Release History

2025-07-18

Patch 5.2.1.58 released

SHA-256 Checksum: 39CAB23461775138AF8F7F5AC10A6F09E08A62DA20F5A577C847084A77F40006

Bugfixes:

ADMonitor: Fixed issue where object names with apostrophes would sometimes not be processed correctly
Agent: Show all display adapters in hardware inventory
Collector: Fixed issue where inability to create named pipe could cause crash
Collector: Ignore incomplete variables
Fixed issue where configuration assistant would not properly update length of varchar columns
Improved service shutdown code for network services and collector
Management Console: Fixed size of version update dialog
Management Console: Only show one update dialog (version, scripts, packages ...) at a time

2025-06-17

Patch 5.2.1.42 released

SHA-256 Checksum: 7FBD98F8647452715EE2FCA5A4DB29E99C3AD77C9BF660A8AC960FA00415674C

Features:

Web Reports: Added YouTube tile
Management Console: Added ability to sort Syslog filter list
Management Console: Added ability to drag & drop content filters

Bugfixes:

General: Security feature to only store local groups and packages now filters actions as well
General: TLS communication can be configured to utilize Windows-API, supporting FIPS mode if enabled in the OS
Agent: Fixed issue were filters with multiple summary schedules configured for the same time would not reliably work
Agent: /collectortest command line variable now supports multiple collectors
Agent: Auto-Update now only uses net.exe to (re)start the EventSentry service
Agent: Switched all hashing algorithms to use Windows-API, utilizing FIPS mode when configured in the OS. Note: Requires re-indexing of all files by agent when FIM or File Access Tracking is being used.
Network Services: Improved parsing of CEF Syslog messages
Collector: Fixed issue with handle leak when internal named pipe cannot be created
Collector: Fixed issue where "Trusted Host" setting would not always reliably work
Collector: Fixed issue with HTTP action not resolving certain variables and not logging activity to the action history log
Collector: Now detects a frozen network stack and performs an automatic service restart
Collector: Fixed several issues with the file action. Added better processing of variables, file locking and events auditing file activity.
Heartbeat Agent: Fixed incompatibility issue when security feature "Store only local groups ..." is enabled
Heartbeat Agent: Fixed issue where service would attempt to connect to the database even if configured to use the collector
Management Console: Show warning when database is not on the latest schema
Management Console: Several fixes and optimizations
Web Reports: Fixed frequency chart timezone calculation
Web Reports: Tomcat updated to v9.0.106

2025-04-14

Patch 5.2.1.16 released

SHA-256 Checksum: 3FC5323A7E39AFDBF144A594EE21BB55F98E4ED6AC5366952B67966AE7D9D7F4

Bugfixes:

EventSentray: Fixed issue where clipboard alert dialog would not be shown and events 2000/2001 would not be written to event log under some circumstances
EventSentray: Fixed Internet Test dialog that would only show a scroll bar under some resolutions
Management Console: Various minor improvements to list control columns throughout the application
Collector: Improved stability of service shutdown routine
Web Reports: Update Tomcat to 9.0.104

2025-03-31

Patch 5.2.1.12 released

SHA-256 Checksum: FD3F70B2D4BCE8840335E3E62D5E3B29EE412B38CC2D7F01B9AE7C19A36F7818

Features:

Agent: Ability to ignore digital file signatures from short-term certificates

Bugfixes:

Management Console: Package download feature has been simplified
Management Console: Fixed bug where editing a connection string would erase password for eventsentry_svc user

2025-03-18

Patch 5.2.1.8 released

SHA-256 Checksum: 804590252EC4CC96049657177D21D5451A5FF22B9EF2CFEAE1AB30CBE100CC99

Features:

EventSentray can now detect clipboard contents and alert/log/clear upon text match
Web Reports: Added ISO 27001:2022 compliance reports

Bugfixes:

Agent: Fixed issue where agent may crash when stopping under certain circumstances
Agent: Fixed bug where file version numbers in FIM features would appear as duplicates
Agent: Fixed bug where agent would crash while applying a configuraton udpate when not using the collector
Management Console: Improved reliability of event log filter copy/paste functionality
Management Console: Updated built-in default Sysmon config
Management Console: Fixed bug where package assignment and blocking packages would not be retained
Management Console: Fixed bug where a hidden built-in package could not be unhidden
EventSentray: Searching for services in process/service dialog is now case insensitive
Web Reports: Fixed x-axis range time format for select dashboard tiles
Web Reports: Resolve issue where PDF charts could render a blank graph
Web Reports: Tomcat updated to v9.0.102

2025-03-10

Patch 5.2.1.4 released

SHA-256 Checksum: D3A7B15A746FDF4D5B9D8006724BC80BDDC1E4B42B4D1760DCDA2C6C4DC462D0

Bugfixes:

Agent: Fixed regression bug where anomaly filtering would not properly work when not filtering on the collector
Heartbeat Agent: Fixed issue where event ids 11011 and 11012 would be logged despite host being in a maintenance schedule
Management Console: Fixed issue where sysmon and script files would be saved as hidden files
Management Console: Fixed help button in sysmon management dialog
Management Console: Fixed rare issue where app would crash on startup
Web Reports: 2FA, when enabled, is now required during every login

2025-03-05

Version 5.2.1 released

SHA-256 Checksum: 804590252EC4CC96049657177D21D5451A5FF22B9EF2CFEAE1AB30CBE100CC99

Features:

Inventory

Local users and group inventory
Local file share inventory

Security

Keyboard inventory and new keyboard detection
Built-In Sysmon configuration management and deployment
Server-side anomaly detection
Better threat detection with threat-scoring
Port-Knocking for collector client
Process spoof (Masquerade) detection

ADMonitor

Identify compromised and reused passwords
Improved "Who" lookup mechanism
Include domain with group policy changes

Web Reports

Process Activity
2FA email authentication
Dashboard tile improvements
PWA support
Syslog RegEx results formatter

Misc

EventSentray (tray utility) now includes an Activity Monitor
Process action can be triggered on collector
Ability to disable disk space monitoring alert throttling
Search event message in built-in event viewer

2025-01-24

Patch 5.1.1.152 released

Critical

SHA-256 Checksum: 99BC0A0F736D0F3D7CF5CDFCBF664C6EF68287DE6517B93F82DBC6100F4F3D0E

Features:

Agent: Fixed issue where, due to a recent update in various version of Windows, the wrong event category would sometimes be displayed for some events
Web Reports: Java 17.0.14 and Tomcat 9.0.98

2024-11-27

Patch 5.1.1.148 released

SHA-256 Checksum: 8E9CE7FB4FB3B2EA54D49C83E3390058CEB14751B73FBD5D07B5E591A3CD0181

Bugfixes:

Agent / Collector: Fixed issue where validation scripts and audit status only write to first configured database
Collector: Do not interpret version numbers from some EventSentry events as IP addresses
Heartbeat Agent: Fixed issue where default heartbeat action overwrote action set for some system health packages
Collector: Stability improvement for collectors with large number of connections
Network Services: Improved bandwidth calculation for sFlow
Built-In database upgraded to PostgreSQL v14.15
Web Reports: Tomcat updated to v9.0.97
Web Reports: Java updated to v17.0.13

2024-10-10

Patch 5.1.1.140 released

SHA-256 Checksum: F0402DE0E4F799B3B9511FEA76E55ACA26B880088C24751643A41E9ED704AB21

Bugfixes:

Heartbeat Agent: Fixed issue where SNMP monitoring would stop after errors despite "Stop retrying" being unchecked
Agent: Improved performance of File Integrity Monitoring (FIM) when a lot of files are regularly being deleted
Agent: Fixed regression bug that would prevent browser inventory from being written to the database

2024-09-19

Patch 5.1.1.134 released

SHA-256 Checksum: 2C4E4B8C7532325CACEE38774113414C4EAFA2835AE2B21036BFC93A504C4711

Bugfixes:

Management Console: Fixed issue where not all package types would be displayed when assigning packages under some circumstances
Management Console: Various stability improvements
Various bug fixes related to assigning packages
Installer: Fixed issue when setting up the EventSentry database on a Microsoft SQL Server
Collector: Security improvements
Heartbeat Agent: Stability Improvments

2024-08-20

Patch 5.1.1.128 released

SHA-256 Checksum: CB7C290B9A85E3E10458BFE729A185E4FB72F46EC3520C3A655CB95F0C3AA026

Bugfixes:

Agent: Fixed issue where agent would restart itself on some hosts due to an internal error in the event log engine
Management Console: Event Viewer: Fixed system32 link for EventSentry events

2024-08-15

Patch 5.1.1.126 released

SHA-256 Checksum: DC7C83A3E1EB092A7D890F20EF6311AA22B50359594E6C4C924C43D53C6C536F

Bugfixes:

Management Console: Fixed regression bug that resulted in the built-in event viewer to not properly work

2024-08-15

Patch 5.1.1.124 released

Deprecated

SHA-256 Checksum: 7EEED6AB93D6F1E8720E4BA5A4D767B90E8AE3D08C69565E50A4ABF8BC044D7F

Features:

Management Console: Various minor usability improvement through the management console
Management Console: PostgreSQL Optimization dialog has been improved and includes disk speed test feature

Bugfixes:

Management Console: Fixed issue where event parameters configured for the process action would not persist
Agent: Fixed SQL error with permission inventory when not using the collector
Agent: Added preliminary detection for event formatting problems
Built-In database upgraded to PostgreSQL v14.13
pgAdmin upgraded to v8.10

2024-07-22

Patch 5.1.1.118 released

SHA-256 Checksum: BE9B150461FF215CABF22610462B249F7FC5FF1BB8BA7B85EFF7F4D35AA02801

Features:

Management Console: Creating 64-bit MSI agent installers no longer requires the WiX toolkit to be installed
Management Console: Multiple entries can now be pasted into the file monitoring inclusion/exclusion dialog
Management Console: Package assignment dialog, in the context of a network device, will only show system health packages

Bugfixes:

Agent: Fixed bug where recurring filters would not work under certain circumstances
Agent: Improved logon tracking performance with reverse DNS lookups
Management Console: Fixed issue where package download would re-download packages with the same name, causing corruption
Management Console: Added additional options to PostgreSQL optimization dialog
Management Console: Fixed bug where settings from environment dialog would not be saved
Management Console: Fixed UI bugs on event log filter dialog that would cause crash
Management Console: Fixed issue where a performance counter that is copied would not be monitored
Collector: Stability improvements
Installer: Improved input validation for postgres admin password
Other minor fixes and improvements

2024-06-04

Patch 5.1.1.106 released

SHA-256 Checksum: C91D8EB609E2CE1A70E93D43F6C9C822AEB60E47ED422B03A9BBC7A2D76AB9E8

Features:

Management Console: Minor improvements throughout the UI

Bugfixes:

Management Console: Fixed issue where package update would duplicate some packages

2024-05-28

Patch 5.1.1.104 released

SHA-256 Checksum: DAB4169D522536DD539BDAAC1DA930CF4E9937DF2465BD268BA1B9BDD31A51EC

Features:

Management Console: Added information button to filter dialogs with link to security event log database at system32.eventsentry.com
Management Console: Filter search feature can now search for filters with "Require ACK" set
Management Console: Editing (multiple) tags for dynamic package assignment has been improved
Management Console: Minor usability improvements
Web Reports: Added 3 security dashboards (and associated reports) to help establish a baseline security posture

Bugfixes:

Agent: Reduced resource usage of digital signature checks of files
Agent: Improved "require acknowledgment" feature in event log filters with collector-side evaluations
Agent: Improved real-time detection of USB storage devices
Agent: Digital signature check of files is more efficient
Management Console: Improved loading speed of event log filter dialogs
Management Console: Fixed issues with package download/merging
General: Updated & improved collector shared memory
Built-In database upgraded to PostgreSQL v14.12
Web Reports: Added action field to summary view on Browser Extension History page
Web Reports: Fixed Schedule Task CSV header
Web Reports: Unique report names will now be determined based on the category

2024-04-26

Patch 5.1.1.92 released

Critical

SHA-256 Checksum: 0CD408C43A75DA056C1AD65D6E6157AF918FCA3C4268B4E936F67EFC63DBCB53

Bugfixes:

Agent (Non-Collector): Fixed issue where the agent would use up an excessive amount of memory when using either Registry Tracking or Sysmon Integration and the configured database becomes unavailable
ADMonitor: Fixed issue where the nightly archival process would not run when invalid files are encountered
Configuration Assistant: Fixed issue where initialize a PostgreSQL database would sometimes require 2 attempts due to a missing schema
Management Console: Fixed issue when applying certain JSON filters
Network Services / NetFlow: Fixed issue where not configuring any conditions but having an AND evaluation logic would result in alerts being logged
Web Reports: Fixed issue hovering on Performance Trends with multiple datasets under certain circumstances

2024-04-19

Patch 5.1.1.90 released

Critical

SHA-256 Checksum: 48083CDBFBB66A078654761C0AB2F0CB702CF8335F53C64986BA7C0D312ADA79

Bugfixes:

Agent: Fixes regression bug from build 5.1.1.82 that may prevent disk space data from being recorded
Agent: Minor fixes and improvements
Management Console: Minor fixes and improvements
Log Import Utility: Fixed issue where import may abort before completely parsing input file

2024-04-17

Patch 5.1.1.86 released

SHA-256 Checksum: D79FB0F580E1C91EC10810CAF9EF479CF60A8462E2D6C20D9AB3826716DE4AF6

Bugfixes:

Agent: Fixed issue where EventSentry agent would not start on Windows 2008
Heartbeat Agent: Virtual machine status from Proxmox hosts now matches status from Hyper-V and VMWare hosts

2024-04-16

Patch 5.1.1.84 released

SHA-256 Checksum: E8330CB179BD7AB1C6AA5D775FBB81A57DC6F22FEF02B5C54E669DBC3EE40B83

Bugfixes:

Management Console: Fixed issues with applying package updates
Agent: Fixed issue where service may crash while stopping

2024-04-12

Patch 5.1.1.82 released

SHA-256 Checksum: 201B5CC209503147C59E0F9E1473A20E17840C02F0FE7CD10EA83BCD7EAA4CF6

Features:

Event Log Monitoring: Added content filter option to filter on file size
Inventory: Added support for showing virtual machines from Proxmox hosts (requires SSH access)

Bugfixes:

Agent: Fixed issue were summary notifications would not work when certain event properties contain Non-Ascii characters
Agent: Stability improvements
Agent: IP addresses would be resolved to host names in compliance logon tracking, even if the option was disabled
Agent: Fixed issue where a group-specific action would not work for disk space packages
Agent: Fixed issue where digital signature of .sys files would not be properly determined
Management Console: Added HTTP template for Microsoft Teams
Management Console: Fixed issues where settings from heartbeat dialog would sometimes not be saved
Web Reports: Improved PostgreSQL 16 support on Database Usage

2024-03-21

Patch 5.1.1.74 released

SHA-256 Checksum: 18DA591D6CEAFB6B5685FF72D3A713A18B2B8DCCAB22ED27B89E85A3343F5B61

Bugfixes:

Management Console: Improved package download and syncing mechanism
Management Console: Fixed issue where having an empty event log package would always trigger a configuration save

2024-03-20

Patch 5.1.1.72 released

SHA-256 Checksum: F4B25F2027C13996D546C0D878A2C881C0A7947B91244FDF776B569FC05413D9

Features:

Event Log Monitoring: Added content filter option to filter on digital signature status of a file
Event Log Monitoring: Added content filter option to specify multiple text comparison tokens
Event Log Monitoring: Log event id 250 when an event log filter expires
Compliance Tracking (Processes): Added option to check digital signature of executables at runtime

Bugfixes:

Agent: Fixed small memory leak with process tracking w/ collector setup
Agent: Value comparison for anomaly detection is now case insensitive
Agent: Anomaly engine stability improvements
Agent: Fixed bug where agent would disconnect and not reconnect to collector when using minimal configuration
Agent: Multiple improvements for client/collector connectivity
Agent: Fixed bug where agent-side event log summary notifications were not working
Agent: Only peform boot scan of event log if it is monitored
Agent: Fixed bug where all installed browser extensions would sometimes be reported as added & removed within a short period of time
Agent: Fixed issue where disk space overrides would not always work as expected
Agent: Fixed bug where registry autorun monitoring would not work
Collector: Fixed bug where agents would under rare circumstances send incomplete packets
Collector: Fixed bug where .dump packet files were not properly written to disk
Collector / Network Services: Fixed bug where SQL query was not properly closed when sending Network Services data through collector
Management Console: Various UI improvements
Database Import Utility: Fixed memory leak when importing .evtx files
Built-In Database: Added warning files to database directories
Web Reports: Improved readablility of Validation Script output when a script has failed
Web Reports: Tomcat updated to v9.0.87

2024-02-01

Patch 5.1.1.50 released

SHA-256 Checksum: 1EEF6D356083C3DF4229A74368973F8D8E71C9501810FB165AF44EBD9A043894

Bugfixes:

Collector: Improved performance by adding parallel inbound queue processing
Collector: Updated TLS implementation, improved reliablity
Agent: Validation scripts will now interpret ERRORLEVEL 998 as a WARNING result (instead of #2)
Agent: "Kill Action" will automatically append .EXE extension if process to be killed has no extension
Agent: Improved reliablity for account management and policy tracking under heavy event logging load
Agent: Fixed bug with file access tracking when monitoring sub directories
Agent: Fixed bug where removing/unassigning a performance counter previously required an agent restart
Management Console: Fixed problems with package download & merging
Management Console: Added button to recover a stalled/frozen PostgreSQL instance
Database Purge Utility: Data to be purged can be filtered by host
Web Reports: Tomcat updated to v9.0.85
Web Reports: Java updated to v17.0.10

2023-12-19

Patch 5.1.1.36 released

SHA-256 Checksum: A63E5100C41D9B233CC6F48E32B0A1BE08A55C4C92B4DD8A170F7DA3E37B49A3

Bugfixes:

Heartbeat Agent: Improved overall reliablity of service
Management Console: Fixed regression bug that would sometimes break HTTP-related tasks like checking for updates, downloading validation scripts etc
Agent: Fixed bug where computer activity (Compliance Tracking/Account Management) would not be recorded
Agent: Improved reliability of compliance logon tracking under extremely high event load

2023-12-01

Patch 5.1.1.20 released

SHA-256 Checksum: 3E925193D4EE92A0CD19F6674295DF301B96E649FF9F8A47BFA886CDE578B319

Bugfixes:

EventSentray: Fixed speed test on systems where UAC is active
Agent: Fixed issue where configuration revision was not immediately available after deploying and agent for the first time
Management Console: Minor bug fix on system health / file monitoring dialog

2023-11-30

Patch 5.1.1.18 released

SHA-256 Checksum: 05C81349C5B3541103F2AE5A29FA33CA37013E941873E0DF9D13EA42DF97E11B

Bugfixes:

Agent: Fixed issue where some data was not written to the database when NOT using the collector
Management Console: Fixed issue where making changes on the collector dialog would immediately be reverted and not saved
EventSentray: Internet Test dialog now includes Speed Test (download only)

2023-11-21

Patch 5.1.1.12 released

SHA-256 Checksum: ABD4A041B5BFCE0FF7D707DF9564E699F2CC433CCA75D762C053225532C5C515

Bugfixes:

Management Console: Fixed issue where deleting an action may incorrectly affect actions of existing filters
Management Console: Improved accuracy of event id 1152 which is logged when the configuration is saved and shows changed items
Management Console: Fixed issue with package download / syncing for filters with timer settings
Management Console: Improved accuracy of collector stats when collector service changes status
Management Console: Implemented help button on permission inventory dialog
Collector: If an email is rejected by SMTP server because of an invalid recipient, then the email will not be resubmitted
Agent: Improved chassis type detection for laptops

2023-11-16

Patch 5.1.1.10 released

SHA-256 Checksum: 9A441E2219142A820FA85B68FBF1E7C95F24CF5F474DBCB0095B1075C4D529BF

Bugfixes:

Agent: Fixed issue where authentication failures were not written to database when not using the collector
General: Fixed issue where creating a maintenance schedule would set custom HB settings for a host, disabling monitoring

2023-11-14

Patch 5.1.1.8 released

SHA-256 Checksum: 15B7BEB002D6BF0DB078A4EC4ED39BD8C9E067FD0EDE27C4F06E27FC576EFEC1

Bugfixes:

Collector: Fixed issue that could cause process to crash when client connects
CMMC: Updated CMMC reports and dashboards to references #cmmc2 script tags
Built-In database upgraded to PostgreSQL v14.10

2023-11-09

Patch 5.1.1.4 released

SHA-256 Checksum: C974DEE89E148DD7CADA13F38B96C4BFD60968C36CF5AB45E6A2D705666BB090

Bugfixes:

Management Console: Fixed regression bug where validation scripts time stamps were not read
Management Console (light edition): Attempting to download an update would yield a certification validation error
Agent: Fixed bug where print tracking could crash the agent if a long file name was printed (and processed by the Print Spooler)
EventSentry Light: Binaries were not digitally signed

2023-11-07

Patch 5.1.1.1 released

SHA-256 Checksum: 5E194314930AFC23046BE471737C69AA6997FAC7E52909D06AE6A5299DB3E84E

Bugfixes:

Management Console: Fixed bug in EventSentry Light were navigating to certain dialogs would crash the management console
Management Console: Various UI tweaks
EventSentray: Network throughput is now displayed in KBytes/sec instead of Bytes/sec
Web Reports: Fixed issue where certain optional properties would prevent the service to start
Web Reports: Updated German and Spanish translations

2023-10-31

Version 5.1.1 released

SHA-256 Checksum: 99BC0A0F736D0F3D7CF5CDFCBF664C6EF68287DE6517B93F82DBC6100F4F3D0E

Features:

General: Anomaly Detection
General: Permission (NTFS) Inventory
General: All applicable health/compliance packages can now store data in multiple databases
Management Console: New & Improved Package update engine
Management Console: Find any item in tree with GoTo feature
Management Console: Insertion strings are resolved to names when available
Management Console: Fewer prompts to save configuration when no changes were made
Management Console: Dialog for optimizing built-in PostgreSQL database
Management Console: Filter rules can be applied directly to a filter dialog from JSON syntax
Collector: Health stats are shown directly on collector dialog in management console
Collector: Status page show latency and throughput
ADMonitor: Now supports sending data through collector
ADMonitor: Group inventory shows last modified date
EventSentray: Includes Internet Test functionality and network usage chart
Web Reports: Automated Maintenance Jobs (web-based)
Web Reports: Added Database History tracking
Web Reports: Updated look and feel of all forms
Web Reports: Reorganized dashboard option menus to group form sections
Web Reports: Redesigned Validation Script details to highlight status and script output
Web Reports: Improved ARM64 support
Web Reports: Optimized database lookups and logging framework
Web Reports: Included more information on Database Usage page
Web Reports: Added columns for dead rows, bloated indexes and last vacuum for PostgreSQL
Web Reports: Various dashboard improvements, including new Acknowledge & Report tiles
Web Reports: Added CMMC dashboards
Web Reports: Added TISAX dashboard & reports
Web Reports: Migrated to JRE 17 and Tomcat 9, improved ARM64 support
Various bugfixes and optimizations
🎃

2023-05-18

Patch 5.0.1.144 released

SHA-256 Checksum: 63E40196A1BC2404FF52EA20A8835A0E85FBC7F87CE16BBC7DA77038E72F119A

Bugfixes:

Agent: Fixed bug where filter notes were not available as variable when using email action with collector
Agent: Fixed bug where wrong host name is associated with file access tracking when not using the collector
Heartbeat Agent: SNMP polling timeout interval is now customizable via registry
Heartbeat Agent: Wrong group data is associated with service data when using collector
Collector: Various tweaks to internal queue limits, debug logging and minor performance improvements
Management Console: Fixed issue with welcome/summary dialog sometimes not showing
Management Console: Fixed issue where log file filter could not be deleted
Web Reports: Updated JRE to 1.8.0_372 and Tomcat to 8.5.88
Built-In database upgraded to PostgreSQL v14.7.2

2023-03-02

Patch 5.0.1.130 released

SHA-256 Checksum: 744721E9E948BB7E98F313600CEBA7178880A274F0391EA64C580660FABD1F6C

Features:

Built-In Database: EventSentry now creates a 512Mb buffer file to aid in database recovery when database drive is full

Bugfixes:

Management Console: Various minor bug fixes and improvements
Agent: Fixed bug with application scheduler
Agent: Fixed bug where agent would continue to run deleted/removed validation scripts
Agent: Fixed bug where installation date of a Windows patch would sometimes be reported incorrectly
Web Reports: Updated JRE to 1.8.0_362 and Tomcat to 8.5.86

2022-12-27

Patch 5.0.1.120 released

SHA-256 Checksum: 779489E7A977F469C7AADAA1F8B430818B09799D7F1075274F12291D1B40260A

Features:

HTTP Action can now utilize a proxy server
Various summary dialogs can now be scrolled with a mouse wheel

Bugfixes:

Heartbeat Agent / Collector: Stability improvements when receiving configuration updates
Collector: Improved loading & processing of .pbtmp files
Agent: Fixed issue with dynamic package assignments
Management Console: Fixed issue where performance counter could not be edited

2022-11-16

Patch 5.0.1.108 released

SHA-256 Checksum: 8AF074D4E1446854BBDE720FC0C3A6CBE569C3C90055F024F879E72149949039

Bugfixes:

Management Console: Fixed bug where overwriting action on package level was not saved
Management Console: Redesigned event log filter dialog for improved content filter visibility
Built-In database upgraded to PostgreSQL v14.6

2022-11-08

Patch 5.0.1.104 released

SHA-256 Checksum: B62F57781081638D42836FE476C3AC82CC405E30E4B3E4A24811747A9AE14909

Bugfixes:

Management Console: Fixed regression bug on event log filter dialog where a space could not be typed in some fields
Management Console: Now prevents users from specifying the same event log filter content filter twice
Management Console: Event Message Browser now displays latest version of event templates and lets users toggle between various versions when available
Management Console: Various bug fixes
Agent / Collector: Faster initial reporting of performance data after agent startup
Heartbeat Agent: Log event id 11026 as warning on only when SSH connection was established
Web Reports: Added STIG dashboard
Web Reports: Updated JRE to 1.8.0_352
Web Reports: Fixed rare UI menu when setting initial job start time
Web Reports: Improved NetFlow threat visualizations on Overview tab

2022-10-06

Patch 5.0.1.98 released

SHA-256 Checksum: D9CAD4D5426A912062F482FF60310542A93E07A4070641A58743372B5C0CF2B4

Features:

Agent: File Monitoring: Added support for checksumming incremental log files

Bugfixes:

Agent: Fixed issue where print tracking would not work when not using collector
Agent: Increased max length of connection string
Agent: Optimized process tracking to do fewer WMI lookups
Management Console: Increased reliability of configuration backups
Management Console: Misc. minor bug fixes and enhancements (stability, UI)
Heartbeat Monitor: Fixed issue where alert would not be cleared after a repeat alert
Collector: Improved loading speed of backup files
Web Reports: Fixed issues updating group account permissions
Web Reports: Added new CMMC reports

