Tag: version history

MonitorWare Agent 11.2 Released (Build-IDs: Service 11.2.0.502, Client 11.2.0.1580)

MonitorWare Agent 11.2 Released

Build-IDs: Service 11.2.0.502, Client 11.2.0.1580

Features

  • Syslog Action: Added support to overwrite Syslog Priority/Facility
  • SNMP Trap Receiver: Added support to print OCTET STRINGS with format hints. Format hints are now properly used using internal NET-SNMP functions. Support for encoding detection does not work for those SNMP Variables.
  • File Action: Added option to control the Filehandle timeout when using dynamic filenames.
  • Property Engine: Added two new property replacer options “toipv4address” and “toipv6address” to resolve a property into a valid IPv4 or IPv6 Address.
  • Filter Engine: Implemented a new regular expressions compare operation.
    More details on how to use REGEX can be found in the new documentation.
  • Configuration Reload: Added new options to add a random delay between configuration checks. The delay is limited to 60 seconds as it will also delay the service control manager communication.

Bugfixes

  • SNMP Monitor: Fixed internal crash when using multiple SNMP Monitor Services.
  • Syslog Action: Fixed bug in Syslog Cache processing when saved messages were larger than 4096 bytes.
  • File Action: Fixed closing filehandles on very busy systems.
  • Filter Engine: Fixed Extended IP Filtering when using lower or greater compare operation.
  • Normalize Action: Removed incorrect NULL Byte at the end of the INPUT String.
  • File Configuration: Fixed reading Filter values containing backslashes.
    They weren’t removed properly in filter values.

You can download Free Trial Version of MonitorWare Agent.

MonitorWare Agent 11.0 Released (Build-IDs: Service 11.0.0.480, Client 11.0.0.1570)

MonitorWare Agent 11.0 Released

Build-IDs: Service 11.0.0.480, Client 11.0.0.1570

Features

  • Added Windows 2016 Support.
  • Updated Syslog RFC3195 liblogging library
  • Updated librelp library to 1.2.11
  • Updated net-snmp library to 5.7.3. Net-snmp debug messages are also printed into the Adiscon debug log now.
  • File Monitor: Added support for UTF16 Big Endian
  • SNMP Trap Receiver: Added support to read UTF8, Shiftjis, EUC-JP encoded strings in SNMP variables.

Bugfixes

  • File Configuration: Fixed an issue loading file configuration when invalid characters where within config files like UTF8 BOM.
  • Syslog Server: Fixed internal issue when receiving empty syslog messages.
  • Adiscon SNMP Libs: Increased string length to 65536. Also fixed wrong datetimestamp in comments.
  • File Action: Fixed multiple issues in output format related to different file encodings.
  • SNMP Trap Receiver: OID’s are printed as numbers again if mib resolving is disabled.

You can download Free Trial Version of MonitorWare Agent.

MonitorWare Agent 10.3 Released (Build-IDs: Service 10.3.471, Client 10.3.1564)

MonitorWare Agent 10.3 Released

Build-IDs: Service 10.3.471, Client 10.3.1564

Features

  • OpenSSL library updated to 1.0.2h.
  • Adiscon SNMP Mib:
    • Changed DisplayString limit from 255 characters to 65536. Now, strings above 255 characters can be send using the adiscon mibs.

Bugfixes

  • Send Syslog Action:
    • Fixed an issue with the “Disable processing, forward as it is” Option. RawSyslogMsg property is used instead of msg property.
  • Send Relp Action:
    • Fixed an issue in the Session Close shutdown procedure which could lead to leaking sessions on Relp Servers.
    • Fixed an issue setting a proper status on failure.
    • Fixed a problem handling socket failures.
  • File Action:
    • Fixed issue detecting the last used file on startup when Circular Logging is enabled.
  • Event Monitor V2:
    • Dynamic properties could break XML format if they contained spaces in their name. Spaces and control characters are now properly replaced with underscores.
  • Relp Listener:
    • Fixed Socketsystem startup if only one Relp Listener Service was configured without any other network related services.
  • Syslog Server:
    • Fixed an issue relaying the priority / facility properties on Syslog Forward. The prifac property was not properly recreated if the message source was Syslog
    • Fixed an issue with RFC5424 header parsing which partially parsed invalid formatted syslog messages. This broke the original message.
    • Fixed a parsing issue (TCP Protocol only) when the syslog header was missing. When the first characters were a number, TCP Syslog tried to detect octet framing. This failed but the beginning characters of the message were lost. Also octet framing was not disabled resulting in unexpected endings of the message.
    • Fixed an issue with RFC 3164 Syslog Header parsing when “take syslog source from msg” is enabled.
  • Property Replacer:
    • Date related options are now evaluated before and after the property is truncated. But only if a match before the string truncation was not successful.

