What’s New in Release 4.3.3
AccelOps release 4.3.3 is focused on bug fixes and enhancements.
Bug ID | Severity | Component | Description |
13182 | major | Performance
Monitoring |
Performance Monitoring jobs fail when devices discovery credentials are specified in sub-net notation |
12604 | major | Event
Packager |
Potential event loss if Supervisor node is down for extended amount of time |
13010 | major | GUI | Domain field is missing for manually added users for LDAP authentication |
13098 | major | Rule | Excessive Incident Drop Logging may cause parser module to consume high CPU |
13020 | normal | App Server | The ‘&’ character in a Rule name causes App Server out of memory error |
13028 | normal | App Server | When you discover with VM SDK first and then SNMP/WMI followed by consecutive VM SDK discoveries (e.g. VM SDK->SNMP/WMI->VM SDK -> VMSDK), then discovered information via other means (e.g.
SNMP/WMI) may be incorrectly deleted from CMDB |
12953 | normal | App Server | Clear Condition Attribute does not show up without saving the rule |
13255 | normal | App Server | Exception thrown during App Server start up caused by SystemConfigManager not found |
13011 | normal | App Server | Device maintenance does not work if End Date not set |
12994 | normal | App Server | Cannot query user-defined Watch list entries in Rules and Reports |
13063 | normal | App Server | Fix XSS vulnerability with Collector registration process |
12939 | normal | App Server | If there is an error in delivering a scheduled report, the report name is not captured in
PH_REPORT_ACTION_STATUS event |
10302 | normal | App Server | Incident count on Dashboard Calendar View page does not match count in Incident Tab |
13027 | normal | Discovery | Juniper SRX firewalls are sometimes discovered incorrectly as JunOS routers and therefore not put in the right CMDB group |
13243 | normal | Discovery | HP ProCurve SSH based configuration discovery fails for newer switches |
13012 | normal | Discovery | Cisco VoIP phones not discovered when phones do not have MAC address in SNMP walk (Call Manager
V10 and later) |
12901 | normal | Discovery | Discovery of Windows Server Host Names differ from 4.2.3 – FQDN do not have highest priority |
13119 | normal | Discovery | Discovering interfaces with /31 and /32 mask fails – traditionally these masks are not used in proper IP address definitions |
13337 | normal | Discovery | Use LLDP in addition to CDP for Layer2 Port mapping discovery – PCs connected to non-Cisco phones connecting to Cisco Access Switches |
12891 | normal | Discovery | Dell PowerConnect Switch configuration discovery via SSH fails for older switches |
13190 | normal | GUI | (AO-SP only) Editing the global exception for a rule would overwrite the org exception for the rule. |
12921 | normal | GUI | All Devices Dashboard Summary page does not populate when there is a special character (‘&’) in host name |
12865 | normal | GUI | Cannot drill down from widget dashboards by selecting a specific value in the charts – used to work in
3.7.6 |
12936 | normal | GUI | Rules show incorrectly that Clear Condition is undefined, until clear condition is edited or viewed. |
13233 | normal | GUI | Report does not run when event attributes has % |
13178 | normal | GUI | CMDB Report for Active Rules does not work in Enterprise Edition |
13315 | normal | GUI | Dashboard error happens when user renames business service |
13279 | normal | GUI | Prev button does not work when searching for keyword in Custom Parser GUI |
13221 | normal | GUI | Edit Rule from Incident tab does not work correctly after Group By Name |
12007 | normal | GUI | Exceptions are not cloned when a rule is cloned |
13122 | normal | Rule | Rule does not fire if the DeviceToCMDBAttr function is used in Incident event type definition |
13111 | normal | Parser | Checkpoint certificate encode-decode inconsistent – an extra NULL termination character added to the SIC before encoding can cause SIC mismatch errors during decode and the LEA connection to be aborted |
11253 | normal | Parser | Possible bug in WatchGuardFirewallParser causes the parser to fail to extract any useful attributes from the log. |
13249 | normal | Parser | Avoid reverse DNS look up in syslog for host names that do not match host name criteria |
12915 | normal | Performance
Monitoring |
WINEXE does not work for Windows 2012 R2 – this is used for remotely communicating to Windows servers |
12910 | normal | Performance
Monitoring |
Custom winexe based performance monitoring: inconsistent behavior- sometimes test returns correct items, however sometimes it also does not return any data |