2022-08-29

Patch 5.0.1.90 released

SHA-256 Checksum: 382D72DD664F1F02B9A1FCF41BDCA3EDD8A291BF14C285FBC5962DE227D96D7A

Features:

Heartbeat Agent: EXE/CMD-based performance counters can now be utilized
Agent: Added /uninstallquiet command line option
Management Console: Dynamically activated packages now have a different color
Management Console: Added support for empty variables
Web Reports: Compliance requirements have been updated to PCI-DSS 4.0 and CMMC 2.0

Bugfixes:

Agent: Fixed issue where agent would send some initial data twice to collector after the first connect
Web Reports: Resolve sorting issue for compliance requirements subsections

2022-08-16

Patch 5.0.1.84 released

SHA-256 Checksum: EB440BEACE6E3264701FCDE23ADCC336BEC344C6367E5E4B48C5085B4B330CF0

Features:

Agent: Performance Monitoring: Added ability to retrieve dynamic instances for EXE-based performance counters
Management Console: Added inventory script to aid EventSentry support

Bugfixes:

Agent: Version number in Control Panel / Programs and Feature is now updated for MSI-based installations
Agent: Fixed parsing issue with some HP disk configurations that would show RAID drives incorrectly
Agent: Resolve additional Hyper-V statuses
Agent: Fixed issue where PostgreSQL ODBC drivers would not be copied to remote agents with remote update
Agent: Fixed issue where filter timer would not work with HTTP actions
ADMonitor: Fixed issue where empty file caused frequent crashes of ADMonitor process
Collector: Fixed issue where SMTP subject would sometimes not be displayed correctly
Management Console: Encrypt authentication password even when authentication is not assigned to any hosts or groups
Management Console: Fixed issue with filter test feature
Agent, Management Console: Various small bugfixes and tweaks
Built-In database upgraded to PostgreSQL v14.5
Web Reports: Expanded Search tile selection to include Process Status
Web Reports: Resolve rare issue where uptime calculation did not reflect full downtime
Web Reports: Fixed menu quirks when configuring dashboard tiles

2022-07-14

Patch 5.0.1.66 released

SHA-256 Checksum: 1D918EAE5AAA3BE68802C6BC0A30E6A15B76A067709E7CFF491706CF2CA69FAA

Bugfixes:

Minor updates to installer, documentation and management console
Collector: Fixed issue where collector would restart while processing a large disk queue

2022-07-05

Patch 5.0.1.62 released

Critical

SHA-256 Checksum: 8563150514F80A8580EF415AAF1F23271026771EFB122AF8BFA295577F7F288D

Bugfixes:

Collector: Better throttling when loading items from disk queue
Collector: Better file management when paging packets
Collector: Various performance optimizations for higher throughput and lower resource usage
Collector: Various bug fixes
Agent: Minor collector communication improvements
Installer: Only import license file when existing license is invalid
Installer: Fixed issue where evaluation users would need to manually import license
Web Reports: Improved mult-select functionality on Performance Trends

2022-06-20

Patch 5.0.1.50 released

SHA-256 Checksum: 12CFF743FC3FF021DBDD927FAB6DF9638C324067012D4996ACC6C2A095C9DA8B

Bugfixes:

Agent / Collector: Fixed issue where agent would not expire pending sent data, potentially resending already submitted data to the collector
Management Console: Improved remote update functionality when mixing Windows and Non-Windows hosts in a group
Management Console: Do not overwrite "Utilitze Collector" setting on remote hosts (heartbeat, network services)
Optimized performance of logging engine for increased performance of all components
Installer: Fixed issue where web reports would always be installed, even when unselected
Agent: HP Managed Hardware Inventory: Fixed incorrect data and false positives
Agent: Fixed timing of process monitoring feature
Built-In database upgraded to PostgreSQL v14.4

2022-06-07

Patch 5.0.1.36 released

SHA-256 Checksum: 767DE03373D723D0CA6508B5EBD9990AA488FA7BB7388D0E61755C18EC3FDC50

Bugfixes:

Collector: More accurate outbound queue reporting
Collector: Improved inbound queue paging algorithm
Collector: Fixed issue where TLS certificate may automatically be re-created
Collector: Various minor performance tweaks
Agent: Improved process of reading collector backup files when agent is starting
Agent: Fixed issue where incorrect number of physical drives would be displayed on Managed Hardware tab on newer HP servers
Configuration Assistant: Added support for Microsoft SQL Server ODBC driver v18
Management Console: Fixed issue where welcome dialog would sometimes not be displayed
Management Console: Fixed issue where DB migration dialog would not show
Web Reports: Fixed rendering diskspace charts with certain custom paths

2022-05-18

Patch 5.0.1.28 released

SHA-256 Checksum: 2DD290A6AFCEA2E75222FAD1AE4B64FCB2F43AFB9BF78882858E3D0486120F4C

Bugfixes:

ADMonitor: Fixed issue where ADMonitor Console and Viewer would not launch on Windows server 2012
ADMonitor: Fixed issue where ADMonitor background collector process may get stuck due to security settings
Collector: Fixed handle leak with Syslog action (UDP)
Collector: Agents will now get throttled data sent to collector if inbound queue exceeds 1500 items
Installer: Fixed issue where installer doesn't detect installation of web reports
Management Console: Fixed issue where downloading packages would overwrite actions of existing packages
Management Console: Dynamic package assignment now support Windows Server 2022 and Windows 11
Built-In database upgraded to PostgreSQL v14.3
Agent: Output from validation scripts that exceeds limit is now truncated
Agent: Fixed issue where FIM monitoring would show temporary show incorrect checksum under rare circumstances
Web Reports: Fixed version search fields on File Checksum History

2022-04-19

Patch 5.0.1.16 released

SHA-256 Checksum: 4CF81C1D7BF8AD10E793F4E54ABEF125C86C279016BFD0F7A8FEAF48B6BBA98B

Bugfixes:

Agent (non-collector): Hardware information would not be stored in database
Agent (non-collector): Incorrectly formatted date of installed application would prevent application from stored in software inventory
Agent: Print tracking does not record print jobs (regression bug 5.0.1.12)
Web Reports: Fixed issue where is rare circumstances Notes could not be submitted

2022-04-14

Patch 5.0.1.12 released

SHA-256 Checksum: 3FEC92FCC807339E94E7BCECB8A2380B21E51C4707697117669F727258AB9BFD

Bugfixes:

Heartbeat Agent: Stability improvements when utilizing collector
Agent: Clearing filter (for timer filters) can now be configured without an action
Agent: Various compliance tracking features have been optimized
Web Reports: Fixed issue expanding heartbeat dashboard tile
Web Reports: Added text dashboard tile

2022-04-08

Patch 5.0.1.6 released

SHA-256 Checksum: C8A3F129E3A811F2F125BC00E38AE09CA7A73BFC5449DD69724B6E576C8324C6

Features:

Management Console: Added option to duplicate performance monitoring objects

Bugfixes:

Management Console: Editing disk space settings could crash the management console
Management Console: Adding a Scheduled Tasks object would not work
Management Console: Performing a "Check Status" action on some groups would result in inconsistent results

2022-04-07

Patch 5.0.1.2 released

SHA-256 Checksum: EF2A9BB3B086741565A8705EBD0477F948F059ACE1A75F97EAF7EF70311AEB8D

Bugfixes:

ADMonitor: Fixes index error with Microsoft SQL Server databases during installation/upgrade
Management Console: Fixes issue where creating agent MSI files would not work

2022-04-06

Version 5.0.1 released

SHA-256 Checksum: 63E40196A1BC2404FF52EA20A8835A0E85FBC7F87CE16BBC7DA77038E72F119A

Features:

Installer and all main components migrated to 64-bit
Built-In database upgraded to PostgreSQL v14.2
ADMonitor: Group & Computer inventory
ADMonitor: User Info page
Management Console: LAPS integration
Enhanced process monitoring with VirusTotal integration
Disk space monitoring now supports host-based overrides
Console logon tracking can now utilize RDP Gateways
Service (Daemon) monitoring for Non-Windows hosts through SSH
Enhanced system inventory for Non-Windows hosts through SSH
Web Reports: RADIUS integration
Web Reports: New Menu
Web Reports: Additional Dashboard visualizations
Web Reports: Improved performance and reduced resource utilization

2022-03-11

Patch 4.2.3.150 released

SHA-256 Checksum: 544A2998DE0237E0EC97D3087644AD45189ABDE730F7FDF7F3CB87F788F1504A

Bugfixes:

Management Console: UI improvements in event log filter dialogs
Heartbeat / Network Services: Fixed regression bug that resulted in empty MAC address database that could cause stability issues with both services (regression bug in build 4.2.3.146)
Network Services / NetFlow: Fixed issue where packet count and packet size would be 0 for NetFlow v9 (regression bug in build 4.2.3.146)

2022-03-07

Patch 4.2.3.146 released

Deprecated

SHA-256 Checksum: 726077A6826FD3C4A9E14F2C5C0A029823666D945A5C5D9733F49BD7B6E51F40

Bugfixes:

Agent: Fixed issue that could cause excessive CPU or memory usage under rare circumstances on hosts with extremely high event log usage
Agent: Fixed bug where a configuration update could cause the agent to freeze monitoring under rare circumstances
Agent: Fixed bug where agents not using a collector could freeze under rare circumstances
Agent: Fixed bug with validation scripts schedule and UTC settings
Agent: Various other stability improvements and optimizations
EventSentray: Fixed bug where collector connection status would sometimes be inaccurate
Collector: Improved reliability of automatic configuration update
Collector: Limit number of temp files written
Network Services: Traps can now be filtered based on the trap OID
Network Services: Added support for variables in collector host name
Heartbeat Agent: Improved event log message to include description when reporting error with agent status
SNMP: SNMP v3 now support SHA512 for authentication
SNMP: Added support for monitoring SNMP devices that do not provide system information
Web Reports: Improved reliability of profile switching on various pages

2021-12-18

Patch 4.2.3.136 released

SHA-256 Checksum: 5549E5B295F86235CD692540431CAF1C333CDA84BAAAFDE9070B2B5FE3F946E2

Bugfixes:

Heartbeat Agent: Improved detection of agents not connected to collector
Management Console: Minor bug fixes
Web Reports: Updated JRE to 1.8.0_312
Web Reports: Migrated from Log4j 1.2 to 2.17.0
Web Reports: Increased decimal precision for floating number tiles
Web Reports: Added support for searching NetFlow data with a high number of packets

2021-11-05

Patch 4.2.3.132 released

SHA-256 Checksum: 383A5345E9B95F42C997D214B10F84C13F57758F2DEDFD21CF856334F75B5281

Bugfixes:

Collector: Fixed issue where emails containing performance charts and utilizing variables for recipients would send only the first email
Collector: Fixes issue where collector would stop processing incoming packets, mostly on new installations (PostgreSQL-based databases only)
Web Reports: Updated Tomcat to v8.5.73
Agent/Web Reports: Floating point values are now always shown with fixed 8 point precision
Agent: Algorithm for disk space alerts was improved to not supress valid alerts
Agent: Stability improvements
Built-In Database: Updated PostgreSQL to v9.6.23

2021-09-13

Patch 4.2.3.124 released

SHA-256 Checksum: DE2C756A08C387CCB64928D41DF6D52B11915B4798F383D3D5A1382C254EE884

Features:

Agent, Management Console: Database actions can now be assigned to groups, and then referenced at the package level. This is helpful for MSPs that want to write data from customers to different databases without duplicating data.
General: Increased number of total allowed filters to 2000

Bugfixes:

Configuration Assistant: Microsoft SQL Server connections now support TLS
Database Purge Utility: Now utilizes the latest installed SQL Server driver when connecting to a SQL Server database
Web Reports: Fixed embedding environment charts under certain circumstances
Management Console: Fixed issue when connecting to remote event log for hosts with IP address configured
Collector: Fixed issue where corrupt temp file could break queue processing

2021-08-03

Patch 4.2.3.114 released

SHA-256 Checksum: 847AD0C5BACEBFDE2163E0495A753511402E182BEC90615A1F3F16D81DABE15A

Bugfixes:

Agent: Fixed bug where newly added validation scripts would run every minute regardless of schedule until agent was restarted

2021-06-24

Patch 4.2.3.106 released

SHA-256 Checksum: 7DDA1B86F21230F5FD3A3F010458CA26B1152D108FB96C9AAB3B1417F36FD2C1

Features:

Web Reports: Ability to reset threat intel data for an IP address
Web Reports: Added Diskspace tile option to Dashboard

Bugfixes:

Network Services: NetFlow malicious IP alerts are logged per unique socket connection
Agent (File Access Tracking): Rename and Move events are now properly identified if ReadAttributes is audited
Agent: Event log performance improvements
Agent: Boot sector changes now have a built-in threshold to avoid issues with defective drives
Heartbeat Agent: Saving configuration would create superfluous heartbeat history entries
General: Various bug fixes
Web Reports: Added more details to OS CSV output on Hardware Inventory page
Web Reports: Fixed logon limit on Logons Dashboard tile

2021-05-26

Patch 4.2.3.96 released

SHA-256 Checksum: 13B5843006D2CC36A868846A8CCA38B4571A530C3C347965AE18326FB51AAD98

Features:

Heartbeat Agent: Heartbeat PING alerts now include downtime of a host and host notes

Bugfixes:

Collector/Agent: Fixed issue where collector and agent would not attempt a reconnection
Management Console: Trailing tabs and spaces are automatically removed when importing hosts from text file
Management Console: Improved script dialog layout
Management Console: Fixed issue with error message about missing Winpcap shown even though npcap is installed
Management Console: Fixed issue where deleting a host could incorrectly affect maintenance schedules for a different host
Built-In Database: Updated PostgreSQL to v9.6.22
Agent: Added support for detecting USB 3.1
Web Reports: Updated directional range queries
Web Reports: Fixed Dashboard logon limit results

2021-04-07

Patch 4.2.3.82 released

SHA-256 Checksum: 22CECA397142F76988ADC86A39C763196DE5AC65BA7D1BF81E502A701CCD9311

Bugfixes:

Fixed issue with installer not being able to verify its checksum when update was initiated via management console

2021-04-06

Patch 4.2.3.80 released

SHA-256 Checksum: 51909C58794FF0050A5EEDD1560BD51B96F8483FDA8869D377DA005C0547F2CC

Features:

Validation scripts can now be imported on hosts without an active Internet connection
Added "is not empty" event log content filter comparison option

Bugfixes:

Agent: Validation scripts will now re-execute when script is updated
Agent: Fixed issue where validation scripts would run outside of configured schedule when configuration is saved
Agent: Fixed issue where header row would potentially confused delimited log file monitoring
Agent: Added support for parsing date format from AUTORUNSC output
Agent: Fixed bug where new filter setting (filter only active during or after boot) would not work as expected
Agent: Large file monitoring is now more reliable on hosts where scanning volumes is slow
Agent: Actually fixed issue where disk space monitoring would block configuration updates
Collector / Agent: Fixed rare issue where configuration updates from collector would sometimes be rejected by agents
Management Console: Fixed various minor issues
Web Reports: Fixed Job schedule dialog when editing a report
Web Reports: Search Count tiles will now render Empty Result status

2021-03-01

Patch 4.2.3.56 released

SHA-256 Checksum: FF056ACD4B93BA5B7BDBFBF8F85D16A96EF7AFCB8A1E2885C5BC821ED7890706

Bugfixes:

Added CMMC compliance reports and dashboard
Support for the EventSentry PowerShell module
EventSentray: Improved reliability when submitting support tickets via a collector email action
Agent: Fixed issue where disk space monitoring could unnecessarily prevent configuration updates from being applied
Agent: Variables can now be used in performance counters
Management Console / Agent: Query agent status may show incorrect configuration revision
Management Console: Expired maintenance schedules assigned to groups now get removed automatically
Multiple components: Improved compatibility with Office 365 SMTP servers
Multiple components: Maintenance could be off by a few min under some circumstance

2021-02-01

Patch 4.2.3.40 released

SHA-256 Checksum: AC5EA031364AA27C4F65A87959A1EA3BFEE512F3A5C97C1AAD654000C6BE3129

Features:

Added ability for filter to only be active during or after boot process
Added ability to edit tags for multiple hosts

Bugfixes:

Agent: Fixes regression bug from build 32 that breaks browser extension monitoring
Management Console: Fixes issue with built-in validation scripts not updating
Web Reports: Improved Database Summary tile for PostgreSQL databases
Web Reports: Update JRE 1.8.0-282 / Tomcat 8.5.61
Web Reports: Added support for custom jobs path

2021-01-13

Patch 4.2.3.32 released

SHA-256 Checksum: 5A7592DB0B4564BAFC66FDE7D9178EF68E6C7EF9F9C245A8EE215DBD95BEF5BF

Bugfixes:

Collector: Fixed issue where utilizing the malicious ip address check in an event log filter could crash the collector if threat intel was not enabled
Collector: Fixed issue where malformed delimited log files could crash the collector
Network Services: Stability improvements
Web Reports: Added Recent Reports to menus
Web Reports: Improved dashboard tile duplication

2020-12-31

Patch 4.2.3.26 released

SHA-256 Checksum: 4D9A54922E036CE70100D6E8EEEFDF7B5560B5E720ED2A9F10087F3B24BAF6A3

Bugfixes:

Agent: Fixed handle leak when process action could not be launched
Agent: Fixed issue where HTTP action would not be triggered by a timer filter
Agent: Significantly reduced CPU utilization on systems with a large number of logon events
Agent: Option to store non-local groups now also deletes unassigned packages
Threat Intel: Custom block lists now also support specifying threat confidence and title
EventSentray: Added agent version to tooltip
Management Console: Improved sorting (filters, hosts) for strings starting with or including numbers
Management Console: Performance counter preview now takes secondary counters into consideration as well
Web Reports: Added Triggered Action context menu
Web Reports: Improved Host Inventory SCSI visualization
Web Reports: Resolved issue where under certain circumstances IP Activity Sysmon search would failover to a broad search
Web Reports: Updated JRE to 1.8.0_275

2020-12-02

Patch 4.2.3.16 released

SHA-256 Checksum: 98EA8EE3333C2C8506A03945C8CEB95076165C22ED3420DE2AB3811F64CD6653

Bugfixes:

Management Console: Fixed issue with integrated version update not working
Heartbeat Agent: Fixed regression bug from build 4.2.3.14 that disabled disk space monitoring for Non-Windows hosts

2020-12-01

Patch 4.2.3.14 released

Deprecated

SHA-256 Checksum: 0A9467E3BAA43E903354DAF276D4405E31E135AA46B80430E7C162D81CBAF8DB

Features:

Management Console: Text filters can now be loaded from a text file in log file monitoring, default web server IDS rules included
Agent: Log file monitoring event id 8000 now includes text filter (if applicable) that triggered event

Bugfixes:

Collector: Fixed issue with unnecessary database activity during service startup
Agent: Fixed issue where FIM would checksum files that should be ignored based on size during service startup
Collector, Heartbeat Agent: Added sanity checks to reduce likelihood of service crash during service stop
Agent: Fixed issue with wrong volume name shown in event id 10501
Agent: Fixed issue where a configuration refresh could cause service crash if browser extension monitoring is active
Web Reports: Fixed sorting by volume name on Diskspace Status
Web Reports: Fixed drive search on Large Files

This patch has known problems affecting disk space monitoring for Non-Windows hosts, upgrade to 4.2.3.16 instead

2020-11-24

Patch 4.2.3.6 released

SHA-256 Checksum: 082C2C0A637A7F71E519408B3D6328EF36F0711A48512EE7801679041E420658

Bugfixes:

Fixed issue with package download prompting certificate error

2020-11-23

Version 4.2.3 released

SHA-256 Checksum: 544A2998DE0237E0EC97D3087644AD45189ABDE730F7FDF7F3CB87F788F1504A

Features:

IP addresses contained inside (event log) events can now be evaluated against known malicious IP addresses
Additional black list sources for malicious IP address checks
New SNMP monitoring options support monitoring CPU and memory metrics of VMWare ESXi hosts
Web Reports: Performance tiles supports viewing performance data from multiple hosts
Web Reports: Tiles can now be duplicated for faster dashboard setup

2020-11-03

Patch 4.2.1.16 released

SHA-256 Checksum: 38FD6FFC3592FC0C4E4E8D05CDF322D5EB7A47299D7407D41E50F844F527887B

Features:

Heartbeat Monitor: Status alerts (events 11000-11002) now include the IP address of the remote host
Management Console: Added ability to import and hide validation scripts packages

Bugfixes:

EventSentray: Now support Windows Server 2008 / Vista
EventSentray: Fixed issue with incorrect memory usage on Windows Server 2008 / Vista
Management Console: Fixed certificate issue with package download
Management Console: Several minor bugfixes
Web Reports: Improved automated report jobs when reports are empty
Web Reports: Added ability to include multiple computers on Performance Trends dashboard tile
Web Reports: Only include frequency charts in reports if date range is less than 24 hours

2020-10-19

Patch 4.2.1.8 released

SHA-256 Checksum: 0839CDEFD0EBED4BAD09408D6ECB3C0F06F544054EE8B07280BDC50C76BE0F91

Bugfixes:

ADMonitor: Fixed regression bug that would show incorrect time stamps on AD user list page
Agent: Fixed potential issue with compliance/security logon tracking component that could result in lack of processing and memory leak under rare circumstances
Management Console: Validation Scripts packages can now be (un)hidden
Management Console: Additional certificate validation for downloaded packages and scripts
Hearbeat Agent: Fixed issue where stale SNMP data from non-responsive devices was written to database
Installer: Fixed release notes link

2020-10-07

Version 4.2.1 released

SHA-256 Checksum: 38FD6FFC3592FC0C4E4E8D05CDF322D5EB7A47299D7407D41E50F844F527887B

Features:

Validation Scripts: EventSentry will ship with dozens of security and health scripts that will detect insecure settings, compliance violations and misconfigurations on monitored hosts. Examples will include insecure protocols that should be disabled, A/V & firewall checks and much more.
Admin Search: ADMonitor users can now filter any Security & Compliance report (file access tracking, process tracking, etc.) to only show activity from domain admins.
Web Browser Extension Inventory: Get a searchable inventory of all installed browser extensions, or alerts when extensions are added or removed (supports Google Chrome, Mozilla Firefox and Microsoft Edge (Chromium-based).
Network Services NetFlow: Support for IPFIX
Tray Icon / App: Tray app that supports submitting notes including screen shots, a System Information dialog that shows uptime, hostname, ip address, CPU/Memory/Disk utilization, logged on users, top 3 processes based on current CPU and memory consumption and more.
EventSentry Help File in German
Web Reports: Import / Export Dashboards
Web Reports: Dashboard tile for images and web cam streams
Web Reports: Quickly run recent / popular search queries
Web Reports: Filter compliance searches to admin-only activity
Web Reports: Expanded Health Matrix options with detailed point system
Web Reports: Trigger report jobs based on the exact number of results

2020-09-22

Patch 4.1.1.74 released

SHA-256 Checksum: ACDCD3F66C508740A58C887641AEA86E35A0D341D7A6B2FB89BD82F14E47E127

Features:

Network Services: Added support for IPFIX

Bugfixes:

Collector: Fixed issue where a corrupt temp file would cause service to crash shortly after start
Collector: Fixed issue where the literal importance flag would not work for collector-enabled email actions
Agent: Improved performance on domain controllers with a large amount of 4661 security events
Agent: Event 10500 now includes volume name
Agent: Registry Tracking: Added support for additional and removal of values
Agent: Registry Tracking: Fixed issue where registry tracking would not work with Windows Server 2019
Built-In Database: Updated PostgreSQL to v9.6.19
Database Tools: Improved performance of es_db_purge for PostgreSQL database in some instances
Management Console: Fixed bug in event message browser for Application and Services Logs
Management Console: Various minor bug fixes and stability improvements
ADMonitor: Fixed issue where certain group policy changes would not be parsed
Web Reports: Updated to Tomcat 8.5.57
Web Reports: Resolved issues export NetFlow data to CSV
Web Reports: Fixed Automatic Services tile when computers were filtered
Web Reports: Improved cookie flags when SSL is configured
Web Reports: Updated ADmonitor validation when object is removed
Web Reports: Fixed timezone offset for syslog messages
Web Reports: Improved IP lookup for Collector Status hosts

2020-05-13

Patch 4.1.1.68 released

SHA-256 Checksum: E52C49286F1D1DCF883675FB401F7356971845D68E317B3B9E3DE8739D68BD20

Bugfixes:

Installer: Fixed issue when installing on terminal servers
Management Console: Fixed various issues when assigning/clearing credentials
Management Console: Filtering events in built-in event viewer would not properly clear/reset
Management Console: Other minor UI fixes
Agent: Some runtime variables would not be resolved in URL of HTTP action
Agent: Include session unlock events on console logon reports
ADMonitor: Further improved handling of user status when monitoring sub domains
Web Reports: Upgraded to Tomcat 8.5.55

2020-04-29

Patch 4.1.1.64 released

SHA-256 Checksum: 48A92980A005EA657CA507F9C94BFFEF7319D33432F912F7042B4B8E531AD878

Bugfixes:

ADMonitor: Fixed issue where user status update stalled until the ADMonitor service is restarted if user list update could not be updated in the DB
ADMonitor: Fixed issue where SQL utility would terminate after certain group policy changes
ADMonitor: Fixed issue where user list was inconsistent when monitoring sub domains
Built-In Database: Updated PostgreSQL to v9.6.17
Management Console: Improved remote agent update if agent executable is locked by other processes
Management Console: Various stability improvements
Management Console: "Show filters referencing this action" now includes exclude filters
General: Added SNMP package for Canon imageRUNNER devices
General: Improved rendering of email alerts on certain email clients (white lines should not be shown)
Collector: Improved health check
Network Services (ARP): Vendor name is now included when event id 701 is logged
Web Reports: Added additional formats to Number tile
Web Reports: Updated Unsupported Operating Systems compliance report

2020-04-05

Patch 4.1.1.54 released

SHA-256 Checksum: 90090FEE95D406A19CF79367CC68184E75527F2800DC43DE98C0BD5089380243

Bugfixes:

Management Console: Various minor fixes
Heartbeat Agent: Fixed incorrect SQL statement
Heartbeat Agent: Only disable SNMP polling of host if "Stop retrying SNMP polling if ..." is checked
Heartbeat Agent (Light): Fixed issue with incorrect agent status
Installer: Fixed security issue with external process being called without full path
ADMonitor: Fixed issue where new ADMonitor would not find any domains (regression)
Web Reports: Fixed default sender when sending events from the Event Search page
Web Reports: Updated ADMonitor HTML email jobs templates to be more concise

2020-02-28

Patch 4.1.1.48 released

SHA-256 Checksum: D6512C0C0EDF4D036B676824633B72A8EA7F704C9B5A3E37CB8546D168FEF0A1

Bugfixes:

Collector: Fixed issue where some remote agents in some environments would not be able to connect to the collector
Collector (EventSentry Light): Fixed issue where collector would erroneously detect an error condition and restart itself

2020-02-20

Patch 4.1.1.38 released

SHA-256 Checksum: 2ED1CDF83F2B397F8F5ABF129E5D512FC14ADF45B0C482D9505B1DF374AC2199

Bugfixes:

Agent: Large file enumeration is now disabled dynamically if it takes longer than 10 minutes twice in a row
Agent / Host Inventory: Fixed battery capacity display that was displaying in mWh instead of mAh, percentages are now more accurate
Agent / Host Inventory: Now identifies directly attached SSD drives
Agent: Now retrieves schema and GUID cache via secure LDAP whenever possible
Agent: Stability improvement during configuration re-read
Collector: Additional stability improvements, including automatic recovery
Collector: Fixed issue with data not being processed and queue stats not updating
Collector: Improved license check to avoid invalid license warnings
Collector: Improved how agent and configuration updates are distributed to clients
Collector: Fixed issue where SMTP settings were not dynamicaly re-read during a configuration update
Managemend Console: Show Filters Referencing This Action now includes filters that are configured to trigger all actions
ADMonitor: Attribute changes that exceed 4000 characters are now truncated instead of ignored
ADMonitor: Fixed issue where built-in job could cause ADMonitor process to crash
Web Reports: Upgraded to Tomcat 8.5.50 / JRE 1.8.0_242
Web Reports: Fixed HTML summary report jobs
Web Reports: Resolved issue where labels were missing from exported frequency charts
Web Reports: Updated NIST 800-171 and PCI-DSS compliance reports

2020-01-08

Patch 4.1.1.22 released

SHA-256 Checksum: 903869334D5DF27975D159A1B2C0079D145F71F2CFC59D9AA0D67E1ADCC873D8

Bugfixes:

Collector: Improved reliability and resolved stability issues
Network Services: Resolved reliablity issues
Heartbeat / SNMP Monitoring: Increased number of maximum instances for object from 100 to 250
Management Console: Fixed bug where certain types of event log filters could not be deleted
Management Console: Reduced number of prompts for saving configuration
Management Console: Usability improvements for authentication and HTTP actions
Agent: Fixed issue with wrong time zone name and offset on host inventory page when DST is not active. This also resulted in wrong local system time being displayed on event log detail dialog.

