indeni 5.5 Release Notes

Build 78 (Apr 24, 2017)

  • IK-2800 – Device Configuration Checks were changed to run at 10 minute intervals
  • IS-2581 – optimize alert timing in order to allow resource related processes to run more often

Build 76 (Apr 3, 2017)

  • IK-2797 – add new compliance checks for specific files on Check Point Gaia devices
  • IK-2796 – add support for defining an alerting window for the Identity Awareness alert
  • Add support for migration exporter from 5.5 to 5.9

Build 73 (Mar 26, 2017)

  • IS-2531 – improve handling of web console re-connection to the server

Build 72 (Mar 21, 2017)

  • IK-2790 – remove Network Interface tab from the Inventory report

Build 70 (March 2, 2017)

  • IK-2404 – Change from “show asset all” to “show asset power-supply” due to SK115634
  • IK-2730 – Change storage mountPoint log from DEBUG to INFO

Build 69 (Feb 27, 2017)

  • IK-2779 – Fix issues related to “Some members of the same cluster are not being monitored”
  • IK-2787 – Replace Alert Headline “pep_identity_index” with “Identity Awareness user count high”
  • IK-2786 – Juniper – add support for JUNOS 15

Build 67 (Feb 19, 2017)

  • IK-2783 – Check Point – run DLP command multiple times to avoid stale data

Build 66 (Feb 15, 2017)

  • IK-2755 – Check Point – reduce the number of files that we are scanning for the
    Check Point Database data

Build 64 (Feb 12, 2017)

  • IK-2783 – Check Point – identify if DLP scanning is stuck
  • IK-2778 – Check Point – ignore 61K VS’s in known devices
  • IK-2781 – Check Point – alert if AD is not responding
  • IK-2784 – BlueCoat ProxySG – added rule for new SSL vulnerability

Build 62 (Feb 6, 2017)

  • IK-2404 – identify power supply down in Check Point Gaia
  • IS-2351 – use Alert’s Severity for Syslog severity field and add log for Syslog messages
  • IK-2769 – fix issues with “NTP configured but not operational” alerts
  • Acknowledge existing “NTP servers configured but not operational” alerts in order to allow new ones to be created (see above)
  • IK-2777 – “Identity Awareness Users” – add alert and analysis graph for pep_identity_index usage
  • Added better logging for loading Check Point DB (filter logs for “loadObject”)

Build 58 (Jan 18, 2017)

  • IK-2768 – using “cpstat os” for Gaia’s Serial Number and Appliance Model
  • IK-2770 – fix Installed Policy information’s display in Inventory Report
  • IK-2771 –  improve “cphaprob state” parsing for VSX devices
  • IK-2765 – handling missing policy on Check Point devices

Build 55 (Dec 5, 2016)

  • IK-2760 – removed one Check Point Database table from loading and added logging for database reloads
  • IK-2763 – alert if the Check Point “monitord” proces is using a high percentage of CPU
  • Change CPDB logger for cluster data to INFO in order to track cluster naming

Build 53 (Nov 19, 2016)

  • Lower the Severity of the “Management Server is Unknown” alert
  • IK-2760 – stop loading the Check Point firewall rules in order to reduce indeni’s memory usage
  • Remove lock on cluster names in order to prevent blocking during Interrogation

Build 49 (Nov 12, 2016)

  • IS-2048 – allow weekly schedules to start on the same day that they were defined
  • IK-2755 – add support for identifying new checkpoint appliances
  • Reduce log based alerts to use just last 10 minutes per alert
  • Better handling of association with auto-groups
  • IK-2730 – prevent handling subnet mask byte as an IP address
  • Remove block on fetching nics in order to prevent deadlock between devices
  • IK-2579 – ignore lines in cpmiquery output for CMAs that don’t contain an IP

Build 48 (Oct 31, 2016)

  • IK-2753 alert on aggressive aging being enabled in CHKP

Build 47 (Oct 26, 2016)

  • IK-2752 split Bluecoat sysinfo retrieval into multiple section

Build 46 (Oct 25, 2016)

  • Use aggregation for alert full text search sorting
  • IK-2748 add isSlave to Network Interface in order to avoid alerting on bond interface

Build 44 (Oct 18, 2016)

  • Increase Bluecoat HTTP timeout to 60 seconds

Build 43 (Oct 10, 2016)

  • IS-2014 Fix “leak” in indeni-secure-store and purge stale records to reduce the file size

Build 42 (Oct 5, 2016)

  • IK-2719 Add support for wildcard in CP Configuration Check
  • IK-2745 Fix to include all of the relevant kernel tables in the Generic Kernel Table limit alert

Build 41 (Sep 27, 2016)

  • IK-2741 alert if tcpdump is on for CHKP devices.

