Version History

Show Only Full Releases


Patch 3.4.1.8 released

2017-11-17

Bugfixes:

  • Installation: Fixed issue on Windows 10 Fall Creators edition where 64-bit services would not start
  • Installation: Fixed default installation to include monitoring of common non-standard event logs
  • General: Removed "Use Latest Driver" option for database actions, this feature is now always enabled
  • Management Console: Fixed issue where Reset Shared Secrets was not shown when host had SNMP error
  • Network Services: Fixed issue where some NetFlow data would cause the service to terminate
  • Network Services: Improved input validation for NetFlow data
  • Agent: Fixed issue where an agent would not check in with collector often enough if agent was transmitting no or very little data
  • Heartbeat Agent: Fixed issue where agents are reported as frozen when no HW/SW inventory package is assigned or configured to write to the DB and no collector is configured
  • Web Reports: Improved Maintenance Wizard layout
  • Web Reports: Fixed date range selection while switching modes
  • Web Reports: Updated predictive search on Logon Failures page for Source Computer

Version 3.4 released

2017-11-06

Features:

Security
  • Collector-side thresholds extend the agent-side threshold capabilities and support detecting network-wide patterns like lateral movement
  • Additional capabilities to detect and prevent against new types of Ransomware infections, including variants that modify the boot sector.
  • Actual audit settings on a Windows host can sometimes deviate from group policy settings - due to conflicts, errors and so forth. A new Audit Policy Status page periodically inventories the current audit settings so you can verify the actual audit settings.
  • NIST 800-171 compliance reports
  • A new user activity tracking page makes seeing all activity by a user easier than ever!
Integrations
  • EventSentry agents can now be integrated with many open source and commercial log solutions with additional Syslog options - even custom JSON formatting is supported!
New Monitoring Features
  • The new software version check feature identifies outdated software on your network to help you reduce your attack surface. This new feature supplements the software inventory component.
  • UPS & Battery monitoring now inventories all attached UPS batteries as well as integrated batteries (laptops) regardless of the manufacturer
  • BIOS changes are now detected
Network Monitoring
  • Response Time page now includes packet loss percentage
  • NetFlow monitoring now supports calculating the bandwidth of an interface, including additional statistics such as packet count, bytes per packet and more.
Improved Features
  • A new navigation menu in the web reports enhances usability
  • Log file monitoring alerts (events) now include 3 lines before and after a line matched
  • Disk space alerts now include a list of the largest files and folders of a volume
  • Growl action now supports multiple recipients
Under the Hood
  • Web reports are now available in 64-bit and support running larger reports
  • Web reports utilize Java 8
  • The speed of all dashboards and other pages in the web reports has been dramatically improved
  • Managing the configuration through the collector is more reliable
  • Many other bug fixes and performance improvements

Patch 3.3.1.130 released

2017-11-03

Bugfixes:

  • Heartbeat Agent, Collector: Now utilize the "Use latest installed driver" option in database configuration dialog in order to use the newest MSSQL ODBC driver
  • Agent: Fixed issue that could prevent an application schedule from executing
  • Heartbeat Agent: Fixed issue where it could take two monitoring cycles to determine a remote agent status
  • Management Console: Fixed issue when downloading and importing packages
  • Management Console: Fixed bug when moving computer item onto previous computer item
  • Management Console: Fixed bug where clicking on "Add Host" link on group summary page would crash the console under certain circumstances
  • Collector: Fixed issue where FQDN version of host names would be added to computer search list under certain circumstances
  • Web Reports: Added NIST 800-171 reporting
  • Web Reports: Optimized configuration resource utilization
  • Web Reports: Fixed issue that could corrupt configured reports

Patch 3.3.1.124 released

2017-10-05

Bugfixes:

  • Agent: Fixed issue where agent would not log connection error events when unable to connect to SMTP server (non-collector) Agent: Numerical insertion string comparison in event log filters now removes thousand separator characters
  • Agent: Fixed issue with software inventory not always populating when agent starts
  • Agent: Improved insertion string variable resolution for values containing line feeds when passing arguments to a process as the command line
  • Agent: Fixed memory leak when using filter chain feature in conjunction with a high volume of events
  • Agent: Fixed issue where event logs from "Application & Services" could not be backed up
  • Agent / Collector: Fixed issue where FQDN name was stored in database when UTC is disabled
  • Collector: Fixed issue where secondary collector would not restart after initial installation without registry fix
  • Web Reports: Fixed DST-related job scheduling issue for jobs that run every X hours

Patch 3.3.1.114 released

2017-08-31

Bugfixes:

  • Configuration Assistant: Fixed issue where MSSQL-based databases could not be created without invoking manual steps
  • General: Fixed issue where EventSentry would not work properly with Linux-based MySQL databases due a bug involving case sensitivity
  • Web Reports: Simplified rendering of timestamps for more clarity

Patch 3.3.1.112 released
Critical

2017-08-14

Bugfixes:

  • Built-In Database: Updated PostgreSQL to v9.6.4
  • Fixed issue where EventSentry patch would not update the built-in 9.6.x PostgreSQL database to latest version
  • Agent: Fixed issue where agent would not be able to successfully connect to multiple collectors
  • Agent: Fixed issue where a adding/removing a service or driver would cause issues with the inline configuration re-read
  • Collector: File Access Tracking: Fixed issue where random data would be displayed in the checksum field for data records which did not have a checksum
  • Management Console (Light Version Only): Fixed issue where importing a configuration would result in an error message
  • Management Console (Light Version Only): Fixed issue where importing packages would crash the management console under some circumstances

Patch 3.3.1.106 released

2017-07-28

Bugfixes:

  • Network Services: Fixed issue that could cause service to crash after startup under some circumstances
  • Agent: Fixed issue that would cause problems with a configuration update triggered by the addition or removal of a service
  • Agent: Fixed issue where current folder monitoring status would not be written to the database
  • Database Import Utility: Improved debug logging when utility is ran in batch mode for easier troubleshooting
  • Web Reports: Resolve issue where Performance Status would revert back to Last 3 days
  • Web Reports: Improved performance counter validation

Patch 3.3.1.104 released
Critical

2017-07-13

Bugfixes:

  • Network Services: Fixed issue which would prevent some data from being cached properly while the database was temporarily unavailable
  • Network Services: Fixed other reliability issues
  • Database Import Utility: Improved debug logging
  • Collector: Fixed issue which would prevent some data from being cached while a PostgreSQL-based database was temporarily unavailable
  • Agent: Fixed issue where a configuration update could result in a deadlock blocking the agent
  • Management Console: Fixed issue where deleting a log file filter would not persist after saving the configuration
  • DB Purge Utility: Improved logging for MSSQL databases

Patch 3.3.1.96 released
Critical

2017-06-22

Bugfixes:

  • Agent: Fixed bug where $STR variables would not be resolved correctly for HTTP actions
  • Agent: Fixed bug which would cause configuration updates to not work or block monitoring
  • Agent: Stability improvements
  • Agent: Fixed issue which could trigger event id 12000 (new software installed) for software that is already installed
  • Agent: Fixed issue where uninstalling 64-bit agent from command line does not work with /collectorclient option is used
  • Agent: Increased internal GUID cache size to prevent unnecessary LDAP query on busy domain controllers
  • Network Services: Fixed issue where byte count would be zero for ASA/IPFix protocol
  • Network Services: Improved throughput and efficiency
  • Management Console: Fixed issue where console would always prompt to save when exiting
  • Management Console: Fixed issue where removing a threshold from a filter would not persist
  • Heartbeat Agent: Fixed issue where uptime report would indicate a reboot of a SNMP-based device even though that device had not been rebooted
  • Web Reports: Fixed issue where implicit profile inheritence persisted for reports assigned to all profiles
  • Web Reports: Added additional Italian translations

Patch 3.3.1.84 released

2017-05-26

Bugfixes:

  • Database Import Utility: Changed location of debug log file for log import utility
  • NetFlow: Fixed incorrect port output for ICMP traffic
  • Agent: Fixed bug where an incorrect file monitoring configuration could crash the agent
  • Agent: Fixed bug where user rights assignments would not to be recorded correctly when using collector
  • Agent: Fixed issue where agent would utilize all CPU usage on a single core while collector is unreachable
  • Agent: Fixed issue where a configuration update could cause an agent crash in performance monitoring
  • Agent: Fixed issue where file checksums would not be generated in File Access Tracking under some circumstances
  • Agent/Management Console: Fixed issue where events without an associated message dll would not render text correctly for Non-English language OS
  • Management Console: Fixed issue where resource utilization of 64-bit agent would not be displayed on Services dialog
  • Heartbeat Agent: Fixed issue where agent status would be frequently logged as idle
  • Built-In Database: Updated PostgreSQL to v9.6.3
  • Web Reports: Updated NetFlow user resolution
  • Web Reports: Cleaned exporter search options for Cisco ASA devices
  • Web Reports: Fixed resizing issue on the NetFlow location column
  • Web Reports: Improved weekly/monthly jobs scheduling based on locale
  • Web Reports: Added dynamic links to search tile
  • Web Reports: Improved F/C rendering on environment tiles
  • Web Reports: Updated implicit profile selection for running jobs
  • Web Reports: Added conditional date range to Performance Status based on origin

Patch 3.3.1.70 released

2017-04-26

Bugfixes:

  • Network Services: Improved throughput performance in NetFlow component
  • Network Services: Added support for Cisco ASA firewalls
  • Network Services: ARP alert event id 700 now includes IP address when available
  • Built-In Database: Updated PostgreSQL to v9.6.2
  • Management Console: Increased the maximum number of groups to 512
  • Management Console: Increased the size of the package import dialog
  • Management Console: Improved resonsiveness of performance counter dialogs
  • Management Console: Support for 64-bit performance thresholds
  • Management Console: Fixed real-time display of 64-bit values
  • Management Console: Fixed issues when sorting an event log
  • Management Console: Fixed issue when installing an additional collector service
  • Management Console: Group type can now be set when adding a group
  • Management Console: Various stability & usability improvements
  • Collector / Agent: Added support for Syslog RFC 5424 format
  • Agent: Fixed bug that would not launch embedded scripts through a process action correctly
  • Agent: Decreased the time it takes the service to stop in most scenarios
  • Agent: Decreased the time it takes for the agent to apply a new configuration
  • Agent: Added "not equal to" condition for performance counter / SNMP monitoring
  • Agent: Fixed bug that would prevent event id 12001 from being logged
  • Agent: Slightly improved the performance of file checksum generation
  • Agent: Events regarding the (un)installation of software now include the host platform (32 vs 64 bit)
  • Agent: Fixed bug where terminating a process would not work under some circumstances
  • Agent: Reduced the memory consumption for agents running on busy domain controllers (non-collector)
  • Heartbeat Agent: Fixed issue where the HB agent would not automatically reread an updated configuration after being saved in the management console
  • Web Reports: The ACL of the main web reports directory is now secured to prevent unauthorized read access
  • Web Reports: Added preference option for 24-hour clock
  • Web Reports: Updated mobile JSON feed with improved performance counter detection
  • Web Reports: Fixed issue where report could be run with no limit
  • Web Reports: Improved trend links under Internet Explorer
  • Web Reports: Added support for LDAPS
  • Web Reports: Added 45 minute search option
  • Web Reports: Included Delimited Log File support to Search tile
  • Web Reports: Revamped weather tile
  • Web Reports: Improved boolean support across database types
  • Web Reports: Adapted eventnumber for logons searches
  • Web Reports: Enhanced predictive search for CJK languages
  • Web Reports: Updated Japanese translations

Patch 3.3.1.42 released

2017-02-02

Bugfixes:

  • Management Console: Multiple hosts can now be deleted or moved in the management console with the remote update feature
  • Management Console: Improved usability of license dialog
  • Agent: Fixed issue where agent would log event 1050 even when database action is using the collector
  • Agent: Fixed issue where custom event message in a filter with one or more line breaks would not work
  • Agent: Filter chaining (non-sequenced) works even when exclude filters are contained in the package
  • Agent: General stability improvements
  • Collector: Tweaked configuration transfer method to agents

Patch 3.3.1.36 released
Critical

2017-01-27

Bugfixes:

  • Management Console: IP addresses are now annotated in built-in event viewer, similar to collector emails
  • Management Console: Fixed issue where application would crash on hosts with no Internet connectivity under specific circumstances
  • Management Console / Collector: Fixed issue where "Enhanced Security" setting in database action would not work and still transfer connection string to agent(s)
  • Collector: Fixed rare issue where collector service would crash approximately 2 minutes after service start
  • Collector / Network Services: Services can now read a 64-bit configuration if a 32-bit configuration does not exist
  • Collector: Fixed issue where certain event-based variables would not work in emails sent by collector
  • Collector: Fixed issue where non-routable IPs would prevent a reverse lookup in collector emails
  • Agent: Added ability to override title and message for "Network" action
  • Agent: Removed now obsolete configuration option for supporting pre-2003 hosts in "Network" action
  • Agent: Fixed potential buffer overflow
  • Agent: Various improvements throughout codebase to improve performance and stability
  • Agent: Fixed issue where excluding processes under "Compliance/Process Tracking" when using the collector would result in unnecessary data packets being sent to collector
  • Agent: Fixed issue where agent would not start - or start very slowly - and use a large amount of CPU time on Hyper-V VMs with only one vCPU.
  • Configuration Assistant: Creating databases on Microsoft SQL Server non-default instances is now more intuitive.
  • Web Reports: Welcome wizard now detects if JavaScript has been disabled
  • Web Reports: Added NetFlow Network Traffic JSON for inbound and outbound traffic
  • Web Reports: Updated sort indicators for detailed results
  • Web Reports: Improved dashboard iteration inheritance
  • Web Reports: Ensured correct url encoding when switching between Summary and Detailed views
  • Web Reports: Optimized resource usage when running report jobs
  • Web Reports: Fixed issue where search dashboard tile would ignore the percentage field
  • Web Reports: Updated Tomcat to version 7.0.73

Patch 3.3.1.22 released

2016-12-29

Bugfixes:

  • Agent: Fixed issue where records captured by file access tracking would under some circumstances, mostly PostgreSQL, would not be written to the database when not using the collector
  • Agent: Fixed issue where physical disk info wouldn't be written to database when not using the collector
  • Agent: Fixed issue where physical disks, controller and RAID information would not be detected correctly with newer versions of HP Insight Management
  • Agent: Fixed issue where host would not be detected as a VM when running Server 2016
  • Management Console: Improved display of licenses
  • Heartbeat Agent: Alert email indicating that the EventSentry service is stopped is now less sensitive and not triggered during installations and upgrades
  • Web Reports: Improved translation for Polish, Dutch, Spanish and Portuguese
  • Web Reports: Included detection for unconfigured iLO cards
  • Web Reports: Renamed file fields on File Access page with query support
  • Web Reports: Fixed frequency chart rendering when exported as PDF

Patch 3.3.1.18 released

2016-12-21

Bugfixes:

