Release Notes

This section contains a summary of the updates in EventLog Analyzer version 12.1.3 (Build 12130).

12.1.3 Build 12130 - Standalone Edition

Feature

• Trend Micro-deep security support Out-of-the-box reports on Trend Micro-deep security devices.
• Smart card- based authentication - If you have a smart card authentication system enabled in your environment, you can configure EventLog Analyzer to authenticate users through it, bypassing other first-factor authentication methods.
• New logon security options
• CAPTCHA support: Flexibility to display a CAPTCHA always, or after a certain number of invalid login attempts. Besides image, you can also enable Audio CAPTCHA.
• Account lockout: Option to lock user accounts for a specific duration after a certain number of invalid or failed login attempts. The locked out user account cannot be used to access EventLog Analyzer until the specified duration is completed.
• IP geo location for IIS logs EventLog Analyzer now enables you to know the location of your visitors from their IP addresses.

Enhancement

• Revamped alerts The Alert: tab now features a revamped GUI to facilitate improved management and faster response to alerts created.
• Juniper structured log format: Support for structured logs from Juniper firewall .

Fixes

• HTTP vulnerabilities in ES have been fixed.
• Issue in listing IBM AS400 in report scheduler has been fixed.
• Issue in parsing Oracle logs has been fixed.Issue in parsing NPS (Network Policy Server) logs have also been fixed.
• The problem with file auditing when the 'username' field is enabled has been fixed.
• Issue in generating USB report in Chinese machines have been fixed.
• Issue in generating FIM report in German machines have been fixed.
• Issue in deleting import logs, and importing logs has been fixed.
• Issue in removing custom pattern has been fixed.
• Agent startup issue has been fixed.
• In the Oracle Predefined reports, issue in presenting all the search fields in 'Add/Remove columns' has been fixed.
• In agent auditing, incorrect device-down alerts sent via mail has been fixed.

Note: The enhancements and fixes for the Distributed Edition are the same as that of the Standalone edition.