2016-09-19 MonitorWare Agent 10.3 released

Adiscon is proud to announce the 10.3 release of MonitorWare Agent.

This is a bugfixing release with minor feature update.

Most importantly, the Adiscon SNMP MIB now supports messages sizes up to 64k (previous limit was 255 characters). The OpenSSL Library has been updated to 1.0.2h. Bugs were fixed primarily in RELP and syslog forwarding processing and internal queue handling. For details please see the change log.

Detailed information can be found in the version history.

Version 10.3 is a free download. Customers with existing 9.x keys can contact our Sales department for upgrade prices. If you have a valid Upgrade Insurance ID, you can request a free new key by sending your Upgrade Insurance ID to sales@adiscon.com. Please note that the download enables the free 30-day trial version if used without a key – so you can right now go ahead and evaluate it.

MonitorWare Agent 10.3 Released (Build-IDs: Service 10.3.471, Client 10.3.1564)

MonitorWare Agent 10.3 Released

Build-IDs: Service 10.3.471, Client 10.3.1564

Features

  • OpenSSL library updated to 1.0.2h.
  • Adiscon SNMP Mib:
    • Changed DisplayString limit from 255 characters to 65536. Now, strings above 255 characters can be send using the adiscon mibs.

Bugfixes

  • Send Syslog Action:
    • Fixed an issue with the “Disable processing, forward as it is” Option. RawSyslogMsg property is used instead of msg property.
  • Send Relp Action:
    • Fixed an issue in the Session Close shutdown procedure which could lead to leaking sessions on Relp Servers.
    • Fixed an issue setting a proper status on failure.
    • Fixed a problem handling socket failures.
  • File Action:
    • Fixed issue detecting the last used file on startup when Circular Logging is enabled.
  • Event Monitor V2:
    • Dynamic properties could break XML format if they contained spaces in their name. Spaces and control characters are now properly replaced with underscores.
  • Relp Listener:
    • Fixed Socketsystem startup if only one Relp Listener Service was configured without any other network related services.
  • Syslog Server:
    • Fixed an issue relaying the priority / facility properties on Syslog Forward. The prifac property was not properly recreated if the message source was Syslog
    • Fixed an issue with RFC5424 header parsing which partially parsed invalid formatted syslog messages. This broke the original message.
    • Fixed a parsing issue (TCP Protocol only) when the syslog header was missing. When the first characters were a number, TCP Syslog tried to detect octet framing. This failed but the beginning characters of the message were lost. Also octet framing was not disabled resulting in unexpected endings of the message.
    • Fixed an issue with RFC 3164 Syslog Header parsing when “take syslog source from msg” is enabled.
  • Property Replacer:
    • Date related options are now evaluated before and after the property is truncated. But only if a match before the string truncation was not successful.

You can download Free Trial Version of MonitorWare Agent.

2016-04-04 MonitorWare Agent 10.2 released

Adiscon is proud to announce the 10.2 release of MonitorWare Agent.

This is a maintenenance release for MonitorWare Agent, which includes Features and bugfixes.

There is a huge list of changes, but the most important is the enhanced support for file based configurations.

Also inbuild components like OpenSSL and NetSNMP have been updated to the latest versions.

Detailed information can be found in the version history.

Version 10.2 is a free download. Customers with existing 9.x keys can contact our Sales department for upgrade prices. If you have a valid Upgrade Insurance ID, you can request a free new key by sending your Upgrade Insurance ID to sales@adiscon.com. Please note that the download enables the free 30-day trial version if used without a key – so you can right now go ahead and evaluate it.

MonitorWare Agent 10.2 Released (Build-IDs: Service 10.2.466, Client 10.2.0.1559)

MonitorWare Agent 10.2 Released

Build-IDs: Service 10.2.466, Client 10.2.0.1559

Features

  • Components:
    • Updated NET-SNMP 5.6.2.1 and OpenSSL 1.0.2e.
  • Engine:
    • Enabled support to parse MIBs with labels that contain underscores.
    • When using TLS Mode x509/Name, permitted peers will also checked against the certificate Subject Alternative Name (SAN) now.
  • DB Monitor:
    • Added option “Write LastDBIndex at frequent intervals” to support saving the LastDBIndex while processing data records. By default the LastIDIndex is only written after all database records have been processed. LastDBIndex can now be a 64Bit number (Was limited to 32Bit before).
  • EventLog Monitor V2:
    • Added new Option “Wait time after action failure” which specifies the wait time after an action error occurred. Without the wait time, the subscription would immediately hit again. It is most likely that the action failure was caused by network problems, so a wait time of (default value) 15 seconds is a reasonable default.
  • File Monitor:
    • Added regular expressions support for Message Separators. Also added Options to prepend or append message separators to the message.  When using regex message separators, it might be necessary to include the message separator into the message.
  • Syslog Action:
    • Added wait time doubling option for the Diskqueue feature. When enabled, the configured wait time will be doubled until the doubling limit is reached.
    • Added random wait time delay option for the Diskqueue feature. When enabled, a random wait time (up to the configured maximum) will be added to the configured wait time.
    • Added Overrun prevention delay option for the Diskqueue feature. When enabled, the action will sleep for the configured delay between each syslog message.
  • Services TestMode:
    • Added a testmode for Services, currently EventLog Monitor V1 & V2 and File Monitor are supported. When enabling the testmode for a certain service, it will process it’s Events/Files over and over again. So only use this setting for testing purpose.
  • File Based Configuration:
    • Added support for file includes. The feature can be enabled by setting one or both options in the Client Options called “Create individual configuration files for Services” and “Create individual configuration files for RuleSets”. When enabled, the configuration client will split Services and/or Rulesets into separated files. The main configuration file will include these files by a pattern. The Service itself is able to read includes within includes up to a depth level to 10. When using custom (hand written) configuration with includes, the configuration client will only be able to read them. However the client will not be able to maintain (Save) the custom configuration structure.
  • Command line:
    • Added handler for CTRL+C when running the Service in console mode

