in search query can now be renamed.
  • Grouping constructs support “order by” syntax.
  • Inline list now supports, using whitespace enclosed by quotes.
  • Cmd + click (Ctrl + click) opens and displays the search result on a new tab.

Dashboard and User Interface

  • Growl position setting, can now be managed from preferences page.
  • Dashboard tabs are now moveable.

User Management

  • LDAP authentication supports three different login formats: “Sam Account Name”, “UID” and “DN”. This can be configured from “Advance LDAP Settings”.
  • SSL implemented for Directory Access Protocol (LDAP Strategy).
  • Username is now made non editable.

Correlation and Alert

  • Ownership of rules can be transferred to other users.

System and Performance

  • Critical security updates for the system can be applied by uploading the tested security patch and installing them.

Backup and Storage

  • Backup scheduling is made optional.
  • For backups, its now possible to apply a retention policy.

FileInspect

  • Windows events can now be collected, by using the “Windows Event Log Reader” checkmark, while configuring the FileInspect client.
Reporting
  • Queries in reports templates are now editable.

Bug Fixes

A selection of the major bug fixes of LogInspect™ v5.1.1 is listed below.

  • Netflow v9 now contains all available fields.
  • HTTPS certificate can now be applied, without rebooting the server.
  • Problem with configuration backup has been fixed.
  • Vendor dashboard can now be used through the “use action”.
Advertisements

Read Full Post »