You can download Free Trial Version of MonitorWare Agent.

MonitorWare Agent 10.2 Released (Build-IDs: Service 10.2.466, Client 10.2.0.1559)

MonitorWare Agent 10.2 Released

Build-IDs: Service 10.2.466, Client 10.2.0.1559

Features

  • Components:
    • Updated NET-SNMP 5.6.2.1 and OpenSSL 1.0.2e.
  • Engine:
    • Enabled support to parse MIBs with labels that contain underscores.
    • When using TLS Mode x509/Name, permitted peers will also checked against the certificate Subject Alternative Name (SAN) now.
  • DB Monitor:
    • Added option “Write LastDBIndex at frequent intervals” to support saving the LastDBIndex while processing data records. By default the LastIDIndex is only written after all database records have been processed. LastDBIndex can now be a 64Bit number (Was limited to 32Bit before).
  • EventLog Monitor V2:
    • Added new Option “Wait time after action failure” which specifies the wait time after an action error occurred. Without the wait time, the subscription would immediately hit again. It is most likely that the action failure was caused by network problems, so a wait time of (default value) 15 seconds is a reasonable default.
  • File Monitor:
    • Added regular expressions support for Message Separators. Also added Options to prepend or append message separators to the message.  When using regex message separators, it might be necessary to include the message separator into the message.
  • Syslog Action:
    • Added wait time doubling option for the Diskqueue feature. When enabled, the configured wait time will be doubled until the doubling limit is reached.
    • Added random wait time delay option for the Diskqueue feature. When enabled, a random wait time (up to the configured maximum) will be added to the configured wait time.
    • Added Overrun prevention delay option for the Diskqueue feature. When enabled, the action will sleep for the configured delay between each syslog message.
  • Services TestMode:
    • Added a testmode for Services, currently EventLog Monitor V1 & V2 and File Monitor are supported. When enabling the testmode for a certain service, it will process it’s Events/Files over and over again. So only use this setting for testing purpose.
  • File Based Configuration:
    • Added support for file includes. The feature can be enabled by setting one or both options in the Client Options called “Create individual configuration files for Services” and “Create individual configuration files for RuleSets”. When enabled, the configuration client will split Services and/or Rulesets into separated files. The main configuration file will include these files by a pattern. The Service itself is able to read includes within includes up to a depth level to 10. When using custom (hand written) configuration with includes, the configuration client will only be able to read them. However the client will not be able to maintain (Save) the custom configuration structure.
  • Command line:
    • Added handler for CTRL+C when running the Service in console mode

