What’s New in Release 4.3.3
AccelOps release 4.3.3 is focused on bug fixes and enhancements.
| Bug ID | Severity | Component | Description |
| 13182 | major | Performance
Monitoring |
Performance Monitoring jobs fail when devices discovery credentials are specified in sub-net notation |
| 12604 | major | Event
Packager |
Potential event loss if Supervisor node is down for extended amount of time |
| 13010 | major | GUI | Domain field is missing for manually added users for LDAP authentication |
| 13098 | major | Rule | Excessive Incident Drop Logging may cause parser module to consume high CPU |
| 13020 | normal | App Server | The ‘&’ character in a Rule name causes App Server out of memory error |
| 13028 | normal | App Server | When you discover with VM SDK first and then SNMP/WMI followed by consecutive VM SDK discoveries (e.g. VM SDK->SNMP/WMI->VM SDK -> VMSDK), then discovered information via other means (e.g.
SNMP/WMI) may be incorrectly deleted from CMDB |
| 12953 | normal | App Server | Clear Condition Attribute does not show up without saving the rule |
| 13255 | normal | App Server | Exception thrown during App Server start up caused by SystemConfigManager not found |
| 13011 | normal | App Server | Device maintenance does not work if End Date not set |
| 12994 | normal | App Server | Cannot query user-defined Watch list entries in Rules and Reports |
| 13063 | normal | App Server | Fix XSS vulnerability with Collector registration process |
| 12939 | normal | App Server | If there is an error in delivering a scheduled report, the report name is not captured in
PH_REPORT_ACTION_STATUS event |
| 10302 | normal | App Server | Incident count on Dashboard Calendar View page does not match count in Incident Tab |
| 13027 | normal | Discovery | Juniper SRX firewalls are sometimes discovered incorrectly as JunOS routers and therefore not put in the right CMDB group |
| 13243 | normal | Discovery | HP ProCurve SSH based configuration discovery fails for newer switches |
| 13012 | normal | Discovery | Cisco VoIP phones not discovered when phones do not have MAC address in SNMP walk (Call Manager
V10 and later) |
| 12901 | normal | Discovery | Discovery of Windows Server Host Names differ from 4.2.3 – FQDN do not have highest priority |
| 13119 | normal | Discovery | Discovering interfaces with /31 and /32 mask fails – traditionally these masks are not used in proper IP address definitions |
| 13337 | normal | Discovery | Use LLDP in addition to CDP for Layer2 Port mapping discovery – PCs connected to non-Cisco phones connecting to Cisco Access Switches |
| 12891 | normal | Discovery | Dell PowerConnect Switch configuration discovery via SSH fails for older switches |
| 13190 | normal | GUI | (AO-SP only) Editing the global exception for a rule would overwrite the org exception for the rule. |
| 12921 | normal | GUI | All Devices Dashboard Summary page does not populate when there is a special character (‘&’) in host name |
| 12865 | normal | GUI | Cannot drill down from widget dashboards by selecting a specific value in the charts – used to work in
3.7.6 |
| 12936 | normal | GUI | Rules show incorrectly that Clear Condition is undefined, until clear condition is edited or viewed. |
| 13233 | normal | GUI | Report does not run when event attributes has % |
| 13178 | normal | GUI | CMDB Report for Active Rules does not work in Enterprise Edition |
| 13315 | normal | GUI | Dashboard error happens when user renames business service |
| 13279 | normal | GUI | Prev button does not work when searching for keyword in Custom Parser GUI |
| 13221 | normal | GUI | Edit Rule from Incident tab does not work correctly after Group By Name |
| 12007 | normal | GUI | Exceptions are not cloned when a rule is cloned |
| 13122 | normal | Rule | Rule does not fire if the DeviceToCMDBAttr function is used in Incident event type definition |
| 13111 | normal | Parser | Checkpoint certificate encode-decode inconsistent – an extra NULL termination character added to the SIC before encoding can cause SIC mismatch errors during decode and the LEA connection to be aborted |
| 11253 | normal | Parser | Possible bug in WatchGuardFirewallParser causes the parser to fail to extract any useful attributes from the log. |
| 13249 | normal | Parser | Avoid reverse DNS look up in syslog for host names that do not match host name criteria |
| 12915 | normal | Performance
Monitoring |
WINEXE does not work for Windows 2012 R2 – this is used for remotely communicating to Windows servers |