2019-12-12

Version 4.1.1 released

SHA-256 Checksum: ACDCD3F66C508740A58C887641AEA86E35A0D341D7A6B2FB89BD82F14E47E127

Features:

NetFlow: Measure/Alert on amount of data transferred to/from malicious IPs
Utilize output from command line utilities for performance data
Send data from Network Services & Heartbeat Agent to collector
Detect pending reboots & BitLocker
Analyze battery health
ADMonitor: Send password reminders directly to end users
ADMonitor: Additional dashboard tiles
Web Reports: Consolidated changes report
Web Reports: Monitor database purge activity
Web Reports: Acknowledge Syslog messages
Web Reports: Easier navigation through event messages
Web Reports: UI Updates
Web Reports: Transition to OpenJDK
Web Reports: CJIS Compliance Reports

2019-11-27

Patch 4.0.3.48 released

SHA-256 Checksum: 4D23E368960B9FC5C1D3A419B8D513CF582FDD11D82F812A7B07362173A4DDC5

Bugfixes:

Resolves an issue in build 4.0.3.46 where binaries were not digitally signed. Otherwise build 4.0.3.46 and 4.0.3.48 are identical.

2019-11-21

Patch 4.0.3.46 released

SHA-256 Checksum: 088042C9CA9BBF857EE834D2CC84E6626F459CA6F5FE37233E92B0DD462D8AFC

Bugfixes:

Agent: Fixed issue with "expand remaining fields" delimited log file monitoring option
Agent: Stability improvements
Collector: Fixed issue with MSSQL databases that could cause the service to crash
ADMonitor: Fixed email alerts

2019-09-10

Patch 4.0.3.32 released

SHA-256 Checksum: B7734F96A35083FD6FD6B26C71BCB47F793C40BC51AE6DFD4CB73C4D0BA46C20

Bugfixes:

NetFlow: Fixed issue where threat alerts were generated even when disabled
NetFlow: Fixed issue where threat intel was only download when event log alerts were enabled
Network Monitoring: Added ContextName, EngineID and ContextEngineID as SNMP authentication options
Network Monitoring: A valid uptime counter is no longer required
Management Console: Improved stability and performance of built-in event viewer for large event logs
Management Console: Fixed issue when downloading packages
Management Console / Collector: Improved resetting shared secret
Collector: Stability improvements including startup and shutdown
Collector: Fixed issue with custom event fields in email action being ignored
Agent: Improved self-update process
Agent: Fixed bug where a file access tracking delete event could cause the agent to crash
ADMonitor/Agent: Fixed various issues with Japanese character sets
Web Reports: Upgraded Tomcat to 8.5.45
Web Reports: Added Source IP to Logon Failures summary
Web Reports: Updated Japanese translations
Web Reports: Optimized Dashboard loading

2019-06-24

Patch 4.0.3.16 released

SHA-256 Checksum: 135545671E13948C7EEC9DCCCD32F47645C6F1F698B58C53971EC7CC4973C657

Bugfixes:

Collector: To prevent data loss, incoming data is paged to disk when outbound queue is too high
Agent: Filters in chain packages now support thresholds and insertion string overrides
Agent: Added new feature to optionally remove non-local groups from the agent configuration
Agent: Stability improvements
Agent: Increased max length of variable content to 512 characters
Agent: Resolved various issues with the "event log full detection" system health feature
Management console: Fixed issue where saving the configuration would take a long time if the database password contained a $ character
Management Console: Various UI bug fixes and improvements
Management Console: Fixed issue when generating MSI file
Heartbeat Agent: Improved ping response tracking chart when remote host is unavailable
Heartbeat Agent: Improved agent status detection for hosts not communicating with collector
Built-In Database: Updated PostgreSQL to v9.6.14
Log Import Utility: Fixed issue when importing delimited log files and non-lookup text values
All components: Added support for reserved characters in database action passwords
Web Reports: Improved cache when loading network quality
Web Reports: Fixed Disk space CSV jobs that searched based on the percent: field
Web Reports: Resolved Disk trends display when loading disk capacity is unavailable
Web Reports: Added total size indictor to summary disk usage page

2019-05-21

Patch 4.0.3.6 released

SHA-256 Checksum: 86F9FE1672197C3B99B47FDCE73B1D83F1648F7BA9936723E43B1992A5AE56B0

Bugfixes:

Management Console: Password is now masked in database action dialog
Management Console: Fixed issue where adding 96 or more database / event log filters to Syslog dialog would cause crash
Management Console: Fixed issues when creating/moving event log filters into folders
Management Console: Increased number of scheduled task filters from 32 to 64
Management Console: Fixed & extended Tools -> Options -> Features dialog
ADMonitor: Improved setup dialog and error checking
Agent: Stability improvements
Installer: Fixed crash dump collection settings for 64-bit processes on some systems
Built-In Database: Updated PostgreSQL to v9.6.13

2019-05-03

Patch 4.0.3.2 released

SHA-256 Checksum: CC1079DBA77AE671D44890DCAB3116F56CDF5B6F9B69BBBEA7BA400A568C8065

Bugfixes:

NetFlow: Fixed regression bug that caused sFlow packets not to be processed
Management Console: Fixed issue with TEST button on HTTP action dialog
Evaluation: Fixed issue during installation that would errouneously state that no network device licenses are installed

2019-05-02

Version 4.0.3 released

SHA-256 Checksum: 4D23E368960B9FC5C1D3A419B8D513CF582FDD11D82F812A7B07362173A4DDC5

Features:

Network Services: Added Syslog TCP+TLS receiver
NetFlow: Switched & improved threat detection to use OTX cache and AbuseIPDB lookups (may require subscription)
Agent: Added GET request option to HTTP requests
Web Reports: Added regex parser to generic search tile
Web Reports: Added NetFlow IP threat context
Web Reports: Added additional NetFlow threat fields

Bugfixes:

ADMonitor: Fixed issue where enabling monitoring of sub domains would not work
ADMonitor: Improved ADMonitor installation in configuration assistant and management console
NetFlow: Fixed issue with processing sFlow packets under certain circumstances
Sysmon Process Tracking: Added indexes to speed up search performance
Heartbeat Agent: Fixed issue where service would crash if no database was configured
Agent: Fixed issue where agent could not self-update via collector if %TEMP% variable points to a different drive than %SYSTEMROOT%
Web Reports: Fixed custom time range when switching from Summary to Detailed
Web Reports: Improved MySQL 8 support

2019-03-28

Version 4.0.1 released

SHA-256 Checksum: 6EF005F50DE190C7F06CDC6C2EE81B4E2CB49A10BE77DC2C410FA3410CCDC870

Features:

ADMonitor

Track all changes to Active Directory objects down to the attribute level with before and after values
Monitor group policy changes
User inventory to help identify idle, administrative and other problematic accounts

New Features

Visual overhaul of the EventSentry management console
NetFlow threat and port scan detection
Track IP addresses in the web reports

Improved Features

Web Reports: Various tweaks throughout for better usability
Event Log Monitoring: Filter timers can now support linking events using different insertion strings
Log File Monitoring (delimited): Convert columns representing a date and time to a native timestamp field
Log File Monitoring (delimited): Support for fields enclosed in quotes
Performance Monitoring: Counters can be configured to only keep the current value in the database
Performance Monitoring: A new "alert" flag supports queries and dashboard tiles that return any performance counter in an alert state
Software History: Now shows user who (un)installed packages for MSI-based software packages

Under the Hood

Various fixes and tweaks to NetFlow/sFlow and bandwidth monitoring
Many other bug fixes and stability improvements throughout the product

2019-02-15

Patch 3.5.1.54 released

SHA-256 Checksum: A1D35BD05BF12AB89E947E1DF9171BB50C5F70D71C393B5B684A1833A4EDD7C0

Bugfixes:

Management Console: Resolved HTTP issue with package download, version check and feedback dialogs
Management Console: Fixed issue where MSI generation would not work on FIPS-enabled systems
Agent: Fixed issue where agent would connect to non-collector database action even though it was not referenced by any package
Agent: Fixed issue for users who installed build 44 or 46 in where collector-initiated configuration updates would not be applied by remote agents
Agent: Fixed issue where creating a new action and filter would only work after an agent restart depending on the order they were created
Heartbeat Agent: Fixed issue in EventSentry Light where heartbeat agent would only monitor 3 hosts
Documentation: Several updates to installation requirements, credits and EULA
Built-In Database: Updated PostgreSQL to v9.6.12

2019-01-21

Patch 3.5.1.48 released

SHA-256 Checksum: 7C94DFF38EA5886D697F7F76DAFD6A910CF59515AC4BE27CB45469671A275A5C

Bugfixes:

Management Console: Fixed regression bug from build 3.5.1.44 that would cause remote agents to ignore configurations updates sent by the collector. Use "Push Configuration" to force configuration updates to remote hosts that are not receiving updates.

2019-01-18

Patch 3.5.1.46 released

Deprecated

SHA-256 Checksum: ADE6BDA0D6AE59CBD80AD298E8C84410CB0FA5A6291DCB71BF6AD896C616163F

Bugfixes:

Management Console: Fixed regression bug from build 3.5.1.44 that would invalidate configuration update files in some cases, causing remote agents not be able to start.

This patch has known problems affecting collector configuration management, upgrade to 3.5.1.48 instead

2019-01-16

Patch 3.5.1.44 released

Deprecated

SHA-256 Checksum: 140A045E14B69A01E5D437834BDF239E340175FF413E6C6A6917E32CBE32488F

Bugfixes:

Agent: File access tracking now utilizes event 4659 to detect some file deletes
Agent: Large file detection now runs with at dynamic, slightly random intervals
Agent: Improved Regex Insertion String override functionality
Agent: Fixed issue where EventSentry Agent entry in control panel would only show up for the user who ran the MSI installer
Agent: Fixed issue where memory modules would not show up on host inventory page when not using collector
Agent: Fixed issue where GELF Syslog packets were not sent with UTC timestamp
Agent: (Total) disk space for volumes with an active quota is now obtained correctly
Collector: Improved reliability during large data transfers, improved warning messages for missed acknowledgments
Collector: Support for variables in database connection string
Heartbeat/SNMP Monitoring: Fixed issue where service would not apply correct settings after saving
Network Services: Fixed issue where service would not apply correct settings after saving
Management Console: Resolved issues with Maintenance Now feature that would not work under some circumstances
Management Console: Improved usability of built-in event viewer while scrolling
Management Console: Various small UI fixes
Built-In Database: Updated PostgreSQL to v9.6.11
Web Reports: Updated number formatting for Heartbeat Availability
Web Reports: Fixed offset when displaying Ping graphs with non-UTC timestamps

This patch has known problems affecting configuration management, upgrade to 3.5.1.48 instead

2018-10-25

Patch 3.5.1.32 released

SHA-256 Checksum: E3193E78CA6C40116E6C626DD69C8F77790613ABE3D20D5E0B489C7F7B1688DD

Bugfixes:

Agent: Fixed issue where agent would use WMI to query for process command line parameters when monitoring 4688 events, putting pressure on the WMI service
Agent: Fixed issue where the current audit status would be inaccurate when using the collector
Agent: Fixed issue where disk space alerts contain incorrect limit if dynamic limits are enabled
Agent: Fixed issue where the wrong threshold was calculated & displayed in 10509 events
Agent: Improved process action to enforce runtime timeout even when capturing output is not desired
Agent: Increased the maximum size of the internal GUID cache
Agent: Numbers are now supported in variables
Collector: Improved reliability of automatic agent update deployment
Collector: Collector now logs warning or error events if the queue size is too large
Collector: Fixed issue that would prevent collector service from shutting down gracefully
Collector: Fixed issue that would cause a secondary collector service to shut down when receiving a configuration update
Management Console: Fixed issue where the 64-bit management console would not let users save the configuration when run on a remote host
Management Console: Various minor tweaks to the UI
Network Services: Improved handling of sFlow packets when monitoring multiple interfaces
Heartbeat Agent: SNMP devices without system information set can now be monitored

2018-09-05

Patch 3.5.1.18 released

SHA-256 Checksum: 0434F200FA36383A626CC4E6E51DBB3B1FBF8F56B734152BFF92A117A84C4383

Bugfixes:

Management Console: Increased the maximum number of filters to 1500
Management Console: Fixed issue where loading a new license would not get properly applied to 64-bit components
Agent: Fixed issue where agent would not start on 64-bit Windows Server 2003 systems
Agent: Fixed issue where Windows audit settings would get changed even though compliance tracking audit options are set to "Leave Alone"
Remote Update Utility: Fixed issue where the executable would not run on certain systems
Collector: Resolved a very rare issue on PostgreSQL where occasional data loss could occur for a small number of features under heavy load
Built-In Database: Updated PostgreSQL to v9.6.10
Web Reports: Updated Tomcat to 8.5.34
Web Reports: Updated Java to 1.8.0-181
Web Reports: Fixed Maintenance Wizard when removing Registry History

2018-08-02

Patch 3.5.1.12 released

SHA-256 Checksum: 997640BF3CCB0214851969A6F3A0CF1307C8F4226C97C5C5610D288FF5EA2E84

Bugfixes:

Management Console: EventSentry configuration with package inconsistencies are now detected and automatically repaired, instead of a warning message about corrupt packages being displayed
Agent: Regression Bug: Fixed issue where event log binary data would not be written to the database (non-collector setup only)
Agent: Fixed issue where multiple instances of the same computer would show up in various status pages under certain circumstances (non-collector setup only)
Agent: Fixed issue where Sysmon v8.0 would break integration with EventSentry
pgAdmin: Path to external binaries is now set correctly in new installations
Web Reports: Updated Heartbeat uptime calculation with improved detection of newly added hosts
Web Reports: Renamed column menu buttons to Save/Close
Web Reports: Fixed Registry mapping to prevent duplicates

2018-07-25

Patch 3.5.1.4 released

Critical

SHA-256 Checksum: F638EFD15949327C978E0F92F972E44A48CD7E00A208DB681B3D1969D22CB138

Bugfixes:

Agent: Fixed issue where some network logon tracking data would not be recorded in the database
Agent: Fixed issue where patch inventory would not always be refreshed after a reboot
Agent: Fixed issue where wrong event is logged when process launched by an action cannot be terminated
Management Console: Fixed issue were regex test dialog was too small and would not allow pasting of longer text
Web Reports: Fixed issue where action history would be inaccurate under certain circumstances

2018-07-13

Version 3.5.1 released

SHA-256 Checksum: A1D35BD05BF12AB89E947E1DF9171BB50C5F70D71C393B5B684A1833A4EDD7C0

Features:

New Security Features

Registry Tracking: Normalize Windows registry tracking audit events
Process Monitoring now features Sysmon integration: Track and correlate network activity from Sysmon (optionally with NetFlow)
Netstat: Monitor and enumerate processes which have active connections or listen on TCP ports

New Features

Syslog actions now include TLS support

Improved Features

File Integrity Monitoring (FIM): Verify the digital signature of files, optionally suppress alerts for signed files
Software Inventory: Show hosts where software is not installed
Process Tracking: Generate SHA checksum for processes
Disk Space Monitoring now supports smart thresholds for large volumes
Heartbeat Status pages now indicate if one or more hosts are in maintenance mode

Under the Hood

Tag hosts or groups for more flexible configuration management
EventSentry agents now use a different SHA algorithm for less resource utilization when calculating SHA 256 checksums of files
Heartbeat Agent service is now available as a 64-bit process on 64-bit platforms
Management Console: Additional context menu and ribbon buttons
Crash Dumps: Agents and server-side components are automatically configured for crash dumps for easier troubleshooting
Many other bug fixes and performance improvements

2018-07-12

Patch 3.4.1.82 released

SHA-256 Checksum: 99206910AC71285ACC407A70EE26E25961E88300888B1FACAB5B196D0987D821

Bugfixes:

Agent: Fixes an issue on some Windows 10 hosts where the agent would sometimes crash while a configuration update is being applied
Heartbeat Agent: Fixes an issue where the heartbeat agent would crash while monitoring unreliable SNMP devices
Network Services: Fixes an issue where adding too many Syslog filters would erase all existing filters
Network Services: Increase the maximum length for filters from 2048 to 8192 characters
Management Console: Fixed issue where new email actions would have all fields disabled by default

2018-06-11

Patch 3.4.1.78 released

SHA-256 Checksum: 4A9B91257AD374B6137A1750DB34B97BDC64DCCA2971C3CFFA9BB045A99925CB

Bugfixes:

Collector: Fixed issue where certain process tracking events could crash the service
Collector: Database performance enhancements
Heartbeat Agent: SNMP monitoring on hosts that support SNMP but are not responding to SNMP requests in a timely fashion will be automatically disabled
Heartbeat Agent: Tweaks to better support MySQL databases

2018-05-25

Patch 3.4.1.68 released

SHA-256 Checksum: 86FC633EC2AB34009DD46B1F96ED3E2305811BD56B606E7BD2D33560025A894D

Bugfixes:

Agent: Fixed issue with Syslog action not properly encoding UTF8
Agent: Fixed issue where agent would not properly apply configuration settings on non-English systems
Agent: Fixed issue where agent would not record account management changes after 1024 changes have occurred (affects non-collector only)
Agent: Improved performance of agent-side lookup cache
Agent: Fixed issue where collector client would not be able to reconnect to collector
Agent: Fixed issue where under rare circumstances the agent would not properly import a configuration update received from the collector if receiving an agent update at the same time
Collector: Fixed issue where host id would not show up on collector status page if agent connected from different IP addresses
Collector: Fixed issue where certain changes to variables would not be applied to collector without a service restart
Network Services / Management Console: Fixed issue where any error retrieving SNMP data from a remote host would be a "SNMP v3 Authentication" error
Built-In Database: Updated PostgreSQL to v9.6.9
Web Reports: Added ability to limit the number of records included in a scheduled report
Web Reports: Fixed potential error on the Switch mapping summary page

2018-04-23

Patch 3.4.1.58 released

SHA-256 Checksum: 4D6B70A702CC3BA252D81C24A9B274CA3545402030AD85DAA0687B03479A7667

Bugfixes:

Customers running MSSQL Server databases with the legacy SQL Server ODBC driver are encouraged to upgrade to the latest Microsoft ODBC Driver on the host where EventSentry is installed to avoid stability issues
Collector: Fixed bug that could result in incoming data being indefinitely cached and not written to the database
Collector: Improved connectivity with clients connected via high latency networks
Collector: Fixed issue where large files would be incomplete on hosts with more than one volume
Collector: Fixed issue where setting a variable on a group would not work
Collector: Fixed issue with automatic agent updates
Collector: Various speed and reliability improvements
Management Console: User interface has been improved on High-DPI displays
Management Console: Fixed bug when adding licenses
Management Console: Various minor improvements to the user interface
Configuration Assistant: User interface has been improved on High-DPI displays
Heartbeat Agent: Improved detection of remote agent status to prevent inaccurate "Frozen" status
Agent: Improved reliability of the current service status in the web reports
Agent: Fixed issue where dynamic package assignments would not work in some scenarios
Agent: Fixed issue where old items in process/console logon backup files could cause the feature to stop working when not using collector
Agent: Fixed issue with backup file for account management when not using collector
Network Services: Fixed issue where ARP history would not be populated in database
Network Services: Switch port mapping now supports VLANs from most Cisco switches
Network Services: Fixed minor issues with bandwidth utilization
Network Services: Bandwidth utilization now supports sFlow (approximate)
Network Services: Improved handling of the NFSPEED variable
Installer: Fixed issue where the customized web reports URL gets overwritten with every update/upgrade
Database Import Utility: Added support for importing .evt files from older NetApp devices
Web Reports: Fixed issue with Inbound / Outbound legend for NetFlow Bandwidth
Web Reports: Updated date formatting when custom range is used and exported to inline PDF
Web Reports: NetFlow dashboard tile now includes Top N city, subdivisions and country
Web Reports: Resolved issue where an empty JAVA_HOME system environment variable could prevent the service from starting
Web Reports: Added additional validation to Group Heartbeat Status tile
Web Reports: Improved Heartbeat Uptime calculation when using a custom range
Web Reports: Fixed Syslog tile time formatting when UTC is not enabled
Web Reports: Updated Tomcat to 8.5.30
Web Reports: Updated Java to 1.8.0-171

2018-02-15

Patch 3.4.1.38 released

SHA-256 Checksum: E5609C84611B2F5E5CC2CC06498081B5437D79384C663892BD5019D7061A34E0

Bugfixes:

Collector: Fixed issue where CPU and memory utilization could slowly increase over time and some systems and cause the service to stop working
Collector: Now accepts remote NetBios host names even when hosts are added as FQDN
Collector: Fixed issue where collector could crash at runtime when large number of hosts are added to configuration
Agent: Fixed issue where agent would incorrectly report 10803 event after configuration updates, indicating that the required audit settings could not be applied.
Management Console: Minor usability improvements
Built-In Database: Updated PostgreSQL to v9.6.7
Web Reports: Updated Tomcat to 8.5.28
Web Reports: Updated Java to 1.8.0-161
Web Reports: Fixed dialog while creating a monthly/weekly jobs
Web Reports: Expanded compliance reports to include Missing Audit Settings

2018-01-19

Patch 3.4.1.34 released

SHA-256 Checksum: 0D9B80404D78E7323D8273BA3A8894F771D531B6071B5D1A082EC54508D5D5F7

Bugfixes:

Installer / Management Console: Fixed bug where license files converted to Unicode would not be recognized as valid license files
Installer: Tweaks to the default configuration
Agent: Log file context feature which was added in 3.4 is now configurable
Agent: Installed PowerShell versions are now available in software inventory
Agent: Fixed issue where virtual memory devices wouldn't show up on the host inventory page for Hyper-V VMs
Agent: Truncated VM path length if it exceeds max DB schema length
Agent: Now always attempts to obtain process command line if not present in 4688 event. Command line is available through $STR9 variable
Agent: Fixed issue where environment settings were not retained if sensor was connected on machine where EventSentry was installed
Agent: Improved logging and debug logging
Agent: Fixed bug with network action incorrectly reusing text from previous alerts
Collector: Improved handling of non-ascii characters in email subjects
Collector: Improved matching of collector-side thresholds by lowercasing unique identifiers
Management Console: Increased the number of entries for scheduled tasks monitoring, limit is now enforced in management console
Management Console: Changed various summary dialogs
Management Console: Fixed issue were events from remote host are not formatted correctly for sources only present on the remote host
Management Console: Fixed issue deploying agent to newer remote Windows 10 hosts
Heartbeat Monitoring: Improved algorithm which automatically disables SNMP monitoring for unreliable hosts
Network Services: Improved handling of NetFlow bandwidth interface association for scenarios where data from multiple interfaces is sent over a single Netflow UDP connection

2017-12-06

Patch 3.4.1.16 released

SHA-256 Checksum: 335FE948F645A1D380744EFC5310CEFD4283B24679298D2D9FF16D109B843DC7

Bugfixes:

Built-In Database: Updated PostgreSQL to v9.6.6
Agent: Fixed issue where dynamic package assignment (OS) would not work under some circumstances
Agent: Fixed issue where saving the configuration could the same application scheduler schedule multiple times under certain circumstances
Agent: Increased stability when refreshing the configuration
Agent: Fixed issue that would prevent event logs with a name longer than 64 characters from being monitored
Heartbeat Agent: Fixed issues where saving the configuration could cause stability issues
Heartbeat Agent: Service will no longer attempt to negotiate SNMP v3 when not SNMP v3 credentials are available
Heartbeat Agent: Additional tweaks to prevent "Frozen" service status
Management Console: Minor tweaks to user interface and default settings
Management Console: Fixed issue where package updater would indicates that packages had updates, even though no updates were available
Network Services: Fixed issue where bandwidth calculation would not work reliably when no SNMP authentication credentials are assigned to NetFlow exporter
Collector: Fixed issue where collector would issue an incorrect warning indicating an automated agent updates not possible for a remote host
Web Reports: Delimited log files page now shows computer, path and file on summary view
Web Reports: Fixed NetFlow issue with US map rendering
Web Reports: Added Europe map to NetFlow tile
Web Reports: Added ability to import/export notes, e.g. when migrating to a different database
Web Reports: Improved links on host inventory page
Web Reports: Fixed issue with dashboards loading too quickly
Web Reports: Improved German translation
Web Reports: Various formatting improvements

2017-11-17

Patch 3.4.1.8 released

SHA-256 Checksum: B1F6983F13218BD099AD13A401149C4636E9C7F214A90F98A0426B51DE277F63

Bugfixes:

Installation: Fixed issue on Windows 10 Fall Creators edition where 64-bit services would not start
Installation: Fixed default installation to include monitoring of common non-standard event logs
General: Removed "Use Latest Driver" option for database actions, this feature is now always enabled
Management Console: Fixed issue where Reset Shared Secrets was not shown when host had SNMP error
Network Services: Fixed issue where some NetFlow data would cause the service to terminate
Network Services: Improved input validation for NetFlow data
Agent: Fixed issue where an agent would not check in with collector often enough if agent was transmitting no or very little data
Heartbeat Agent: Fixed issue where agents are reported as frozen when no HW/SW inventory package is assigned or configured to write to the DB and no collector is configured
Web Reports: Improved Maintenance Wizard layout
Web Reports: Fixed date range selection while switching modes
Web Reports: Updated predictive search on Logon Failures page for Source Computer

2017-11-06

Version 3.4.1 released

SHA-256 Checksum: 99206910AC71285ACC407A70EE26E25961E88300888B1FACAB5B196D0987D821

Features:

Security

Collector-side thresholds extend the agent-side threshold capabilities and support detecting network-wide patterns like lateral movement
Additional capabilities to detect and prevent against new types of Ransomware infections, including variants that modify the boot sector.
Actual audit settings on a Windows host can sometimes deviate from group policy settings - due to conflicts, errors and so forth. A new Audit Policy Status page periodically inventories the current audit settings so you can verify the actual audit settings.
NIST 800-171 compliance reports
A new user activity tracking page makes seeing all activity by a user easier than ever!