Bugfixes

  • EventLog Monitor V2:
    • When using the subscription method (Default), Events could get lost when an action failed to process. Action error handling has been corrected now and works similar like in EventLog Monitor V1.
  • DB Monitor:
    • Fixed loading/saving LastDBIndex value when Service runs in fileconfig mode.
  • Syslog Server:
    • Fixed a problem receiving RFC3195RAW messages.
    • Fixed message timeout handling when no message separator was enabled in Syslog TCP mode.
  • File Action:
    • When using Custom Format, a trailing NULL Byte was written into the file. This was considered a bug, so the NULL Byte is not written anymore.
  • Syslog Action:
    • Fixed an issue when diskqueue files were corrupt. Now corrupted entries are skipped properly.
    • In some cases when the Action was in diskqueue mode, it could happen that the internal retry failed. Cached syslog messages wouldn’t be sent until the service restart.
  • SSL/TLS:
    • Actions with support for SSL/TLS (like Send Syslog Action) could fail to send messages if the recipient closed the connection during meantime. The handling of closed connections has been hardened now when TLS/SSL is enabled.
  • Command line:
    • Fixed handling when using more than one command line option
  • File Based Configuration:
    • Fixed a bug reading general options from File configuration.
    • Fixed an issue reading and writing into correct data directories when using custom locations.
    • Fixed an issue detecting if data state files need to be reloaded.
    • Fixed problem reading of Rule and ActionCount properly introduced due changes in the configuration client of build 456.
    • Better error handling when configfile is missing or not accessible.
  • Configuration client:
    • When deleting an item in a datagrid, the Confirm/reset Button become clickable now to save or reset the changes.
    • Added missing password encryption checkbox in DB Monitor configuration.
    • Added missing LastDBIndex in DB Monitor configuration.
    • Fixed timestamp for “EventLog Legacy Format” INSERT
    • Fixed invisible encryption checkbox for password fields (Like ODBC Action)
    • Fixed an issue of unwanted LastRecord saving when changing eventlog channels settings.
    • The little “Save” Button has been changed to a “Confirm” which is more precisely.
    • Corrected Min/Max values for General->Queue Limit Setting.
    • Removed invisible click areas for all checkboxes and radio buttons.
    • Fixed loading of “Processed Files” in File Monitor when running in file config format.
    • Changed error handling when exporting configuration in file format.
    • Fixed incorrect trimming of spaces at the end of text variables (problem only affected file based configurations)

You can download Free Trial Version of MonitorWare Agent.

MonitorWare Agent 10.1 Released (Build-IDs: Service 10.1.453, Client 10.1.1538)

MonitorWare Agent 10.1 Released

Build-IDs: Service 10.1.453, Client 10.1.1538

Features

  • All internal errors are now logged into the EventLog when “Event Warnings” are enabled in general options.
  • Added Rule Date Conditions. By default a rule will always be processed. It can be set to only process messages generated since the installation or custom date.
  • Syslog Server: Added new Option to save original source into custom property when using “Take Source system from Syslog message” option.
  • SNMP Trap Receiver: Added option for resolving Snmp OID in short format (Last Portion only).
  • Added new service called “Passive SyslogListener”: This is basically a TCP Listener who sends cached syslog messages (Fille by a Syslog Queue Action) to any client that connects.
  • Added new action called “Syslog Queue Action”: This is a diskbased queue action who stores syslog formatted message into queuefiles. Syslog Queues can be processed and cleared by the Passive SyslogListener only.
  • File Monitor: Files are now opened with FILE_SHARE_DELETE flag which enables other applications to del

Bugfixes

  • SSL Connections: Fixed an issue not using custom configured certificates when TLS anon mod was used.
  • FileConfig Mode: Fixed a bug loading filters properly. Also added support for reloading data variables automatically.
  • Core Engine: Fixed an internal processing bug caused when rebuilding Messages from cache files.
  • Syslog Server: RFC 5424 header parsing fixed, a timestamp can be a NILVALUE now.
  • Syslog Server: Fixed bug ignoring “Take Source system from Syslog message” option when UDP was used.

You can download Free Trial Version of MonitorWare Agent.

MonitorWare Agent 10.0 Released (Build-IDs: Service 10.0.444, Client 10.0.1522)

MonitorWare Agent 10.0 Released

Build-IDs: Service 10.0.444, Client 10.0.1522

Features

  • Faster core engine
  • New Configuration Client running on Microsoft .Net Framework. If wanted, the old client application can be installed manually as “MonitorWare Legacy Client”.
  • The Agent can be switched from registry to file based configuration support. Requires usage of the new configuration client.
  • EventLog Monitor Classic(V1): Support for dynamic Eventlog files added.
    Kindly use an asterix (*) in the eventlog filename to activate it, for example: \\netappdevice\c$\etc\log\adtlog.*.evt
    When activated, EventLog Monitor will process all matching files automatically. The feature was primary added for NETAPP users who have dynamic filenames.
  • New System Property added to created UUID’s called “$NEWUUID”. Generates a random generated 128Bit UUID (Universally Unique Identifiers).
  • File Action: Seqmented Files or Circular Logging now also works with dynamic filenames.
  • EventLog Action: Now fully compatible with Windows 2012 and Windows 2012 R2.
  • Send Email Action: Automatically repair messages with incorrect Linefeeds before sending (Better compatibility for RFC 2822).