| 12910 | normal | Performance
Monitoring |
Custom winexe based performance monitoring: inconsistent behavior- sometimes test returns correct items, however sometimes it also does not return any data |
| 12911 | normal | Performance
Monitoring |
Custom winexe based performance monitoring: Unexpected “Variable <xxx> Not Found” error |
| 13029 | normal | Performance
Monitoring |
Use SNMP/dskTable (first choice) and SNMP/hrStorage (backup) to calculate disk space utilization and reserved space for Linux based systems. Create an event when SNMP/dskTable is not configured. |
| 12845 | normal | Query | Query tasks should be evenly distributed to all Worker nodes instead of assigning to first few Worker nodes |
| 12968 | normal | Device
Support |
False positive on Windows Audit Log Cleared rule caused by not considering Source Name in Windows event log parsing |
| 13007 | normal | Upgrade | Disable SSLv3 and RC4 cypher by default on ssl.conf while upgrading from 4.2.* to 4.4.* |
| 13013 | enhancement | Device
Support |
Add performance monitoring for FireEye MPS appliances |
| 12980, 12979 | enhancement | Device
Support |
Support Cisco Meraki Cloud Controller – discovery, syslog, SNMP trap |
| 12647 | enhancement | Device
Support |
Parse Cisco UCS syslog events |
| 13057 | enhancement | Device
Support |
Add new IPS signature definitions for Palo Alto FW/IDS |
| 12925 | enhancement | Device
Support |
Additional parsing for Sonicwall Firewall events: sent packets and receive packets |
| 13023, 13154,
12946, 13285, 12929, 13001 |
enhancement | Device
Support |
Add more parsing for Windows security event logs |
| 12895 | enhancement | Device
Support |
Add event type Win-System-98 for detecting disk corruption |
| 13312, 12933,
13271 |
enhancement | Device
Support |
Additional parsing for NetScaler login events |
| 13113 | enhancement | Device
Support |
Additional parsing for TrendMicro OfficeScan syslog |
| 13047 | enhancement | Device
Support |
Additional parsing for Cisco IOS syslog |
| 12932 | enhancement | Device
Support |
Additional parsing for Brocade network switches |
| 13294 | enhancement | Device
Support |
Additional parsing for CiscoNxOS syslog |
| 13000 | enhancement | Device
Support |
For JUNOS cpu monitoring, use 1.3.6.1.4.1.2636.3.1.13.1.21 (jnxOperating5MinLoadAvg) instead of
1.3.6.1.4.1.2636.3.1.13.1.8 (jnxOperatingCPU) |
| 13014 | enhancement | Device
Support |
Additional parsing Cisco Call Manager syslog events |
| 12766 | enhancement | Device
Support |
Add parser for Trend Micro’s Deep Security tool |
| 13104 | enhancement | Device
Support |
Support new format for Cisco IOS OSPF syslog message format |
| 12989, 13103 | enhancement | Device
Support |
Additional parsing for Cisco Ironport Mail appliances – “TCP_DENIED events |
| 12930, 12931 | enhancement | Device
Support |
Additional parsing for FortiGate events |
| 13207 | enhancement | Device
Support |
Discover Virtual Switch hardware information for JunOS |
| 13120 | enhancement | Device
Support |
Discover hardware information for JunOS via SNMP |
| 13070 | enhancement | Device
Support |
Parse Dell force 10 syslog |
| 13042 | enhancement | App Server | VA with Collectors: Duplicate devices when a device is discovered by Collector C1 while logs sent to different Collector C2 |
| 13043 | enhancement | App Server | Incident Notification via XML/HTTP(S) – do not always require user name and password |
| 13216 | enhancement | App Server | Incident Notification via XML/HTTP(S) – Allow SOAP header and style sheet |
| 13016 | enhancement | Rule | Make the event delay threshold for Rule engine configurable |
| 12996 | enhancement | Data | Optimize “Heavy UDP Host Scan on Fixed Port” rule by excluding DNS traffic |
| 13105 | enhancement | System | Include nload and iotop as part of pre-packaged tools |
| 12934 | enhancement | System | Allow user to disable “Low AccelOps eventdb Disk Space” System Error Messages |
| 10003 | enhancement | GUI | Report event limit in exported or manual reports if the report result count is more than the supported upper limit |
| 13234 | enhancement | GUI | Add a drop down in CMDB for Collectors (in addition to Organizations) – this helps to identify devices associated with a collector |
| 13002 | enhancement | GUI | Add capability to search credential association by IP in GUI – should be able to search for an IP address within an address range or a subnet |
| 13181 | enhancement | Performance
Monitoring |
Provide a framework for computing host performance efficiency index based on Incident Triggers |