Build 40 (Sep 26, 2016)

  • IK-2514 moved “show configuration” backup out of SPLAT backup
  • Add time window for indeni’s own Heap memory alert

Build 39 (Sep 19, 2016)

  • IK-2738 Procurement Report empty due to wrong limit in query

Build 38 (Sep 15, 2016)

  • IK-2718 Configuration Lines Config Check – FP for lines that contain special characters

Build 37 (Sep 12, 2016)

  • IK-2733 – Remove the generic “Health Check Status” health check for Blue Coat devices

Build 35 (Sep 4, 2016)

  • Enhance wording of license use description to specific standard and
  • Enhance log for measurements used by Inventory
  • IK-2729 Fixed the Actual Config and Inventory Report presentation for 61K
  • IK-1910 – added debug for IPSO negative OS memory
  • IK-2413 – “No Sync interface” FP – add debug lines

Build 32 (Aug 29, 2016)

  • IK-2722 switched to use asg hw_monitor for 61k hardware component
  • indeni License alert – add device types text to the “There are currently” string
  • IS-1963 Include 2 special licenses in the trial license
  • IK-2725 Resolved handling of process name in IPSO

Build 31 (Aug 22, 2016)

  • IK-2621 Switched to cons25 as the default terminal in order to enhance IPSO compatibility

Build 29 (Aug 14, 2016)

  • IK-2686 added rule for identifying 61K chassis going down
  • IK-2713 Added support for VS utilization without resctrl
  • IK-2714 Added free and used bytes to OsMemory2 and its presenter.
  • IK-2720 Added ARP failure identification for Blue Coat
  • IK-2715 Enable TLS 1.2 for all Spray HTTP clients
  • IK-2665 Resurrect NIC failure process

Build 28 (Aug 7, 2016)

  • PAN SWAP tracking: only if the swap memory is above 128mb (to avoid FPs)
  • Log Alerts – change “negationPatterns” from “policy” to “[Pp]olicy” in order to reduce FPs
  • IK-2708 – Fix NIC inserts into measurement collection

Build 27 (Jul 29, 2016)

  • Static routes support for PAN

Build 26 (Jul 29, 2016)

  • Added support for “Incomplete” in the ARP dumping for Cisco IOS
  • Added support for identifying incomplete ARP entries in PAN-OS

Build 24 (Jul 26, 2016)

  • IK-2701 Using cmpiquery to identify the CMAs in the database
  • IK-2704 Added use of installed_jumbo_take where supported for CHKP

Build 23 (Jul 21, 2016)

  • Rotate collector log file
  • IK-2681 Make F2C a standard automation policy item so we can change its

Build 22 (Jul 18, 2016)

  • Log collector command failures
  • Fetch kernel params every 10 minutes

Build 20 (Jul 13, 2016)

  • IK-2673 Add a critical alert when the heap utilization of indeni reaches
  • IK-2669 Added CP61k-specific log line alert
  • IK-2679 Fix parsing of 10G speed
  • Added Blue Coat version identification and an alert for a specific issue
  • IK-2578 Implemented the retrieval of static routes on Gaia via clish

Build 18 (Jul 1, 2016)

  • Upgraded the severity of some important BlueCoat logs.
  • Fix incorrect parsing of DNS Server health metrics and memory usage.

Build 17 (Jun 30, 2016)

  • IK-2670 change BC client to support chunked responses.

Build 16 (Jun 29, 2016)

  • IK-2663 Adding profile item for checking for specific lines in Gaia’s
  • IS-1920 Introduce a separate thread-pool for SSH operations

Build 14 (Jun 28, 2016)

  • IK-2663 Adding profile item for checking for specific lines in Gaia’s
  • IK-2635 use cat instead of scp to fetch resolv.conf file for DNS parsing

Build 12 (Jun 22, 2016)

  • Increased threshold of new Zombie and Load Average alerts to reduce FPs

Build 11 (Jun 22, 2016)

  • IK-2633 Stop fetching Uptime when interrogating

Build 10 (Jun 21, 2016)

  • IK-2381 Now alerting for 10mbps and SEPARATELY for half duplex.
  • IK-2628 Added an ability to alert when uptime is higher than a certain value
  • Added alert for high number of zombie processes and high load average

Build 9 (Jun 20, 2016)

  • IK-2614 Send syslog when creating a new F2C alert
  • IK-2593 cache license reading from securestore. No need to read it every hour

Build 3 (Jun 19, 2016)

  • Support port ranges for the OpenPorts device profile
  • Added version identification (check point firewall version) to IPSO
  • Added check for logical drives on Fujitsu  iRMC
  • Added power supplies, fans and logical drives for Fujitsu iRMC
  • IK-2625 avoid logging ERRORs if we cannot find the virtual memory
  • IK-2598 Ignore error for substring issue in ipsctl
  • IS-1806 Removed /home and /usr/local/bin from the Check Point backup
  • IK-2622 Added OsVersion to inventory report