  • Agent: Fixed issue where an invalid database action in service monitoring could crash the agent
  • Agent: Agent now logs event id 1075 when a self-update completed successfully
  • Network Services / NetFlow: Fixed issue where the number of bytes would not be logged for NetFlow v9 under some circumstances
  • Network Services: Status of the NetFlow daemon is now logged with event id 112, similar to Syslog & SNMP components
  • Network Services: Fixed issue when evaluating NetFlow with an existing full license
  • Management Console: Improved usability of desktop action dialog
  • Management Console: Added template for Slack to HTTP action dialog
  • Collector: Fixed issue with when overriding email subject
  • Collector: Fixed issue where local agent would not communicate with collector after an initial installation until the configuration was saved once in the management console
  • General: Improved email subject of some EventSentry alerts with new installations
  • Web Reports: Updated German translation
  • Web Reports: Fixed Diskspace trends formatting
  • Web Reports: Fixed exception error on NetFlow summary page when viewing average data

Patch 3.3.1.12 released
Critical

2016-12-14

Bugfixes:

  • Collector: Fixed issue where automatic agent updates would not apply correctly for some hosts, especially when connected to the collector over a slow link. Some agents may require a manual update with this patch, but subsequent patches should work properly
  • Agent: Fixed issue where agent would crash on Windows Server 2016 when certain alerts would be sent via email
  • Agent: Fixed issue where binary data would not be written to the database when not using the collector
  • Heartbeat Agent: Fixed issue where service would not utilize the database or collector cache to determine remote agent status
  • Heartbeat Agent: Various fixes and tweaks to agent monitoring via RPC
  • Network Services: Fixed issue where network services component would not work with evaluation (trial) licenses

Patch 3.3.1.1 released

2016-12-07

Bugfixes:

  • Installer: Fixed upgrade issue where installer would display PostgreSQL configuration dialogs even though PostgreSQL was never installed
  • Agent: Fixed issue where agent may log invalid IP addresses in Logon Failures compliance report for 4776 events which do not contain a value for the source workstation field

Version 3.3 released

2016-12-06

Features:

  • NetFlow with support for NetFlow v1, v5, v9 & sFlow. NetFlow supports visualization, geolocation, alerts, correlation with workstation logon events to map flows to ActiveDirectory users, filtering and more
  • Web Reports - Notes & Documentation: Web reports users can submit notes to document infrastructure updates, maintenance, fixes and more. Documentation files can be uploaded and associated with hosts
  • Web Reports: Added ISO 27001:2013 compliance reports
  • Web Reports: New security features
  • Web Reports: New dashboard tiles
  • Web Reports: Treemap visualization available for most pages
  • Web Reports: Updated look and improved menu
  • Deployment: Agents using the collector can receive configuration and agent binary updates automatically through the collector without user intervention.
  • Deployment: MSI installers can now be created in a few seconds directly from the management console (requires free WiX Toolset)
  • Agent: A 64-bit agent is now available for 64-bit Windows
  • Agent: Removed limit and improved management of custom event logs
  • Agent: Support for chaining events
  • Agent / Collector: Emails containing IP addresses sent through collector can be enhanced to display geolocation and reverse lookup data inline.
  • Agent: Emails from security event log will automatically be enhanced with descriptions for many status and error codes
  • Agent: Database performance of delimited log files has been significantly improved
  • Agent: Insertion strings of events can be created or replaced using regular expressions
  • Agent: Install date of software is now available for most software even if it was installed before EventSentry
  • Agent: USB drives are now detected in real-time
  • Heartbeat Agent: Agent status is now retrieved directly from collector and/or database for faster and more efficient monitoring
  • Network Services: Database performance for Syslog component has been improved for MSSQL databases
  • Network Services: License count for network devices is now more accurately enforced
  • Database: Built-In database now uses PostgreSQL v9.6, optional upgrade path is available
  • Configuration: Improved out-of-the-box filter rules for less noise
  • Management Console: Ability to reset the configuration to post-installation defaults (new v3.3 installations only)
  • Management Console: Remote configuration can now removed when uninstalling an agent even when remote registry service is unavailable
  • Management Console: Version checks and update/patch downloads are now performed over TLS for enhanced security

Patch 3.2.1.96 released

2016-11-08

Bugfixes:

  • Database: Updated built-in PostgreSQL database to 9.1.24
  • Agent: Fixed issue where removing a sevice could crash the agent when using collector
  • Agent: Fixed issue where binary data was not sent with Syslog action when using the collector
  • Agent: Improved error handling of delimited log files and increased max allowed size of new files
  • Agent: Fixed issue with incorrect CPU virtualization support flag in hardware inventory when using collector
  • Agent: Various stability improvements
  • Management Console / Agent: Fixed issue where Non-English performance counter descrpitions would not display correctly in management console and alerts
  • Management Console: Fixed issue where pushing the configuration would result in an error message related to the eventsentry_svc_in.reg file
  • Management Console: Fixed issue where duplicate computers would use up licenses
  • Management Console: Fixed various issues when opening .evt files

Patch 3.2.1.86 released

2016-09-30

Bugfixes:

  • Network Services: Updated MAC Vendor database
  • Management Console: Minor tweaks and improvements
  • Management Console: Adding a license no longer requires a restart of the management console
  • Management Console: Fixed issue when viewing event logs with very high number of events
  • Agent: Fixed bug where Hyper-V VMs were not properly detected and/or updated
  • Agent: Fixed bug in log file monitoring which could cause collector to crash
  • Agent: Improved online configuration updates (1035 event)
  • Agent: Fixed issue where product type wasn't written to the account management and policy compliance tracking pages when using collector
  • Agent: Fixed issue where an incorrect event was logged by the directory monitoring / file count feature
  • Heartbeat Agent: Fixed issue where heartbeat status would not be updated when using a MySQL database
  • Agent / Collector: Added option to send Syslog data in UTF8 format
  • Database: Updated built-in PostgreSQL database to 9.1.23
  • Web Reports: Fixed timezone rendering on trend pages
  • Web Reports: Improved time rendering when a computer is selected on error and failures dashboard tile
  • Web Reports: Resolved potential XSS vulnerability on trends
  • Web Reports: Reclassified specific client error codes to 400 Bad Request instead of generic 500 error
  • Web Reports: Fixed various security issued

Patch 3.2.1.76 released
Critical

2016-08-11

Bugfixes:

  • Agent: Reduced impact on DB performance for configurations monitoring many performance counters
  • Agent: Fixed issue where some compliance tracking data would not be cached correctly during temporary database outages
  • Management Console: Improved handling of copy/cut/paste when editing items in the tree view
  • Management Console: Fixed issue with remote update performed on "Groups" level
  • Management Console: Fixed bug where hidden packages would still show up on summary screen, clicking would result in an application crash
  • Collector: Fixed issues with some variables not being resolved correctly for email actions
  • Collector: Fixed issue where text file action routed through collector would not update output file frequently enough

Patch 3.2.1.66 released

2016-07-23

Bugfixes:

  • Management Console: Fixes a regression bug where adding a computer through the "Edit" dialog will result in an empty string being added to the group, requiring the user to edit the empty string. This is a complete patch but only affects the file eventsentry_gui.exe. It is not necessary to apply this patch if you are running 3.2.1.64 and not adding new hosts to the configuration. You may contact support to obtain a patched eventsentry_gui.exe instead of applying the full patch

Patch 3.2.1.64 released

2016-07-21

Bugfixes:

  • Collector: "File" action would not work when channelled through the collector
  • Collector: Fixed bug where overriding an email message body would not resolve insertion string variables
  • Collector: Fixed issue where $IPADDRESS variable would not be resolved for SMTP actions channelled through the collector
  • Agent: Fixed issue where content filters using a numerical comparison chained with OR may not work as expected
  • Agent: CPU count would be incorrect on some pages in the web reports when not using the collector
  • Agent: Improved reliablity when agent frequently connects and disconnects from the collector
  • Agent: Increased field storage size for HTTP action and fixed bug which prevented utilization of full field size
  • Agent: Fixed issue where agent may crash when a service is removed
  • Management Console: Fixed bug when minimizing the ribbon
  • Management Console: Fixed bug when performing a remote update action without the extensive network check enabled when host has at least one TCP port checked.
  • Heartbeat Agent: Fixed bug where large monitoring interval would cause service to stop monitoring hosts
  • Web Reports: Improved warranty checks
  • Web Reports: Fixed CSV output by adjusting the block size
  • Web Reports: Added SourceIP to LogonByType Summary view
  • Web Reports: Fixed issue where grouped summary section links would not always match a valid translation resulting in an exception
  • Web Reports: Improved group by rendering when values are empty
  • Web Reports: Fixed error handling when original event cannot be found in the database
  • Web Reports: Updated Tomcat to version 7.0.69

Patch 3.2.1.50 released
Critical

2016-06-08

Bugfixes:

  • Agent: Fixed regression bug with log file monitoring which caused inconsistent results with configured filters
  • Agent: Improved automatic installation and upgrade of ODBC drivers when not using collector
  • Agent: Improved group membership detection when agent is configured only with a IP which is not the primary IP of an interface
  • Agent: Fixed issue where editing embedded scripts would cause some associated application schedules or process using an embedded script to not launch
  • Heartbeat Agent: More switches are now supported by switch inventory
  • Web Reports: Fixed CSV output with large datasets

Patch 3.2.1.44 released
Critical

2016-05-27

Bugfixes:

  • Web Reports: Fixed (CVE-2016-5077) XSS vulnerability on SNMP Traps search page
  • Web Reports: Added report for HIPAA/PCI
  • Web Reports: Adjusted last date calculation for scheduled jobs
  • Web Reports: Updated default event formatting
  • Web Reports: Fixed x-axis for Diskspace Trends when UTC has not been enabled
  • Web Reports: Renamed Hardware menu item to Hardware / OS
  • Web Reports: Collector Status tile now directly links to the Collector Status page
  • Web Reports: Fixed hover tooltip on heatmaps
  • Web Reports: Added an option to increase the height of heatmaps
  • Agent: Improved disk space alerting when disk space usage continously exceeds and falls below a preset threshold
  • Agent: Fixed issue where IPv6 source addresses were discarded and not shown in various compliance tracking reports
  • Agent: Added support for $LICENSEE variable for email subject, header & footer
  • Heartbeat Agent: Improved error handling when monitoring hosts via SNMP
  • Heartbeat Agent: Fixed issue where service would crash when it was configured to use a disabled database
  • Management Console: Improved remote update for mixed groups which contain Windows as well as Non-Windows hosts
  • Management Console: Improved error message when AD-linked groups cannot be queried
  • Management Console: Fixed various issues with wizards
  • Database: Updated built-in PostgreSQL database to 9.1.22
  • General: Fixed issue where MAC address vendor db (for ARP daemon) hasn't been updated
  • General: Fixed issue where MAC address vendor db wasn't included in EventSentry Light
  • General: Various updates to the documentation

Patch 3.2.1.30 released

2016-04-25

Bugfixes:

  • Agent: Changes to services are now logged under the severity configured under the "Addition/Removal" category
  • Collector: Fixed issue where resolving variables would sometimes not work
  • Management Console: Fixed issue where configuration changes would not be picked up by the agent running on the same host as the management console
  • Management Console: Added new option to hide the command which was executed
  • Management Console: Added new option to reset the shared secrets of a remote agent by clicking the computer name
  • Management Console: Fixed issue where an embedded script in mixed case would not properly save other scripts
  • Heartbeat Agent: Remote agent status is now retrieved from database prior to attempting to retrieve status from remote agent
  • Heartbeat Agent: Fixed issue where an invalid SNMP OID could cause the heartbeat agent to crash
  • Heartbeat Agent: Now logs events when the HB Agent cannot connect or write to the database
  • Web Reports: Fixed PDF formatting when exporting charts with legacy non-UTC enabled datasets
  • Web Reports: Updated user caching to prevent collisions
  • More Information: Additional Notes on EventSentry Update v3.2.1.30

Patch 3.2.1.22 released

2016-04-07

Bugfixes:

  • Agent: Fixed issue where agent would not start on Windows XP
  • Agent: Improved resource utilization of agent and domain controllers by optimizing event log parsing and suppressing unneeded LDAP queries
  • Agent / Collector: Agent now disconnects from collector after periods of inactivity
  • Heartbeat Agent: Improved detection of unreliable network connectivity where agent status monitoring is not possible
  • Heartbeat Agent: Fixed issue where uptime would not be updated in database for SNMP hosts
  • Collector: Resolved issue in file access tracking where LogonID is not written to database
  • Collector: Resolved issue where communicating with SMTP server which require authentication would not work
  • Management Console: Significantly improved the speed of the "Prepare Configuration file" stage of remote update, resulting in signifanctly faster remote update experience
  • Management Console: WMI service is no longer paused when deploying and/or upgrading remote agent(s)
  • Management Console: Fixed issue when defining new variables
  • Management Console: Fixed issue where performance counter descriptions would not be scrollable for built-in packages
  • Management Console: Improved searching for filters which use an event id range
  • Management Console / Collector: Added option to reset shared secret for a single host
  • Database: Updated built-in PostgreSQL database to 9.1.21
  • Database: Changed default MySQL driver to a version which works reliably with EventSentry, fixed issues in configuration assistant pertaining to MySQL
  • Web Reports: Adapted SOX requirements
  • Web Reports: Empty report categories are now automatically removed
  • Web Reports: Page-level context menus now group the report categories
  • Web Reports: Improved caching for user accounts
  • Web Reports: Added additional cookie validation
  • Web Reports: Fixed X-axis time representation on the Dashboard
  • Web Reports: Improved pagination on the Logon Console page

Patch 3.2.1.8 released

2016-03-07

Bugfixes:

  • Collector: Fixed issue where connections from agent(s) would be rejected if the reverse lookup of the remote IP would not match the host name specified in the management console
  • Agent: Fixed an issue where the agent would attempt to connect to a remote collector after service startup even if a connection is not necessary
  • Web Reports: Improved "Last Seen" info on Inventory - Host page

Patch 3.2.1.6 released

2016-02-29

Bugfixes:

  • Agent: Fixes issue in Email action (legacy HTML) where select font would not apply
  • Installer: Fixes issue where updating from 3.1 to 3.2 through management console would neither properly evaluate the installed license nor trigger the configuration assistant after the upgrade is complete
  • Installer: Fixed issue where installer would take an unusually long time towards the end of the installer when upgrading (speed improves starting with the 2nd upgrade)
  • Web Reports: Improved CSV Export when exporting all pages of a resultset
  • Web Reports: Fixed search query generation when multiple conditions are added to the search directly

Patch 3.2.1.4 released

2016-02-23

Bugfixes:

  • Management Console: Added export option for offline agent deployment
  • Collector: Improved handling of shared secrets to prevent incorrect connection rejection
  • Web Reports: Added ability to remove specific log file revisions with maintenance wizard
  • Web Reports: Added missing translations for some languages
  • Agent: Fixed issue where uninstalling agent from command line would result in a crash
  • Agent: Added command-line option to remove locally stored collector security settings when uninstalling agent

Version 3.2 released

2016-02-18

Features:

  • Central collector service which enables a 3-tier architecture between an action (e.g. database, email server) and the EventSentry agents. Supports compression and secure data transmission via TLS encryption.
  • Management Console: Ability to import computers from a network (subnet) scan
  • Management Console / Remote Update: Record activity in log files
  • Management Console / Remote Update: Toggle fields in result list
  • Management Console: Export all configured filters to CSV file
  • Switch inventory with switch port to MAC/hostname mapping
  • Detection of highest supported USB version
  • Ability to reduce the size of security events in the database by removing common, static footers
  • Web Reports: Additional language support for French, Dutch, Spanish, Polish, Portuguese and Italian
  • Web Reports: Out-of-the-box compliance reports for PCI-DSS, FISMA, Sarbanes Oxley, HIPAA and GLBA
  • Web Reports: Improved & faster performance trend reporting with ability to display multiple trend charts on a single page
  • Web Reports: New Bulk assignment for easier report management
  • Web Reports: Report jobs can be saved to a folder
  • Web Reports: Improved host inventory page now shows switch port (if available), USB version and VM hosts (if available)
  • Web Reports: Health matrix displays computer notes
  • Web Reports: Improved usability throughout
  • Web Reports: Improved connection pool support

Patch 3.1.1.112 released

2016-02-03

Bugfixes:

  • Agent: Fixed issue where some custom event logs may not be monitored after a configuration update is pushed to the agent
  • Agent: Fixed regression bug originally fixed in 3.1.1.90 with the scheduled task inventory
  • Agent: Fixed issue which would prevent an entire drive from being monitored with file checksum monitoring
  • Web Reports: Updated Tomcat to 7.0.67
  • Web Reports: Fixed issue in with short-running jobs
  • Web Reports: Improved bulk computer assignment in Account Manager
  • Web Reports: Moved Source IP to separate column on Logon pages
  • Web Reports: Fixed File Checksum search field mappings

Patch 3.1.1.108 released

2015-12-01

Bugfixes:

  • Agent: Fixed rare issue which would cause high CPU utilization
  • Agent: Fixed issue where 64-bit software wouldn't be detected if 32-bit version of same software is installed
  • Agent: Misc optimizations
  • Management Console: Fixed bug where sorting computers would not be saved
  • Management Console: Fixed bug where a deleted log file definition would remain in the configuration after saving
  • Management Console: Fixed bug where processing a group with and ID of >= 255 would not work
  • Configuration Assistant: Database initialization can now be skipped
  • Configuration Assistant: Improved MySQL ODBC driver installation
  • Web Reports: Fixed issue renaming/reordering Dashboards
  • Web Reports: Improved rendering of the most recent value on Performance Dashboard tiles
  • Web Reports: Resolved empty searches Group Changes page when values are present
  • Web Reports: Health Matrix / Network Status is now more responsive
  • Web Reports: Updated scheduling of short-interval report jobs

Patch 3.1.1.104 released

2015-10-19

Bugfixes:

  • Agent: Agents will assign themselves to an "Unknown" group instead of assigning themselves to the first group in the configuration when the agents cannot find an entry for their host name in an existing group
  • Heartbeat Agent: Timing optimizations when monitoring the agent status on hosts with a slow link or on hosts not running Windows
  • Management Console: Event Log Packages now show in correct order when right-clicking an event in the built-in event viewer and creating an include/exclude filter
  • Installer: Fixed rare issue where the PostgreSQL ODBC driver would trigger a host reboot during the EventSentry installation
  • Built-In Database: Updated to PostgreSQL v9.1.19

Patch 3.1.1.100 released

2015-10-05

Bugfixes:

  • Agent: Added/fixed support for executing powershell scripts through the application scheduler or actions
  • Agent: Fixed issue where an action may be triggered even if it is disabled
  • Agent: Fixed issue where the debug log file of the agent would continue to grow, exceeding the maximum configured size
  • General: Increased size the max number of groups to 384
  • Web Reports: Updated Tomcat to v7.0.64
  • Utilities: Added UTC support es_db_agent_status.exe

Patch 3.1.1.90 released
Critical

2015-08-26

Bugfixes:

  • Agent: Fixed potential security vulnerability which would give a local user temporary access to the EventSentry configuration file during a remote update action
  • Agent: Fixed issue with scheduled task inventory on Windows 2003 which would result in duplicate and incorrect alerts. IMPORTANT: Upgrading to this build will generate a one-time "new task detected" alert for each installed task on a 2003/XP machine
  • Agent: Added support for $IPADDRESS variable
  • Management Console: Improved support for managing large number of hosts
  • Management Console: Other minor bug fixes
  • Web Reports: Added output for binary data in event log detail dialog
  • Web Reports: Modifying search now resets the back to first page
  • Web Reports: Improved database connection pool limit
  • Web Reports: Optimized job scheduler
  • Web Reports: Improved Maintenance Wizard reliability with Oracle
  • Web Reports: Removed documentation class which contained potential vulnerabilities
  • Web Reports: Updated Tomcat to 7.0.64

Patch 3.1.1.85 released

2015-07-30

Bugfixes:

  • Agent: Fixed issue where agent may issue invalid performance alerts after startup
  • Agent: Fixed issue where agent may not start if configuration contains more log file packages than event log packages
  • Agent: Improved performance of logon tracking as well as parsing of remote host name values for some events
  • Agent: Fixed issue where agent may generate incorrect performance alerts immediately after starting
  • Agent: Fixed issue where agent may not start if the number of log file packages is greater than the number of event log packages in the configuration
  • Agent: Improved how the agent reports the SNMP sender id when sending SNMP traps
  • Agent: Fixed issue where malformed volume name could prevent disk space status from being updated
  • Heartbeat Agent: Fixed issue where service was caching incorrect host statuses in temp file when shutting down
  • Heartbeat Agent: Improved ping response time tracking trend charts when remote host is unavailable
  • Heartbeat Agent: Fixed issue where repeat alerts may not be generated
  • Heartbeat Agent: Fixed issue where configuration updates would not always work reliably, especially when the polling interval was low and/or the number of monitored hosts was large
  • Heartbeat Agent: Fixed issue where remote agent status would show up as "Unknown" indefinitely
  • Management Console: Improved cleaning up orhpaned registry values
  • Management Console: Fixed issue with remote update when working with a large EventSentry configuration
  • Management Console: Fixed issue where invalid authentication settings would cause a crash under certain circumstances
  • Management Console: Now pulls host names in FQDN format from AD when configured in global options
  • Web Reports: Fixed menu formatting when user has limited access
  • Web Reports: Resolved issue where Environment reports would periodically be empty
  • Web Reports: Fixed error when removing the last dashboard
  • Web Reports: Improved searches for acknowledged events
  • Web Reports: Fixed issue when adding Group Allowed pages with Internet Explorer
  • Web Reports: Improve HB Status tile when selecting multiple groups
  • Installer: Fixed issue where upgrading from v2.91 would result in a duplicate installation
  • Built-In Database: Updated to PostgreSQL v9.1.18

Patch 3.1.1.60 released
Critical

2015-05-29

Bugfixes:

  • Agent: Fixed issue where incorrect access mask was displayed on File Access Tracking report
  • Agent: Fixed regression issue where uninstalled software would not be detected
  • PostgreSQL: Updated to version 9.1.16
  • Management Console: Additional usability improvements and sanity checks
  • Web Reports: Updated Tomcat to 7.0.62
  • Web Reports: Fixed File Access search when clicking Delete events
  • Web Reports: Added Memory Used/Free percent to Mobile API
  • Web Reports: Fixed Search tile data range with Service Status queries
  • Web Reports: Improved handling of averages on Performance Status when no value is present

Patch 3.1.1.54 released
Critical

2015-05-14

Features:

  • Agent: Added option to database actions to log more database-related connectivity errors to event log with event id 532

Bugfixes:

  • Management Console: Fixed issue when testing filter rules with built-in event viewer
  • Management Console: Fixed issue where credentials for GROWL action where not saved
  • Management Console: Increased max MIB count to 128
  • Management Console: Added maximum timeout of 5 min per host in remote update
  • Agent: Fixed issue where agent would store duplicate events in database due to incorrectly analyzing the return code from ODBC driver
  • Agent: Added ability to use variables in content filters
  • Agent: Fixed potential heap corruption when certain events are parsed
  • Agent: Fixed several issue with log file monitoring to improve reliability
  • Agent: Improved reliability of caching events when remote database is unavailable and agent is restarting
  • Agent: Fixed issue with software inventory/alerts where multiple versions of the same software installed on a single computer would not report correctly and/or trigger incorrect uninstallation notices
  • Heartbeat Agent: Optimized temp file storage for improvement performance on networks monitoring large number of hosts
  • Heartbeat Agent: Improved how threads are automatically allocated
  • Heartbeat Agent: Improved detection of hosts which cannot be queried via SNMP or agent status
  • Heartbeat Agent: Fixed issue were disk space status wouldn't be updated for SNMP monitored hosts
  • Network Services: Improved reliability
  • Web Reports: Updated JRE to version 1.7.0.79
  • Web Reports: Updated Tomcat to version 7.0.61
  • Installer: Fixed issue when installing to terminal servers

Patch 3.1.1.29 released

2015-02-26

Features:

  • Agent: SMTP action can now connect to SSL/TLS SMTP servers with an unsigned certificate (configurable)
  • Management Console: Simplified patch installation process
  • Web Reports: Usability improvements

Bugfixes:

  • Heartbeat Agent: Improved SNMP polling and slow link detection
  • Heartbeat Agent: Fixed issue where notes for network devices would not show up in web reports (e.g. Health Matrix)
  • Agent: Fixed issue where setting a max number of events per email would send blank emails under certain circumstances
  • Management Console: Fixed issue where filter rules test would not work correctly with custom event logs
    Management Console: Fixed issue where computers would be removed from AD-linked groups when performing certain actions on a single host in that group
  • Management Console: Fixed issue where AD-linked groups would not be refreshed during application startup
  • Management Console: Improved responsiveness of remote update dialog while a lengthy remote update operation is in progress
  • Management Console: Fixed issue when adding a performance counter to an existing would yield an error message under certain circumstances
  • Management Console: Fixed issue where setting remote update preferences to ES$ share would cause issues when pushing the configuration
  • Management Console: Fixed issue where certain events would not be formatted correctly when connecting to remote event logs under certain circumstances
  • Agent / Management Console: Fixed issue where testing or executing processes with certain command line arguments would not work
  • Database Purge Utility: Removing old data from MS SQL Servers is now significantly faster
  • Web Reports: Improved rendering of stack bar chart
  • Web Reports: Fixed issue where record count in email subject would be inaccurate under certain circumstances
  • Agent, Network Services, Heartbeat Agent, Management Console: Enabled ASLR

Patch 3.1.1.17 released

2015-01-26

Features:

  • Agent: Added ability to count files in folder
  • Installer: Added proxy support (requires setup in IE)

Bugfixes:

  • General: Added Windows 8.1 and Server 2012R2 to dynamic package activation options
  • Log Import Utility: Fixed potential issue when importing unicode log files
  • Web Reports: Improved computer dashboard customizations
  • Web Reports: Fixed 'since' calculation when UTC is disabled
  • Web Reports: Fixed issue when deleting last dashboard
  • Web Reports: Updated JRE to 1.7.0-76
  • Installer: Miscellaneous fixes and improvements

Patch 3.1.1.14 released

2015-01-02

Features:

  • Agent: Added ability to report all data under an alias name instead of host name
  • Web Reports: Added option for login prompt
  • Web Reports: Added "Last Scan Duration" field to heartbeat status

Bugfixes:

  • Heartbeat Agent: Improved / fixed issue when monitoring hosts connected via low latency link
  • Heartbeat Agent: Fixed issue where moving hosts with authentication between groups would require a heartbeat agent restart
  • Web Reports: Fixed German translation
  • Web Reports: Updated Tomcat to version 7.0.57
  • Installer: Minor fixes and tweaks

Patch 3.1.1.9 released
Critical

2014-12-18

Bugfixes:

  • Agent: Resolves issue where absolute disk space limits would not work
  • Management Console: Resolves issue where importing a 3.0 configuration backup file could not be imported
  • Management Console: Updated SNMP trap daemon icon to avoid confusion
  • Web Reports: Fixed security issues
  • Web Reports: Fixed issue where events could not be acknowledged in rare circumstances
  • Web Reports: Fixed full screen mode in dashboard in IE 11

Patch 3.1.1.6 released

2014-12-15

Bugfixes:

  • Installer: Resolved issue where license key would not be imported/accepted during installation/upgrade when software restriction policies are in place
  • Installer: Resolved issues when adding/removing the web reports component
  • Agent: Added sanity checks to prevent crash when service is being stopped
  • Management Console: Fixed various issues with EventSentry Light to prevent crash
  • Heartbeat Agent: Resolved issue where remote agent status was displayed as "Unknown" when IPC$ was configured as the authentication preference
  • Web Reports: Fixed Group-level filtering for Syslog Hosts
  • Web Reports: Added patch install date column to patch inventory page

Version 3.1 released

2014-12-05

Features:

Windows & General Monitoring
  • Task Scheduler inventory and change detection
  • Large File enumeration
  • Inventory of virtual machines (Hyper-V & ESX)
  • HTTP action now supports POST/PUT for better interoperability with web-based APIs
  • Disk space monitoring now supports multiple disk space packages assigned to a single host
  • Improved remote update / host management, especially of Non-Windows hosts in management console
Heartbeat & SNMP Monitoring
  • Process Monitoring support for SNMP-enabled hosts
  • Improved router functionality, configure routers based on IP subnet
  • Status change detection and uptime calculation is more reliable
  • Overall stability improvements in the heartbeat agent
Web Reports
  • Support for multiple dashboards, including automatic iteration between dashboards
  • Dashboards can be shared
  • Support for graphical gauges (Clock, meter, number, bullet)
  • New heatmap tile for uniquely visualizing log, syslog and performance data
  • New generic search tile supports embedding data from any feature in dashboard
  • Support for TV mode and dark/light theme in dashboard
  • Various tweaks and improvements to existing dashboard tiles

Patch 3.0.1.134 released

2014-11-17

Bugfixes:

  • Management Console: Fixed issue introduced in build 3.0.1.132 which would break most HTTP-related functionality (e.g. version check)
  • Agent: Fixed issue introduced in build 3.0.1.132 which cause issues with the HTTP action
  • Web Reports: Fixed issue where directory names would be incorrect if the same file would be processed on the same host in 2 different directories at the same exact time

Patch 3.0.1.132 released

2014-11-16

Bugfixes:

  • Agent: Fixed issue where agent would not format security events correctly after a reboot prompted by a hotfix installation which makes changes to the security event log publisher
  • Agent: Fixed issue with summary notifications
  • Heartbeat Agent: Added additional OIDs for obtaining CPU usage
  • Network Services: Trap bindings as OIDs are now resolved
  • Network Services: Fixed issue with enum-style trap bindings
  • Network Services: Fixed issue where white-listing MAC addresses would have no effect
  • Management Console: Fixed memory leak in built-in event viewer when refreshing and/or filtering results
  • Web Reports: Updated JRE to v1.7.0.72, updated Tomcat to v7.0.56
  • Web Reports: Added TargetAccount as search option on group changes page
  • Web Reports: Fixed time-zone issue on y-axis on error trend chart