Integrations

EventSentry agents can now be integrated with many open source and commercial log solutions with additional Syslog options - even custom JSON formatting is supported!

New Monitoring Features

The new software version check feature identifies outdated software on your network to help you reduce your attack surface. This new feature supplements the software inventory component.
UPS & Battery monitoring now inventories all attached UPS batteries as well as integrated batteries (laptops) regardless of the manufacturer
BIOS changes are now detected

Network Monitoring

Response Time page now includes packet loss percentage
NetFlow monitoring now supports calculating the bandwidth of an interface, including additional statistics such as packet count, bytes per packet and more.

Improved Features

A new navigation menu in the web reports enhances usability
Log file monitoring alerts (events) now include 3 lines before and after a line matched
Disk space alerts now include a list of the largest files and folders of a volume
Growl action now supports multiple recipients

Under the Hood

Web reports are now available in 64-bit and support running larger reports
Web reports utilize Java 8
The speed of all dashboards and other pages in the web reports has been dramatically improved
Managing the configuration through the collector is more reliable
Many other bug fixes and performance improvements

2017-11-03

Patch 3.3.1.130 released

SHA-256 Checksum: 11C61AEE68FA199684D63C6C98D6977D41037A678CAC8174FA270A229D4C9639

Bugfixes:

Heartbeat Agent, Collector: Now utilize the "Use latest installed driver" option in database configuration dialog in order to use the newest MSSQL ODBC driver
Agent: Fixed issue that could prevent an application schedule from executing
Heartbeat Agent: Fixed issue where it could take two monitoring cycles to determine a remote agent status
Management Console: Fixed issue when downloading and importing packages
Management Console: Fixed bug when moving computer item onto previous computer item
Management Console: Fixed bug where clicking on "Add Host" link on group summary page would crash the console under certain circumstances
Collector: Fixed issue where FQDN version of host names would be added to computer search list under certain circumstances
Web Reports: Added NIST 800-171 reporting
Web Reports: Optimized configuration resource utilization
Web Reports: Fixed issue that could corrupt configured reports

2017-10-05

Patch 3.3.1.124 released

SHA-256 Checksum: 11C61AEE68FA199684D63C6C98D6977D41037A678CAC8174FA270A229D4C9639

Bugfixes:

Agent: Fixed issue where agent would not log connection error events when unable to connect to SMTP server (non-collector) Agent: Numerical insertion string comparison in event log filters now removes thousand separator characters
Agent: Fixed issue with software inventory not always populating when agent starts
Agent: Improved insertion string variable resolution for values containing line feeds when passing arguments to a process as the command line
Agent: Fixed memory leak when using filter chain feature in conjunction with a high volume of events
Agent: Fixed issue where event logs from "Application & Services" could not be backed up
Agent / Collector: Fixed issue where FQDN name was stored in database when UTC is disabled
Collector: Fixed issue where secondary collector would not restart after initial installation without registry fix
Web Reports: Fixed DST-related job scheduling issue for jobs that run every X hours

2017-08-31

Patch 3.3.1.114 released

SHA-256 Checksum: 4B0BEF9FE159749715348C0B117382AF5A2DE5AC51357DF58DA3747E770AA75A

Bugfixes:

Configuration Assistant: Fixed issue where MSSQL-based databases could not be created without invoking manual steps
General: Fixed issue where EventSentry would not work properly with Linux-based MySQL databases due a bug involving case sensitivity
Web Reports: Simplified rendering of timestamps for more clarity

2017-08-14

Patch 3.3.1.112 released

Critical

SHA-256 Checksum: 2CBF9EE999CD2A93582D8C0423A418DFA617427C7027E7CAE759D449CCE94857

Bugfixes:

Built-In Database: Updated PostgreSQL to v9.6.4
Fixed issue where EventSentry patch would not update the built-in 9.6.x PostgreSQL database to latest version
Agent: Fixed issue where agent would not be able to successfully connect to multiple collectors
Agent: Fixed issue where a adding/removing a service or driver would cause issues with the inline configuration re-read
Collector: File Access Tracking: Fixed issue where random data would be displayed in the checksum field for data records which did not have a checksum
Management Console (Light Version Only): Fixed issue where importing a configuration would result in an error message
Management Console (Light Version Only): Fixed issue where importing packages would crash the management console under some circumstances

2017-07-28

Patch 3.3.1.106 released

SHA-256 Checksum: 054A29DE643874DCFF484EAFC77996BF85D3D78115C4E81323BCC299873042C0

Bugfixes:

Network Services: Fixed issue that could cause service to crash after startup under some circumstances
Agent: Fixed issue that would cause problems with a configuration update triggered by the addition or removal of a service
Agent: Fixed issue where current folder monitoring status would not be written to the database
Database Import Utility: Improved debug logging when utility is ran in batch mode for easier troubleshooting
Web Reports: Resolve issue where Performance Status would revert back to Last 3 days
Web Reports: Improved performance counter validation

2017-07-13

Patch 3.3.1.104 released

Critical

SHA-256 Checksum: FBED6FF85DF893B4F8671497CBF50DAE2EA8A0A18718834B22B3F337C72A024B

Bugfixes:

Network Services: Fixed issue which would prevent some data from being cached properly while the database was temporarily unavailable
Network Services: Fixed other reliability issues
Database Import Utility: Improved debug logging
Collector: Fixed issue which would prevent some data from being cached while a PostgreSQL-based database was temporarily unavailable
Agent: Fixed issue where a configuration update could result in a deadlock blocking the agent
Management Console: Fixed issue where deleting a log file filter would not persist after saving the configuration
DB Purge Utility: Improved logging for MSSQL databases

2017-06-22

Patch 3.3.1.96 released

Critical

SHA-256 Checksum: 2A74D7A6FC1AEB8D63D5326FD08CF0E055E3DA1B78F69E6C578E69835747A095

Bugfixes:

Agent: Fixed bug where $STR variables would not be resolved correctly for HTTP actions
Agent: Fixed bug which would cause configuration updates to not work or block monitoring
Agent: Stability improvements
Agent: Fixed issue which could trigger event id 12000 (new software installed) for software that is already installed
Agent: Fixed issue where uninstalling 64-bit agent from command line does not work with /collectorclient option is used
Agent: Increased internal GUID cache size to prevent unnecessary LDAP query on busy domain controllers
Network Services: Fixed issue where byte count would be zero for ASA/IPFix protocol
Network Services: Improved throughput and efficiency
Management Console: Fixed issue where console would always prompt to save when exiting
Management Console: Fixed issue where removing a threshold from a filter would not persist
Heartbeat Agent: Fixed issue where uptime report would indicate a reboot of a SNMP-based device even though that device had not been rebooted
Web Reports: Fixed issue where implicit profile inheritence persisted for reports assigned to all profiles
Web Reports: Added additional Italian translations

2017-05-26

Patch 3.3.1.84 released

SHA-256 Checksum: 5D19145D659A654BEF317675B91E8DCFBFBC8D2F545B8769AB1AC36BD6BAB694

Bugfixes:

Database Import Utility: Changed location of debug log file for log import utility
NetFlow: Fixed incorrect port output for ICMP traffic
Agent: Fixed bug where an incorrect file monitoring configuration could crash the agent
Agent: Fixed bug where user rights assignments would not to be recorded correctly when using collector
Agent: Fixed issue where agent would utilize all CPU usage on a single core while collector is unreachable
Agent: Fixed issue where a configuration update could cause an agent crash in performance monitoring
Agent: Fixed issue where file checksums would not be generated in File Access Tracking under some circumstances
Agent/Management Console: Fixed issue where events without an associated message dll would not render text correctly for Non-English language OS
Management Console: Fixed issue where resource utilization of 64-bit agent would not be displayed on Services dialog
Heartbeat Agent: Fixed issue where agent status would be frequently logged as idle
Built-In Database: Updated PostgreSQL to v9.6.3
Web Reports: Updated NetFlow user resolution
Web Reports: Cleaned exporter search options for Cisco ASA devices
Web Reports: Fixed resizing issue on the NetFlow location column
Web Reports: Improved weekly/monthly jobs scheduling based on locale
Web Reports: Added dynamic links to search tile
Web Reports: Improved F/C rendering on environment tiles
Web Reports: Updated implicit profile selection for running jobs
Web Reports: Added conditional date range to Performance Status based on origin

2017-04-26

Patch 3.3.1.70 released

SHA-256 Checksum: AE08D61974550DFE4C42DF9297DE67E05412D79916DE1BF4CA329E42B2BB9260

Bugfixes:

Network Services: Improved throughput performance in NetFlow component
Network Services: Added support for Cisco ASA firewalls
Network Services: ARP alert event id 700 now includes IP address when available
Built-In Database: Updated PostgreSQL to v9.6.2
Management Console: Increased the maximum number of groups to 512
Management Console: Increased the size of the package import dialog
Management Console: Improved resonsiveness of performance counter dialogs
Management Console: Support for 64-bit performance thresholds
Management Console: Fixed real-time display of 64-bit values
Management Console: Fixed issues when sorting an event log
Management Console: Fixed issue when installing an additional collector service
Management Console: Group type can now be set when adding a group
Management Console: Various stability & usability improvements
Collector / Agent: Added support for Syslog RFC 5424 format
Agent: Fixed bug that would not launch embedded scripts through a process action correctly
Agent: Decreased the time it takes the service to stop in most scenarios
Agent: Decreased the time it takes for the agent to apply a new configuration
Agent: Added "not equal to" condition for performance counter / SNMP monitoring
Agent: Fixed bug that would prevent event id 12001 from being logged
Agent: Slightly improved the performance of file checksum generation
Agent: Events regarding the (un)installation of software now include the host platform (32 vs 64 bit)
Agent: Fixed bug where terminating a process would not work under some circumstances
Agent: Reduced the memory consumption for agents running on busy domain controllers (non-collector)
Heartbeat Agent: Fixed issue where the HB agent would not automatically reread an updated configuration after being saved in the management console
Web Reports: The ACL of the main web reports directory is now secured to prevent unauthorized read access
Web Reports: Added preference option for 24-hour clock
Web Reports: Updated mobile JSON feed with improved performance counter detection
Web Reports: Fixed issue where report could be run with no limit
Web Reports: Improved trend links under Internet Explorer
Web Reports: Added support for LDAPS
Web Reports: Added 45 minute search option
Web Reports: Included Delimited Log File support to Search tile
Web Reports: Revamped weather tile
Web Reports: Improved boolean support across database types
Web Reports: Adapted eventnumber for logons searches
Web Reports: Enhanced predictive search for CJK languages
Web Reports: Updated Japanese translations

2017-02-02

Patch 3.3.1.42 released

SHA-256 Checksum: C9D9E57AFD7F4719C6DF53F0B57CE1B5EF416EDAA41637CDDD6C6DC4BD99C2FB

Bugfixes:

Management Console: Multiple hosts can now be deleted or moved in the management console with the remote update feature
Management Console: Improved usability of license dialog
Agent: Fixed issue where agent would log event 1050 even when database action is using the collector
Agent: Fixed issue where custom event message in a filter with one or more line breaks would not work
Agent: Filter chaining (non-sequenced) works even when exclude filters are contained in the package
Agent: General stability improvements
Collector: Tweaked configuration transfer method to agents

2017-01-27

Patch 3.3.1.36 released

Critical

SHA-256 Checksum: 1D9EDFDB8F6D88FC6373AB45AD71C1DC92857043C1DC58057219FFD7A5122231

Bugfixes:

Management Console: IP addresses are now annotated in built-in event viewer, similar to collector emails
Management Console: Fixed issue where application would crash on hosts with no Internet connectivity under specific circumstances
Management Console / Collector: Fixed issue where "Enhanced Security" setting in database action would not work and still transfer connection string to agent(s)
Collector: Fixed rare issue where collector service would crash approximately 2 minutes after service start
Collector / Network Services: Services can now read a 64-bit configuration if a 32-bit configuration does not exist
Collector: Fixed issue where certain event-based variables would not work in emails sent by collector
Collector: Fixed issue where non-routable IPs would prevent a reverse lookup in collector emails
Agent: Added ability to override title and message for "Network" action
Agent: Removed now obsolete configuration option for supporting pre-2003 hosts in "Network" action
Agent: Fixed potential buffer overflow
Agent: Various improvements throughout codebase to improve performance and stability
Agent: Fixed issue where excluding processes under "Compliance/Process Tracking" when using the collector would result in unnecessary data packets being sent to collector
Agent: Fixed issue where agent would not start - or start very slowly - and use a large amount of CPU time on Hyper-V VMs with only one vCPU.
Configuration Assistant: Creating databases on Microsoft SQL Server non-default instances is now more intuitive.
Web Reports: Welcome wizard now detects if JavaScript has been disabled
Web Reports: Added NetFlow Network Traffic JSON for inbound and outbound traffic
Web Reports: Updated sort indicators for detailed results
Web Reports: Improved dashboard iteration inheritance
Web Reports: Ensured correct url encoding when switching between Summary and Detailed views
Web Reports: Optimized resource usage when running report jobs
Web Reports: Fixed issue where search dashboard tile would ignore the percentage field
Web Reports: Updated Tomcat to version 7.0.73

2016-12-29

Patch 3.3.1.22 released

SHA-256 Checksum: 3A6BAB569FD8B3EA17AAC25E7CC26CE1EA6815B949ACCBDF986B9336B3BE3D02

Bugfixes:

Agent: Fixed issue where records captured by file access tracking would under some circumstances, mostly PostgreSQL, would not be written to the database when not using the collector
Agent: Fixed issue where physical disk info wouldn't be written to database when not using the collector
Agent: Fixed issue where physical disks, controller and RAID information would not be detected correctly with newer versions of HP Insight Management
Agent: Fixed issue where host would not be detected as a VM when running Server 2016
Management Console: Improved display of licenses
Heartbeat Agent: Alert email indicating that the EventSentry service is stopped is now less sensitive and not triggered during installations and upgrades
Web Reports: Improved translation for Polish, Dutch, Spanish and Portuguese
Web Reports: Included detection for unconfigured iLO cards
Web Reports: Renamed file fields on File Access page with query support
Web Reports: Fixed frequency chart rendering when exported as PDF

2016-12-21

Patch 3.3.1.18 released

SHA-256 Checksum: EC83BFCC1BD119307C9DE37CEBD6E6E501EE8F0DBBD780B455127D2506D2BCCF

Bugfixes:

Agent: Fixed issue where an invalid database action in service monitoring could crash the agent
Agent: Agent now logs event id 1075 when a self-update completed successfully
Network Services / NetFlow: Fixed issue where the number of bytes would not be logged for NetFlow v9 under some circumstances
Network Services: Status of the NetFlow daemon is now logged with event id 112, similar to Syslog & SNMP components
Network Services: Fixed issue when evaluating NetFlow with an existing full license
Management Console: Improved usability of desktop action dialog
Management Console: Added template for Slack to HTTP action dialog
Collector: Fixed issue with when overriding email subject
Collector: Fixed issue where local agent would not communicate with collector after an initial installation until the configuration was saved once in the management console
General: Improved email subject of some EventSentry alerts with new installations
Web Reports: Updated German translation
Web Reports: Fixed Diskspace trends formatting
Web Reports: Fixed exception error on NetFlow summary page when viewing average data

2016-12-14

Patch 3.3.1.12 released

Critical

SHA-256 Checksum: 9BC342732A12FAC16A58690D69FDC1506A9117C3279971ADA95115F51AFC4BB8

Bugfixes:

Collector: Fixed issue where automatic agent updates would not apply correctly for some hosts, especially when connected to the collector over a slow link. Some agents may require a manual update with this patch, but subsequent patches should work properly
Agent: Fixed issue where agent would crash on Windows Server 2016 when certain alerts would be sent via email
Agent: Fixed issue where binary data would not be written to the database when not using the collector
Heartbeat Agent: Fixed issue where service would not utilize the database or collector cache to determine remote agent status
Heartbeat Agent: Various fixes and tweaks to agent monitoring via RPC
Network Services: Fixed issue where network services component would not work with evaluation (trial) licenses

2016-12-07

Patch 3.3.1.1 released

SHA-256 Checksum: EDFB635BA5820165D67EE1D005F2A17BDB0AEB99DD7039391C5212D1BD67BAD4

Bugfixes:

Installer: Fixed upgrade issue where installer would display PostgreSQL configuration dialogs even though PostgreSQL was never installed
Agent: Fixed issue where agent may log invalid IP addresses in Logon Failures compliance report for 4776 events which do not contain a value for the source workstation field

2016-12-06

Version 3.3.1 released

SHA-256 Checksum: 11C61AEE68FA199684D63C6C98D6977D41037A678CAC8174FA270A229D4C9639

Features:

NetFlow with support for NetFlow v1, v5, v9 & sFlow. NetFlow supports visualization, geolocation, alerts, correlation with workstation logon events to map flows to ActiveDirectory users, filtering and more
Web Reports - Notes & Documentation: Web reports users can submit notes to document infrastructure updates, maintenance, fixes and more. Documentation files can be uploaded and associated with hosts
Web Reports: Added ISO 27001:2013 compliance reports
Web Reports: New security features
Web Reports: New dashboard tiles
Web Reports: Treemap visualization available for most pages
Web Reports: Updated look and improved menu
Deployment: Agents using the collector can receive configuration and agent binary updates automatically through the collector without user intervention.
Deployment: MSI installers can now be created in a few seconds directly from the management console (requires free WiX Toolset)
Agent: A 64-bit agent is now available for 64-bit Windows
Agent: Removed limit and improved management of custom event logs
Agent: Support for chaining events
Agent / Collector: Emails containing IP addresses sent through collector can be enhanced to display geolocation and reverse lookup data inline.
Agent: Emails from security event log will automatically be enhanced with descriptions for many status and error codes
Agent: Database performance of delimited log files has been significantly improved
Agent: Insertion strings of events can be created or replaced using regular expressions
Agent: Install date of software is now available for most software even if it was installed before EventSentry
Agent: USB drives are now detected in real-time
Heartbeat Agent: Agent status is now retrieved directly from collector and/or database for faster and more efficient monitoring
Network Services: Database performance for Syslog component has been improved for MSSQL databases
Network Services: License count for network devices is now more accurately enforced
Database: Built-In database now uses PostgreSQL v9.6, optional upgrade path is available
Configuration: Improved out-of-the-box filter rules for less noise
Management Console: Ability to reset the configuration to post-installation defaults (new v3.3 installations only)
Management Console: Remote configuration can now removed when uninstalling an agent even when remote registry service is unavailable
Management Console: Version checks and update/patch downloads are now performed over TLS for enhanced security

2016-11-08

Patch 3.2.1.96 released

SHA-256 Checksum: 7505FC7D7E6ECA87662A6FEF1F7E39AAB77B22D83285CE8860B1CE35AE1C7E53

Bugfixes:

Database: Updated built-in PostgreSQL database to 9.1.24
Agent: Fixed issue where removing a sevice could crash the agent when using collector
Agent: Fixed issue where binary data was not sent with Syslog action when using the collector
Agent: Improved error handling of delimited log files and increased max allowed size of new files
Agent: Fixed issue with incorrect CPU virtualization support flag in hardware inventory when using collector
Agent: Various stability improvements
Management Console / Agent: Fixed issue where Non-English performance counter descrpitions would not display correctly in management console and alerts
Management Console: Fixed issue where pushing the configuration would result in an error message related to the eventsentry_svc_in.reg file
Management Console: Fixed issue where duplicate computers would use up licenses
Management Console: Fixed various issues when opening .evt files

2016-09-30

Patch 3.2.1.86 released

SHA-256 Checksum: F4420E9C93C878DBEADF9F5B7F7C09448C1D2EC5C08AE9E3603E674187585E50

Bugfixes:

Network Services: Updated MAC Vendor database
Management Console: Minor tweaks and improvements
Management Console: Adding a license no longer requires a restart of the management console
Management Console: Fixed issue when viewing event logs with very high number of events
Agent: Fixed bug where Hyper-V VMs were not properly detected and/or updated
Agent: Fixed bug in log file monitoring which could cause collector to crash
Agent: Improved online configuration updates (1035 event)
Agent: Fixed issue where product type wasn't written to the account management and policy compliance tracking pages when using collector
Agent: Fixed issue where an incorrect event was logged by the directory monitoring / file count feature
Heartbeat Agent: Fixed issue where heartbeat status would not be updated when using a MySQL database
Agent / Collector: Added option to send Syslog data in UTF8 format
Database: Updated built-in PostgreSQL database to 9.1.23
Web Reports: Fixed timezone rendering on trend pages
Web Reports: Improved time rendering when a computer is selected on error and failures dashboard tile
Web Reports: Resolved potential XSS vulnerability on trends
Web Reports: Reclassified specific client error codes to 400 Bad Request instead of generic 500 error
Web Reports: Fixed various security issued

2016-08-11

Patch 3.2.1.76 released

Critical

SHA-256 Checksum: 4E4B51229B4DCFD9BA54AC3F59AAF60BBB8817AD30885DB9E40188BD1A139301

Bugfixes:

Agent: Reduced impact on DB performance for configurations monitoring many performance counters
Agent: Fixed issue where some compliance tracking data would not be cached correctly during temporary database outages
Management Console: Improved handling of copy/cut/paste when editing items in the tree view
Management Console: Fixed issue with remote update performed on "Groups" level
Management Console: Fixed bug where hidden packages would still show up on summary screen, clicking would result in an application crash
Collector: Fixed issues with some variables not being resolved correctly for email actions
Collector: Fixed issue where text file action routed through collector would not update output file frequently enough

2016-07-23

Patch 3.2.1.66 released

SHA-256 Checksum: CEAE221021AE9EDD7ED025FC1FCD03702AF015AB1118749E3D816F30E02640C7

Bugfixes:

Management Console: Fixes a regression bug where adding a computer through the "Edit" dialog will result in an empty string being added to the group, requiring the user to edit the empty string. This is a complete patch but only affects the file eventsentry_gui.exe. It is not necessary to apply this patch if you are running 3.2.1.64 and not adding new hosts to the configuration. You may contact support to obtain a patched eventsentry_gui.exe instead of applying the full patch

2016-07-21

Patch 3.2.1.64 released

SHA-256 Checksum: CC8ECFE10D91FA1B3FEC413F6117695ED6B297ABAA660BFD09D4BB9C94D547C8

Bugfixes:

Collector: "File" action would not work when channelled through the collector
Collector: Fixed bug where overriding an email message body would not resolve insertion string variables
Collector: Fixed issue where $IPADDRESS variable would not be resolved for SMTP actions channelled through the collector
Agent: Fixed issue where content filters using a numerical comparison chained with OR may not work as expected
Agent: CPU count would be incorrect on some pages in the web reports when not using the collector
Agent: Improved reliablity when agent frequently connects and disconnects from the collector
Agent: Increased field storage size for HTTP action and fixed bug which prevented utilization of full field size
Agent: Fixed issue where agent may crash when a service is removed
Management Console: Fixed bug when minimizing the ribbon
Management Console: Fixed bug when performing a remote update action without the extensive network check enabled when host has at least one TCP port checked.
Heartbeat Agent: Fixed bug where large monitoring interval would cause service to stop monitoring hosts
Web Reports: Improved warranty checks
Web Reports: Fixed CSV output by adjusting the block size
Web Reports: Added SourceIP to LogonByType Summary view
Web Reports: Fixed issue where grouped summary section links would not always match a valid translation resulting in an exception
Web Reports: Improved group by rendering when values are empty
Web Reports: Fixed error handling when original event cannot be found in the database
Web Reports: Updated Tomcat to version 7.0.69

2016-06-08

Patch 3.2.1.50 released

Critical

SHA-256 Checksum: 4F929848445E4E539395027890FD3F984A35BA6D301A04EB91692B57D546244A

Bugfixes:

Agent: Fixed regression bug with log file monitoring which caused inconsistent results with configured filters
Agent: Improved automatic installation and upgrade of ODBC drivers when not using collector
Agent: Improved group membership detection when agent is configured only with a IP which is not the primary IP of an interface
Agent: Fixed issue where editing embedded scripts would cause some associated application schedules or process using an embedded script to not launch
Heartbeat Agent: More switches are now supported by switch inventory
Web Reports: Fixed CSV output with large datasets

2016-05-27

Patch 3.2.1.44 released

Critical

SHA-256 Checksum: 16DEE6EF94A0A3E6881E329A7242A04128A3040E632E00AE17A0342388D6533B

Bugfixes:

Web Reports: Fixed (CVE-2016-5077) XSS vulnerability on SNMP Traps search page
Web Reports: Added report for HIPAA/PCI
Web Reports: Adjusted last date calculation for scheduled jobs
Web Reports: Updated default event formatting
Web Reports: Fixed x-axis for Diskspace Trends when UTC has not been enabled
Web Reports: Renamed Hardware menu item to Hardware / OS
Web Reports: Collector Status tile now directly links to the Collector Status page
Web Reports: Fixed hover tooltip on heatmaps
Web Reports: Added an option to increase the height of heatmaps
Agent: Improved disk space alerting when disk space usage continously exceeds and falls below a preset threshold
Agent: Fixed issue where IPv6 source addresses were discarded and not shown in various compliance tracking reports
Agent: Added support for $LICENSEE variable for email subject, header & footer
Heartbeat Agent: Improved error handling when monitoring hosts via SNMP
Heartbeat Agent: Fixed issue where service would crash when it was configured to use a disabled database
Management Console: Improved remote update for mixed groups which contain Windows as well as Non-Windows hosts
Management Console: Improved error message when AD-linked groups cannot be queried
Management Console: Fixed various issues with wizards
Database: Updated built-in PostgreSQL database to 9.1.22
General: Fixed issue where MAC address vendor db (for ARP daemon) hasn't been updated
General: Fixed issue where MAC address vendor db wasn't included in EventSentry Light
General: Various updates to the documentation

