The biggest change when updating to version 3.0 from any earlier version are the new web reports which no longer require IIS. The new web reports run on Windows, Linux and Apple OS X and utilize Java on the server side (included with the EventSentry installation). The new web reports also ship with their own web service. The existing web reports (referred to as the "Legacy Web Reports") will not be uninstalled by the 3.0 upgrade, refer to this KB article for instructions on how to uninstall.
Version 3.0 includes an improved filter scheduling feature, with the ability to setup more granular recurring & summary filters. We recommend that you review the "Hour/Day" tabs on all filters which have custom settings configured in that tab.
The new web reports include a variety of new functionality, including the following:
•UTC support for networks spanning multiple time zones
•Built-in web service which no longer relies on IIS
•Cross-platform capabilities for Linux and OS X support
•Ability to schedule & email reports
•Improved search capabilities for complex search queries
Java is not required on the client side - only on the host where the web reports are running.
SNMP Polling (Heartbeat Monitoring)
The heartbeat agent includes the ability to query SNMP counters from SNMP-enabled hosts through the existing performance monitoring feature. In addition to polling counters, the HB agent can also query disk space, uptime and basic hardware / OS information.
Ribbon (Management Console)
The management console offers a redesigned interface featuring the ribbon as well as updated icons throughout the interface. The following new features have also been added:
•Support to view application and services event logs with the build-in event viewer
•Better interface to configure day/time schedules, summary & recurring event filters
•Recurring events can now be configured to check minutely intervals
•Authentication has been redesigned so that credentials are created & applied to hosts or groups
•Misc usability improvements throughout the management console
•Log file monitoring supports sub folders
•Compliance "Logon By Type" tracking can exclude logons by computer accounts
•Event Log filters can override email subject & message body
•Packages can by dynamically assigned based on platform (32bit vs 64bit)
•Threshold filters can utilize insertion strings
•Disk space prediction feature (predicts when disk will be full)
•Identify reasons why hosts were shut down or rebooted
•Desktop notification supports Growl
•Network notification supports remote desktop services
•Application scheduler support process isolation
•New email format "HTML Modern"
The network services include a new "ARP" daemon, which monitors network traffic and alerts users when new MAC addresses are found or MAC to IP associations change. The ARP daemon also keeps track of all significant MAC address changes and the current status of all MAC addresses and their IP associations can be reviewed through the web reports.