Patch 3.0.1.128 released

2014-10-21

Bugfixes:

  • Network Services (ARP): Fixed duration of learning period to 2 weeks
  • Network Services (ARP): Updated MAC vendor database
  • Installation: Fixed issue where built-in PostgreSQL database service could not be registered on Non-English operating systems
  • Management Console: Fixed issue where removing a log file could cause a crash
  • Management Console: Fixed issue where removing credentials could cause a crash
  • Agent: Increased maximum buffer for HTTP actions
  • Agent: Fixed issue with performance trend clear events showing incorrect values
  • Web Reports: Added support for empty search queries
  • Web Reports: Fixed single character wildcard before dash queries
  • Web Reports: Updated JRE to 1.7.0.72 and Tomcat to 7.0.56
  • Web Reports: Resolved issue when testing SMTP settings
  • Web Reports: Fixed disk calculation on very large disks
  • Web Reports: Updated trend tiles on Dashboard to be clickable

Patch 3.0.1.120 released

2014-08-22

Bugfixes:

  • Agent: Fixed issue where service could exhibit very high CPU usage due to a bug in the disk prediction module
  • Agent: Fixed issue where filtering severity of compliance tracking "Logon by Server Type" would not work as expected
  • Agent: Increased the maximum number of installations EventSentry can cache to avoid false install/uninstall events
  • Installation: Deactivating database purge would setup an invalid System Health package
  • Web Reports: Computer is now included on Detailed Delimited Log File reports
  • Web Reports: Updated jQuery version
  • Web Reports: Line breaks are now escaped on Summary pages to improve link-based query building
  • Web Reports: Fixed issue with Performance Trend reports when sent as HTML jobs

Patch 3.0.1.114 released

2014-07-31

Bugfixes:

  • Agent: Fixed issue where agent would attempt to connect to databases which are not in use
  • Agent: Optimized communication with database for MSSQL and MySQL databases
  • Network Services: Fixed issue where ARP alerts were not always generated
  • Network Services: Improved ability to recover gracefully from db connectivity issues
  • Network Services: Improved logging when network services are unable to communicate with database for an extended period of time
  • Heartbeat Service: Improved timeout settings
  • Web Reports: Fixed issue when Blocking Pages for a user account
  • Web Reports: Resolved issue with monthly jobs calculation
  • Web Reports: Improved job loading process
  • Web Reports: Added valuefloat search field to performance pages
  • Web Reports: Improved initial session preferences when using Remember Me
  • Web Reports: Fixed C/F conversion on Environment Trends
  • Web Reports: Updated JRE 1.7.0.65 and Tomcat 7.0.54
  • Web Reports: Fixed x-axis time interval when exporting charts
  • Web Reports: Improved field mappings on Logon Failures page
  • Web Reports: Added column for Source IP to Logon Failures page
  • Web Reports: Additional sanitation applied to report strings
  • Web Reports: Increased default connection timeout
  • Web Reports: Various security improvements (contact support for details)

Patch 3.0.1.106 released

2014-06-16

Bugfixes:

  • Agent: Better detection for latest version of HP Insight Manager
  • Agent: Improved network failure reasons for some compliance tracking events
  • Agent: Terminating child processes from application scheduler now works with unlimited process nesting levels
  • Management Console: Improved various group and computer summary screens for variables and hosts with SNMP errors
  • Management Console: Fixed issue when deleting first performance counter in the package
  • Management Console: Added "Inherit" button to variable dialogs
  • Heartbeat Service: SNMP: Fixed issue when querying SNMP counters with multiple instances on some SNMP Agents (e.g. pfSense)
  • Heartbeat Service: SNMP: Fixed issue when using secondary non-SNMP counters in conjunction with multiple-instance SNMP counters
  • Installer: Fixed issue with setting up automatic purge job when initializing EventSentry with MS SQL Server database and using built-in authentication
  • Web Reports: Fixed issue when searching for Logon Type Unlocked
  • Web Reports: Updated detailed hardware CSV output
  • Web Reports: Resolved issue when setting permissions with the Account Manager
  • Web Reports: Improved uptime calculation
  • Web Reports: Event number in various compliance tracking pages is now clickable

Patch 3.0.1.98 released

2014-05-16

Bugfixes:

  • Management Console: Application Scheduler time outs larger than 60 seconds would not be saved correctly
  • Management Console: Adding log file from right pane could crash management console
  • Management Console: Performance counter preview now supports instances
  • Agent: Event IDs can now be negated in a filter
  • Agent: Event IDs can now be specified with a range in a filter
  • Agent: Reduced memory consumption and improved scalability for file checksum monitoring
  • Network Services / Heartbeat: Fixed issue where service would sometimes not recover from a temporary loss of db connection
  • Web Reports: Trend pages will now export PDFs to landscape mode
  • Web Reports: Improved Remember Me functionality when logging in
  • Web Reports: Fixed issue with CSV output where in rare cases the first line would appear in the header
  • Web Reports: Recent Events tile only looks at the last 3 days

Patch 3.0.1.86 released

2014-04-25

Bugfixes:

  • Installer: Fixed issue where installer running in patch mode would re-install previously unselected components
  • Management Console: Fixed issue where app would crash on startup on systems with missing/corrupt performance counter settings
  • Management Console: Fixed comment submission to myeventlog.com
  • Agent (new feature): Added ability to ignore certificates in HTTP action
  • Agent (new feature): Dynamic package assignment options now supports wildcards for service names
  • Agent: Fixed issue where invalid temp entry would disable console logon tracking on a host
  • Agent: Fixed issue where pushing configuration updates after renaming a group would cause package assignment issues on some remote hosts
  • Web Reports: Fixed issue with uptime calculation when setting a custom range
  • Web Reports: Corrected sorting of duration on the Processes search
  • Web Reports: Updated default sorting on Software Inventory
  • Web Reports (new feature): Added last value option to the Performance tile on the Dashboard
  • Web Reports: High Processes tile has been renamed to Process Performance
  • Web Reports (new feature): Added Handle Count to Process Performance tile
  • Web Reports: Resolved issue where Report History was logged twice
  • Web Reports: Updated JRE to 1.7.0.55

Patch 3.0.1.78 released
Critical

2014-04-11

Bugfixes:

  • Agent: Text Action now supports custom delimiter
  • Agent: Event IDs can now be specified in ranges (e.g. 4628-4656)
  • Agent: Added option for email action to keep space character in HTML emails
  • Agent: Fixed issue where maintenance schedules set on a per-computer basis would not be applied to email or pager actions
  • Agent (File Checksum Monitoring): Fixed issue where recurring scan would run more often than necessary
  • Agent (Compliance Tracking): Fixed issue where ip address DNS lookup would not work on some hosts
  • Agent (Compliance Tracking): Fixed issue where source IP address would not correctly show up for some events
  • Agent (Application Scheduler): When terminating child processes, only processes which start after the parent processes will be terminated
  • Management Console: Dragging and dropping a filter over collapsed event log packages now features a delay before automatically expanding them
  • Management Console: Dragging and dropping an item can be aborted with the ESC key
  • Management Console: Fixed issue where sorting actions could cause issues when overriding actions on a package basis
  • Network Services: SNMP enumeration values are now resolved from MIB files in SNMP trap objects
  • Built-In PostgreSQL Database: Fixed OpenSSL "heartbleed" vulnerability (CVE-2014-0160)
  • Misc: Added support for SQL Server Native Client 11
  • Web Reports: Added ability to customize disk error/warning levels
  • Web Reports: Improved Disk Alert tile to include (Errors Only, Errors & Warnings, or Lowest #)
  • Web Reports: Added Managed Hardware tile
  • Web Reports: Visual improvements to services, disk space, heartbeat and managed hardware tile
  • Web Reports: Architecture has been added to the Computer Inventory
  • Web Reports: Fixed issue with the Diskspace Trends PDF output
  • Web Reports: Added Source IP to Compliance pages
  • Web Reports: Fixed generated time when UTC has not been enabled
  • Web Reports: Increased performance when exporting results to CSV
  • Web Reports: Improved reset password process
  • Web Reports: Resolved issue where in some cases the Range would not be displayed for PDF reports
  • Web Reports: Updated Tomcat (to v7.0.53) and charting library

Patch 3.0.1.67 released

2014-03-26

Bugfixes:

  • Agent: Significantly optimized event log scanning engine for Server 2008 and higher for higher throughput
  • Agent: Optimized file monitoring engine
  • Agent: Various optimizations to slightly reduce memory consumption
  • Agent: Optimized boot scan
  • Agent: $GROUP variable is now resolved in email header/footer when processing RESCAN events
  • Agent: Fixed issue with overnight recurring schedules
  • Agent: Pushing a config during recurring issue could cause events not to be recognized
  • Agent: Fixed issue where logon tracking would generate duplicate key sql errors when using the built-in PostgreSQL database
  • Agent: Fixed rare issue where service monitoring would generate many false alerts
  • Web Reports: Fixed issue on the Network Status page when performance instances do not exist
  • Web Reports: Added sorting by Percent on the Diskspace Status page
  • Web Reports: Resolved issue where TargetAccount menus were not loading correctly on the User Account Changes page
  • Remote Update Utility: Now supports /force switch to push config updates even when no changes have been made
  • Network Services ARP: Resolved SQL error messages
  • Removed several issue in web reports and configuration assistant when using Oracle
  • Fixed issue where the management console would now accept a trial key to extend an existing trial
  • Updated built-in database to PostgreSQL v9.1.13

Patch 3.0.1.46 released

2014-02-26

Bugfixes:

  • Regression Bug: Installer and binaries where not correctly digitally signed
  • Regression Bug: Authentication set on individual hosts would not work most of the time
  • Management Console: Fixed issue where removing some health object from a package would not work properly
  • Management Console: Unsuccessfully connecting to a remote host would crash the management console
  • Management Console: Fixed issue where browsing for performance counters with instances would not work
  • Agent: Removed obsolete resource check
  • Agent: Increased maximum length of process command line in application scheduler to 1024 characters
  • Heartbeat Agent: Stability improvements

Patch 3.0.1.40 released
Critical

2014-02-20

Bugfixes:

  • Agent: File Access Tracking now supports wildcards when using "Normalize Only" Event Analysis setting
  • Agent: Improved handling & automatic recovery when agent experiences connectivity issues with database
  • Agent: Filter packages are now processed in the same order as shown in the management console, Catch-All rules still apply
  • Agent: Fixed issue where recurring schedule would run more often than necessary when using overnight recurring schedules
  • Management Console: Fixed & improved proxy support
  • Management Console: Various usability improvements
  • Management Console: Added -Run Now- option to configuration backups, and increased the max. number of config backups
  • Management Console: Fixed issue where connecting to remote 2003 event logs would sometimes not work from 2008 or higher.
  • Light Edition: Fixed issue where monitoring sub folders would also be disabled
  • Heartbeat Agent: Service will now only attempt to determine whether SNMP is supported on non-Windows devices once. Installer: Fixed issue where installing EventSentry with SQL Server Express would initially create an invalid configuration for the web reports
  • Log Import Utility: Fixed issue where importing event log files would sometimes not work
  • Web Reports: Added ability to sort Heartbeat Status by availability
  • Web Reports: Included support link to customize logging or change warranty checking
  • Web Reports: Resolved issue with empty query results for users in Japan
  • Web Reports: Fixed duration calculation when requesting active process data in XML
  • Web Reports: Updated JRE to 1.7.0.51

Patch 3.0.1.26 released

2014-01-30

Bugfixes:

  • Management Console: Fixed crash when connecting to a remote host
  • MySQL: Fixed issue in configuration assistant and es_db_purge.exe utility
  • Command Line Purge Utility: Fixed UTC support
  • Command Line Purge Utility: Fixed issue where username/password parameters would not be recognized
  • Agent: Fixed issue where package assignments on a remote agent would sometimes be incorrect after one or more computers were removed from a group
  • Agent: Increased buffer size for the HTTP action when processing large events
  • Agent: Fixed issue where agent would crash when WMI would not return a display adapter
  • Agent: HTTP return code 302 is now acceptable with HTTP action
  • Web Reports: Background warranty checks are now configurable
  • Web Reports: Optimized Account Manager and Network Status to support large datasets
  • Web Reports: Fixed event dialog positioning for certain events
  • Web Reports: Resolved issue where "Remember Me" would expire to soon in some cases
  • Web Reports: Fixed Dashboard formatting for Retina displays

Patch 3.0.1.20 released

2014-01-15

Bugfixes:

  • Management Console: Fixed bug where summary schedules were converted incorrectly from v2.93 and earlier
  • Installer: Installer can now be run on Windows XP
  • Installer: Fixed issue where web reports configuration would get misconfigured during patch upgrade
  • Installer: Older rollback directories are now automatically removed
  • Heartbeat Agent: Fixed SNMP issue when retrieving data from tables with empty instances
  • New Feature: Added MIB and default package for HWg-STE ethernet-based environment sensors
  • Web Reports: Fixed uptime calculations for international customers
  • Web Reports: Resolved issue with status reports when using the Current timeframe
  • Web Reports: Added option to return 1,000 records per page when using the Detailed mode
  • Web Reports: Improved legacy comment support in the new web reports
  • Web Reports: Resolved issue with frequency charts on the Process Tracking page with very large numbers

Patch 3.0.1.16 released

2014-01-08

Bugfixes:

  • New Feature: Maintenance schedules can now apply to email and/or pager actions as well
  • Agent: Fixed bug where variables wouldn't be correctly resolved in email header and footer
  • Agent: Fixed issue where quotes in command line arguments for application scheduler would be incorrectly removed
  • Agent: In the legacy HTML format the category column would incorrectly be called "Source"
  • Agent: Fixed & improved IP lookup in various compliance tracking features
  • Management Console: Fixed issue where initial agent deployment would not work if license key was incorrectly pasted from email
  • Web Reports: Fixed issues on Logon By Type page

Patch 3.0.1.9 released

2013-12-20

Bugfixes:

  • Management Console: Fixed minor issue on filter summary dialog
  • Agent: Fixed issue where events would appear twice in "ASCII" style emails
  • Web Reports: Fixed issue when writing warranty information to postgres databases
  • Web Reports: Fixed various issues with commenting and acknowledging events
  • Web Reports: Fixed issue with warranty checks

Patch 3.0.1.7 released

2013-12-18

Bugfixes:

  • Web Reports & Managment Console: Resolved minor Section 508 compliance issues
  • Agent: Resolved issue where EventSentry service would not start with trial licenses

Patch 3.0.1.5 released

2013-12-16

Bugfixes:

  • Agent: Fixed issue were adding/removing programs after a configuration would not always be detected
  • Agent / Web Reports: Historical data for mount points is now stored in DB and shown on disk status and disk trends
  • Heartbeat Agent: Fixed issue where numerical IDs would be resolved incorrectly if the corresponding MIB wasn't loaded and the configuration was updated
  • Web Reports: Fixed issues with warranty information tile