2016-04-25

Patch 3.2.1.30 released

SHA-256 Checksum: 814A69232C2427E9FB789B4A75DA4F0ABDB16A96324E7392D0C4AD05242FEECD

Bugfixes:

Agent: Changes to services are now logged under the severity configured under the "Addition/Removal" category
Collector: Fixed issue where resolving variables would sometimes not work
Management Console: Fixed issue where configuration changes would not be picked up by the agent running on the same host as the management console
Management Console: Added new option to hide the command which was executed
Management Console: Added new option to reset the shared secrets of a remote agent by clicking the computer name
Management Console: Fixed issue where an embedded script in mixed case would not properly save other scripts
Heartbeat Agent: Remote agent status is now retrieved from database prior to attempting to retrieve status from remote agent
Heartbeat Agent: Fixed issue where an invalid SNMP OID could cause the heartbeat agent to crash
Heartbeat Agent: Now logs events when the HB Agent cannot connect or write to the database
Web Reports: Fixed PDF formatting when exporting charts with legacy non-UTC enabled datasets
Web Reports: Updated user caching to prevent collisions
More Information: Additional Notes on EventSentry Update v3.2.1.30

2016-04-07

Patch 3.2.1.22 released

SHA-256 Checksum: F60EEDB8A0D65DF7EB2ADD5B956BEE1DF76E13467FE0689AC24A2763D89CF9F1

Bugfixes:

Agent: Fixed issue where agent would not start on Windows XP
Agent: Improved resource utilization of agent and domain controllers by optimizing event log parsing and suppressing unneeded LDAP queries
Agent / Collector: Agent now disconnects from collector after periods of inactivity
Heartbeat Agent: Improved detection of unreliable network connectivity where agent status monitoring is not possible
Heartbeat Agent: Fixed issue where uptime would not be updated in database for SNMP hosts
Collector: Resolved issue in file access tracking where LogonID is not written to database
Collector: Resolved issue where communicating with SMTP server which require authentication would not work
Management Console: Significantly improved the speed of the "Prepare Configuration file" stage of remote update, resulting in signifanctly faster remote update experience
Management Console: WMI service is no longer paused when deploying and/or upgrading remote agent(s)
Management Console: Fixed issue when defining new variables
Management Console: Fixed issue where performance counter descriptions would not be scrollable for built-in packages
Management Console: Improved searching for filters which use an event id range
Management Console / Collector: Added option to reset shared secret for a single host
Database: Updated built-in PostgreSQL database to 9.1.21
Database: Changed default MySQL driver to a version which works reliably with EventSentry, fixed issues in configuration assistant pertaining to MySQL
Web Reports: Adapted SOX requirements
Web Reports: Empty report categories are now automatically removed
Web Reports: Page-level context menus now group the report categories
Web Reports: Improved caching for user accounts
Web Reports: Added additional cookie validation
Web Reports: Fixed X-axis time representation on the Dashboard
Web Reports: Improved pagination on the Logon Console page

2016-03-07

Patch 3.2.1.8 released

SHA-256 Checksum: 46D9462B227CC0701240BDAE753252D32BD52B017D260E8F4A28B85EBBB63B0C

Bugfixes:

Collector: Fixed issue where connections from agent(s) would be rejected if the reverse lookup of the remote IP would not match the host name specified in the management console
Agent: Fixed an issue where the agent would attempt to connect to a remote collector after service startup even if a connection is not necessary
Web Reports: Improved "Last Seen" info on Inventory - Host page

2016-02-29

Patch 3.2.1.6 released

SHA-256 Checksum: 4A16885F13AB8FDD4247B0DD577253D29C5B4E944FEF474D226AA1A7E87F52FF

Bugfixes:

Agent: Fixes issue in Email action (legacy HTML) where select font would not apply
Installer: Fixes issue where updating from 3.1 to 3.2 through management console would neither properly evaluate the installed license nor trigger the configuration assistant after the upgrade is complete
Installer: Fixed issue where installer would take an unusually long time towards the end of the installer when upgrading (speed improves starting with the 2nd upgrade)
Web Reports: Improved CSV Export when exporting all pages of a resultset
Web Reports: Fixed search query generation when multiple conditions are added to the search directly

2016-02-23

Patch 3.2.1.4 released

SHA-256 Checksum: 41EB32D436450168D42695D72641A111E0BD5BA332D37F5DA67E1EA142BE953F

Bugfixes:

Management Console: Added export option for offline agent deployment
Collector: Improved handling of shared secrets to prevent incorrect connection rejection
Web Reports: Added ability to remove specific log file revisions with maintenance wizard
Web Reports: Added missing translations for some languages
Agent: Fixed issue where uninstalling agent from command line would result in a crash
Agent: Added command-line option to remove locally stored collector security settings when uninstalling agent

2016-02-18

Version 3.2.1 released

SHA-256 Checksum: 7505FC7D7E6ECA87662A6FEF1F7E39AAB77B22D83285CE8860B1CE35AE1C7E53

Features:

Central collector service which enables a 3-tier architecture between an action (e.g. database, email server) and the EventSentry agents. Supports compression and secure data transmission via TLS encryption.
Management Console: Ability to import computers from a network (subnet) scan
Management Console / Remote Update: Record activity in log files
Management Console / Remote Update: Toggle fields in result list
Management Console: Export all configured filters to CSV file
Switch inventory with switch port to MAC/hostname mapping
Detection of highest supported USB version
Ability to reduce the size of security events in the database by removing common, static footers
Web Reports: Additional language support for French, Dutch, Spanish, Polish, Portuguese and Italian
Web Reports: Out-of-the-box compliance reports for PCI-DSS, FISMA, Sarbanes Oxley, HIPAA and GLBA
Web Reports: Improved & faster performance trend reporting with ability to display multiple trend charts on a single page
Web Reports: New Bulk assignment for easier report management
Web Reports: Report jobs can be saved to a folder
Web Reports: Improved host inventory page now shows switch port (if available), USB version and VM hosts (if available)
Web Reports: Health matrix displays computer notes
Web Reports: Improved usability throughout
Web Reports: Improved connection pool support

2016-02-03

Patch 3.1.1.112 released

SHA-256 Checksum: 1402C3C2CAD35FC35E853D5A53219B65782C51DCB7A451799EF8DD34F493251E

Bugfixes:

Agent: Fixed issue where some custom event logs may not be monitored after a configuration update is pushed to the agent
Agent: Fixed regression bug originally fixed in 3.1.1.90 with the scheduled task inventory
Agent: Fixed issue which would prevent an entire drive from being monitored with file checksum monitoring
Web Reports: Updated Tomcat to 7.0.67
Web Reports: Fixed issue in with short-running jobs
Web Reports: Improved bulk computer assignment in Account Manager
Web Reports: Moved Source IP to separate column on Logon pages
Web Reports: Fixed File Checksum search field mappings

2015-12-01

Patch 3.1.1.108 released

SHA-256 Checksum: F7DD5BF2CB28B97D68F39720E7BA982250BC7A93DA56ACDF8294F7B689148D53

Bugfixes:

Agent: Fixed rare issue which would cause high CPU utilization
Agent: Fixed issue where 64-bit software wouldn't be detected if 32-bit version of same software is installed
Agent: Misc optimizations
Management Console: Fixed bug where sorting computers would not be saved
Management Console: Fixed bug where a deleted log file definition would remain in the configuration after saving
Management Console: Fixed bug where processing a group with and ID of >= 255 would not work
Configuration Assistant: Database initialization can now be skipped
Configuration Assistant: Improved MySQL ODBC driver installation
Web Reports: Fixed issue renaming/reordering Dashboards
Web Reports: Improved rendering of the most recent value on Performance Dashboard tiles
Web Reports: Resolved empty searches Group Changes page when values are present
Web Reports: Health Matrix / Network Status is now more responsive
Web Reports: Updated scheduling of short-interval report jobs

2015-10-19

Patch 3.1.1.104 released

SHA-256 Checksum: 2750324A7EFF283553D5249018E58C9321C2CC1E0EB5710FD0D7A86D831AB191

Bugfixes:

Agent: Agents will assign themselves to an "Unknown" group instead of assigning themselves to the first group in the configuration when the agents cannot find an entry for their host name in an existing group
Heartbeat Agent: Timing optimizations when monitoring the agent status on hosts with a slow link or on hosts not running Windows
Management Console: Event Log Packages now show in correct order when right-clicking an event in the built-in event viewer and creating an include/exclude filter
Installer: Fixed rare issue where the PostgreSQL ODBC driver would trigger a host reboot during the EventSentry installation
Built-In Database: Updated to PostgreSQL v9.1.19

2015-10-05

Patch 3.1.1.100 released

SHA-256 Checksum: 002E43B017BC1FAACF9187803A12187B58B5C5361C4D407E97FB4DC233A7AF62

Bugfixes:

Agent: Added/fixed support for executing powershell scripts through the application scheduler or actions
Agent: Fixed issue where an action may be triggered even if it is disabled
Agent: Fixed issue where the debug log file of the agent would continue to grow, exceeding the maximum configured size
General: Increased size the max number of groups to 384
Web Reports: Updated Tomcat to v7.0.64
Utilities: Added UTC support es_db_agent_status.exe

2015-08-26

Patch 3.1.1.90 released

Critical

SHA-256 Checksum: 7387706A6DC93D559558227691A2B8A96C3B173BF7B1C8A5775747AF75AC338D

Bugfixes:

Agent: Fixed potential security vulnerability which would give a local user temporary access to the EventSentry configuration file during a remote update action
Agent: Fixed issue with scheduled task inventory on Windows 2003 which would result in duplicate and incorrect alerts. IMPORTANT: Upgrading to this build will generate a one-time "new task detected" alert for each installed task on a 2003/XP machine
Agent: Added support for $IPADDRESS variable
Management Console: Improved support for managing large number of hosts
Management Console: Other minor bug fixes
Web Reports: Added output for binary data in event log detail dialog
Web Reports: Modifying search now resets the back to first page
Web Reports: Improved database connection pool limit
Web Reports: Optimized job scheduler
Web Reports: Improved Maintenance Wizard reliability with Oracle
Web Reports: Removed documentation class which contained potential vulnerabilities
Web Reports: Updated Tomcat to 7.0.64

2015-07-30

Patch 3.1.1.85 released

SHA-256 Checksum: A92CBBA4D1C4B93A3AC21E52E27DD1F082B1F55091CC21AB03AC2F76C3470010

Bugfixes:

Agent: Fixed issue where agent may issue invalid performance alerts after startup
Agent: Fixed issue where agent may not start if configuration contains more log file packages than event log packages
Agent: Improved performance of logon tracking as well as parsing of remote host name values for some events
Agent: Fixed issue where agent may generate incorrect performance alerts immediately after starting
Agent: Fixed issue where agent may not start if the number of log file packages is greater than the number of event log packages in the configuration
Agent: Improved how the agent reports the SNMP sender id when sending SNMP traps
Agent: Fixed issue where malformed volume name could prevent disk space status from being updated
Heartbeat Agent: Fixed issue where service was caching incorrect host statuses in temp file when shutting down
Heartbeat Agent: Improved ping response time tracking trend charts when remote host is unavailable
Heartbeat Agent: Fixed issue where repeat alerts may not be generated
Heartbeat Agent: Fixed issue where configuration updates would not always work reliably, especially when the polling interval was low and/or the number of monitored hosts was large
Heartbeat Agent: Fixed issue where remote agent status would show up as "Unknown" indefinitely
Management Console: Improved cleaning up orhpaned registry values
Management Console: Fixed issue with remote update when working with a large EventSentry configuration
Management Console: Fixed issue where invalid authentication settings would cause a crash under certain circumstances
Management Console: Now pulls host names in FQDN format from AD when configured in global options
Web Reports: Fixed menu formatting when user has limited access
Web Reports: Resolved issue where Environment reports would periodically be empty
Web Reports: Fixed error when removing the last dashboard
Web Reports: Improved searches for acknowledged events
Web Reports: Fixed issue when adding Group Allowed pages with Internet Explorer
Web Reports: Improve HB Status tile when selecting multiple groups
Installer: Fixed issue where upgrading from v2.91 would result in a duplicate installation
Built-In Database: Updated to PostgreSQL v9.1.18

2015-05-29

Patch 3.1.1.60 released

Critical

SHA-256 Checksum: 9E273B3F40278CE93E3A4FFA49CC37095EBA6892AC3D7E68A52F55F09C6B7AE3

Bugfixes:

Agent: Fixed issue where incorrect access mask was displayed on File Access Tracking report
Agent: Fixed regression issue where uninstalled software would not be detected
PostgreSQL: Updated to version 9.1.16
Management Console: Additional usability improvements and sanity checks
Web Reports: Updated Tomcat to 7.0.62
Web Reports: Fixed File Access search when clicking Delete events
Web Reports: Added Memory Used/Free percent to Mobile API
Web Reports: Fixed Search tile data range with Service Status queries
Web Reports: Improved handling of averages on Performance Status when no value is present

2015-05-14

Patch 3.1.1.54 released

Critical

SHA-256 Checksum: 547D9D30A43207A161209219BFDBC75F1772CA5ADDBE02AE1ECC9FAF20AB8EB1

Features:

Agent: Added option to database actions to log more database-related connectivity errors to event log with event id 532

Bugfixes:

Management Console: Fixed issue when testing filter rules with built-in event viewer
Management Console: Fixed issue where credentials for GROWL action where not saved
Management Console: Increased max MIB count to 128
Management Console: Added maximum timeout of 5 min per host in remote update
Agent: Fixed issue where agent would store duplicate events in database due to incorrectly analyzing the return code from ODBC driver
Agent: Added ability to use variables in content filters
Agent: Fixed potential heap corruption when certain events are parsed
Agent: Fixed several issue with log file monitoring to improve reliability
Agent: Improved reliability of caching events when remote database is unavailable and agent is restarting
Agent: Fixed issue with software inventory/alerts where multiple versions of the same software installed on a single computer would not report correctly and/or trigger incorrect uninstallation notices
Heartbeat Agent: Optimized temp file storage for improvement performance on networks monitoring large number of hosts
Heartbeat Agent: Improved how threads are automatically allocated
Heartbeat Agent: Improved detection of hosts which cannot be queried via SNMP or agent status
Heartbeat Agent: Fixed issue were disk space status wouldn't be updated for SNMP monitored hosts
Network Services: Improved reliability
Web Reports: Updated JRE to version 1.7.0.79
Web Reports: Updated Tomcat to version 7.0.61
Installer: Fixed issue when installing to terminal servers

2015-02-26

Patch 3.1.1.29 released

SHA-256 Checksum: 01374C1E5F0CF796BD7F31F9790F24D53A0C3B6AE9F98D58AA207C000B3DB663

Features:

Agent: SMTP action can now connect to SSL/TLS SMTP servers with an unsigned certificate (configurable)
Management Console: Simplified patch installation process
Web Reports: Usability improvements

Bugfixes:

Heartbeat Agent: Improved SNMP polling and slow link detection
Heartbeat Agent: Fixed issue where notes for network devices would not show up in web reports (e.g. Health Matrix)
Agent: Fixed issue where setting a max number of events per email would send blank emails under certain circumstances
Management Console: Fixed issue where filter rules test would not work correctly with custom event logs
Management Console: Fixed issue where computers would be removed from AD-linked groups when performing certain actions on a single host in that group
Management Console: Fixed issue where AD-linked groups would not be refreshed during application startup
Management Console: Improved responsiveness of remote update dialog while a lengthy remote update operation is in progress
Management Console: Fixed issue when adding a performance counter to an existing would yield an error message under certain circumstances
Management Console: Fixed issue where setting remote update preferences to ES$ share would cause issues when pushing the configuration
Management Console: Fixed issue where certain events would not be formatted correctly when connecting to remote event logs under certain circumstances
Agent / Management Console: Fixed issue where testing or executing processes with certain command line arguments would not work
Database Purge Utility: Removing old data from MS SQL Servers is now significantly faster
Web Reports: Improved rendering of stack bar chart
Web Reports: Fixed issue where record count in email subject would be inaccurate under certain circumstances
Agent, Network Services, Heartbeat Agent, Management Console: Enabled ASLR

2015-01-26

Patch 3.1.1.17 released

SHA-256 Checksum: 9FDA7036AD544FFD7798AF33D1AD58EC697039FD36D656640C7DD78FE8C6DCDD

Features:

Agent: Added ability to count files in folder
Installer: Added proxy support (requires setup in IE)

Bugfixes:

General: Added Windows 8.1 and Server 2012R2 to dynamic package activation options
Log Import Utility: Fixed potential issue when importing unicode log files
Web Reports: Improved computer dashboard customizations
Web Reports: Fixed 'since' calculation when UTC is disabled
Web Reports: Fixed issue when deleting last dashboard
Web Reports: Updated JRE to 1.7.0-76
Installer: Miscellaneous fixes and improvements

2015-01-02

Patch 3.1.1.14 released

SHA-256 Checksum: 2FFD6826EB60065374C18B70ADD3F61A2C6E22BB33657AED120F9D016BBE4FC9

Features:

Agent: Added ability to report all data under an alias name instead of host name
Web Reports: Added option for login prompt
Web Reports: Added "Last Scan Duration" field to heartbeat status

Bugfixes:

Heartbeat Agent: Improved / fixed issue when monitoring hosts connected via low latency link
Heartbeat Agent: Fixed issue where moving hosts with authentication between groups would require a heartbeat agent restart
Web Reports: Fixed German translation
Web Reports: Updated Tomcat to version 7.0.57
Installer: Minor fixes and tweaks

2014-12-18

Patch 3.1.1.9 released

Critical

SHA-256 Checksum: F08371117A5FF8126BE2DA6902DFA5A78D2008A64DE755F9EC3167E10710549D

Bugfixes:

Agent: Resolves issue where absolute disk space limits would not work
Management Console: Resolves issue where importing a 3.0 configuration backup file could not be imported
Management Console: Updated SNMP trap daemon icon to avoid confusion
Web Reports: Fixed security issues
Web Reports: Fixed issue where events could not be acknowledged in rare circumstances
Web Reports: Fixed full screen mode in dashboard in IE 11

2014-12-15

Patch 3.1.1.6 released

SHA-256 Checksum: 10DD9D74ED5CC066F9E70209D823A85A3AB679EFE68062B4DF5B6F2686BD3F83

Bugfixes:

Installer: Resolved issue where license key would not be imported/accepted during installation/upgrade when software restriction policies are in place
Installer: Resolved issues when adding/removing the web reports component
Agent: Added sanity checks to prevent crash when service is being stopped
Management Console: Fixed various issues with EventSentry Light to prevent crash
Heartbeat Agent: Resolved issue where remote agent status was displayed as "Unknown" when IPC$ was configured as the authentication preference
Web Reports: Fixed Group-level filtering for Syslog Hosts
Web Reports: Added patch install date column to patch inventory page

2014-12-05

Version 3.1.1 released

SHA-256 Checksum: 1402C3C2CAD35FC35E853D5A53219B65782C51DCB7A451799EF8DD34F493251E

Features:

Windows & General Monitoring

Task Scheduler inventory and change detection
Large File enumeration
Inventory of virtual machines (Hyper-V & ESX)
HTTP action now supports POST/PUT for better interoperability with web-based APIs
Disk space monitoring now supports multiple disk space packages assigned to a single host
Improved remote update / host management, especially of Non-Windows hosts in management console

Heartbeat & SNMP Monitoring

Process Monitoring support for SNMP-enabled hosts
Improved router functionality, configure routers based on IP subnet
Status change detection and uptime calculation is more reliable
Overall stability improvements in the heartbeat agent

Web Reports

Support for multiple dashboards, including automatic iteration between dashboards
Dashboards can be shared
Support for graphical gauges (Clock, meter, number, bullet)
New heatmap tile for uniquely visualizing log, syslog and performance data
New generic search tile supports embedding data from any feature in dashboard
Support for TV mode and dark/light theme in dashboard
Various tweaks and improvements to existing dashboard tiles

2014-11-17

Patch 3.0.1.134 released

SHA-256 Checksum: A4562C12AF5B54E92E78EE36032CAA29E6FC7069125D774EBF0BB748047A6887

Bugfixes:

Management Console: Fixed issue introduced in build 3.0.1.132 which would break most HTTP-related functionality (e.g. version check)
Agent: Fixed issue introduced in build 3.0.1.132 which cause issues with the HTTP action
Web Reports: Fixed issue where directory names would be incorrect if the same file would be processed on the same host in 2 different directories at the same exact time

2014-11-16

Patch 3.0.1.132 released

SHA-256 Checksum: 368714B0DB11014FBCC235E1209B04E1F62A265B7905C0C885D84912AD572983

Bugfixes:

Agent: Fixed issue where agent would not format security events correctly after a reboot prompted by a hotfix installation which makes changes to the security event log publisher
Agent: Fixed issue with summary notifications
Heartbeat Agent: Added additional OIDs for obtaining CPU usage
Network Services: Trap bindings as OIDs are now resolved
Network Services: Fixed issue with enum-style trap bindings
Network Services: Fixed issue where white-listing MAC addresses would have no effect
Management Console: Fixed memory leak in built-in event viewer when refreshing and/or filtering results
Web Reports: Updated JRE to v1.7.0.72, updated Tomcat to v7.0.56
Web Reports: Added TargetAccount as search option on group changes page
Web Reports: Fixed time-zone issue on y-axis on error trend chart

2014-10-21

Patch 3.0.1.128 released

SHA-256 Checksum: 0CBD45443A2CEEA5CAAAC09C0396B9CD94644E12DE6E5CD93924A3C080A7FB7A

Bugfixes:

Network Services (ARP): Fixed duration of learning period to 2 weeks
Network Services (ARP): Updated MAC vendor database
Installation: Fixed issue where built-in PostgreSQL database service could not be registered on Non-English operating systems
Management Console: Fixed issue where removing a log file could cause a crash
Management Console: Fixed issue where removing credentials could cause a crash
Agent: Increased maximum buffer for HTTP actions
Agent: Fixed issue with performance trend clear events showing incorrect values
Web Reports: Added support for empty search queries
Web Reports: Fixed single character wildcard before dash queries
Web Reports: Updated JRE to 1.7.0.72 and Tomcat to 7.0.56
Web Reports: Resolved issue when testing SMTP settings
Web Reports: Fixed disk calculation on very large disks
Web Reports: Updated trend tiles on Dashboard to be clickable

2014-08-22

Patch 3.0.1.120 released

SHA-256 Checksum: FA6E482FC88D81715FEAD8D04722C98B247142F1D63CFF9E7BA01B0C1EE2AB72

Bugfixes:

Agent: Fixed issue where service could exhibit very high CPU usage due to a bug in the disk prediction module
Agent: Fixed issue where filtering severity of compliance tracking "Logon by Server Type" would not work as expected
Agent: Increased the maximum number of installations EventSentry can cache to avoid false install/uninstall events
Installation: Deactivating database purge would setup an invalid System Health package
Web Reports: Computer is now included on Detailed Delimited Log File reports
Web Reports: Updated jQuery version
Web Reports: Line breaks are now escaped on Summary pages to improve link-based query building
Web Reports: Fixed issue with Performance Trend reports when sent as HTML jobs

2014-07-31

Patch 3.0.1.114 released

SHA-256 Checksum: BD1856F55286B0EF8099B3F29CD641A1D6816C4FC8919EC14B29B0AB7C32667F

Bugfixes:

Agent: Fixed issue where agent would attempt to connect to databases which are not in use
Agent: Optimized communication with database for MSSQL and MySQL databases
Network Services: Fixed issue where ARP alerts were not always generated
Network Services: Improved ability to recover gracefully from db connectivity issues
Network Services: Improved logging when network services are unable to communicate with database for an extended period of time
Heartbeat Service: Improved timeout settings
Web Reports: Fixed issue when Blocking Pages for a user account
Web Reports: Resolved issue with monthly jobs calculation
Web Reports: Improved job loading process
Web Reports: Added valuefloat search field to performance pages
Web Reports: Improved initial session preferences when using Remember Me
Web Reports: Fixed C/F conversion on Environment Trends
Web Reports: Updated JRE 1.7.0.65 and Tomcat 7.0.54
Web Reports: Fixed x-axis time interval when exporting charts
Web Reports: Improved field mappings on Logon Failures page
Web Reports: Added column for Source IP to Logon Failures page
Web Reports: Additional sanitation applied to report strings
Web Reports: Increased default connection timeout
Web Reports: Various security improvements (contact support for details)

2014-06-16

Patch 3.0.1.106 released

SHA-256 Checksum: 89417EEA9F010E1092AD2571056640F70CA26439DB0EA6F84807AC8D0545CDCD

Bugfixes:

Agent: Better detection for latest version of HP Insight Manager
Agent: Improved network failure reasons for some compliance tracking events
Agent: Terminating child processes from application scheduler now works with unlimited process nesting levels
Management Console: Improved various group and computer summary screens for variables and hosts with SNMP errors
Management Console: Fixed issue when deleting first performance counter in the package
Management Console: Added "Inherit" button to variable dialogs
Heartbeat Service: SNMP: Fixed issue when querying SNMP counters with multiple instances on some SNMP Agents (e.g. pfSense)
Heartbeat Service: SNMP: Fixed issue when using secondary non-SNMP counters in conjunction with multiple-instance SNMP counters
Installer: Fixed issue with setting up automatic purge job when initializing EventSentry with MS SQL Server database and using built-in authentication
Web Reports: Fixed issue when searching for Logon Type Unlocked
Web Reports: Updated detailed hardware CSV output
Web Reports: Resolved issue when setting permissions with the Account Manager
Web Reports: Improved uptime calculation
Web Reports: Event number in various compliance tracking pages is now clickable

2014-05-16

Patch 3.0.1.98 released

SHA-256 Checksum: 84D8F1E10C4755FF4994C26D6CDCD935D250C5A2A51436997F04D35E29912D2F

Bugfixes:

Management Console: Application Scheduler time outs larger than 60 seconds would not be saved correctly
Management Console: Adding log file from right pane could crash management console
Management Console: Performance counter preview now supports instances
Agent: Event IDs can now be negated in a filter
Agent: Event IDs can now be specified with a range in a filter
Agent: Reduced memory consumption and improved scalability for file checksum monitoring
Network Services / Heartbeat: Fixed issue where service would sometimes not recover from a temporary loss of db connection
Web Reports: Trend pages will now export PDFs to landscape mode
Web Reports: Improved Remember Me functionality when logging in
Web Reports: Fixed issue with CSV output where in rare cases the first line would appear in the header
Web Reports: Recent Events tile only looks at the last 3 days