Bugfixes

  • EventLog Monitor V2:
    • When using the subscription method (Default), Events could get lost when an action failed to process. Action error handling has been corrected now and works similar like in EventLog Monitor V1.
  • DB Monitor:
    • Fixed loading/saving LastDBIndex value when Service runs in fileconfig mode.
  • Syslog Server:
    • Fixed a problem receiving RFC3195RAW messages.
    • Fixed message timeout handling when no message separator was enabled in Syslog TCP mode.
  • File Action:
    • When using Custom Format, a trailing NULL Byte was written into the file. This was considered a bug, so the NULL Byte is not written anymore.
  • Syslog Action:
    • Fixed an issue when diskqueue files were corrupt. Now corrupted entries are skipped properly.
    • In some cases when the Action was in diskqueue mode, it could happen that the internal retry failed. Cached syslog messages wouldn’t be sent until the service restart.
  • SSL/TLS:
    • Actions with support for SSL/TLS (like Send Syslog Action) could fail to send messages if the recipient closed the connection during meantime. The handling of closed connections has been hardened now when TLS/SSL is enabled.
  • Command line:
    • Fixed handling when using more than one command line option
  • File Based Configuration:
    • Fixed a bug reading general options from File configuration.
    • Fixed an issue reading and writing into correct data directories when using custom locations.
    • Fixed an issue detecting if data state files need to be reloaded.
    • Fixed problem reading of Rule and ActionCount properly introduced due changes in the configuration client of build 456.
    • Better error handling when configfile is missing or not accessible.
  • Configuration client:
    • When deleting an item in a datagrid, the Confirm/reset Button become clickable now to save or reset the changes.
    • Added missing password encryption checkbox in DB Monitor configuration.
    • Added missing LastDBIndex in DB Monitor configuration.
    • Fixed timestamp for “EventLog Legacy Format” INSERT
    • Fixed invisible encryption checkbox for password fields (Like ODBC Action)
    • Fixed an issue of unwanted LastRecord saving when changing eventlog channels settings.
    • The little “Save” Button has been changed to a “Confirm” which is more precisely.
    • Corrected Min/Max values for General->Queue Limit Setting.
    • Removed invisible click areas for all checkboxes and radio buttons.
    • Fixed loading of “Processed Files” in File Monitor when running in file config format.
    • Changed error handling when exporting configuration in file format.
    • Fixed incorrect trimming of spaces at the end of text variables (problem only affected file based configurations)

You can download Free Trial Version of MonitorWare Agent.

2015-06-03 MonitorWare Agent 10.1 released

Adiscon is proud to announce the 10.1 release of MonitorWare Agent.

This is a maintenenance release for MonitorWare Agent. It includes some bugfixes as well as a new rule date condition which can be used to process events starting from a certain date. A new Service called Passive Syslog Listener which is bind to Syslog Queues has been added as well. It builds in Syslog Queues created by the new Syslog Queue Action. Please see the manual for more details about the new Service/Action.

Detailed information can be found in the version history.

Version 10.1 is a free download. Customers with existing 9.x keys can contact our Sales department for upgrade prices. If you have a valid Upgrade Insurance ID, you can request a free new key by sending your Upgrade Insurance ID to sales@adiscon.com. Please note that the download enables the free 30-day trial version if used without a key – so you can right now go ahead and evaluate it.