Patch 3.0.1.2 released

2013-12-12

Bugfixes:

  • Management Console: Editing packages would crash app when ribbon was disabled
  • Agent: Internet Explorer version was not detected properly, and duplicate entries were shown in software inventory

Version 3.0 released

2013-12-10

Features:

Web Reports
  • Scheduled Jobs: Receive reports via email
  • PDF & JSON Output
  • UTC Support
  • Cross-platform: Supports Windows, Linux and OS X
  • Complex queries for all features
  • Full API
  • Easier installation & setup
  • Better dashboards
  • Better summary pages
  • Flash is no longer required
  • Access control with LDAP integration
Network Monitoring (Heartbeat Agent)
  • Poll SNMP counters (integrates with performance monitoring)
  • Retrieve disk space information from SNMP-enabled hosts
  • Retrieve basic system & hardware information from SNMP-enabled hosts
  • Retrieve uptime from SNMP-enabled hosts
Windows Monitoring
  • Log file monitoring supports sub folders
  • Recurring filters now support time intervals
  • Compliance "Logon By Type" tracking can exclude logons by computer accounts
  • Event Log filters can override email subject & message body
  • Packages can by dynamically assigned based on platform (32bit vs 64bit)
  • Threshold filters can utilize insertion strings
  • Disk space prediction feature (predicts when disk will be full)
  • Identify reasons why hosts were shut down or rebooted
  • Desktop notification supports Growl
  • Network notification supports remote desktop services
  • Application scheduler support process isolation
  • New email format "HTML Modern"
Management Console
  • Includes ribbon & visual improvements
  • New authentication manager
  • Better filter search functionality
  • Many common tasks have been simplified
  • Improved built-in event viewer for Application & Services Logs
  • Hour / Day configuration has been simplified
  • Feature Utilization dialog
Network Services
  • ARP daemon detects & tracks new MAC addresses and MAC to IP mappings

Patch 2.93.1.82 released

2013-09-03

Bugfixes:

  • Fixed issue in license manager that would require some users to re-enter one or more license keys after applying patch for build 2.93.1.81
  • Fixed issue in es_db_purge when purging event log data on PostgreSQL
  • Various fixes in web reports

Patch 2.93.1.81 released

2013-08-29

Bugfixes:

  • Agent: Fixed issue where admin detection in Console Logon Tracking feature would not work on domain controllers when the NetBIOS domain name would not match the DNS domain name
  • Agent: Improved reliability of process tracking feature when tracking a high volume of processes
  • Agent: Increased the max. number of applications the agent can capture in the software inventory
  • Agent: Improved stability of the file monitoring feature
  • Agent: Added detection for Windows 8.1 and Windows Server 2012 R2
  • Network Services: Fixed issue where temporary database outages would not be handled correctly
  • Management Console: Bug fixes for the built-in event viewer on Vista and later
  • Remote Update Utility: Bug fixes
  • Installer: Fixed issues in the database schema which would, in some cases, result in errors when upgrading from an earlier version of EventSentry

Patch 2.93.1.75 released

2013-05-31

Bugfixes:

  • Agent: Added detection of DELL(c) OpenManage 64-bit tools
  • Agent: Fixed issue where parsing backup event from logon tracking would crash the agent
  • Agent: Fixed issue where certain applications would only show up as GUIDs in software inventory
  • Agent: Fixed issue with log file monitoring when using wildcards in file names
  • Remote Update Utility: Fixed issue where the status of the remote agent would not be properly detected when there was no configuration change
  • Web Reports: Several bug fixes

Patch 2.93.1.65 released

2013-04-04

Bugfixes:

  • Database: Updated to PostgreSQL v9.1.9 to fix security issue. Note that only the installer will upgrade PostgreSQL, the patch will NOT upgrade PostgreSQL.
  • Agent: Significant performance improvements with log file monitoring feature when monitoring directories with large amount of log files (e.g. 1000+).
  • Agent: Bug fixes for file monitoring
  • Agent: Performance improvements to compliance logon tracking
  • Agent: Boot scan and debug logging can now be configured on a per-host basis via registry
  • Configuration Assistant: Added support for built-in Windows authentication when initializing and/or updating MSSQL databases
  • Remote Update Utility: Improved stability and fixed bug where utility would retry failed hosts even when instructed not to
  • Configuration: Added new event log package which excludes common audit failures by default
  • Web Reports: Several bug fixes and performance improvements

Patch 2.93.1.55 released

2013-03-13

Bugfixes:

  • Remote Update Utility: Improved & documented return codes
  • Remote Update Utility: Fixed issue where event logged by utility would not log updated & failed hosts correctly
  • Management Console: Fixed issue where deleting a group would corrupt group-set variables for some groups
  • Agent: Fixed issue where processes started by agent (to perform hardware inventory on select server brands) would never exit
  • Agent: Fixed issue where non-English performance counters would not be monitored
  • Database Import Utility: Message box is no longer displayed when tool is launched with command-line parameters

Patch 2.93.1.49 released

2013-02-04

Bugfixes:

  • Agent: Fixed potential race condition where agent would crash on hosts with high event logging activity
  • Agent: Fixed issue where SNPP (pager) action would incorrectly send multiple pages
  • Management Console: Maintenance schedules can now start & end at midnight to indicate a full day
  • Management Console: Fixed issue where some computers would not be able to be updated through remote update
  • Management Console: Fixed issue where deleting a computer while in a RDP session would crash the management console
  • Database: Added missing index for temperature/humidity table

Patch 2.93.1.43 released

2013-01-09

Bugfixes:

  • Management Console: Fixed issue where renaming a group would duplicate the group
  • Network Services: Fixed issue where the first TCP-based syslog message would be logged with the wrong facility and severity
  • Agent: Fixed issue where some performance counters would not be loaded on certain hosts
  • Agent: Fixed issue with delimited log file monitoring
  • Agent: The logging of 1041 events, when problems monitoring an event log are encountered, has been improved. A new 1051 event has been introduced.
  • Remote Update Utility: Fixed issue where only the first 1000 computers would be retrieved
  • Web Reports: Windows 8 and Server 2012 hosts were not displayed correctly on some pages

Patch 2.93.1.37 released

2012-12-03

Bugfixes:

  • Agent: Fixed issue with delimited log file monitoring where "Merge remaining fields" would not work as expected
  • Agent: The pipe character can now be used inside filters for log file monitoring
  • Agent: Fixed issue memory leak in file checksum monitoring
  • Agent: Fixed issue where list of filters for file checksum monitoring would be truncated
  • Agent: Added two new built-in secondary performance counters [CpuCountLogical], [CpuCountPhysical]
  • Agent: Size of debug log file can now be adjusted with registry value
  • Agent: Added Windows 8 and Windows Server 2012 to list of Operating Systems for automatic package assignment
  • Agent: Fixed issue where performance alert would never be cleared
  • Web Reports: Improved Health Matrix
  • Web Reports: Fixed issue with maintenance wizard
  • Web Reports: Fixed issue with PostgreSQL
  • Network Services: Syslog data sent over TCP is now parsed correctly
  • Network Services: Displaying binary data has been improved for SNMP traps

Patch 2.93.1.27 released
Critical

2012-10-18

Bugfixes:

  • Agent: Improved performance monitoring to work around performance DLLs exhibiting handle and/or memory leaks
  • Agent: After applying this patch, Windows 2003 machines should no longer require Microsoft hotfix 938135
  • Agent: CPU usage of performance monitoring feature has been significantly reduced
  • Agent: Fixed issue where service monitoring would sometimes stop working after a configuration update was applied
  • Agent: File Access Tracking would not properly track files configured under "Exclude" when set to "Track all activity"
  • Agent: Fixed race condition with file checksum monitoring
  • Management Console: Insufficient licenses when using AD-linked groups could crash management console
  • Management Console: Downloading new packages has been re-enabled for users who upgraded from earlier versions of EventSentry to 2.93.1
  • Management Console: Misc. fixes
  • Patch: Fixed issue where patch would make web reports inaccessible and require users to manually run script
  • Web Reports: Misc. fixes

Patch 2.93.1.21 released

2012-10-03

Bugfixes:

  • Agent: Fixed issue where agent would not start during boot on select hosts
  • Agent: Stability improvements when configuration update is received
  • Management Console: Fixed bug where changing the schedule type of an application schedule would not be saved correctly
  • Management Console: Fixed issue where events would not be displayed correctly in built-in event viewer when total number of events was below 500
  • Web Reports: Fixed issue where sending emails would not work correctly with gmail
  • Web Reports: Fixed several issues when using the built-in PostgreSQL database
  • Installer: Updated to new version of built-in PostgreSQL (requires update with full installer)
  • Installer: Fixed issue where upgrades would not be detected correctly
  • Database Import Utility: Fixed issue where import would fail

Patch 2.93.1.17 released
Critical

2012-09-21

Bugfixes:

  • Agent: Fixed issue in SMTP action with ASCII email output when certain fields were unchecked
  • Agent: Fixed potential crash during configuration update while application scheduler scripts were running
  • Agent: Security events would not be parsed correctly on Windows Server 2012
  • Fixed issue on select Win2k3/XP machines where agent or management console would not start due to invalid performance settings in registry
  • Management Console: Removing a performance object from health package would save
  • Management Console: Minor bug fixes and visual tweaks

Patch 2.93.1.9 released
Critical

2012-09-10

Bugfixes:

  • Heartbeat Agent: Fix regression bug from 2.93.1.8 - when monitoring multiple TCP ports, only the first configured port would be monitored and heartbeat status would always show a warning
  • Agent: Service status changes performed by "Service Monitoring" would always be logged as informational events, regardless of configuration

Patch 2.93.1.8 released
Critical

2012-09-07

Bugfixes:

  • Improvements to patch and installer
  • Fixed memory leak and potential crash in agent
  • Heartbeat Agent: Fixed issue when host was set configured as router in group
  • Management Console: Several small bug fixes
  • Web Reports: Failed logical disks are now shown on overview page

Patch 2.93.1.6 released

2012-08-10

Bugfixes:

  • Installer: Fixed issue when adding components with non-default installation folder
  • Web Reports: Fixed issue with Japanse translation, added French translation
  • Web Reports: Fixed issue with Logon Failures report
  • Fixed MySQL issues with es_db_purge.exe and es_db_agent_status.exe
  • Fixed issue where patch would crash
  • Fixed issue when saving log file package changes
  • Changed default PostgreSQL ODBC driver to Unicode
  • Fixed issue with performance monitoring where agent would crash after startup
  • Heartbeat Agent: Resolved issue where hosts with dynamic IP address (DHCP) would sometimes not be monitored correctly

Patch 2.93.1.5 released

2012-07-31

Bugfixes:

  • Fixed various issues where changes in configuration would not be permanently saved
  • Regression: Fixed issue where $FILTER variable would not include folder name
  • Fixed security issue in health matrix
  • Fixed issue where too many MIBs would be configured in a default installation
  • Fixed issue where incorrect PostgreSQL ODBC driver would be setup in a new installation
  • Fixed issue where installer would not work correctly when run on a host with terminal services enabled
  • Tweaked performance monitoring interval to adjust dynamically, when obtaining performance counter values would take longer than expected
  • Added new database utility which can detect agents not writing to the database
  • Fixed database issue in network services
  • Other fixes to installer, web reports and agent

Patch 2.93.1.2 released
Critical

2012-07-02

Bugfixes:

  • Resolved critical issue in Heartbeat Monitor: Host that is offline may not be reported as ERROR
  • Resolved issue with language translation in web reports

Version 2.93 released

2012-06-25

Features:

  • New installer for a better installation and upgrade experience
  • Now includes a built-in (PostgreSQL) database
  • Added support for PostgreSQL 9.x
  • ODBC drivers for PostgreSQL and MySQL are now installed automatically (when needed)
  • New installation includes performance monitoring packages for Exchange Server and others
  • Preliminary support for Windows 8 and Windows Server 2012
  • Support for USB-only temperature & humidity sensors
  • Introducing the Configuration Assistant, which supersedes the database setup wizard, and introduces additional functionality
  • Heartbeat monitoring can now scan hosts in parallel using multiple threads
  • Heartbeat monitoring: Maintenance schedule can be set to the "nth" weekday (e.g. 2nd Tuesday)
  • Performance Monitoring supports floating point counter values
  • Performance Monitoring can log counter data to multiple databases
  • Performance Monitoring can combine values from two different counters
  • Performance Monitoring can detect leaks in performance counters
  • Performance Monitoring can suppress alerts based on past values
  • Performance Monitoring alerts are more verbose and include additional information, including counter descriptions
  • Process Monitoring: Supports wildcards and can evaluate the command line of a process
  • Event Log Backups: Better alerts and alerts now include SHA checksum of .evt(x) files
  • Event Log Monitoring: Content filter supports perl regular expression syntax
  • Event Log Monitoring: Day/Hour filter can be set to the "nth" weekday (e.g. 2nd Tuesday)
  • Event Log Monitoring: For Windows 2008 and later, processing performance has been optimized for higher throughput and lower CPU utilization
  • Process Tracking: Now collects process elevation level when UAC is enabled
  • Embedded scripts now verify temp file contents with checksum
  • Embedded scripts called from the applications scheduler now support command-line arguments
  • Hardware Inventory: On DELL & HP servers (when required manufacturer management tools are installed), collects fan speed, redundant power supply status, remote management card information, temperature information, detailed RAID information
  • Hardware Inventory: Retrieves warranty information for DELL, HP, IBM and Lenovo hardware
  • Hardware Inventory: Retrieves configured UAC level
  • Actions: Filter notes can now be posted to HTTP action
  • Management Console: Saving configuration is about 10 times faster
  • Management Console: Added better keyboard and mouse scroll wheel navigation for better user experience and section 508 compliance
  • Management Console: Status of all local EventSentry services is now monitored in the background
  • Management Console: Environment monitoring dialog now shows serial ports with descriptions
  • Web Reports: Performance Status and Heartbeat Status pages load significantly faster
  • IIS: IIS no longer has to be switched to 32-bit mode on 64-bit systems

Bugfixes:

  • Added support for 64-bit event numbers (Vista and later)
  • Audit policies for compliance tracking features are now set correctly on Vista and later systems
  • Resolved problems in various features when Japanese file names were processed
  • Computer names exceeding the maximum NetBIOS length of 15 characters are now properly stored in the database
  • Event message text is now properly formatted before submitting to SNPP (Pager) server
  • Software Inventory: Internet Explorer is now properly detected on Vista and later
  • Software Inventory: Patches are new enumerated even when TrustedInstaller.exe is active
  • Event Log Backup: Resolved small memory leak
  • Heartbeat Monitoring: Improved reliability
  • Heartbeat Monitoring: Resolved memory leaks
  • Environment Monitoring: Location is now included in alerts
  • Performance Monitoring: Performance Status and other related pages (including network status, mobile apps) now load significantly faster
  • Fixed bugs in Console Logon Tracking
  • Agent startup speed has been improved when service monitoring is enabled
  • File Access Tracking: Fixed issue on Windows 2008 and later
  • Network Services: Japanese Syslog messages and SNMP traps are now correctly logged to the event log and database