2014-04-25

Patch 3.0.1.86 released

SHA-256 Checksum: FA8F0E124209483FE6463E196A86E327CCD28D345AE165CF55FEE115738D8CCE

Bugfixes:

Installer: Fixed issue where installer running in patch mode would re-install previously unselected components
Management Console: Fixed issue where app would crash on startup on systems with missing/corrupt performance counter settings
Management Console: Fixed comment submission to myeventlog.com
Agent (new feature): Added ability to ignore certificates in HTTP action
Agent (new feature): Dynamic package assignment options now supports wildcards for service names
Agent: Fixed issue where invalid temp entry would disable console logon tracking on a host
Agent: Fixed issue where pushing configuration updates after renaming a group would cause package assignment issues on some remote hosts
Web Reports: Fixed issue with uptime calculation when setting a custom range
Web Reports: Corrected sorting of duration on the Processes search
Web Reports: Updated default sorting on Software Inventory
Web Reports (new feature): Added last value option to the Performance tile on the Dashboard
Web Reports: High Processes tile has been renamed to Process Performance
Web Reports (new feature): Added Handle Count to Process Performance tile
Web Reports: Resolved issue where Report History was logged twice
Web Reports: Updated JRE to 1.7.0.55

2014-04-11

Patch 3.0.1.78 released

Critical

SHA-256 Checksum: 6EE65267C0E0B38ABC954A8F729416AB13C15F91D4E145204286E877814CE222

Bugfixes:

Agent: Text Action now supports custom delimiter
Agent: Event IDs can now be specified in ranges (e.g. 4628-4656)
Agent: Added option for email action to keep space character in HTML emails
Agent: Fixed issue where maintenance schedules set on a per-computer basis would not be applied to email or pager actions
Agent (File Checksum Monitoring): Fixed issue where recurring scan would run more often than necessary
Agent (Compliance Tracking): Fixed issue where ip address DNS lookup would not work on some hosts
Agent (Compliance Tracking): Fixed issue where source IP address would not correctly show up for some events
Agent (Application Scheduler): When terminating child processes, only processes which start after the parent processes will be terminated
Management Console: Dragging and dropping a filter over collapsed event log packages now features a delay before automatically expanding them
Management Console: Dragging and dropping an item can be aborted with the ESC key
Management Console: Fixed issue where sorting actions could cause issues when overriding actions on a package basis
Network Services: SNMP enumeration values are now resolved from MIB files in SNMP trap objects
Built-In PostgreSQL Database: Fixed OpenSSL "heartbleed" vulnerability (CVE-2014-0160)
Misc: Added support for SQL Server Native Client 11
Web Reports: Added ability to customize disk error/warning levels
Web Reports: Improved Disk Alert tile to include (Errors Only, Errors & Warnings, or Lowest #)
Web Reports: Added Managed Hardware tile
Web Reports: Visual improvements to services, disk space, heartbeat and managed hardware tile
Web Reports: Architecture has been added to the Computer Inventory
Web Reports: Fixed issue with the Diskspace Trends PDF output
Web Reports: Added Source IP to Compliance pages
Web Reports: Fixed generated time when UTC has not been enabled
Web Reports: Increased performance when exporting results to CSV
Web Reports: Improved reset password process
Web Reports: Resolved issue where in some cases the Range would not be displayed for PDF reports
Web Reports: Updated Tomcat (to v7.0.53) and charting library

2014-03-26

Patch 3.0.1.67 released

SHA-256 Checksum: B1A71EE0B2FB09E655F683600E909C48CE0C8C8580C2F52EFA15A252BE64E234

Bugfixes:

Agent: Significantly optimized event log scanning engine for Server 2008 and higher for higher throughput
Agent: Optimized file monitoring engine
Agent: Various optimizations to slightly reduce memory consumption
Agent: Optimized boot scan
Agent: $GROUP variable is now resolved in email header/footer when processing RESCAN events
Agent: Fixed issue with overnight recurring schedules
Agent: Pushing a config during recurring issue could cause events not to be recognized
Agent: Fixed issue where logon tracking would generate duplicate key sql errors when using the built-in PostgreSQL database
Agent: Fixed rare issue where service monitoring would generate many false alerts
Web Reports: Fixed issue on the Network Status page when performance instances do not exist
Web Reports: Added sorting by Percent on the Diskspace Status page
Web Reports: Resolved issue where TargetAccount menus were not loading correctly on the User Account Changes page
Remote Update Utility: Now supports /force switch to push config updates even when no changes have been made
Network Services ARP: Resolved SQL error messages
Removed several issue in web reports and configuration assistant when using Oracle
Fixed issue where the management console would now accept a trial key to extend an existing trial
Updated built-in database to PostgreSQL v9.1.13

2014-02-26

Patch 3.0.1.46 released

SHA-256 Checksum: 3413BCD3FAF32384ED1751921CCE653E7F6969BD1416EF94B773351ADBCB0434

Bugfixes:

Regression Bug: Installer and binaries where not correctly digitally signed
Regression Bug: Authentication set on individual hosts would not work most of the time
Management Console: Fixed issue where removing some health object from a package would not work properly
Management Console: Unsuccessfully connecting to a remote host would crash the management console
Management Console: Fixed issue where browsing for performance counters with instances would not work
Agent: Removed obsolete resource check
Agent: Increased maximum length of process command line in application scheduler to 1024 characters
Heartbeat Agent: Stability improvements

2014-02-20

Patch 3.0.1.40 released

Critical

SHA-256 Checksum: 42308E96BE46F473297D499FDD586BE81FD061D7F3254DCD7BD82AFF40C9F704

Bugfixes:

Agent: File Access Tracking now supports wildcards when using "Normalize Only" Event Analysis setting
Agent: Improved handling & automatic recovery when agent experiences connectivity issues with database
Agent: Filter packages are now processed in the same order as shown in the management console, Catch-All rules still apply
Agent: Fixed issue where recurring schedule would run more often than necessary when using overnight recurring schedules
Management Console: Fixed & improved proxy support
Management Console: Various usability improvements
Management Console: Added -Run Now- option to configuration backups, and increased the max. number of config backups
Management Console: Fixed issue where connecting to remote 2003 event logs would sometimes not work from 2008 or higher.
Light Edition: Fixed issue where monitoring sub folders would also be disabled
Heartbeat Agent: Service will now only attempt to determine whether SNMP is supported on non-Windows devices once. Installer: Fixed issue where installing EventSentry with SQL Server Express would initially create an invalid configuration for the web reports
Log Import Utility: Fixed issue where importing event log files would sometimes not work
Web Reports: Added ability to sort Heartbeat Status by availability
Web Reports: Included support link to customize logging or change warranty checking
Web Reports: Resolved issue with empty query results for users in Japan
Web Reports: Fixed duration calculation when requesting active process data in XML
Web Reports: Updated JRE to 1.7.0.51

2014-01-30

Patch 3.0.1.26 released

SHA-256 Checksum: 213841AA68D3AB09DC35239FFE7FA7C03A52C7385EAA51D4AEBD3555CA8306A3

Bugfixes:

Management Console: Fixed crash when connecting to a remote host
MySQL: Fixed issue in configuration assistant and es_db_purge.exe utility
Command Line Purge Utility: Fixed UTC support
Command Line Purge Utility: Fixed issue where username/password parameters would not be recognized
Agent: Fixed issue where package assignments on a remote agent would sometimes be incorrect after one or more computers were removed from a group
Agent: Increased buffer size for the HTTP action when processing large events
Agent: Fixed issue where agent would crash when WMI would not return a display adapter
Agent: HTTP return code 302 is now acceptable with HTTP action
Web Reports: Background warranty checks are now configurable
Web Reports: Optimized Account Manager and Network Status to support large datasets
Web Reports: Fixed event dialog positioning for certain events
Web Reports: Resolved issue where "Remember Me" would expire to soon in some cases
Web Reports: Fixed Dashboard formatting for Retina displays

2014-01-15

Patch 3.0.1.20 released

SHA-256 Checksum: 11438CC155B08A64FDBACC3D66DD88DC59546D1D3073FE5FE72056C04E04E98B

Bugfixes:

Management Console: Fixed bug where summary schedules were converted incorrectly from v2.93 and earlier
Installer: Installer can now be run on Windows XP
Installer: Fixed issue where web reports configuration would get misconfigured during patch upgrade
Installer: Older rollback directories are now automatically removed
Heartbeat Agent: Fixed SNMP issue when retrieving data from tables with empty instances
New Feature: Added MIB and default package for HWg-STE ethernet-based environment sensors
Web Reports: Fixed uptime calculations for international customers
Web Reports: Resolved issue with status reports when using the Current timeframe
Web Reports: Added option to return 1,000 records per page when using the Detailed mode
Web Reports: Improved legacy comment support in the new web reports
Web Reports: Resolved issue with frequency charts on the Process Tracking page with very large numbers

2014-01-08

Patch 3.0.1.16 released

SHA-256 Checksum: AD14474CE470EF6A181484C9E555179D862AA2ABD6E631CA464DAA548E5FB81C

Bugfixes:

New Feature: Maintenance schedules can now apply to email and/or pager actions as well
Agent: Fixed bug where variables wouldn't be correctly resolved in email header and footer
Agent: Fixed issue where quotes in command line arguments for application scheduler would be incorrectly removed
Agent: In the legacy HTML format the category column would incorrectly be called "Source"
Agent: Fixed & improved IP lookup in various compliance tracking features
Management Console: Fixed issue where initial agent deployment would not work if license key was incorrectly pasted from email
Web Reports: Fixed issues on Logon By Type page

2013-12-20

Patch 3.0.1.9 released

SHA-256 Checksum: 5BD51786C93A9F2904073064291B8EA7D89C2D7AE3F2B247F700586C3FBA49A0

Bugfixes:

Management Console: Fixed minor issue on filter summary dialog
Agent: Fixed issue where events would appear twice in "ASCII" style emails
Web Reports: Fixed issue when writing warranty information to postgres databases
Web Reports: Fixed various issues with commenting and acknowledging events
Web Reports: Fixed issue with warranty checks

2013-12-18

Patch 3.0.1.7 released

SHA-256 Checksum: 3A7DEBA283E21295F15479AF456FEF3EB23CE8CC64E03F7A8745FBDE282359BD

Bugfixes:

Web Reports & Managment Console: Resolved minor Section 508 compliance issues
Agent: Resolved issue where EventSentry service would not start with trial licenses

2013-12-16

Patch 3.0.1.5 released

SHA-256 Checksum: DE97D4B2291F4D95DF6FE386C80C0B230B906B537347DD4D81BB84FA82E484BA

Bugfixes:

Agent: Fixed issue were adding/removing programs after a configuration would not always be detected
Agent / Web Reports: Historical data for mount points is now stored in DB and shown on disk status and disk trends
Heartbeat Agent: Fixed issue where numerical IDs would be resolved incorrectly if the corresponding MIB wasn't loaded and the configuration was updated
Web Reports: Fixed issues with warranty information tile

2013-12-12

Patch 3.0.1.2 released

SHA-256 Checksum: 0255E3EB627A03A210D308F813B198B864CA6B6A88756A78E1E2BEE72CCDF622

Bugfixes:

Management Console: Editing packages would crash app when ribbon was disabled
Agent: Internet Explorer version was not detected properly, and duplicate entries were shown in software inventory

2013-12-10

Version 3.0.1 released

SHA-256 Checksum: A4562C12AF5B54E92E78EE36032CAA29E6FC7069125D774EBF0BB748047A6887

Features:

Web Reports

Scheduled Jobs: Receive reports via email
PDF & JSON Output
UTC Support
Cross-platform: Supports Windows, Linux and OS X
Complex queries for all features
Full API
Easier installation & setup
Better dashboards
Better summary pages
Flash is no longer required
Access control with LDAP integration

Network Monitoring (Heartbeat Agent)

Poll SNMP counters (integrates with performance monitoring)
Retrieve disk space information from SNMP-enabled hosts
Retrieve basic system & hardware information from SNMP-enabled hosts
Retrieve uptime from SNMP-enabled hosts

Windows Monitoring

Log file monitoring supports sub folders
Recurring filters now support time intervals
Compliance "Logon By Type" tracking can exclude logons by computer accounts
Event Log filters can override email subject & message body
Packages can by dynamically assigned based on platform (32bit vs 64bit)
Threshold filters can utilize insertion strings
Disk space prediction feature (predicts when disk will be full)
Identify reasons why hosts were shut down or rebooted
Desktop notification supports Growl
Network notification supports remote desktop services
Application scheduler support process isolation
New email format "HTML Modern"

Management Console

Includes ribbon & visual improvements
New authentication manager
Better filter search functionality
Many common tasks have been simplified
Improved built-in event viewer for Application & Services Logs
Hour / Day configuration has been simplified
Feature Utilization dialog

Network Services

ARP daemon detects & tracks new MAC addresses and MAC to IP mappings

2013-09-03

Patch 2.93.1.82 released

SHA-256 Checksum: 032C3A6D861B792BD2F4596C3684F43FE9230E8D650771FF11859C647EF215AC

Bugfixes:

Fixed issue in license manager that would require some users to re-enter one or more license keys after applying patch for build 2.93.1.81
Fixed issue in es_db_purge when purging event log data on PostgreSQL
Various fixes in web reports

2013-08-29

Patch 2.93.1.81 released

SHA-256 Checksum: 3369CF0E79C2DB46872A5B65633C4F4581ACBA771BAA75DD24ABDB3FC48F6F6F

Bugfixes:

Agent: Fixed issue where admin detection in Console Logon Tracking feature would not work on domain controllers when the NetBIOS domain name would not match the DNS domain name
Agent: Improved reliability of process tracking feature when tracking a high volume of processes
Agent: Increased the max. number of applications the agent can capture in the software inventory
Agent: Improved stability of the file monitoring feature
Agent: Added detection for Windows 8.1 and Windows Server 2012 R2
Network Services: Fixed issue where temporary database outages would not be handled correctly
Management Console: Bug fixes for the built-in event viewer on Vista and later
Remote Update Utility: Bug fixes
Installer: Fixed issues in the database schema which would, in some cases, result in errors when upgrading from an earlier version of EventSentry

2013-05-31

Patch 2.93.1.75 released

SHA-256 Checksum: AB57DEB0584D305AEB25CB07069B74C444E0FDD00F3F103EAC3F5D382F43D3CE

Bugfixes:

Agent: Added detection of DELL(c) OpenManage 64-bit tools
Agent: Fixed issue where parsing backup event from logon tracking would crash the agent
Agent: Fixed issue where certain applications would only show up as GUIDs in software inventory
Agent: Fixed issue with log file monitoring when using wildcards in file names
Remote Update Utility: Fixed issue where the status of the remote agent would not be properly detected when there was no configuration change
Web Reports: Several bug fixes

2013-04-04

Patch 2.93.1.65 released

SHA-256 Checksum: 0BE39F282B6983963421000B5B57FC46997A5F2EE607F3688E9C2E82C36F5C9D

Bugfixes:

Database: Updated to PostgreSQL v9.1.9 to fix security issue. Note that only the installer will upgrade PostgreSQL, the patch will NOT upgrade PostgreSQL.
Agent: Significant performance improvements with log file monitoring feature when monitoring directories with large amount of log files (e.g. 1000+).
Agent: Bug fixes for file monitoring
Agent: Performance improvements to compliance logon tracking
Agent: Boot scan and debug logging can now be configured on a per-host basis via registry
Configuration Assistant: Added support for built-in Windows authentication when initializing and/or updating MSSQL databases
Remote Update Utility: Improved stability and fixed bug where utility would retry failed hosts even when instructed not to
Configuration: Added new event log package which excludes common audit failures by default
Web Reports: Several bug fixes and performance improvements

2013-03-13

Patch 2.93.1.55 released

SHA-256 Checksum: A67C4425E2C7F03547764261AEFB77846563ED9013F2FB0DEED9B33C13272A78

Bugfixes:

Remote Update Utility: Improved & documented return codes
Remote Update Utility: Fixed issue where event logged by utility would not log updated & failed hosts correctly
Management Console: Fixed issue where deleting a group would corrupt group-set variables for some groups
Agent: Fixed issue where processes started by agent (to perform hardware inventory on select server brands) would never exit
Agent: Fixed issue where non-English performance counters would not be monitored
Database Import Utility: Message box is no longer displayed when tool is launched with command-line parameters

2013-02-04

Patch 2.93.1.49 released

SHA-256 Checksum: 9BBC0B11B690F9AD1E94C17D06B097734559F0E7B2B6E5521BAAD0106F8243FD

Bugfixes:

Agent: Fixed potential race condition where agent would crash on hosts with high event logging activity
Agent: Fixed issue where SNPP (pager) action would incorrectly send multiple pages
Management Console: Maintenance schedules can now start & end at midnight to indicate a full day
Management Console: Fixed issue where some computers would not be able to be updated through remote update
Management Console: Fixed issue where deleting a computer while in a RDP session would crash the management console
Database: Added missing index for temperature/humidity table

2013-01-09

Patch 2.93.1.43 released

SHA-256 Checksum: B8F699DB9187196AEDC154B8B06F5FDE16AC1CA20C726C319795785116ECCF13

Bugfixes:

Management Console: Fixed issue where renaming a group would duplicate the group
Network Services: Fixed issue where the first TCP-based syslog message would be logged with the wrong facility and severity
Agent: Fixed issue where some performance counters would not be loaded on certain hosts
Agent: Fixed issue with delimited log file monitoring
Agent: The logging of 1041 events, when problems monitoring an event log are encountered, has been improved. A new 1051 event has been introduced.
Remote Update Utility: Fixed issue where only the first 1000 computers would be retrieved
Web Reports: Windows 8 and Server 2012 hosts were not displayed correctly on some pages

2012-12-03

Patch 2.93.1.37 released

SHA-256 Checksum: 62E9CC3C94836738D09BFEB9A1738B40E87657D744AA9F8E985A0C62803FBF31

Bugfixes:

Agent: Fixed issue with delimited log file monitoring where "Merge remaining fields" would not work as expected
Agent: The pipe character can now be used inside filters for log file monitoring
Agent: Fixed issue memory leak in file checksum monitoring
Agent: Fixed issue where list of filters for file checksum monitoring would be truncated
Agent: Added two new built-in secondary performance counters [CpuCountLogical], [CpuCountPhysical]
Agent: Size of debug log file can now be adjusted with registry value
Agent: Added Windows 8 and Windows Server 2012 to list of Operating Systems for automatic package assignment
Agent: Fixed issue where performance alert would never be cleared
Web Reports: Improved Health Matrix
Web Reports: Fixed issue with maintenance wizard
Web Reports: Fixed issue with PostgreSQL
Network Services: Syslog data sent over TCP is now parsed correctly
Network Services: Displaying binary data has been improved for SNMP traps

2012-10-18

Patch 2.93.1.27 released

Critical

SHA-256 Checksum: FC5570F8B00F11F182BE346CC4933F276D0459F6094409ACCB25787FDEF155B7

Bugfixes:

Agent: Improved performance monitoring to work around performance DLLs exhibiting handle and/or memory leaks
Agent: After applying this patch, Windows 2003 machines should no longer require Microsoft hotfix 938135
Agent: CPU usage of performance monitoring feature has been significantly reduced
Agent: Fixed issue where service monitoring would sometimes stop working after a configuration update was applied
Agent: File Access Tracking would not properly track files configured under "Exclude" when set to "Track all activity"
Agent: Fixed race condition with file checksum monitoring
Management Console: Insufficient licenses when using AD-linked groups could crash management console
Management Console: Downloading new packages has been re-enabled for users who upgraded from earlier versions of EventSentry to 2.93.1
Management Console: Misc. fixes
Patch: Fixed issue where patch would make web reports inaccessible and require users to manually run script
Web Reports: Misc. fixes

2012-10-03

Patch 2.93.1.21 released

SHA-256 Checksum: B8C838B56CFBFC51D23E2B2783E36D054E42CF79615E74D32327271B3F0C5363

Bugfixes:

Agent: Fixed issue where agent would not start during boot on select hosts
Agent: Stability improvements when configuration update is received
Management Console: Fixed bug where changing the schedule type of an application schedule would not be saved correctly
Management Console: Fixed issue where events would not be displayed correctly in built-in event viewer when total number of events was below 500
Web Reports: Fixed issue where sending emails would not work correctly with gmail
Web Reports: Fixed several issues when using the built-in PostgreSQL database
Installer: Updated to new version of built-in PostgreSQL (requires update with full installer)
Installer: Fixed issue where upgrades would not be detected correctly
Database Import Utility: Fixed issue where import would fail

2012-09-21

Patch 2.93.1.17 released

Critical

SHA-256 Checksum: E4EAA3553DB8B8C059B35B2A8525977E47E02B1AB66918C8A9DECC6FB03467AA

Bugfixes:

Agent: Fixed issue in SMTP action with ASCII email output when certain fields were unchecked
Agent: Fixed potential crash during configuration update while application scheduler scripts were running
Agent: Security events would not be parsed correctly on Windows Server 2012
Fixed issue on select Win2k3/XP machines where agent or management console would not start due to invalid performance settings in registry
Management Console: Removing a performance object from health package would save
Management Console: Minor bug fixes and visual tweaks

2012-09-10

Patch 2.93.1.9 released

Critical

SHA-256 Checksum: 49E5535D1F1D15C46CFC2A047073B55E412B28642932827CBCB28004BA683E73

Bugfixes:

Heartbeat Agent: Fix regression bug from 2.93.1.8 - when monitoring multiple TCP ports, only the first configured port would be monitored and heartbeat status would always show a warning
Agent: Service status changes performed by "Service Monitoring" would always be logged as informational events, regardless of configuration

2012-09-07

Patch 2.93.1.8 released

Critical

SHA-256 Checksum: 17BEBC9EA03B424D4FD1082B02A180E0BDFA27E0DBF206CB35F65DAAEDFC48E3

Bugfixes:

Improvements to patch and installer
Fixed memory leak and potential crash in agent
Heartbeat Agent: Fixed issue when host was set configured as router in group
Management Console: Several small bug fixes
Web Reports: Failed logical disks are now shown on overview page

2012-08-10

Patch 2.93.1.6 released

SHA-256 Checksum: 07A81DDA1058946A679D4B912BB5106D83DCFE6D47FD9797F1BD8E3A61DEBBD7

Bugfixes:

Installer: Fixed issue when adding components with non-default installation folder
Web Reports: Fixed issue with Japanse translation, added French translation
Web Reports: Fixed issue with Logon Failures report
Fixed MySQL issues with es_db_purge.exe and es_db_agent_status.exe
Fixed issue where patch would crash
Fixed issue when saving log file package changes
Changed default PostgreSQL ODBC driver to Unicode
Fixed issue with performance monitoring where agent would crash after startup
Heartbeat Agent: Resolved issue where hosts with dynamic IP address (DHCP) would sometimes not be monitored correctly

2012-07-31

Patch 2.93.1.5 released

SHA-256 Checksum: 0E1D5F4BFC78D2263513F13788FEC66F5E32D33ECB18475C0952C6939D0E9776

Bugfixes:

Fixed various issues where changes in configuration would not be permanently saved
Regression: Fixed issue where $FILTER variable would not include folder name
Fixed security issue in health matrix
Fixed issue where too many MIBs would be configured in a default installation
Fixed issue where incorrect PostgreSQL ODBC driver would be setup in a new installation
Fixed issue where installer would not work correctly when run on a host with terminal services enabled
Tweaked performance monitoring interval to adjust dynamically, when obtaining performance counter values would take longer than expected
Added new database utility which can detect agents not writing to the database
Fixed database issue in network services
Other fixes to installer, web reports and agent

2012-07-02

Patch 2.93.1.2 released

Critical

SHA-256 Checksum: 89FB42A92E6782FB433DA3CE47C81F357DB5233D0592B3D38060E598BB3D7E0B

Bugfixes:

Resolved critical issue in Heartbeat Monitor: Host that is offline may not be reported as ERROR
Resolved issue with language translation in web reports

2012-06-25

Version 2.93.1 released

SHA-256 Checksum: 2BB5A0D8F26A51A07084F27C24FCA8FD0CEBC664B74F0755C776113588122CAC

Features:

New installer for a better installation and upgrade experience
Now includes a built-in (PostgreSQL) database
Added support for PostgreSQL 9.x
ODBC drivers for PostgreSQL and MySQL are now installed automatically (when needed)
New installation includes performance monitoring packages for Exchange Server and others
Preliminary support for Windows 8 and Windows Server 2012
Support for USB-only temperature & humidity sensors
Introducing the Configuration Assistant, which supersedes the database setup wizard, and introduces additional functionality
Heartbeat monitoring can now scan hosts in parallel using multiple threads
Heartbeat monitoring: Maintenance schedule can be set to the "nth" weekday (e.g. 2nd Tuesday)
Performance Monitoring supports floating point counter values
Performance Monitoring can log counter data to multiple databases
Performance Monitoring can combine values from two different counters
Performance Monitoring can detect leaks in performance counters
Performance Monitoring can suppress alerts based on past values
Performance Monitoring alerts are more verbose and include additional information, including counter descriptions
Process Monitoring: Supports wildcards and can evaluate the command line of a process
Event Log Backups: Better alerts and alerts now include SHA checksum of .evt(x) files
Event Log Monitoring: Content filter supports perl regular expression syntax
Event Log Monitoring: Day/Hour filter can be set to the "nth" weekday (e.g. 2nd Tuesday)
Event Log Monitoring: For Windows 2008 and later, processing performance has been optimized for higher throughput and lower CPU utilization
Process Tracking: Now collects process elevation level when UAC is enabled
Embedded scripts now verify temp file contents with checksum
Embedded scripts called from the applications scheduler now support command-line arguments
Hardware Inventory: On DELL & HP servers (when required manufacturer management tools are installed), collects fan speed, redundant power supply status, remote management card information, temperature information, detailed RAID information
Hardware Inventory: Retrieves warranty information for DELL, HP, IBM and Lenovo hardware
Hardware Inventory: Retrieves configured UAC level
Actions: Filter notes can now be posted to HTTP action
Management Console: Saving configuration is about 10 times faster
Management Console: Added better keyboard and mouse scroll wheel navigation for better user experience and section 508 compliance
Management Console: Status of all local EventSentry services is now monitored in the background
Management Console: Environment monitoring dialog now shows serial ports with descriptions
Web Reports: Performance Status and Heartbeat Status pages load significantly faster
IIS: IIS no longer has to be switched to 32-bit mode on 64-bit systems

Bugfixes:

Added support for 64-bit event numbers (Vista and later)
Audit policies for compliance tracking features are now set correctly on Vista and later systems
Resolved problems in various features when Japanese file names were processed
Computer names exceeding the maximum NetBIOS length of 15 characters are now properly stored in the database
Event message text is now properly formatted before submitting to SNPP (Pager) server
Software Inventory: Internet Explorer is now properly detected on Vista and later
Software Inventory: Patches are new enumerated even when TrustedInstaller.exe is active
Event Log Backup: Resolved small memory leak
Heartbeat Monitoring: Improved reliability
Heartbeat Monitoring: Resolved memory leaks
Environment Monitoring: Location is now included in alerts
Performance Monitoring: Performance Status and other related pages (including network status, mobile apps) now load significantly faster
Fixed bugs in Console Logon Tracking
Agent startup speed has been improved when service monitoring is enabled
File Access Tracking: Fixed issue on Windows 2008 and later
Network Services: Japanese Syslog messages and SNMP traps are now correctly logged to the event log and database