12911 | normal | Performance
Monitoring |
Custom winexe based performance monitoring: Unexpected “Variable <xxx> Not Found” error |
13029 | normal | Performance
Monitoring |
Use SNMP/dskTable (first choice) and SNMP/hrStorage (backup) to calculate disk space utilization and reserved space for Linux based systems. Create an event when SNMP/dskTable is not configured. |
12845 | normal | Query | Query tasks should be evenly distributed to all Worker nodes instead of assigning to first few Worker nodes |
12968 | normal | Device
Support |
False positive on Windows Audit Log Cleared rule caused by not considering Source Name in Windows event log parsing |
13007 | normal | Upgrade | Disable SSLv3 and RC4 cypher by default on ssl.conf while upgrading from 4.2.* to 4.4.* |
13013 | enhancement | Device
Support |
Add performance monitoring for FireEye MPS appliances |
12980, 12979 | enhancement | Device
Support |
Support Cisco Meraki Cloud Controller – discovery, syslog, SNMP trap |
12647 | enhancement | Device
Support |
Parse Cisco UCS syslog events |
13057 | enhancement | Device
Support |
Add new IPS signature definitions for Palo Alto FW/IDS |
12925 | enhancement | Device
Support |
Additional parsing for Sonicwall Firewall events: sent packets and receive packets |
13023, 13154,
12946, 13285, 12929, 13001 |
enhancement | Device
Support |
Add more parsing for Windows security event logs |
12895 | enhancement | Device
Support |
Add event type Win-System-98 for detecting disk corruption |
13312, 12933,
13271 |
enhancement | Device
Support |
Additional parsing for NetScaler login events |
13113 | enhancement | Device
Support |
Additional parsing for TrendMicro OfficeScan syslog |
13047 | enhancement | Device
Support |
Additional parsing for Cisco IOS syslog |
12932 | enhancement | Device
Support |
Additional parsing for Brocade network switches |
13294 | enhancement | Device
Support |
Additional parsing for CiscoNxOS syslog |
13000 | enhancement | Device
Support |
For JUNOS cpu monitoring, use 1.3.6.1.4.1.2636.3.1.13.1.21 (jnxOperating5MinLoadAvg) instead of
1.3.6.1.4.1.2636.3.1.13.1.8 (jnxOperatingCPU) |
13014 | enhancement | Device
Support |
Additional parsing Cisco Call Manager syslog events |
12766 | enhancement | Device
Support |
Add parser for Trend Micro’s Deep Security tool |
13104 | enhancement | Device
Support |
Support new format for Cisco IOS OSPF syslog message format |
12989, 13103 | enhancement | Device
Support |
Additional parsing for Cisco Ironport Mail appliances – “TCP_DENIED events |
12930, 12931 | enhancement | Device
Support |
Additional parsing for FortiGate events |
13207 | enhancement | Device
Support |
Discover Virtual Switch hardware information for JunOS |
13120 | enhancement | Device
Support |
Discover hardware information for JunOS via SNMP |
13070 | enhancement | Device
Support |
Parse Dell force 10 syslog |
13042 | enhancement | App Server | VA with Collectors: Duplicate devices when a device is discovered by Collector C1 while logs sent to different Collector C2 |
13043 | enhancement | App Server | Incident Notification via XML/HTTP(S) – do not always require user name and password |
13216 | enhancement | App Server | Incident Notification via XML/HTTP(S) – Allow SOAP header and style sheet |
13016 | enhancement | Rule | Make the event delay threshold for Rule engine configurable |
12996 | enhancement | Data | Optimize “Heavy UDP Host Scan on Fixed Port” rule by excluding DNS traffic |
13105 | enhancement | System | Include nload and iotop as part of pre-packaged tools |
12934 | enhancement | System | Allow user to disable “Low AccelOps eventdb Disk Space” System Error Messages |
10003 | enhancement | GUI | Report event limit in exported or manual reports if the report result count is more than the supported upper limit |
13234 | enhancement | GUI | Add a drop down in CMDB for Collectors (in addition to Organizations) – this helps to identify devices associated with a collector |
13002 | enhancement | GUI | Add capability to search credential association by IP in GUI – should be able to search for an IP address within an address range or a subnet |
13181 | enhancement | Performance
Monitoring |
Provide a framework for computing host performance efficiency index based on Incident Triggers |
Having trouble configuring your Fortinet hardware or have some questions you need answered? Check Out The Fortinet Guru Youtube Channel! Want someone else to deal with it for you? Get some consulting from Fortinet GURU!