Patch 2.92.0.30 released

2012-02-05

Bugfixes:

  • Heartbeat agent would sometimes crash when encountering long group names
  • Heartbeat agent did not use impersonation security settings
  • Fixed issue with logon tracking, when clients used cached logons
  • Fixed issue with logon tracking when temp file size was set to 0
  • Improved text matching in network services for syslog packets

Patch 2.92.0.25 released

2011-11-17

Bugfixes:

  • File Access Tracking could crash agent on Win2k8 and later
  • Removing a computer from configuration could crash Heartbeat Agent
  • Fixed bug where 1041 events are created by agent, with same events being re-scanned on a regular basis
  • Fixed potential memory leak when using thresholds
  • Fixed issue with HTTP action not resolving insertion strings correctly
  • Fixed issue with process action not enclosing insertion strings in quotes
  • Misc. bug fixes in web-based reporting

Patch 2.92.0.11 released
Critical

2011-05-23

Bugfixes:

  • Fixed issue with agent logging a large amount of events with event id 1041 to the application event log, and sometimes causing a high CPU usage in svchost.exe (Win2k8 and higher only)
  • Fixed issue with Filter Timers when filter timers references multiple actions
  • Fixed issue with remote update which identified remote 32-bit hosts as 64-bit hosts
  • Fixed various issues in management console
  • Fixed various issues in the web-based reporting

Version 2.92 released

2011-04-15

Features:

  • SNMP trap daemon is introduced and logs v1, v2c and v3 SNMP traps either to the event log or the database
  • Syslog daemon has been moved from the EventSentry agent into the "Network Services" service, together with the SNMP daemon. Stability as well as reliability have been improved in the new Syslog daemon
  • Performance (optional) as well as environment email alerts now include an attached chart which shows recent performance / environmental data
  • Management Console: Clicking a computer icon now displays a summary page
  • Event Log Monitoring: Insertion string matching can now match empty strings
  • Event Log Monitoring: Number of supported custom event logs has been increased to 30
  • Service Monitoring: A recurring alert can be configured when a service remains in the "Stopped" state
  • Hardware Inventory: Network adapter speed is now collected, and speed changes are logged to the event log
  • Hardware Inventory: Addition and removal of Removable drives (e.g. USB drives) are now detected and logged to the event log
  • Hardware Monitoring: The S.M.A.R.T. status of physical drives (when supported) is monitored
  • Disk Space Monitoring: Volumes linked to by junction points are now included when disk space alerts are evaluated / generated. Note: Disk space information in web reports does not yet take junction points into consideration
  • Process Monitoring: The number of required instances of a process can now be specified
  • Print Tracking: Print tracking now works with Vista and later operating systems
  • Network Logon Tracking: When capturing "Logon By Type" events, "Audit Success" can now be excluded
  • A new HTTP action submits events to web pages via http or https
  • The SMTP action dialog now includes a wizard to build email addresses for common email to SMS gateways
  • Additional variable support for the Process, Syslog and Snmp action
  • Heartbeat Agent: Improved detection of remote agent status
  • Removed: Microsoft Access is no longer officially supported, and no MS Access database is shipped with the installer

Bugfixes:

  • Hosts configured with multiple NICs that are added to the configuration with just the IP address, will properly determine their group membership
  • Print tracking works with Vista, Win7 and Windows 2008

Patch 2.91.0.110 released
Critical

2010-12-02

Bugfixes:

  • Fixed issue with syslog daemon which would not log incoming syslog packets (affected builds 2.91.0.108 - 2.91.0.109)
  • User interface improvement for recurring event filters

Patch 2.91.0.109 released
Critical

2010-11-30

Bugfixes:

  • Fixed regression bug that prevented configuration updates and new agent installations from working

Patch 2.91.0.108 released
Critical

2010-11-24

Bugfixes:

  • Work-around for bug in Vista/Windows 2008 64-bit that cause registry corruption in rare circumstances
  • Work-around for bug in virtualized Windows machines that can cause high CPU utilization when using the Syslog action
  • Improved reliability of logon tracking in Vista and later
  • Fixed bug with software install/uninstall detection issuing erroneous alerts
  • Improved email action for certain non-US character sets

Patch 2.91.0.096 released

2010-09-15

Bugfixes:

  • Regression bug: Database purge utility would not run correctly
  • Regression bug: File access tracking would not match specified directories correctly
  • Fixed problem where certain events where re-read multiple times during a bootscan
  • Heartbeat agent would sometimes crash when a computer is removed from the configuration
  • Application scheduler event log settings from one package would overwrite same settings from different packages
  • SNMP v1 traps (OIDs and trap id) would not match MIB shipped with installation
  • Improved speed of event log monitoring on Vista/Win2k8/Win7

Patch 2.91.0.086 released

2010-07-21

Bugfixes:

  • File Access Tracking: Fixed bug where sub directories were monitored, even when configured not to do so. Also resolved problem where edit dialog would hide the directory field.
  • Improved character set handling for email actions
  • Hardware Inventory: Fixed stability problems that would cause agent to terminate
  • Event Log Monitoring: Fixed problem where agent would not correctly re-open a previously cleared event log under some circumstances on Windows 2008 and higher
  • Event Log Monitoring: Fixed memory leak that would affect Vista and higher operating systems
  • Software Inventory: Fixed WMI handle leak
  • Licensing: Fixed bug where licenses would not be calculated correctly with certain heartbeat configurations
  • Improved database code to result in fewer connections to the database
  • Improved database code to only use one database connection per agent
  • Fixed problem when running agent on systems with more 32 or more (logical) processors

Patch 2.91.0.033 released

2010-04-22

Bugfixes:

  • Subject in emails would be include additional tab characters, or space characters would be truncated, when subject length exceeds 80 characters
  • Compliance tracking features were tweaked for improved speed
  • Fixed problem with process action for event log entries that contain CR/LF characters
  • Fixed problem where negation would not work properly in event log filters
  • Directory monitoring would only work if disk space monitoring was selected in the same package
  • Tweaked service monitor to ignore case-sensitive changes

Patch 2.91.0.023 released
Critical

2010-02-25

Bugfixes:

  • Resolved problem where some evaluation licenses would not work
  • EventSentry management console would not work correctly on 64-bit Windows 2008 Hyper-V systems
  • Performance monitoring of OS-counters would not work correctly on 64-bit Windows 2008 Hyper-V systems
  • Moving event sources between custom event logs would sometimes not work
  • Resolved problem with SNPP action

Patch 2.91.0.018 released

2010-02-12

Bugfixes:

  • Built-in event viewer would not show event details for event sources only registered on the remote machine
  • Network status would not properly display with patched Internet Explorer v8

Patch 2.91.0.017 released

2010-01-28

Bugfixes:

  • Some events on Vista and later would not render correctly when viewed through the built-in event viewer on a remote machine
  • Fixed UAC prompt in EventSentry Light
  • List of filtered services would not apply to added or removed services/drivers
  • Real-time monitoring of software and patches would not work on Server Core under some circumstances

Patch 2.91.0.009 released
Critical

2010-01-07

Bugfixes:

  • The EventSentry agent would crash on some systems processing a large number of events
  • The EventSentry agent would not start one some systems when H/W inventory was configured
  • Creating user accounts with passwords linked to Active Directory could result in those user accounts not requiring a password
  • A Spanish translation to the web reports has been added

Patch 2.91.0.005 released
Critical

2009-12-08

Bugfixes:

  • If a service is removed during a reboot and service monitoring is configured to write to a database, then EventSentry service could crash

Patch 2.91.0.004 released

2009-11-24

Bugfixes:

  • Management Console would not start on Windows 2000
  • EventSentry agent would not accept evaluation licenses on Windows 2008 and higher
  • Computers with maintenance schedules would be skipped with remote update

Version 2.91 released

2009-11-16

Features:

  • Event Log Monitoring: Filtering capabilities have been improved to allow for insertion string matching, including the ability to interpret insertion strings as numbers, usernames or file names
  • Actions: SNMP action now supports v2c and v3 traps
  • Service Monitoring: Now collects service account as well as executable, in both alerts as well as reporting
  • Service Monitoring: Service history report now shows every service change per line, with easier readability
  • Process Tracking: Command line arguments of an active can now be collected
  • Logon Tracking: Group information is now collected
  • Software Monitoring: Uninstallation events now include same information as installation events
  • Software Monitoring: Windows updates are now collected on Vista, Windows 2008 and Windows 7, and more easily searchable in the web reports
  • Hardware Monitoring: IP addresses are now collected, and changes updated dynamically in the background
  • File Monitoring: Processing of a file's checksum can now be skipped if the size has not changed
  • Management Console: Authentication can now be set globally, in addition to being set on a per-group and per-computer level
  • Management Console: Computers in AD-linked groups can be sorted.
  • Management Console: Notes can now be added to computers
  • Environment monitoring: The minimum monitoring interval has been reduced to 5 minutes
  • Reporting: Health status of multiple computers can be displayed in a visual health matrix, scalable to display hundreds of computers in a single page
  • Reporting: The network status page now allows the customizations of performance counters as well as disks displayed
  • Reporting: Reports are more accessible, and can now be accessed from every page
  • Reporting: Most pages have been overhauled and improved for improved usability

Bugfixes:

  • Software Monitoring: Duplicate records of software is not longer shown in the software inventory
  • Compliance Tracking: Temp file was used even when its maximum size was set to 0 Mb
  • Network Status: This feature has been improved to avoid problems with computers missing, being displayed in the wrong group or not showing up at all
  • Disk space Monitoring: Alerts for low disk space are no longer generated when the total disk space is less than the alert (hard) limit to begin with
  • Hardware Inventory: Virtual machine detection, as well as Hyper-V detection has been improved for more reliability

Patch 2.90.0.43 released

2009-04-24

Bugfixes:

  • Minor tweak with NTP error message

Patch 2.90.0.42 released

2009-04-15

Bugfixes:

  • Events would not be rendered correctly on some non-English Vista/Win2k8 hosts
  • Resolved several minor issues with file monitoring
  • Authentication for computers and/or groups on 64-bit machines would not be picked up by heartbeat agent
  • Resolved problem with AD-linked groups when insufficient licenses are available

Patch 2.90.0.34 released

2009-03-18

Features:

  • n/a

Bugfixes:

  • Drastically reduced CPU usage in file monitoring feature for folders containing large numbers (100000+) of files
  • Various other improvements in file monitoring feature
  • Virtual machine detection is more accurate
  • Filters referencing more than one process action would trigger the same process action twice
  • Improved how blocked packages are managed and displayed in the management console
  • Improved performance monitoring for values that are larger than 0x7FFFFFFF
  • Tweaked automatic detection of hardware management software to avoid false alerts

Patch 2.90.0.24 released

2009-02-16

Features:

  • n/a

Bugfixes:

  • Fixed standard reports in installer
  • Added indexes to database for better performance

Patch 2.90.0.21 released

2009-02-04

Features:

  • n/a

Bugfixes:

  • Nessus Database Import Wizard would not work correctly from the command-line
  • Valid environment sensor settings would be reject by management console
  • Filter test feature would not show affected actions
  • Maintenance schedule set on a computer could erase customized heartbeat settings
  • Unlinking groups from ActiveDirectory would not be pushed to remote computers

Patch 2.90.0.15 released

2009-01-16

Features:

  • n/a

Bugfixes:

  • When terminating processes (application scheduler, process action, service action), child processes can now also be terminated.
  • Resolved problem where a timer-clearing filter would notify an action
  • Resolved problems with filter test feature
  • Fixed minor with auto-assignment feature of packages
  • Performance alerts can now use alert limits up to 4294967295
  • Fixed command-line functionality of es_db_nessus_import.exe
  • Resolved problems with the installer when setting up the EventSentry database on a MSSQL instance
  • Fixed several other minor issues with the installer

Patch 2.90.0.8 released
Critical

2008-12-18

Features:

  • n/a

Bugfixes:

  • Emails would not be resent when all configured email actions where temporarily unavailable
  • Improved event logging for email action
  • Deleting a computer could cause the management console to close in some cases
  • Dragging computers out of AD-linked groups is now being prevented
  • Performance counters would not be added correctly with Browse button in some cases
  • Email action now supports $EVENTDATETIME variable

Patch 2.90.0.6 released

2008-12-04

Features:

  • n/a

Bugfixes:

  • Packages could be inadvertently blocked
  • Filter test feature would not populate all fields in Vista and later
  • Remote update would not authenticate correctly when "ping before update" was not checked
  • Remote update would issue an error saying that file already exists

Patch 2.90.0.4 released

2008-11-21

Features:

  • n/a

Bugfixes:

  • Resolved incorrect Ping/Agent status reported by heartbeat agent when monitoring large number of hosts
  • Fixed issue sorting computers
  • Installer and key executables are now digitally signed
  • Fixed issue in installer where adding a database after the initial installation would always yield a logon error
  • Resolved issue with incorrect Flash version warning in dashboard
  • Loading a configuration without compliance tracking packages could cause corrupt event log packages under some circumstances

Patch 2.90.0.3 released

2008-11-14

Features:

  • n/a

Bugfixes:

  • Fixed problem with embedded scripts not working properly under some circumstances
  • Optimized web reports for better performance under Internet Explorer
  • Fixed issue with inability to disconnect from remote installation

Patch 2.90.0.2 released

2008-11-06

Features:

  • n/a

Bugfixes:

  • Fixed "CREATOR OWNER" installer error message on Non-English operating systems
  • Fixed MySQL database issue in installer
  • Resolved issues in management console
  • Resolved minor issues in web reports
  • Tweaked NTP synchronization error messages

Version 2.90 released

2008-10-29

Features:

  • Vista, Windows 2008 are monitored with new API
  • Event Log Backup feature supports .evtx files
  • Database Import Utility supports .evtx files
  • New NTP monitoring and synchronization feature
  • Event Log Filter Timers now support insertion strings for easier setup & more flexibility
  • Scripts can now be embedded into the <%PRODUCT%> configuration and referenced in applicationschedules & process actions
  • Actions: Jabber action supports chat rooms
  • Actions: Process action supports time-based termination and more event logging options
  • Actions: Fields in SMTP action can now be customized
  • Actions: In addition to controlling services, processes can be terminated (with support for insertion strings)
  • Actions: Certain actions can track their trigger history in database
  • Actions can now be enabled/disabled based on weekday and time of day
  • Compliance: New File Access Tracking feature
  • Compliance: Account Management Tracking
  • Compliance: Successful & Failed network logon tracking
  • Compliance: Audit, Domain & Kerberos policy tracking
  • Compliance: Trust Relationship tracking
  • Compliance: User & Logon Right change tracking
  • Compliance: Improved logon tracking to include domain role and indicate administrative logons
  • Compliance: Process tracking includes domain role
  • Heartbeat Monitor: Can now utilize credentials set on group or computer items
  • Heartbeat Monitor: Can notify you via email when the EventSentry agent is not running
  • Variables can now be assigned to computers in addition to global & groups
  • Service Monitoring: Events now distinguish between services and drivers
  • File Monitoring: Can detect alternate data streams (ADS)
  • Performance Monitoring: Added "between" condition and "divide by # of processors"
  • Software Monitoring: Monitors and records system uptime
  • Hardware Inventory: Detects more details about the OS (e.g. editions) as well as hardware
  • Management Console: Group-Level Inheritance can be blocked on a per-computer basis
  • Management Console: Remote update feature now uses threads for much faster update speeds
  • Management Console: Added "Quicktools" to execute any application against a remote computer
  • Web Reports: Extremely granular, built-In authentication has been added
  • Web Reports: Users can customize their settings in web reports without affecting global profile settings
  • Web Reports: Network Status includes switch to only show erroneous machines
  • Web Reports: Network Overview shows disk & performance alerts and event log trends
  • Web Reports: Network Overview shows overdue reports and most active machines
  • Web Reports: Computer Overview includes event log trend, overview and common errors
  • Web Reports: Report management has been improved
  • Web Reports: Reports support review as well as a report trigger history
  • Web Reports: Right-click menu for column headers allows toggling columns
  • Web Reports: Maintenance wizard supports deleting multiple computers at once, and much more
  • Web Reports: Database usage page shows storage details of database
  • Web Reports: Database can now be created and/or updated using the web reports
  • Web Reports: Print output has been significantly improved Three completely redesigned widgets using the Yahoo Widget Engine

Bugfixes:

  • Several bug fixes in the database import utility for importing log files
  • Issues with filter times have been resolved
  • Filter test feature has been improved
  • Event Log Monitoring has been improved for better reliability

Patch 2.81.0.43 released
Critical

2008-04-18

Features:

  • n/a

Bugfixes:

  • A malformed syslog packet could crash the EventSentry agent when the "Log to Event Log" option was selected
  • Deleting a global variable could change the ordering and values of inherited variables
  • Some variables would not be passed correctly to the "Process" action

Patch 2.81.0.38 released

2008-03-27

Features:

  • n/a

Bugfixes:

  • The start (index) page of the web reports would not display on new installations under some circumstances
  • Creating certain new actions would show a non-related error message under certain circumstances

Patch 2.81.0.37 released

2008-03-21

Features:

  • n/a

Bugfixes:

  • Dial-Up RAS feature does not dial RAS connection
  • Heartbeat agent would log useless error message to event log
  • Heartbeat agent would incorrectly report a host as delayed under limited circumstances

Patch 2.81.0.36 released

2008-02-06

Features:

  • n/a

Bugfixes:

  • The "Test Against Filter Rules" feature would not correctly test custom event logs
  • File monitoring would only monitor in intervals, not in real-time under certain circumstances
  • Using the "Remote" menu in the management console could crash the console

Patch 2.81.0.32 released

2008-01-11

Features:

  • n/a

Bugfixes:

  • The previous patch introduced a problem where the current heartbeat status would not be reflected in the web reports under some circumstances.

Patch 2.81.0.31 released

2008-01-09

Features:

  • n/a

Bugfixes:

  • Fixed handle leak when re-reading the configuration
  • Multiple Diskspace packages would not be merged correctly under some circumstances
  • Moving computers between groups would not correctly sync computers with web reports (database)
  • Bugfixes in web reports

Patch 2.81.0.26 released

2007-12-06

Features:

  • n/a

Bugfixes:

  • Windows 2008 is now properly recognized
  • Application Scheduler event log logging could not be switched off
  • "Monitor Realtime" would have to be checked in File Monitoring feature
  • Both Syslog daemon and Syslog TCP daemon were limited to packets of 1000 bytes size
  • Maximum amount of binary data that is stored in database has been increased to 65kb (require SQL 2005)
  • Required audit settings (process & logon tracking) would sometimes not be activated correctly
  • Changing mappings of a log file definition without restarting the agent would result in collected data not showing up in reports

Patch 2.81.0.21 released

2007-10-26

Features:

  • n/a

Bugfixes:

  • Summary Emails containing more than 1024 events would be split into multiple emails
  • Log File Definitions would not show up in web reports if no lookup fields were used in definition
  • Print-related unique Citrix identifiers (starting with WI_.....) would be added to ESEventlogComputer table
  • Application schedule details dialog would not read previously set timeout value correctly
  • Add Filter dialog from built-in event viewer would should hidden packages
  • Install & Configure Agent action would sometimes not start service automatically
  • Standard reports can now be saved in Popular Reports

Patch 2.81.0.15 released

2007-10-12

Features:

  • n/a

Bugfixes:

  • Heartbeat Agent would not start with some evaluation licenses
  • Refresh issue in built-in event viewer resolved

Patch 2.81.0.14 released

2007-10-10

Features:

  • n/a

Bugfixes:

  • Small enhancements and bugfixes in web reporting
  • Monitoring more than 20 folders in file and log file monitoring would not work
  • File Monitoring has been improved for better efficiency
  • File Monitoring can now monitor sub-directories
  • Deleting all computers from a group in the management console would sometimes not work
  • Using variables with a database action would display error messages when saving the configuration
  • Text size in feedback forms of management console has been increased
  • Service and Heartbeat Service can be set to manual start from management console
  • Fixed problem with size limitation in SMTP header
  • Minor fixes and improvements in the management console

Patch 2.81.0.1 released

2007-09-17

Features:

  • n/a

Bugfixes:

  • Fixed bug with DFS Replication event log always showing up
  • Fixed bug in database setup wizard for Oracle databases
  • Added additional translations
  • Fixed several bugs in web reporting

Version 2.81 released

2007-09-06

Features:

  • Database Setup Wizard now supports database connection strings and EventSentry Actions as a destination in addition to System DSNs
  • Nessus Import Utility and reporting now supports XML files from Nessus v3 as well
  • Web Reports: New "Network Status" overview page
  • New SMTP engine now supports TLS/SSL connections
  • Event Log Backup files can now be automatically compressed
  • Line delimiter can now be specified for non-delimited files as well
  • Actions now support a Limit feature
  • Management Console can automatically check for new versions and patches
  • Event Log Database Import utility is now called "Database Import Utility" and supports importing delimited and non-delimited log files
  • You can now specify a router for a Heartbeat-Enabled group to suppress duplicate alerts when a router goes down
  • Hardware inventory can now distinguish between logical and physical CPUs and show more detailed CPU information
  • Web Reports: Computer Overview page supports automatic iteration between computers
  • Web Reports: Weekly Logon Reports in Logon Tracking
  • Web Reports: Ability to email event records and copy event records to the clipboard
  • Web Reports: Calendar popup improved on newer browsers

Bugfixes:

  • Improved SQL queries drastically improve speed of most searches on the web reports
  • Detailed hardware inventory information (NIC, memory, etc.) would sometimes not be recorded correctly
  • Host names / IP addresses of remote Syslog hosts would not be included in events or the database if the IP address of the remote host could not be resolved
  • Resolved bug in environment monitoring dialog
  • Computers logging on to Citrix or Terminal Servers would show up in the "Computers" field of the Logon Tracking page
  • Active Directory Auto-Refresh: Computers that were removed from AD would not automatically be removed from the corresponding group
  • Web Reports: Improved Correlation between logon and process tracking
  • Web Reports: Several bug fixes in combination with MySQL, profile editor

Patch 2.80.0.11 released

2007-08-01

Features:

  • n/a

Bugfixes:

  • Events with no event message text associated with them would be written to a database with a timestamp of 1973 if they were queued by the agent
  • Additional event log error logging for disk space feature
  • Additional input error checking in management application

Patch 2.80.0.9 released

2007-07-15

Features:

  • n/a

Bugfixes:

  • Changes to performance monitoring counters would not be read on-the-fly by the EventSentry Agent under certain circumstances and a restart of the EventSentry service was necessary
  • Fixes the index.asp that might have been corrupted by the 2.80.0.8 patch released previously

Patch 2.80.0.8 released

2007-07-11

Features:

  • n/a

Bugfixes:

  • $STR variables for insertion strings can be used in "Process Action" as well
  • Fixed bug in "Process Action" where spaces are appended to command line
    Packages assigned to a computer only represented by an IP address would not work
  • Adding filter strings in Syslog and Log File Monitoring dialogs would not be saved correctly
  • GUI will self-repair if a configuration gets corrupted in most cases
  • Agent does not register itself twice in Add/Remove Programs

Patch 2.80.0.6 released

2007-07-03

Features:

  • n/a

Bugfixes:

  • Log File Monitoring would not work if both an environment variable and a wildcard is used in a file name

Patch 2.80.0.5 released

2007-07-02

Features:

  • n/a

Bugfixes:

  • A handle leak in the Heartbeat-Agent was fixed
  • A temporary file size larger than 4095Mb (Global Options) would not work
  • Insertion variables ($STR1, $STR2, etc.) will now resolve to empty strings when no insertion strings are present in an event
  • Duplicates of events would be cached when a database is temporarily unavailable
  • Specifying multiple MSSQL databases in a filter could cause the agent to crash
  • IP addresses were not resolved in event log messages generated by the syslog daemon
  • Specifying the IP address for computers would cause Remote Update to fail
  • Showing/Hiding features in the management console would not work for Health/Tracking packages
  • The management console can now be configured to automatically refresh ActiveDirectory-enabled groups
  • Log File packages can be hidden from the management console
  • Deleting an action will not cause filters to be configured to trigger "All Actions"

Version 2.80 released

2007-05-25

Features:

  • Log File Monitoring allows you to monitor both non-delimited and delimited files. You can either consolidate content into the database or receive alerts based on text logged to the log files
  • File Monitoring allows you to be notified when files in a monitored directory are changed (includes checksum hashes), and you can either track changes in the database or receive alerts
  • Directory Monitoring alerts you when a monitored directory exceeds a preset size
  • Jabber notifications allow you to send IM notifications, e.g. using Google Talk!
  • The hardware inventory feature now includes detailed information about installed memory and available slots, installed network cards, optical drives and you can remotely power on computers using WakeOnLAN!
  • Logon Tracking now includes more detailed information such as remote IP address, session connections/disconnections and workstation unlocks
  • The heartbeat agent now supports recurring alerts
  • As always we also fixed minor bugs and optimized various aspects of the agent to continuously increase the availability of the agents
  • Two new wizards were added for the log file monitoring and for setting up thresholds
  • A filter test utility has been added that allows you to test events against your filter rules by simply right-clicking an event in the built-in event viewer
  • Insertion Strings of events can now be displayed in the subject of an email ($STR1, $STR2, ...)
  • System Health features now include an "Alerts" button to easily create filters for events logged by the respective feature
  • Package summary pages now include description of packages
  • Hardware inventory feature can generate alerts when memory, CPU count or number of installed drives change

Bugfixes:

  • Custom event log settings are now completely transferred to remote machines when pushing the configuration
  • Some events would not be transferred correctly with the SNMP action

Patch 2.72.0.21 released

2007-04-25

Features:

  • n/a

Bugfixes:

  • An updated SNMP engine fixes problems with invalid SNMP traps
  • The "Mini" SMTP target would append the computer name incorrectly in some cases
  • Copying and pasting SMTP target with a header/footer configured could crash the management console
  • On multi-homed machines, an updated SNMP engine now shows the IP address of the interface where a SNMP trap was sent out.

Patch 2.72.0.19 released

2007-01-24

Features:

  • n/a

Bugfixes:

  • Web reports (Event Search) would show long strings in wrong places after an EventSentry agent was temporarily unable to write to the database
  • Management Console would generate an application fault when installed on a logical drive formatted in FAT32

Patch 2.72.0.17 released

2006-12-08

Features:

  • n/a

Bugfixes:

  • Remote Update would not transfer settings from fields that contain more than one line (filter text, filter notes, SMTP header and footer)

Patch 2.72.0.15 released

2006-11-11

Features:

  • n/a

Bugfixes:

  • Fixed and enhanced internationalization support, encodings can now be configured in EventSentry and the web reports
  • Timeout in the SERVICE target has been increased to 5 minutes when restarting services
  • Fixed problem with backup notifications, where an invalid line in a temporary file would cause the agent to use a high amount of CPU time
  • Fixed problem in the dashboard

Patch 2.72.0.14 released

2006-11-03

Features:

  • n/a

Bugfixes:

  • A large amount of events (e.g. 20/sec) would cause the EventSentry agent to use a large amount of CPU time
  • Connecting to a remote computer that has an IP address configured would not work correctly
  • EventSentry agent would cause the floppy access light to blink on some machines every 60 seconds when disk space monitoring was enabled
  • Fixed problem when dragging computers into different computer groups

Patch 2.72.0.11 released

2006-10-27

Features:

  • n/a

Bugfixes:

  • Fixed problem with updating configuration on remote hosts that have been assigned an IP address
  • Deleting a target could reconfigure heartbeat and/or tracking database settings
  • Disk space dialog would not retain drive-based settings
  • Fixed bug in index.asp page with Access Database
  • Fixed problem when saving standard reports on MySQL Database
  • Added BIOS/SerNr information to dashboard
  • Fixed problem in certain print reports

Patch 2.72.0.9 released

2006-10-13

Features:

  • n/a

Bugfixes:

  • Fixed problems with remote syslog settings not being saved
  • Fixed problems with system information and WMI
  • Updated welcome wizard

Patch 2.72.0.5 released

2006-09-27

Features:

  • n/a

Bugfixes:

  • Added preliminary support for Vista RC1
  • Fixed bug in WMI hardware detection
  • Connecting to a remote x64 host might display an empty configuration
  • Remote update would remove syslog configuration on remote host
  • Fixed problem with copying a timer filter
  • Fixed various bugs in web reports
  • Message file (eventsentry_msg.dll) is now incorporated into eventsentry_svc.exe file

Version 2.72 released

2006-09-07

Features:

  • Remote configuration updates do not require the Remote Registry Service anymore, but instead use the ADMIN$ share. A work-around without the ADMIN$ share exists
  • Remote update shows the total and average time it took to perform an action in the status bar
  • Event Log Backup Files (.evt) can be imported into the EventSentry database
  • An event browser lets you browse for all installed event log messages on a system
  • Two wizards where added to accomplish common tasks
  • Disk space alerts are now cleared after an alert, the volume name is also shown in alerts
  • Disk space web-reports can be filtered/grouped on the group level
  • Speed of performance charts was improved significantly
  • Expanded the "toggle" functionality to most search pages
  • A user-configured IP address will now be used on the web reports

Bugfixes:

  • Deleting a database target could incorrectly configure the notifications of existing health and tracking features, including notifications set on the package-level
  • Remote update would not work correctly when the EventSentry was not installed locally
  • Creating a new package and immediately configuring it to be global would not work
  • The automatic configuration backup feature would not correctly delete old files
  • A temperature-only sensor could not be configure for a position other than 1
  • The temperature and/or humidity sensor would not work correctly
  • Remotely connected event logs would sometimes not be restored correctly
  • Filters and folders with the same name would crash the GUI
  • The event log summary dialog would display incorrect data when connected to remote hosts
  • Finding Event IDs works correctly now
  • Creating multiple SNPP target notifications was not possible
  • Resolved problems with event reports on SQL Server 2005
  • Resolved problems with IP address lookup
  • Resolved problems with the performance reports
  • "Update Configuration" feature would not work for x64-bit target systems when the host machine would run Windows Server 2003