2012-02-05

Patch 2.92.0.30 released

SHA-256 Checksum: 10D24C72D3910E01617AD0A13E9A579AB66D82D8899D9DD266846BB14EAC418C

Bugfixes:

Heartbeat agent would sometimes crash when encountering long group names
Heartbeat agent did not use impersonation security settings
Fixed issue with logon tracking, when clients used cached logons
Fixed issue with logon tracking when temp file size was set to 0
Improved text matching in network services for syslog packets

2011-11-17

Patch 2.92.0.25 released

SHA-256 Checksum: 446247C1FAD2B351E790BB6F4A1122162A3603A1045389E6AEEC5C037EE1B4E6

Bugfixes:

File Access Tracking could crash agent on Win2k8 and later
Removing a computer from configuration could crash Heartbeat Agent
Fixed bug where 1041 events are created by agent, with same events being re-scanned on a regular basis
Fixed potential memory leak when using thresholds
Fixed issue with HTTP action not resolving insertion strings correctly
Fixed issue with process action not enclosing insertion strings in quotes
Misc. bug fixes in web-based reporting

2011-05-23

Patch 2.92.0.11 released

Critical

SHA-256 Checksum: FDF56ED2A4C3CD26CEFFE5BAB766A72C1EA50DB9A9C1D1C952B1E6453DAFA357

Bugfixes:

Fixed issue with agent logging a large amount of events with event id 1041 to the application event log, and sometimes causing a high CPU usage in svchost.exe (Win2k8 and higher only)
Fixed issue with Filter Timers when filter timers references multiple actions
Fixed issue with remote update which identified remote 32-bit hosts as 64-bit hosts
Fixed various issues in management console
Fixed various issues in the web-based reporting

2011-04-15

Version 2.92 released

SHA-256 Checksum: C2B13DD9706E6F273A86E2A997FAA0F344CB2D728CE1E3BDCB05D10E6C134705

Features:

SNMP trap daemon is introduced and logs v1, v2c and v3 SNMP traps either to the event log or the database
Syslog daemon has been moved from the EventSentry agent into the "Network Services" service, together with the SNMP daemon. Stability as well as reliability have been improved in the new Syslog daemon
Performance (optional) as well as environment email alerts now include an attached chart which shows recent performance / environmental data
Management Console: Clicking a computer icon now displays a summary page
Event Log Monitoring: Insertion string matching can now match empty strings
Event Log Monitoring: Number of supported custom event logs has been increased to 30
Service Monitoring: A recurring alert can be configured when a service remains in the "Stopped" state
Hardware Inventory: Network adapter speed is now collected, and speed changes are logged to the event log
Hardware Inventory: Addition and removal of Removable drives (e.g. USB drives) are now detected and logged to the event log
Hardware Monitoring: The S.M.A.R.T. status of physical drives (when supported) is monitored
Disk Space Monitoring: Volumes linked to by junction points are now included when disk space alerts are evaluated / generated. Note: Disk space information in web reports does not yet take junction points into consideration
Process Monitoring: The number of required instances of a process can now be specified
Print Tracking: Print tracking now works with Vista and later operating systems
Network Logon Tracking: When capturing "Logon By Type" events, "Audit Success" can now be excluded
A new HTTP action submits events to web pages via http or https
The SMTP action dialog now includes a wizard to build email addresses for common email to SMS gateways
Additional variable support for the Process, Syslog and Snmp action
Heartbeat Agent: Improved detection of remote agent status
Removed: Microsoft Access is no longer officially supported, and no MS Access database is shipped with the installer

Bugfixes:

Hosts configured with multiple NICs that are added to the configuration with just the IP address, will properly determine their group membership
Print tracking works with Vista, Win7 and Windows 2008

2010-12-02

Patch 2.91.0.110 released

Critical

SHA-256 Checksum: C6E0C5AF1E3571FDAB7B33B1BB68B7BC9F853418D040B4AB3D5118F4B2FA0228

Bugfixes:

Fixed issue with syslog daemon which would not log incoming syslog packets (affected builds 2.91.0.108 - 2.91.0.109)
User interface improvement for recurring event filters

2010-11-30

Patch 2.91.0.109 released

Critical

SHA-256 Checksum: 7930A7B821157D36D92782623F058DB8AE18C17240BDCCA86924F0CD76716C2A

Bugfixes:

Fixed regression bug that prevented configuration updates and new agent installations from working

2010-11-24

Patch 2.91.0.108 released

Critical

SHA-256 Checksum: BE8ACD329FD168C4163988AEC422AC1337F57581EDAA608E1D0CA49A803C9C18

Bugfixes:

Work-around for bug in Vista/Windows 2008 64-bit that cause registry corruption in rare circumstances
Work-around for bug in virtualized Windows machines that can cause high CPU utilization when using the Syslog action
Improved reliability of logon tracking in Vista and later
Fixed bug with software install/uninstall detection issuing erroneous alerts
Improved email action for certain non-US character sets

2010-09-15

Patch 2.91.0.096 released

SHA-256 Checksum: 88B37B0C6FE4D9E7018C158EAC358A7F75C538C6855605B7658BC4969F288505

Bugfixes:

Regression bug: Database purge utility would not run correctly
Regression bug: File access tracking would not match specified directories correctly
Fixed problem where certain events where re-read multiple times during a bootscan
Heartbeat agent would sometimes crash when a computer is removed from the configuration
Application scheduler event log settings from one package would overwrite same settings from different packages
SNMP v1 traps (OIDs and trap id) would not match MIB shipped with installation
Improved speed of event log monitoring on Vista/Win2k8/Win7

2010-07-21

Patch 2.91.0.086 released

SHA-256 Checksum: 91A6783704BDB37F1BB1201CBE6E27A70C1911C819443AE6949F1C1FF9B7258E

Bugfixes:

File Access Tracking: Fixed bug where sub directories were monitored, even when configured not to do so. Also resolved problem where edit dialog would hide the directory field.
Improved character set handling for email actions
Hardware Inventory: Fixed stability problems that would cause agent to terminate
Event Log Monitoring: Fixed problem where agent would not correctly re-open a previously cleared event log under some circumstances on Windows 2008 and higher
Event Log Monitoring: Fixed memory leak that would affect Vista and higher operating systems
Software Inventory: Fixed WMI handle leak
Licensing: Fixed bug where licenses would not be calculated correctly with certain heartbeat configurations
Improved database code to result in fewer connections to the database
Improved database code to only use one database connection per agent
Fixed problem when running agent on systems with more 32 or more (logical) processors

2010-04-22

Patch 2.91.0.033 released

SHA-256 Checksum: 1AF2FCF6DF60D5F4491195F204FE49EAAFA6C2AD77A32BAA19123BC9794D485E

Bugfixes:

Subject in emails would be include additional tab characters, or space characters would be truncated, when subject length exceeds 80 characters
Compliance tracking features were tweaked for improved speed
Fixed problem with process action for event log entries that contain CR/LF characters
Fixed problem where negation would not work properly in event log filters
Directory monitoring would only work if disk space monitoring was selected in the same package
Tweaked service monitor to ignore case-sensitive changes

2010-02-25

Patch 2.91.0.023 released

Critical

SHA-256 Checksum: 4233F9F08018AFD75E1365C97850B9032A684CC21563570A65DA4343BC7EA807

Bugfixes:

Resolved problem where some evaluation licenses would not work
EventSentry management console would not work correctly on 64-bit Windows 2008 Hyper-V systems
Performance monitoring of OS-counters would not work correctly on 64-bit Windows 2008 Hyper-V systems
Moving event sources between custom event logs would sometimes not work
Resolved problem with SNPP action

2010-02-12

Patch 2.91.0.018 released

SHA-256 Checksum: 3D398C86A25F7ADDEA0D854004E2E915F43D3BACDA52B150323DAD6F00899E75

Bugfixes:

Built-in event viewer would not show event details for event sources only registered on the remote machine
Network status would not properly display with patched Internet Explorer v8

2010-01-28

Patch 2.91.0.017 released

SHA-256 Checksum: 198C57AC86D241A19587F3874562411B7AC0F43579013A660A8EB70ACD3B97E8

Bugfixes:

Some events on Vista and later would not render correctly when viewed through the built-in event viewer on a remote machine
Fixed UAC prompt in EventSentry Light
List of filtered services would not apply to added or removed services/drivers
Real-time monitoring of software and patches would not work on Server Core under some circumstances

2010-01-07

Patch 2.91.0.009 released

Critical

SHA-256 Checksum: 47D5D958C799D834C590D4C6B87698D0421C4E9407A8BCF19120C082B1F53E32

Bugfixes:

The EventSentry agent would crash on some systems processing a large number of events
The EventSentry agent would not start one some systems when H/W inventory was configured
Creating user accounts with passwords linked to Active Directory could result in those user accounts not requiring a password
A Spanish translation to the web reports has been added

2009-12-08

Patch 2.91.0.005 released

Critical

SHA-256 Checksum: 6BC2BC32E366C837CB429F274AA75C539CF39A5E2ACF877DC27AFFA97E9555D8

Bugfixes:

If a service is removed during a reboot and service monitoring is configured to write to a database, then EventSentry service could crash

2009-11-24

Patch 2.91.0.004 released

SHA-256 Checksum: E4B0CAEB7C9B93BEC30F1F2AB504299C4DA56B693244C0DA15A34DCDB3AA7474

Bugfixes:

Management Console would not start on Windows 2000
EventSentry agent would not accept evaluation licenses on Windows 2008 and higher
Computers with maintenance schedules would be skipped with remote update

2009-11-16

Version 2.91 released

SHA-256 Checksum: B25D3F2AA268E91A91FA53025202EC8ABB4D04005772AF4D23FC102C99440B92

Features:

Event Log Monitoring: Filtering capabilities have been improved to allow for insertion string matching, including the ability to interpret insertion strings as numbers, usernames or file names
Actions: SNMP action now supports v2c and v3 traps
Service Monitoring: Now collects service account as well as executable, in both alerts as well as reporting
Service Monitoring: Service history report now shows every service change per line, with easier readability
Process Tracking: Command line arguments of an active can now be collected
Logon Tracking: Group information is now collected
Software Monitoring: Uninstallation events now include same information as installation events
Software Monitoring: Windows updates are now collected on Vista, Windows 2008 and Windows 7, and more easily searchable in the web reports
Hardware Monitoring: IP addresses are now collected, and changes updated dynamically in the background
File Monitoring: Processing of a file's checksum can now be skipped if the size has not changed
Management Console: Authentication can now be set globally, in addition to being set on a per-group and per-computer level
Management Console: Computers in AD-linked groups can be sorted.
Management Console: Notes can now be added to computers
Environment monitoring: The minimum monitoring interval has been reduced to 5 minutes
Reporting: Health status of multiple computers can be displayed in a visual health matrix, scalable to display hundreds of computers in a single page
Reporting: The network status page now allows the customizations of performance counters as well as disks displayed
Reporting: Reports are more accessible, and can now be accessed from every page
Reporting: Most pages have been overhauled and improved for improved usability

Bugfixes:

Software Monitoring: Duplicate records of software is not longer shown in the software inventory
Compliance Tracking: Temp file was used even when its maximum size was set to 0 Mb
Network Status: This feature has been improved to avoid problems with computers missing, being displayed in the wrong group or not showing up at all
Disk space Monitoring: Alerts for low disk space are no longer generated when the total disk space is less than the alert (hard) limit to begin with
Hardware Inventory: Virtual machine detection, as well as Hyper-V detection has been improved for more reliability

2009-04-24

Patch 2.90.0.43 released

SHA-256 Checksum: 6151978BB3F3C5B2D8B54E08A266E74AF114FF7E061C673B3D1458216688E5EB

Bugfixes:

Minor tweak with NTP error message

2009-04-15

Patch 2.90.0.42 released

SHA-256 Checksum: 05DBC1C98FDDBFB05262F0DFF344ED3519BD27BC78131A18E376324F136F9A3E

Bugfixes:

Events would not be rendered correctly on some non-English Vista/Win2k8 hosts
Resolved several minor issues with file monitoring
Authentication for computers and/or groups on 64-bit machines would not be picked up by heartbeat agent
Resolved problem with AD-linked groups when insufficient licenses are available

2009-03-18

Patch 2.90.0.34 released

SHA-256 Checksum: 23BFE2145A9756B18B4DAD00F02941126BCBD7A559A7B21D9DD720B458605C5F

Features:

n/a

Bugfixes:

Drastically reduced CPU usage in file monitoring feature for folders containing large numbers (100000+) of files
Various other improvements in file monitoring feature
Virtual machine detection is more accurate
Filters referencing more than one process action would trigger the same process action twice
Improved how blocked packages are managed and displayed in the management console
Improved performance monitoring for values that are larger than 0x7FFFFFFF
Tweaked automatic detection of hardware management software to avoid false alerts

2009-02-16

Patch 2.90.0.24 released

SHA-256 Checksum: FDC9C89B9A2B48B1EC227DAEE7BF9BA7049C39FD6284BA499AE0A6F478FE4B75

Features:

n/a

Bugfixes:

Fixed standard reports in installer
Added indexes to database for better performance

2009-02-04

Patch 2.90.0.21 released

SHA-256 Checksum: 4EA11F3FF9E77EA5BC1B4AC4A25B05D6E2B6869FC2961253C7A760B59E4ACDD6

Features:

n/a

Bugfixes:

Nessus Database Import Wizard would not work correctly from the command-line
Valid environment sensor settings would be reject by management console
Filter test feature would not show affected actions
Maintenance schedule set on a computer could erase customized heartbeat settings
Unlinking groups from ActiveDirectory would not be pushed to remote computers

2009-01-16

Patch 2.90.0.15 released

SHA-256 Checksum: 0ABF19818703FE044C3ABD13DFFB07DD38D69B185DE7ED8E4377ED4CE9F1F2D2

Features:

n/a

Bugfixes:

When terminating processes (application scheduler, process action, service action), child processes can now also be terminated.
Resolved problem where a timer-clearing filter would notify an action
Resolved problems with filter test feature
Fixed minor with auto-assignment feature of packages
Performance alerts can now use alert limits up to 4294967295
Fixed command-line functionality of es_db_nessus_import.exe
Resolved problems with the installer when setting up the EventSentry database on a MSSQL instance
Fixed several other minor issues with the installer

2008-12-18

Patch 2.90.0.8 released

Critical

SHA-256 Checksum: 3FDAB341C1E63B3EDE79C8A9B4CC932E5D7F8FE61697CF05177AACA40B6E20F7

Features:

n/a

Bugfixes:

Emails would not be resent when all configured email actions where temporarily unavailable
Improved event logging for email action
Deleting a computer could cause the management console to close in some cases
Dragging computers out of AD-linked groups is now being prevented
Performance counters would not be added correctly with Browse button in some cases
Email action now supports $EVENTDATETIME variable

2008-12-04

Patch 2.90.0.6 released

SHA-256 Checksum: C32B6D5B2FA4E61A76036911D6665F5AE331E13D4D97AD41F3AC872EC262BA42

Features:

n/a

Bugfixes:

Packages could be inadvertently blocked
Filter test feature would not populate all fields in Vista and later
Remote update would not authenticate correctly when "ping before update" was not checked
Remote update would issue an error saying that file already exists

2008-11-21

Patch 2.90.0.4 released

SHA-256 Checksum: 1ACCCEB247C15324F2A61768A269C42ED7E11373D8D5EE7185F8F079D6B1C4CE

Features:

n/a

Bugfixes:

Resolved incorrect Ping/Agent status reported by heartbeat agent when monitoring large number of hosts
Fixed issue sorting computers
Installer and key executables are now digitally signed
Fixed issue in installer where adding a database after the initial installation would always yield a logon error
Resolved issue with incorrect Flash version warning in dashboard
Loading a configuration without compliance tracking packages could cause corrupt event log packages under some circumstances

2008-11-14

Patch 2.90.0.3 released

SHA-256 Checksum: 456D87750AD3C4E726C7B85567869D6918E67A98DA8D4A69FC5D3FF91B613621

Features:

n/a

Bugfixes:

Fixed problem with embedded scripts not working properly under some circumstances
Optimized web reports for better performance under Internet Explorer
Fixed issue with inability to disconnect from remote installation

2008-11-06

Patch 2.90.0.2 released

SHA-256 Checksum: 66FED95F4ABA68A5A28ABCE8C5AAC150F2CDF584660B5A518546EC33482C7844

Features:

n/a

Bugfixes:

Fixed "CREATOR OWNER" installer error message on Non-English operating systems
Fixed MySQL database issue in installer
Resolved issues in management console
Resolved minor issues in web reports
Tweaked NTP synchronization error messages

2008-10-29

Version 2.9 released

SHA-256 Checksum: 

Features:

Vista, Windows 2008 are monitored with new API
Event Log Backup feature supports .evtx files
Database Import Utility supports .evtx files
New NTP monitoring and synchronization feature
Event Log Filter Timers now support insertion strings for easier setup & more flexibility
Scripts can now be embedded into the <%PRODUCT%> configuration and referenced in applicationschedules & process actions
Actions: Jabber action supports chat rooms
Actions: Process action supports time-based termination and more event logging options
Actions: Fields in SMTP action can now be customized
Actions: In addition to controlling services, processes can be terminated (with support for insertion strings)
Actions: Certain actions can track their trigger history in database
Actions can now be enabled/disabled based on weekday and time of day
Compliance: New File Access Tracking feature
Compliance: Account Management Tracking
Compliance: Successful & Failed network logon tracking
Compliance: Audit, Domain & Kerberos policy tracking
Compliance: Trust Relationship tracking
Compliance: User & Logon Right change tracking
Compliance: Improved logon tracking to include domain role and indicate administrative logons
Compliance: Process tracking includes domain role
Heartbeat Monitor: Can now utilize credentials set on group or computer items
Heartbeat Monitor: Can notify you via email when the EventSentry agent is not running
Variables can now be assigned to computers in addition to global & groups
Service Monitoring: Events now distinguish between services and drivers
File Monitoring: Can detect alternate data streams (ADS)
Performance Monitoring: Added "between" condition and "divide by # of processors"
Software Monitoring: Monitors and records system uptime
Hardware Inventory: Detects more details about the OS (e.g. editions) as well as hardware
Management Console: Group-Level Inheritance can be blocked on a per-computer basis
Management Console: Remote update feature now uses threads for much faster update speeds
Management Console: Added "Quicktools" to execute any application against a remote computer
Web Reports: Extremely granular, built-In authentication has been added
Web Reports: Users can customize their settings in web reports without affecting global profile settings
Web Reports: Network Status includes switch to only show erroneous machines
Web Reports: Network Overview shows disk & performance alerts and event log trends
Web Reports: Network Overview shows overdue reports and most active machines
Web Reports: Computer Overview includes event log trend, overview and common errors
Web Reports: Report management has been improved
Web Reports: Reports support review as well as a report trigger history
Web Reports: Right-click menu for column headers allows toggling columns
Web Reports: Maintenance wizard supports deleting multiple computers at once, and much more
Web Reports: Database usage page shows storage details of database
Web Reports: Database can now be created and/or updated using the web reports
Web Reports: Print output has been significantly improved Three completely redesigned widgets using the Yahoo Widget Engine

Bugfixes:

Several bug fixes in the database import utility for importing log files
Issues with filter times have been resolved
Filter test feature has been improved
Event Log Monitoring has been improved for better reliability

2008-04-18

Patch 2.81.0.43 released

Critical

SHA-256 Checksum: 

Features:

n/a

Bugfixes:

A malformed syslog packet could crash the EventSentry agent when the "Log to Event Log" option was selected
Deleting a global variable could change the ordering and values of inherited variables
Some variables would not be passed correctly to the "Process" action

2008-03-27

Patch 2.81.0.38 released

SHA-256 Checksum: 

Features:

n/a

Bugfixes:

The start (index) page of the web reports would not display on new installations under some circumstances
Creating certain new actions would show a non-related error message under certain circumstances

2008-03-21

Patch 2.81.0.37 released

SHA-256 Checksum: 

Features:

n/a

Bugfixes:

Dial-Up RAS feature does not dial RAS connection
Heartbeat agent would log useless error message to event log
Heartbeat agent would incorrectly report a host as delayed under limited circumstances

2008-02-06

Patch 2.81.0.36 released

SHA-256 Checksum: 

Features:

n/a

Bugfixes:

The "Test Against Filter Rules" feature would not correctly test custom event logs
File monitoring would only monitor in intervals, not in real-time under certain circumstances
Using the "Remote" menu in the management console could crash the console

2008-01-11

Patch 2.81.0.32 released

SHA-256 Checksum: 

Features:

n/a

Bugfixes:

The previous patch introduced a problem where the current heartbeat status would not be reflected in the web reports under some circumstances.

2008-01-09

Patch 2.81.0.31 released

SHA-256 Checksum: 

Features:

n/a

Bugfixes:

Fixed handle leak when re-reading the configuration
Multiple Diskspace packages would not be merged correctly under some circumstances
Moving computers between groups would not correctly sync computers with web reports (database)
Bugfixes in web reports

2007-12-06

Patch 2.81.0.26 released

SHA-256 Checksum: 

Features:

n/a

Bugfixes:

Windows 2008 is now properly recognized
Application Scheduler event log logging could not be switched off
"Monitor Realtime" would have to be checked in File Monitoring feature
Both Syslog daemon and Syslog TCP daemon were limited to packets of 1000 bytes size
Maximum amount of binary data that is stored in database has been increased to 65kb (require SQL 2005)
Required audit settings (process & logon tracking) would sometimes not be activated correctly
Changing mappings of a log file definition without restarting the agent would result in collected data not showing up in reports

2007-10-26

Patch 2.81.0.21 released

SHA-256 Checksum: 

Features:

n/a

Bugfixes:

Summary Emails containing more than 1024 events would be split into multiple emails
Log File Definitions would not show up in web reports if no lookup fields were used in definition
Print-related unique Citrix identifiers (starting with WI_.....) would be added to ESEventlogComputer table
Application schedule details dialog would not read previously set timeout value correctly
Add Filter dialog from built-in event viewer would should hidden packages
Install & Configure Agent action would sometimes not start service automatically
Standard reports can now be saved in Popular Reports

2007-10-12

Patch 2.81.0.15 released

SHA-256 Checksum: 

Features:

n/a

Bugfixes:

Heartbeat Agent would not start with some evaluation licenses
Refresh issue in built-in event viewer resolved

2007-10-10

Patch 2.81.0.14 released

SHA-256 Checksum: 

Features:

n/a

Bugfixes:

Small enhancements and bugfixes in web reporting
Monitoring more than 20 folders in file and log file monitoring would not work
File Monitoring has been improved for better efficiency
File Monitoring can now monitor sub-directories
Deleting all computers from a group in the management console would sometimes not work
Using variables with a database action would display error messages when saving the configuration
Text size in feedback forms of management console has been increased
Service and Heartbeat Service can be set to manual start from management console
Fixed problem with size limitation in SMTP header
Minor fixes and improvements in the management console

2007-09-17

Patch 2.81.0.1 released

SHA-256 Checksum: 

Features:

n/a

Bugfixes:

Fixed bug with DFS Replication event log always showing up
Fixed bug in database setup wizard for Oracle databases
Added additional translations
Fixed several bugs in web reporting

2007-09-06

Version 2.81 released

SHA-256 Checksum: 

Features:

Database Setup Wizard now supports database connection strings and EventSentry Actions as a destination in addition to System DSNs
Nessus Import Utility and reporting now supports XML files from Nessus v3 as well
Web Reports: New "Network Status" overview page
New SMTP engine now supports TLS/SSL connections
Event Log Backup files can now be automatically compressed
Line delimiter can now be specified for non-delimited files as well
Actions now support a Limit feature
Management Console can automatically check for new versions and patches
Event Log Database Import utility is now called "Database Import Utility" and supports importing delimited and non-delimited log files
You can now specify a router for a Heartbeat-Enabled group to suppress duplicate alerts when a router goes down
Hardware inventory can now distinguish between logical and physical CPUs and show more detailed CPU information
Web Reports: Computer Overview page supports automatic iteration between computers
Web Reports: Weekly Logon Reports in Logon Tracking
Web Reports: Ability to email event records and copy event records to the clipboard
Web Reports: Calendar popup improved on newer browsers

Bugfixes:

Improved SQL queries drastically improve speed of most searches on the web reports
Detailed hardware inventory information (NIC, memory, etc.) would sometimes not be recorded correctly
Host names / IP addresses of remote Syslog hosts would not be included in events or the database if the IP address of the remote host could not be resolved
Resolved bug in environment monitoring dialog
Computers logging on to Citrix or Terminal Servers would show up in the "Computers" field of the Logon Tracking page
Active Directory Auto-Refresh: Computers that were removed from AD would not automatically be removed from the corresponding group
Web Reports: Improved Correlation between logon and process tracking
Web Reports: Several bug fixes in combination with MySQL, profile editor

2007-08-01

Patch 2.80.0.11 released

SHA-256 Checksum: 

Features:

n/a

Bugfixes:

Events with no event message text associated with them would be written to a database with a timestamp of 1973 if they were queued by the agent
Additional event log error logging for disk space feature
Additional input error checking in management application

2007-07-15

Patch 2.80.0.9 released

SHA-256 Checksum: 

Features:

n/a

Bugfixes:

Changes to performance monitoring counters would not be read on-the-fly by the EventSentry Agent under certain circumstances and a restart of the EventSentry service was necessary
Fixes the index.asp that might have been corrupted by the 2.80.0.8 patch released previously

2007-07-11

Patch 2.80.0.8 released

SHA-256 Checksum: 

Features:

n/a

Bugfixes:

$STR variables for insertion strings can be used in "Process Action" as well
Fixed bug in "Process Action" where spaces are appended to command line
Packages assigned to a computer only represented by an IP address would not work
Adding filter strings in Syslog and Log File Monitoring dialogs would not be saved correctly
GUI will self-repair if a configuration gets corrupted in most cases
Agent does not register itself twice in Add/Remove Programs

2007-07-03

Patch 2.80.0.6 released

SHA-256 Checksum: 

Features:

n/a

Bugfixes:

Log File Monitoring would not work if both an environment variable and a wildcard is used in a file name

2007-07-02

Patch 2.80.0.5 released

SHA-256 Checksum: 

Features:

n/a

Bugfixes:

A handle leak in the Heartbeat-Agent was fixed
A temporary file size larger than 4095Mb (Global Options) would not work
Insertion variables ($STR1, $STR2, etc.) will now resolve to empty strings when no insertion strings are present in an event
Duplicates of events would be cached when a database is temporarily unavailable
Specifying multiple MSSQL databases in a filter could cause the agent to crash
IP addresses were not resolved in event log messages generated by the syslog daemon
Specifying the IP address for computers would cause Remote Update to fail
Showing/Hiding features in the management console would not work for Health/Tracking packages
The management console can now be configured to automatically refresh ActiveDirectory-enabled groups
Log File packages can be hidden from the management console
Deleting an action will not cause filters to be configured to trigger "All Actions"

2007-05-25

Version 2.8 released

SHA-256 Checksum: 

Features:

Log File Monitoring allows you to monitor both non-delimited and delimited files. You can either consolidate content into the database or receive alerts based on text logged to the log files
File Monitoring allows you to be notified when files in a monitored directory are changed (includes checksum hashes), and you can either track changes in the database or receive alerts
Directory Monitoring alerts you when a monitored directory exceeds a preset size
Jabber notifications allow you to send IM notifications, e.g. using Google Talk!
The hardware inventory feature now includes detailed information about installed memory and available slots, installed network cards, optical drives and you can remotely power on computers using WakeOnLAN!
Logon Tracking now includes more detailed information such as remote IP address, session connections/disconnections and workstation unlocks
The heartbeat agent now supports recurring alerts
As always we also fixed minor bugs and optimized various aspects of the agent to continuously increase the availability of the agents
Two new wizards were added for the log file monitoring and for setting up thresholds
A filter test utility has been added that allows you to test events against your filter rules by simply right-clicking an event in the built-in event viewer
Insertion Strings of events can now be displayed in the subject of an email ($STR1, $STR2, ...)
System Health features now include an "Alerts" button to easily create filters for events logged by the respective feature
Package summary pages now include description of packages
Hardware inventory feature can generate alerts when memory, CPU count or number of installed drives change

Bugfixes:

Custom event log settings are now completely transferred to remote machines when pushing the configuration
Some events would not be transferred correctly with the SNMP action

2007-04-25

Patch 2.72.0.21 released

SHA-256 Checksum: 

Features:

n/a

Bugfixes:

An updated SNMP engine fixes problems with invalid SNMP traps
The "Mini" SMTP target would append the computer name incorrectly in some cases
Copying and pasting SMTP target with a header/footer configured could crash the management console
On multi-homed machines, an updated SNMP engine now shows the IP address of the interface where a SNMP trap was sent out.