Bugfixes

  •  none

You can download Free Trial Version of MonitorWare Agent.

MonitorWare Agent 9.4 Released (Build-IDs: Service 9.4.439, Client 9.4.1014)

MonitorWare Agent 9.4 Released

Build-IDs: Service 9.4.439, Client 9.4.1014

Features

  • Updated embedded OpenSSL library to 1.0.1j.

Bugfixes

  • Fixed invalid handle issue in File Action when Circular Logging is enabled.
  • Fixed minor problem filtering in non-existent properties.
  • Fixed minor shutdown isssues in EventLog Monitor V2

You can download Free Trial Version of MonitorWare Agent.

MonitorWare Agent 9.3 Released (Build-IDs: Service 9.3.438, Client 9.3.1409)

MonitorWare Agent 9.3 Released

Build-IDs: Service 9.3.438, Client 9.3.1409

Features

  • Updated embedded OpenSSL library to 1.0.1h.

Bugfixes

  • SETP Protocoll: Fixed a bug in zlib decompression.
  • RELP Action: The RELP Action failed when no other network related Actions/services was configured.
  • Configuration Client: Fixed minor bugs in the configuration client.

You can download Free Trial Version of MonitorWare Agent.

MonitorWare Agent 9.2 Released (Build-IDs: Service 9.2.433, Client 9.2.0.1402)

MonitorWare Agent 9.2 Released

Build-IDs: Service 9.2.433, Client 9.2.0.1402

Features

  • Updated embedded OpenSSL library to 1.0.1g.

Bugfixes

  • EventLog Monitor V2: Fixed a problem reading the “Process unknown/unconfigured Eventlog Channgels” option which was added in the last minor update.
  • EventLog Monitor V2: Fixed a problem when using “Remote EventLog Monitoring”. Now logsources are read from the remote machine properly.
  • Engine: Fixed startup issues reading windows registry. This problem only applied if you configured the service to run with an user account that has insufficient write rights into the windows registry.

You can download Free Trial Version of MonitorWare Agent.

MonitorWare Agent 9.1 Released (Build-IDs: Service 9.1.430, Client 9.1.0.1388)

MonitorWare Agent 9.1 Released

Build-IDs: Service 9.1.430, Client 9.1.0.1388

Features

  • EventLog Monitor V2:
    Added support for Remote EventLog Monitoring. In order to work, make sure that the following requirements on the remote machine are met:

    • 1. The Service is configured to run with a administrative user who has rights on the local and remote machine.
    • 2. The Windows Event Collector Service is enabled and running on the remote machine.
    • 3. The Firewall on the remote machine (if enabled) allows access to Remote Event Log Management.
    • 4. The configured User is member of the “Event Log Readers” group on the remote machine.
  • Added new option “Process unknown/unconfigured Eventlog Channgels” which is enabled by default. Uncheck this option if you want to make sure that only selected Eventlog Channels should be monitored.
  • Updated librelp library to last v1 stable version 1.0.7.
  • File Action: Added file segmentation support for files above 2gb
  • Send Email Action: Added support for UTF8, SHIFT-JIS, JIS and EUC-JP encoded subjects.
  • Lognorm Action:
    Added option to specify output type as XML, CSV, JSN (Stored into a custom property)
    Event Fields are stored into the Property Engine now.

Bugfixes

  • File Action: File Size checking is now done before writing into files, this avoids writing into files that already reached their limits.
  • SNMP Trap Receiver: Fixed minor memory leak which occurred when receiving SNMP Traps.
  • HTTP Probe: Fixed HTTP Connection Close handling causing http 400 error log entries on IIS.

You can download Free Trial Version of MonitorWare Agent.