MonitorWare Agent 10.1 Released (Build-IDs: Service 10.1.453, Client 10.1.1538)

MonitorWare Agent 10.1 Released

Build-IDs: Service 10.1.453, Client 10.1.1538

Features

  • All internal errors are now logged into the EventLog when “Event Warnings” are enabled in general options.
  • Added Rule Date Conditions. By default a rule will always be processed. It can be set to only process messages generated since the installation or custom date.
  • Syslog Server: Added new Option to save original source into custom property when using “Take Source system from Syslog message” option.
  • SNMP Trap Receiver: Added option for resolving Snmp OID in short format (Last Portion only).
  • Added new service called “Passive SyslogListener”: This is basically a TCP Listener who sends cached syslog messages (Fille by a Syslog Queue Action) to any client that connects.
  • Added new action called “Syslog Queue Action”: This is a diskbased queue action who stores syslog formatted message into queuefiles. Syslog Queues can be processed and cleared by the Passive SyslogListener only.
  • File Monitor: Files are now opened with FILE_SHARE_DELETE flag which enables other applications to del

Bugfixes

  • SSL Connections: Fixed an issue not using custom configured certificates when TLS anon mod was used.
  • FileConfig Mode: Fixed a bug loading filters properly. Also added support for reloading data variables automatically.
  • Core Engine: Fixed an internal processing bug caused when rebuilding Messages from cache files.
  • Syslog Server: RFC 5424 header parsing fixed, a timestamp can be a NILVALUE now.
  • Syslog Server: Fixed bug ignoring “Take Source system from Syslog message” option when UDP was used.

You can download Free Trial Version of MonitorWare Agent.

2014-10-20 MonitorWare Agent 9.4 released

Adiscon is proud to announce the 9.4 release of MonitorWare Agent.

This is the maintenance release and contains mainly bugfixes.

Most notably, this version includes OpenSSL library 1.0.1j. This fixes all security issues from the OpenSSL Security Advisory (2014-10-15).

Detailed information can be found in the version history.

Version 9.4 is a free download. Customers with existing 8.x keys can contact our Sales department for upgrade prices. If you have a valid Upgrade Insurance ID, you can request a free new key by sending your Upgrade Insurance ID to sales@adiscon.com. Please note that the download enables the free 30-day trial version if used without a key – so you can right now go ahead and evaluate it.

2014-04-11 MonitorWare Agent 9.2 released

Adiscon is proud to announce the 9.2 release of MonitorWare Agent.

This is the maintenance release and contains mainly bugfixes.

Most notably, this version includes OpenSSL library 1.0.1g. This fixes the latest openssl security issues known as heartbleed.

Remote Eventlog Monitoring in Eventlog Monitor V2 has been improved.

Detailed information can be found in the version history.

Version 9.2 is a free download. Customers with existing 8.x keys can contact our Sales department for upgrade prices. If you have a valid Upgrade Insurance ID, you can request a free new key by sending your Upgrade Insurance ID to sales@adiscon.com. Please note that the download enables the free 30-day trial version if used without a key – so you can right now go ahead and evaluate it.

MonitorWare Agent 9.2 Released (Build-IDs: Service 9.2.433, Client 9.2.0.1402)

MonitorWare Agent 9.2 Released

Build-IDs: Service 9.2.433, Client 9.2.0.1402

Features

  • Updated embedded OpenSSL library to 1.0.1g.

Bugfixes

  • EventLog Monitor V2: Fixed a problem reading the “Process unknown/unconfigured Eventlog Channgels” option which was added in the last minor update.
  • EventLog Monitor V2: Fixed a problem when using “Remote EventLog Monitoring”. Now logsources are read from the remote machine properly.
  • Engine: Fixed startup issues reading windows registry. This problem only applied if you configured the service to run with an user account that has insufficient write rights into the windows registry.

You can download Free Trial Version of MonitorWare Agent.

MonitorWare Agent 9.1 Released (Build-IDs: Service 9.1.430, Client 9.1.0.1388)

MonitorWare Agent 9.1 Released

Build-IDs: Service 9.1.430, Client 9.1.0.1388

Features

  • EventLog Monitor V2:
    Added support for Remote EventLog Monitoring. In order to work, make sure that the following requirements on the remote machine are met:

    • 1. The Service is configured to run with a administrative user who has rights on the local and remote machine.
    • 2. The Windows Event Collector Service is enabled and running on the remote machine.
    • 3. The Firewall on the remote machine (if enabled) allows access to Remote Event Log Management.
    • 4. The configured User is member of the “Event Log Readers” group on the remote machine.
  • Added new option “Process unknown/unconfigured Eventlog Channgels” which is enabled by default. Uncheck this option if you want to make sure that only selected Eventlog Channels should be monitored.
  • Updated librelp library to last v1 stable version 1.0.7.
  • File Action: Added file segmentation support for files above 2gb
  • Send Email Action: Added support for UTF8, SHIFT-JIS, JIS and EUC-JP encoded subjects.
  • Lognorm Action:
    Added option to specify output type as XML, CSV, JSN (Stored into a custom property)
    Event Fields are stored into the Property Engine now.

Bugfixes

  • File Action: File Size checking is now done before writing into files, this avoids writing into files that already reached their limits.
  • SNMP Trap Receiver: Fixed minor memory leak which occurred when receiving SNMP Traps.
  • HTTP Probe: Fixed HTTP Connection Close handling causing http 400 error log entries on IIS.

You can download Free Trial Version of MonitorWare Agent.