2007-01-24

Patch 2.72.0.19 released

SHA-256 Checksum: 

Features:

n/a

Bugfixes:

Web reports (Event Search) would show long strings in wrong places after an EventSentry agent was temporarily unable to write to the database
Management Console would generate an application fault when installed on a logical drive formatted in FAT32

2006-12-08

Patch 2.72.0.17 released

SHA-256 Checksum: 

Features:

n/a

Bugfixes:

Remote Update would not transfer settings from fields that contain more than one line (filter text, filter notes, SMTP header and footer)

2006-11-11

Patch 2.72.0.15 released

SHA-256 Checksum: 

Features:

n/a

Bugfixes:

Fixed and enhanced internationalization support, encodings can now be configured in EventSentry and the web reports
Timeout in the SERVICE target has been increased to 5 minutes when restarting services
Fixed problem with backup notifications, where an invalid line in a temporary file would cause the agent to use a high amount of CPU time
Fixed problem in the dashboard

2006-11-03

Patch 2.72.0.14 released

SHA-256 Checksum: 

Features:

n/a

Bugfixes:

A large amount of events (e.g. 20/sec) would cause the EventSentry agent to use a large amount of CPU time
Connecting to a remote computer that has an IP address configured would not work correctly
EventSentry agent would cause the floppy access light to blink on some machines every 60 seconds when disk space monitoring was enabled
Fixed problem when dragging computers into different computer groups

2006-10-27

Patch 2.72.0.11 released

SHA-256 Checksum: 

Features:

n/a

Bugfixes:

Fixed problem with updating configuration on remote hosts that have been assigned an IP address
Deleting a target could reconfigure heartbeat and/or tracking database settings
Disk space dialog would not retain drive-based settings
Fixed bug in index.asp page with Access Database
Fixed problem when saving standard reports on MySQL Database
Added BIOS/SerNr information to dashboard
Fixed problem in certain print reports

2006-10-13

Patch 2.72.0.9 released

SHA-256 Checksum: 

Features:

n/a

Bugfixes:

Fixed problems with remote syslog settings not being saved
Fixed problems with system information and WMI
Updated welcome wizard

2006-09-27

Patch 2.72.0.5 released

SHA-256 Checksum: 

Features:

n/a

Bugfixes:

Added preliminary support for Vista RC1
Fixed bug in WMI hardware detection
Connecting to a remote x64 host might display an empty configuration
Remote update would remove syslog configuration on remote host
Fixed problem with copying a timer filter
Fixed various bugs in web reports
Message file (eventsentry_msg.dll) is now incorporated into eventsentry_svc.exe file

2006-09-07

Version 2.72 released

SHA-256 Checksum: 

Features:

Remote configuration updates do not require the Remote Registry Service anymore, but instead use the ADMIN$ share. A work-around without the ADMIN$ share exists
Remote update shows the total and average time it took to perform an action in the status bar
Event Log Backup Files (.evt) can be imported into the EventSentry database
An event browser lets you browse for all installed event log messages on a system
Two wizards where added to accomplish common tasks
Disk space alerts are now cleared after an alert, the volume name is also shown in alerts
Disk space web-reports can be filtered/grouped on the group level
Speed of performance charts was improved significantly
Expanded the "toggle" functionality to most search pages
A user-configured IP address will now be used on the web reports

Bugfixes:

Deleting a database target could incorrectly configure the notifications of existing health and tracking features, including notifications set on the package-level
Remote update would not work correctly when the EventSentry was not installed locally
Creating a new package and immediately configuring it to be global would not work
The automatic configuration backup feature would not correctly delete old files
A temperature-only sensor could not be configure for a position other than 1
The temperature and/or humidity sensor would not work correctly
Remotely connected event logs would sometimes not be restored correctly
Filters and folders with the same name would crash the GUI
The event log summary dialog would display incorrect data when connected to remote hosts
Finding Event IDs works correctly now
Creating multiple SNPP target notifications was not possible
Resolved problems with event reports on SQL Server 2005
Resolved problems with IP address lookup
Resolved problems with the performance reports
"Update Configuration" feature would not work for x64-bit target systems when the host machine would run Windows Server 2003

2006-07-06

Version 2.71 released

SHA-256 Checksum: 

Features:

Filter Timers for event-log relation
Additional hardware sensors: Motion-, Smoke- and Water sensors
Nessus reporting support
Database purge utility (command-line based)
Installer now supports MySQL
Agent: New Shutdown/Reboot and Service Control target
Agent: Support for more runtime variables in SMTP Header/Footer
Heartbeat Monitoring: Ping tracking
Heartbeat Monitoring: Maintenance schedule can be accounted for in uptime statistics
Improved hardware inventory (now also detects serial numbers, model and graphic adapter/resolution)
Remote Update utility to automate remote update tasks
Improved dashboard
Ability to save the configuration as a HTML file
Maximum temp file size mechanism change
Various improvements in the web reports

Bugfixes:

Pushing the agent to a remote host running the x64 edition Windows Server 2003 would sometimes not work
Fixed problems with application scheduler that would not execute certain files properly
Fixed various small bugs in management console application
Fixed problem with certain threshold settings
Fixed bug with performance monitoring
Fixed XSS vulnerability in web reports
Fixed minor issues in database setup wizard
Fixed problem with event log backup assignments
Fixed problem when computers where added with FQDN instead of NetBIOS name

2006-03-13

Patch 2.70.0.9 released

SHA-256 Checksum: 

Features:

New "Remote Update Utility" eventsentry_upd.exe allows for remote update to be scheduled through the command line
TEST button for SMTP notifications shows more information

Bugfixes:

Disabled packages would still be executed by the agent
Event Log form in Access database was linked to an non-existing table
Upgrading from 2.60 to 2.70 could cause problems when "3rd Party applications" where present
"Cancel" would not interrupt a running remote update
Some reports in the web reports would not display correctly as RSS feeds
Several small problems in resolved the performance web reports
Disk reports and software history would sometimes not display when using MySQL
Fixed several other small issues in GUI and agent
Ping status would not be reported correctly by the Heartbeat agent under some circumstances

2006-02-23

Patch 2.70.0.4 released

SHA-256 Checksum: 

Features:

New option optionally reduces network traffic when pushing configuration updates

Bugfixes:

EventSentry agent would not resolve numbers inside some event log messages correctly
Messages queued in back queue would not be resent after the agent starts or after the configuration was saved
Some special characters in OU strings caused problems with AD import/linking
Minor bugfixes in dialogs
Hiding/Unhiding packages would sometimes not work
Disconnecting from a remote host would hide computers in remote update
EventSentry Heartbeat Monitor would incorrectly report an unavailable computer as up and running
The EventSentry Heartbeat Monitor would not correctly update the HTML status file under certain circumstances
Web Reports: Disk Reports would not display on MySQL

2006-02-09

Version 2.7 released

SHA-256 Checksum: 

Features:

Management console now supports filter, health and tracking package for easier and more flexible administration
NETIKUS.NET offers standard filter and health packages that can be updated directly from the management console over the Internet
Performance monitoring to track performance information (e.g. CPU usage, memory usage) in a database and/or receive performance alerts via notifications (e.g. email)
Filter packages can be configured to be automatically active when one or more services are installed
Environment monitoring now supports temperature and humidity ranges and also clears previously issued alerts
Pager support for paging providers that support the SNPP protocol
Service monitoring now includes database support, allowing you to query service status, history and uptime through the web reports
Autorun Monitoring is now called "Software Monitoring"
Software inventory is now included as Software Monitoring now includes database support. This allows you to query installed applications and installation history through the web reports
Software monitoring also monitors the ActiveSetup registry key
3rd Party Application is now called "Application Scheduler" and supports running custom monitoring tasks in a recurring fashion, e.g. every 30 seconds.
Logon tracking monitors logon's and logoff's, enabling you to view detailed logon/logoff information about users through the web reports
Print tracking monitors all print jobs and allows you to see print job data and statistics through the web reports, including the ability to assign cost to print queues for invoicing
The threshold feature has been simplified and offers new features
The built-in event log viewer supports opening .evt files, you can also open .evt files directly from explorer
Remotely connected event logs can automatically be restored after restarting the management console
The remote update computer list can automatically be sorted
Heartbeat agent now supports maintenance schedules that can be set for individual computers and/or groups
Management console supports searching for filters and computers
Management console can automatically backup the entire configuration at preset intervals
The completely redesigned web reports now offer a dashboard, event log reports, a profile editor, a maintenance wizard and much more!

Bugfixes:

Reduced size of configuration in registry for faster remote updates
Increased agent stability
Fixed problems with moving and cutting/pasting filters
Several problems in the web reports have been fixed
Duplicate computers cannot be entered anymore and no longer cause problems with the heartbeat agent

2005-11-28

Patch 2.60.0.132 released

SHA-256 Checksum: 

Features:

n/a

Bugfixes:

Only three (of eight) custom event logs are configurable in the management console
Threshold feature, when configured for a "1" maximum, might crash agent

2005-11-01

Patch 2.60.0.131 released

SHA-256 Checksum: 

Features:

n/a

Bugfixes:

Summary notification with ODBC targets might crash agents
The presence of the HKLM\Software\Wow6432Node key on a 32-bit machine will cause the EventSentry management application, agent and heartbeat agent to load an empty default configuration

2005-10-07

Patch 2.60.0.130 released

SHA-256 Checksum: 

Features:

n/a

Bugfixes:

Memory leak in threshold feature (with event-based thresholds selecting the message text)
Inaccurate threshold when setting limit to 1
Other minor bugfixes in both the service and management application

2005-08-26

Patch 2.60.0.127 released

SHA-256 Checksum: 

Features:

n/a

Bugfixes:

Handle leak in Autorun Monitoring
Pool Nonpaged Bytes and Pool Paged Bytes in Autorun Monitoring
Handle leak in SNMP notification target
When launched from a folder with only a single ACE, EventSentry will remove all permissions

2005-06-01

Version 2.6 released

SHA-256 Checksum: 

Features:

SNMP Support (sending traps)
Monitoring of application installation/uninstallation
Monitoring of machine-based autorun registry keys and directories
Web reports now feature an uptime calculation page
Ping option for remote update can be toggled
System health options can now be set to block inheritance
Process Monitoring can be configured to start after X seconds
Various enhancements in the management application, including proxy server support for feedback and news feature
Added ping dependency in heartbeat monitoring
Added additional monitoring options in heartbeat monitoring
Added database backup feature (if database is temporarily unavailable) to heartbeat monitoring
Agents installed through remote update can now be uninstalled on target machines using "Add/Remove Programs"
Desktop target notification now supports remote hosts in addition to the local host
"Online Configuration Update" feature was improved for higher stability
Map IP address to alias in remote update
Changed MSI installer from Wise to InstallShield for higher stability and more future features
PHP web reports are no longer available

Bugfixes:

Some SIDs were not resolved to usernames correctly
Clicking on the "Computers" container would show a wrong path in an error message
Computers would randomely not show up in the web reports computer list
Saving the configuration would increase the memory usage on the agent, without freeing it (~200kb)
Some processes in "Process Tracking" would incorrectly show up as "still running" when they had exited
Bootscan feature of Process Tracking would not record all activity correctly
Recurring event filters would not work 100% correctly when a schedule would end exactly at midnight
SMTP Footer would not appear in Mini Emails
Under certain circumstances on very busy event logs (e.g. security event log on domain controllers) some event records would be skipped and not processed
The agent would crash under special circumstances when using the summary notification feature
When clearing an event log the agent would not continue to monitor this log
Fixed various issues with SP1 of Windows Server 2003
Various bug fixes in the management application
Various bug fixes in the agent
Fixed problems in combination with DEP (data execution prevention) in SP1 of Windows Server 2003
Various fixes in the installer, including ability to run installation on Windows NT 4.0

2005-01-26

Version 2.5 released

SHA-256 Checksum: 

Features:

Temperature & Humidity monitoring with external device
Heartbeat monitoring of remote hosts (ES agent monitoring, PING and TCP port checks)
Local computername may now be added to remote update list
ODBC Target supports ODBC connection strings in addition to DSN names for easier deployment
"Audit Process Tracking" can now also be switched off through "Process Tracking" feature
Recurring event feature lets you define events that you expect to appear (such as a tape backup) during a certain time period, and become notified if they are not
Computer field added to event log filter properties
Event Log Backup feature now supports environment variables in file name
Event Log Full detection now also supports the ODBC, NET SEND, SYSLOG and DESKTOP targets
GUI: Event Log Viewer supports sorting
GUI: Remote Update results window allows for sorting
GUI: Remote Update also sends computer names
GUI: Remote Update "Computers" container supports sorting and drag/drop
GUI: Targets support drag/drop
GUI: Active Directory linked groups now show the actual computers under the "Computers" container and allow for authentication to be set on a per-host level
GUIDs in event log records are resolved to display name
Filter Source, Category and Users allow for multiple values, separated by comma
Filter Source, Category and Users support negation with exclamation mark
Binary data of events now also available in all notifications, GUI and web reports
Additional variable support for the FILE target
ASP and PHP Web reports now work with all supported databases (Access, MSSQL, MySQL, Oracle), the PHP web reports have been switched to use ODBC
A new Database Wizard now creates all tables, indexes and permissions automatically on MSSQL, MySQL and Oracle
The new MSI installer optionally creates a virtual IIS directory and/or sets up the MS SQL Server database automatically
SMTP target now supports an optional header and footer that can be added to every email
Service Monitoring: Included/Excluded services now support wildcards
Process Tracking: Included/Excluded processes now support wildcards

Bugfixes:

Database layout completely redesigned for faster web reporting
Event Log Scanning engine significantly improved
Memory Leak in filter processing removed
Absolute diskspace limits now work for values > 4Gb
Selecting a particular set of logical drives would not work
ASP Web pages corrected to support Access databases without restrictions
ASP Web pages corrected to support non-US date formats
Threshold feature incorrectly counting excluded events towards limits
Filtering of "Filter Text" would not work correctly when filter text attempted to match the last character of an event log record
Password for group (remote update) not saved correctly
GUI will not allow more than one instances anymore on computers running Terminal Services to avoid data corruption
GUI will not freeze while performing remote updates and switching to another application
Several bug fixes in ASP and PHP web reports
Unsupported characters were allowed in filter names, resulting in configuration corruption

2004-07-22

Version 2.43 released

SHA-256 Checksum: 

Features:

Process Tracking records all process activity in a database and allows you to see a process history on all monitored hosts
Service monitoring can control services and maintain a set status. Failed services can now be automatically restarted
Disk Space Monitoring allows for more granular settings for warnings and database connections
Disk Space Monitoring will now recognize when new (fixed) disks are added or removed during runtime
Event Log Backup allows for backups of all event logs for faster configuration
Database table names can now be specified for each of the features requiring a database (ODBC target, disk space trend collection and detailed process tracking)
GUI: "Force News Update" reloads latest news
GUI: Filters can be commented

Bugfixes:

Critical handle leak in eventsenry_svc.exe (nonpaged pool leak)
Memory leak in NonPaged pool when using the TCP syslog target and remote syslog host is not accepting TCP connections
Launching applications with the "3rd Party Applications" feature might show error "Invalid access to memory location" and the application would not run.
An error with the summary notification feature could crash the application when a large amount of events (more than the configured maximum) were summarized.
Right-Click on SYSTEM event log in tray icon opens security log (no other logs are affected)
Other minor bugfixes in service and GUI

2004-06-07

Version 2.41 released

SHA-256 Checksum: 

Features:

Added $HOSTNAME variable to event log backup feature

Bugfixes:

Warning messages in PHP interface removed
Wrong $DAY, $MONTH and $YEAR variables in event log backup feature
OLE DB error in index.asp file removed when using an MS Access database

2004-05-25

Version 2.4 released

SHA-256 Checksum: 

Features:

Tree in navigation pane restructured for easier navigation, general usability improvements
Maximum groups, targets were increased
Active Directory Import (with "Link" feature) added
Up to 5 remote event logs can be added to navigation pane
Change detection added, GUI tries to determine whether changes were made and only prompts to save then
Event Log Viewer filter added (filter for errors, warnings, information, audit success & failure)
Only active group is sent to remote computers with remote update
One-Button remote agent installation
Tree status is now also saved/restored when connecting to remote computers
ODBC target has a test button now too
Mini-Emails can now be customized
Dial RAS connections before sending emails
This target has been optimized and should offer higher throughput
Custom variables are introduced, variable processing improved
Variable $EVENTMESSAGE for SMTP subject added
Automatically backup and clear event logs on a regular basis
Run command-line applications and log their output to the event log
Monitor memory consumption of processes to detect possible memory leaks
Monitor diskspace, including trend change detection
Trial Version & Full Version are now one product

Bugfixes:

Remote Update: Health settings of a group could be deleted when only updating filters
Service Monitoring would not save changes when adding services that don't exist on local machine
Feedback forms do not disappear when connection was unsuccessful
Renaming groups could yield random results
Filter processing has been optimized
Some boot time events could be ignored
Formatting of event log records has been corrected and improved
SMTP message now contain a Message ID
Memory leak in trial version resolved

2003-12-05

Version 2.3 released

SHA-256 Checksum: 

Features:

EventSentry now monitors services
Small enhancements in the management interface
Filter Groups are now referred to as "Groups"
Filter Groups can be added/removed in Remote Update, System Health and Filters tree
PHP version of web interface added (ASP + PHP now supported)
Added links to eventid.net, google, etc. to web file
Syslog facility/level now mapped to event category for incoming syslog packets

Bugfixes:

Long date format problem in event viewer resolved
Rename problem in GUI resolved
Import Problem in GUI resolved

2003-11-05

Version 2.21 released

SHA-256 Checksum: 

Features:

Syslog target now supports TCP in addition to UDP
Remote Update speed improved
Remote Update displays more informative error messages
Remote Update now supports different credentials
Added troubleshooting section in help file and GUI for every target
Numerous enhancements in the management application
Added EventSentry Quickstart Guide

Bugfixes:

Event records containing a single dot per line could cut off email
Potential problems in wildcard feature
Problem in built-in Event Log viewer with certain events resolved

2003-09-08

Version 2.2 released

SHA-256 Checksum: 

Features:

(X)HTML emails are sent in multipart/alternative including a non-HTML version of the content. This is useful for email clients that are not capable of displaying HTML messages and for filtering (rules) in MS Outlook
Wildcard support for filters was added
The following additional variables for the SMTP target were included: $EVENTSOURCE, $EVENTCATEGORY, $EVENTTYPE, $EVENTID
The $HOSTNAME variable is now supported in the SMTP Sender email field
The built-in event log viewer allows you to query web sites to obtain information on a particular event
Installer features (Management package) improved

Bugfixes:

The syslog hostname (as logged & reported by the syslog daemon) was truncated
The welcome screen might show an invalid event log summary when connected to a remote machine
Day/Time summaries are sometimes not read correctly on the fly, a service restart is necessary
Changing the debug logging level requires a service restart
Various improvements in the management application

2003-08-18

Version 2.11 released

SHA-256 Checksum: 

Features:

Customizable Welcome Screen shows important information such as event log summary and more
Display speed of the built-in event viewer was greatly improved
Invalid filter order is detected by management interface
Some menu options renamed for improved usability
Sample ASP pages for querying a ODBC database were added
On German Operating Systems EventSentry logs German messages to the event log

Bugfixes:

Service (agent) underwent a major security code review
Memory usage reduced and optimized
Exclude filters using more than one target would not exclude events properly
Drag & Drop would sometimes not work properly
Creating filters or targets would fail when clicking with mouse instead of hitting enter
Remote update would sometimes not connect to certain machines
Import wizard would only show ~250 computers
Size & positioning issues with desktop notification feature were corrected
Potential problems in the network target have been resolved
Problems with the summary notification have been resolved

2003-07-03

Version 2.1 released

SHA-256 Checksum: 

Features:

Custom event logs can now be managed and monitored

Bugfixes:

Fixed problems in the built-in event viewer
Other minor fixes / optimizations

2003-06-18

Version 2.01 released

SHA-256 Checksum: 

Features:

Added checkbox functionality for remote update
All filter groups can now be updated at once

Bugfixes:

Fixed problems in the remote update feature (including service installation)
Fixed problems in built-in event viewer

2003-06-05

Version 2.0 released

SHA-256 Checksum: 

Features:

Added installer software
Completely redesigned the GUI (graphical user interface)
Filters can be assigned to multiple targets
Smtp target enhancements
Added network target (ala net send)
Added process target
Added sound target
Added desktop target

Bugfixes:

Permanent summary notification on Windows NT4 might not work due to missing %TEMP% variable

2003-03-11

Version 1.15 released

SHA-256 Checksum: 

Features:

Summary features events are now stored through service restarts, filter option "Filter Text" is not case sensitive anymore

Bugfixes:

"Stop processing other filters" didn't work in combination with summary feature under some circumstances
Other minor bug fixes

2003-02-25

Version 1.14 released

SHA-256 Checksum: 

Features:

Targets can now be enabled/disabled, multiple concurrent instances of the GUI are prevented

Bugfixes:

The "stop processing other filters" option didn't work correctly under some circumstances
Bootscan would report too many events under some circumstances
Using ODBC with a MS SQL Server would sometimes not write events to the database
Excluding filters for particular targets would under some circumstances not work

2003-02-10

Version 1.12 released

SHA-256 Checksum: 

Features:

no new features

Bugfixes:

The filter summary dialog box is cleared/reset under some circumstances
A filter group update does not correctly set the active filter group on the target computer
Sending emails with certain mail servers would fail.

2003-02-04

Version 1.1 released

SHA-256 Checksum: 

Features:

Introduced filter groups (see help for an explanation)
Added the parallel ASCII-printer target
Added email importance flags
Added/improved computerlist import/export
Added GUI tips

Bugfixes:

A special kind of eventlog entry could crash the service
Database DATETIME field was not used (text was used instead)
Eventlog entries would sometimes be ignored
Fixed GUI ALT-F4 issue
Other minor fixes in both GUI and service

2003-01-16

Version 1.03 released

SHA-256 Checksum: 

Features:

Added the $HOSTNAME variable for the SMTP subject and FILE filename
Added HTML customization options

Bugfixes:

If an eventlog is configured to "overwrite events as needed" and events are being overwritten (because the eventlog is full) then EventSentry can stop monitoring this particular eventlog under certain circumstances. All customers are encouraged to update.

2002-12-22

Version 1.02 released

SHA-256 Checksum: 

Bugfixes:

Under some circumstances the GUI could crash when performing any kind of batch update. The EventSentry service is not affected by this problem.

2002-12-19

Version 1.0 released

SHA-256 Checksum: 

Bugfixes:

This is the initial public release of EventSentry.

Version History

2025-07-18

Patch 5.2.1.58 released

Bugfixes:

2025-06-17

Patch 5.2.1.42 released

Features:

Bugfixes:

2025-04-14

Patch 5.2.1.16 released

Bugfixes:

2025-03-31

Patch 5.2.1.12 released

Features:

Bugfixes:

2025-03-18

Patch 5.2.1.8 released

Features:

Bugfixes:

2025-03-10

Patch 5.2.1.4 released

Bugfixes:

2025-03-05

Version 5.2.1 released

Features:

2025-01-24

Patch 5.1.1.152 released Critical

Features:

2024-11-27

Patch 5.1.1.148 released

Bugfixes:

2024-10-10

Patch 5.1.1.140 released

Bugfixes:

2024-09-19

Patch 5.1.1.134 released

Bugfixes:

2024-08-20

Patch 5.1.1.128 released

Bugfixes:

2024-08-15

Patch 5.1.1.126 released

Bugfixes:

2024-08-15

Patch 5.1.1.124 released Deprecated

Features:

Bugfixes:

2024-07-22

Patch 5.1.1.118 released

Features:

Bugfixes:

2024-06-04

Patch 5.1.1.106 released

Features:

Bugfixes:

2024-05-28

Patch 5.1.1.104 released

Features:

Bugfixes:

2024-04-26

Patch 5.1.1.92 released Critical

Bugfixes:

2024-04-19

Patch 5.1.1.90 released Critical

Bugfixes:

2024-04-17

Patch 5.1.1.86 released

Bugfixes:

2024-04-16

Patch 5.1.1.84 released

Bugfixes:

2024-04-12

Patch 5.1.1.82 released

Features:

Bugfixes:

2024-03-21

Patch 5.1.1.74 released

Bugfixes:

2024-03-20

Patch 5.1.1.72 released

Patch 5.1.1.152 released

Critical

Patch 5.1.1.124 released

Deprecated

Patch 5.1.1.92 released

Critical

Patch 5.1.1.90 released

Critical

Patch 5.0.1.62 released

Critical