Log Manager Release notes

Alert Logic Log Manager release notes

Release date: March 15, 2018- Agent Version 2.6.1

Bug fixes

  • The event log collector can now handle event log resource DLLs compiled with newer versions of message compilers, including the Windows 10 Fall Creators Update.
  • This update resolves an issue where the flat file collector failed to parse dates out of file names if the date was not prefixed with a separator. Dates in file names no longer need a preceding separator, and the collector no longer considers constant parts of file names when it looks for dates.

Features

None

Security

None

Changes

None

Notice

None

Release date: February 22, 2018 (UK); March 1, 2018 (US)

Bug fixes

  • This release resolves an issue where the Log Executive Summary Report included Threat Manager sources. The report now only uses Log Manager sources.

Features

None

Security

None

Changes

None

Notice

None

Release date

October 27, 2016

Bug fixes

  • N/A

Features

  • The following CloudTrail services will have Log Review support:

    • AWS Identity and Access Management (IAM)

    • Amazon Elastic Compute Cloud (EC2)

    • Amazon Simple Storage Server (Amazon S3)

    • Amazon CloudTrail (this is specific to CloudTrail itself, i.e., disabling logging)

    • Console Login

  • The above services are supported through the addition of 12 reports for AWS:

    • AWS CloudTrail changes

    • AWS EC2 Instance changes

    • AWS IAM Policy changes

    • AWS Network Access Control List (ACL) changes

    • AWS Network Gateway changes

    • AWS S3 Bucket Activity

    • AWS Security Group Configuration changes

    • AWS User Access modified

    • AWS User Account modified

    • AWS User Group modified

    • AWS VPC changes

    • AWS Monitor for Console Sign-In without Multi-Factor Authentication (MFA) and Console Sign-In failures

  • Email communication updates for current AWS Customers on the new AWS CloudTrail Reports

Security

  • N/A

Changes

  • AWS CloudTrail is supported within Log Review

    • New customers will now have access to all Log Review reports that will be populated based on the log sources they send to Alert Logic
    • Current customer:
      • Without CloudTrail:
        • Experience remains the same
      • With CloudTrail:
        • Daily notifications will now include CloudTrail
        • Monthly reports will now include CloudTrail

Notice

  • If you are an AWS Customer, here are the instructions on enabling your CloudTrail service if you have not already done so.

Release date

October 25, 2016

Bug fixes

  • N/A

Features

  • Addition of 15 Saved View reports for AWS

    • AWS CloudTrail changes

    • AWS EC2 Instance changes

    • AWS IAM Policy changes

    • AWS Network Access Control List (ACL) changes

    • AWS Network Gateway changes

    • AWS S3 Bucket Activity

    • AWS Security Group Configuration changes

    • AWS User Access modified

    • AWS User Account modified

    • AWS User Group modified

    • AWS Virtual Private Cloud (VPC) changes

    • AWS Console Sign-In without Multi-Factor Authentication (MFA) and Console Sign-In failures

    • AWS Console Sign-in failures

    • AWS Root User Activity

    • AWS Root User Actions–Aggregated

Security

  • N/A

Changes

  • Additional Global Saved Views for AWS CloudTrail

    • Location of Global Saved Views:

      • Log Manager > Messages > Available Saved Views > Groups > All > AWS CloudTrail Reports

Notice

  • N/A

Release date

October 17, 2016

Bug fixes

  • N/A

Features

  • N/A

Security

  • N/A

Changes

We will be upgrading our Log Review contact and escalation preference interface so that you can view and manage your contact information for both Log Review escalations and Log Review Monthly Summary reports. This will allow you to ensure that we have the most up-to-date information about your organization and are delivering the Log Review escalations and reports to the correct contacts.

Notice

  • Ensure that you have allowed inbound emails for notifications@alertlogic.com and support@alertlogic.com.
  • We are moving to Log Review to use our HTML-based email templates. This may break any automation that you may have previously configured for receiving your Log Review emails. We recommend instead creating a Webhook. Visit our help documentation to learn more about Webhooks.
  • Following the upgrade, please take a moment to visit the Notification Policies page to verify that the Log Review Escalation and Log Review Monthly Report policies have the correct contacts associated. This is to ensure that they are aligned with your needs today.
  • No disruptions or downtime is expected with this upgrade.
  • More details on this change and a guide to using the functionality can be found in our knowledge base.

Release date

May 25, 2016

Bug fixes

  • N/A

Features

  • This release provides for an improved performance and navigation of the Log Manager Sources page by introduction of a Platform Selector.
  • This release adds the ability to configure several Microsoft Azure sources, including Audit Events, Azure SQL, and Azure App Services—Web Server Logging.

Security

  • N/A

Changes

  • Upgrade al-core-bundle to version 2.19.0.0-1
  • Upgrade al-log-manager-bundle to version 3.30.0.0-1
  • Upgrade al-asset-manager-bundle to version 1.12.0.0-1
  • Upgrade al-user-interface-ng-framwework to version 2.8.0.0-1
  • Upgrade al-quick-draw-bundle to version 2.9.0.0
  • Upgrade al-ngui-node to version 3.40.0.0-1

Notice

  • N/A