Version 2.71 released

2006-07-06

Features:

  • Filter Timers for event-log relation
  • Additional hardware sensors: Motion-, Smoke- and Water sensors
  • Nessus reporting support
  • Database purge utility (command-line based)
  • Installer now supports MySQL
  • Agent: New Shutdown/Reboot and Service Control target
  • Agent: Support for more runtime variables in SMTP Header/Footer
  • Heartbeat Monitoring: Ping tracking
  • Heartbeat Monitoring: Maintenance schedule can be accounted for in uptime statistics
  • Improved hardware inventory (now also detects serial numbers, model and graphic adapter/resolution)
  • Remote Update utility to automate remote update tasks
  • Improved dashboard
  • Ability to save the configuration as a HTML file
  • Maximum temp file size mechanism change
  • Various improvements in the web reports

Bugfixes:

  • Pushing the agent to a remote host running the x64 edition Windows Server 2003 would sometimes not work
  • Fixed problems with application scheduler that would not execute certain files properly
  • Fixed various small bugs in management console application
  • Fixed problem with certain threshold settings
  • Fixed bug with performance monitoring
  • Fixed XSS vulnerability in web reports
  • Fixed minor issues in database setup wizard
  • Fixed problem with event log backup assignments
  • Fixed problem when computers where added with FQDN instead of NetBIOS name

Patch 2.70.0.9 released

2006-03-13

Features:

  • New "Remote Update Utility" eventsentry_upd.exe allows for remote update to be scheduled through the command line
  • TEST button for SMTP notifications shows more information

Bugfixes:

  • Disabled packages would still be executed by the agent
  • Event Log form in Access database was linked to an non-existing table
  • Upgrading from 2.60 to 2.70 could cause problems when "3rd Party applications" where present
  • "Cancel" would not interrupt a running remote update
  • Some reports in the web reports would not display correctly as RSS feeds
  • Several small problems in resolved the performance web reports
  • Disk reports and software history would sometimes not display when using MySQL
  • Fixed several other small issues in GUI and agent
  • Ping status would not be reported correctly by the Heartbeat agent under some circumstances

Patch 2.70.0.4 released

2006-02-23

Features:

  • New option optionally reduces network traffic when pushing configuration updates

Bugfixes:

  • EventSentry agent would not resolve numbers inside some event log messages correctly
  • Messages queued in back queue would not be resent after the agent starts or after the configuration was saved
  • Some special characters in OU strings caused problems with AD import/linking
  • Minor bugfixes in dialogs
  • Hiding/Unhiding packages would sometimes not work
  • Disconnecting from a remote host would hide computers in remote update
  • EventSentry Heartbeat Monitor would incorrectly report an unavailable computer as up and running
  • The EventSentry Heartbeat Monitor would not correctly update the HTML status file under certain circumstances
  • Web Reports: Disk Reports would not display on MySQL

Version 2.70 released

2006-02-09

Features:

  • Management console now supports filter, health and tracking package for easier and more flexible administration
  • NETIKUS.NET offers standard filter and health packages that can be updated directly from the management console over the Internet
  • Performance monitoring to track performance information (e.g. CPU usage, memory usage) in a database and/or receive performance alerts via notifications (e.g. email)
  • Filter packages can be configured to be automatically active when one or more services are installed
  • Environment monitoring now supports temperature and humidity ranges and also clears previously issued alerts
  • Pager support for paging providers that support the SNPP protocol
  • Service monitoring now includes database support, allowing you to query service status, history and uptime through the web reports
  • Autorun Monitoring is now called "Software Monitoring"
  • Software inventory is now included as Software Monitoring now includes database support. This allows you to query installed applications and installation history through the web reports
  • Software monitoring also monitors the ActiveSetup registry key
  • 3rd Party Application is now called "Application Scheduler" and supports running custom monitoring tasks in a recurring fashion, e.g. every 30 seconds.
  • Logon tracking monitors logon's and logoff's, enabling you to view detailed logon/logoff information about users through the web reports
  • Print tracking monitors all print jobs and allows you to see print job data and statistics through the web reports, including the ability to assign cost to print queues for invoicing
  • The threshold feature has been simplified and offers new features
  • The built-in event log viewer supports opening .evt files, you can also open .evt files directly from explorer
  • Remotely connected event logs can automatically be restored after restarting the management console
  • The remote update computer list can automatically be sorted
  • Heartbeat agent now supports maintenance schedules that can be set for individual computers and/or groups
  • Management console supports searching for filters and computers
  • Management console can automatically backup the entire configuration at preset intervals
  • The completely redesigned web reports now offer a dashboard, event log reports, a profile editor, a maintenance wizard and much more!

Bugfixes:

  • Reduced size of configuration in registry for faster remote updates
  • Increased agent stability
  • Fixed problems with moving and cutting/pasting filters
  • Several problems in the web reports have been fixed
  • Duplicate computers cannot be entered anymore and no longer cause problems with the heartbeat agent

Patch 2.60.0.132 released

2005-11-28

Features:

  • n/a

Bugfixes:

  • Only three (of eight) custom event logs are configurable in the management console
  • Threshold feature, when configured for a "1" maximum, might crash agent

Patch 2.60.0.131 released

2005-11-01

Features:

  • n/a

Bugfixes:

  • Summary notification with ODBC targets might crash agents
  • The presence of the HKLM\Software\Wow6432Node key on a 32-bit machine will cause the EventSentry management application, agent and heartbeat agent to load an empty default configuration

Patch 2.60.0.130 released

2005-10-07

Features:

  • n/a

Bugfixes:

  • Memory leak in threshold feature (with event-based thresholds selecting the message text)
  • Inaccurate threshold when setting limit to 1
  • Other minor bugfixes in both the service and management application

Patch 2.60.0.127 released

2005-08-26

Features:

  • n/a

Bugfixes:

  • Handle leak in Autorun Monitoring
  • Pool Nonpaged Bytes and Pool Paged Bytes in Autorun Monitoring
  • Handle leak in SNMP notification target
  • When launched from a folder with only a single ACE, EventSentry will remove all permissions

Version 2.60 released

2005-06-01

Features:

  • SNMP Support (sending traps)
  • Monitoring of application installation/uninstallation
  • Monitoring of machine-based autorun registry keys and directories
  • Web reports now feature an uptime calculation page
  • Ping option for remote update can be toggled
  • System health options can now be set to block inheritance
  • Process Monitoring can be configured to start after X seconds
  • Various enhancements in the management application, including proxy server support for feedback and news feature
  • Added ping dependency in heartbeat monitoring
  • Added additional monitoring options in heartbeat monitoring
  • Added database backup feature (if database is temporarily unavailable) to heartbeat monitoring
  • Agents installed through remote update can now be uninstalled on target machines using "Add/Remove Programs"
  • Desktop target notification now supports remote hosts in addition to the local host
  • "Online Configuration Update" feature was improved for higher stability
  • Map IP address to alias in remote update
  • Changed MSI installer from Wise to InstallShield for higher stability and more future features
  • PHP web reports are no longer available

Bugfixes:

  • Some SIDs were not resolved to usernames correctly
  • Clicking on the "Computers" container would show a wrong path in an error message
  • Computers would randomely not show up in the web reports computer list
  • Saving the configuration would increase the memory usage on the agent, without freeing it (~200kb)
  • Some processes in "Process Tracking" would incorrectly show up as "still running" when they had exited
  • Bootscan feature of Process Tracking would not record all activity correctly
  • Recurring event filters would not work 100% correctly when a schedule would end exactly at midnight
  • SMTP Footer would not appear in Mini Emails
  • Under certain circumstances on very busy event logs (e.g. security event log on domain controllers) some event records would be skipped and not processed
  • The agent would crash under special circumstances when using the summary notification feature
  • When clearing an event log the agent would not continue to monitor this log
  • Fixed various issues with SP1 of Windows Server 2003
  • Various bug fixes in the management application
  • Various bug fixes in the agent
  • Fixed problems in combination with DEP (data execution prevention) in SP1 of Windows Server 2003
  • Various fixes in the installer, including ability to run installation on Windows NT 4.0

Version 2.50 released

2005-01-26

Features:

  • Temperature & Humidity monitoring with external device
  • Heartbeat monitoring of remote hosts (ES agent monitoring, PING and TCP port checks)
  • Local computername may now be added to remote update list
  • ODBC Target supports ODBC connection strings in addition to DSN names for easier deployment
  • "Audit Process Tracking" can now also be switched off through "Process Tracking" feature
  • Recurring event feature lets you define events that you expect to appear (such as a tape backup) during a certain time period, and become notified if they are not
  • Computer field added to event log filter properties
  • Event Log Backup feature now supports environment variables in file name
  • Event Log Full detection now also supports the ODBC, NET SEND, SYSLOG and DESKTOP targets
  • GUI: Event Log Viewer supports sorting
  • GUI: Remote Update results window allows for sorting
  • GUI: Remote Update also sends computer names
  • GUI: Remote Update "Computers" container supports sorting and drag/drop
  • GUI: Targets support drag/drop
  • GUI: Active Directory linked groups now show the actual computers under the "Computers" container and allow for authentication to be set on a per-host level
  • GUIDs in event log records are resolved to display name
  • Filter Source, Category and Users allow for multiple values, separated by comma
  • Filter Source, Category and Users support negation with exclamation mark
  • Binary data of events now also available in all notifications, GUI and web reports
  • Additional variable support for the FILE target
  • ASP and PHP Web reports now work with all supported databases (Access, MSSQL, MySQL, Oracle), the PHP web reports have been switched to use ODBC
  • A new Database Wizard now creates all tables, indexes and permissions automatically on MSSQL, MySQL and Oracle
  • The new MSI installer optionally creates a virtual IIS directory and/or sets up the MS SQL Server database automatically
  • SMTP target now supports an optional header and footer that can be added to every email
  • Service Monitoring: Included/Excluded services now support wildcards
  • Process Tracking: Included/Excluded processes now support wildcards

Bugfixes:

  • Database layout completely redesigned for faster web reporting
  • Event Log Scanning engine significantly improved
  • Memory Leak in filter processing removed
  • Absolute diskspace limits now work for values > 4Gb
  • Selecting a particular set of logical drives would not work
  • ASP Web pages corrected to support Access databases without restrictions
  • ASP Web pages corrected to support non-US date formats
  • Threshold feature incorrectly counting excluded events towards limits
  • Filtering of "Filter Text" would not work correctly when filter text attempted to match the last character of an event log record
  • Password for group (remote update) not saved correctly
  • GUI will not allow more than one instances anymore on computers running Terminal Services to avoid data corruption
  • GUI will not freeze while performing remote updates and switching to another application
  • Several bug fixes in ASP and PHP web reports
  • Unsupported characters were allowed in filter names, resulting in configuration corruption

Version 2.43 released

2004-07-22

Features:

  • Process Tracking records all process activity in a database and allows you to see a process history on all monitored hosts
  • Service monitoring can control services and maintain a set status. Failed services can now be automatically restarted
  • Disk Space Monitoring allows for more granular settings for warnings and database connections
  • Disk Space Monitoring will now recognize when new (fixed) disks are added or removed during runtime
  • Event Log Backup allows for backups of all event logs for faster configuration
  • Database table names can now be specified for each of the features requiring a database (ODBC target, disk space trend collection and detailed process tracking)
  • GUI: "Force News Update" reloads latest news
  • GUI: Filters can be commented

Bugfixes:

  • Critical handle leak in eventsenry_svc.exe (nonpaged pool leak)
  • Memory leak in NonPaged pool when using the TCP syslog target and remote syslog host is not accepting TCP connections
  • Launching applications with the "3rd Party Applications" feature might show error "Invalid access to memory location" and the application would not run.
  • An error with the summary notification feature could crash the application when a large amount of events (more than the configured maximum) were summarized.
  • Right-Click on SYSTEM event log in tray icon opens security log (no other logs are affected)
  • Other minor bugfixes in service and GUI

Version 2.41 released

2004-06-07

Features:

  • Added $HOSTNAME variable to event log backup feature

Bugfixes:

  • Warning messages in PHP interface removed
  • Wrong $DAY, $MONTH and $YEAR variables in event log backup feature
  • OLE DB error in index.asp file removed when using an MS Access database

Version 2.40 released

2004-05-25

Features:

  • Tree in navigation pane restructured for easier navigation, general usability improvements
  • Maximum groups, targets were increased
  • Active Directory Import (with "Link" feature) added
  • Up to 5 remote event logs can be added to navigation pane
  • Change detection added, GUI tries to determine whether changes were made and only prompts to save then
  • Event Log Viewer filter added (filter for errors, warnings, information, audit success & failure)
  • Only active group is sent to remote computers with remote update
  • One-Button remote agent installation
  • Tree status is now also saved/restored when connecting to remote computers
  • ODBC target has a test button now too
  • Mini-Emails can now be customized
  • Dial RAS connections before sending emails
  • This target has been optimized and should offer higher throughput
  • Custom variables are introduced, variable processing improved
  • Variable $EVENTMESSAGE for SMTP subject added
  • Automatically backup and clear event logs on a regular basis
  • Run command-line applications and log their output to the event log
  • Monitor memory consumption of processes to detect possible memory leaks
  • Monitor diskspace, including trend change detection
  • Trial Version & Full Version are now one product

Bugfixes:

  • Remote Update: Health settings of a group could be deleted when only updating filters
  • Service Monitoring would not save changes when adding services that don't exist on local machine
  • Feedback forms do not disappear when connection was unsuccessful
  • Renaming groups could yield random results
  • Filter processing has been optimized
  • Some boot time events could be ignored
  • Formatting of event log records has been corrected and improved
  • SMTP message now contain a Message ID
  • Memory leak in trial version resolved

Version 2.30 released

2003-12-05

Features:

  • EventSentry now monitors services
  • Small enhancements in the management interface
  • Filter Groups are now referred to as "Groups"
  • Filter Groups can be added/removed in Remote Update, System Health and Filters tree
  • PHP version of web interface added (ASP + PHP now supported)
  • Added links to eventid.net, google, etc. to web file
  • Syslog facility/level now mapped to event category for incoming syslog packets

Bugfixes:

  • Long date format problem in event viewer resolved
  • Rename problem in GUI resolved
  • Import Problem in GUI resolved

Version 2.21 released

2003-11-05

Features:

  • Syslog target now supports TCP in addition to UDP
  • Remote Update speed improved
  • Remote Update displays more informative error messages
  • Remote Update now supports different credentials
  • Added troubleshooting section in help file and GUI for every target
  • Numerous enhancements in the management application
  • Added EventSentry Quickstart Guide

Bugfixes:

  • Event records containing a single dot per line could cut off email
  • Potential problems in wildcard feature
  • Problem in built-in Event Log viewer with certain events resolved

Version 2.20 released

2003-09-08

Features:

  • (X)HTML emails are sent in multipart/alternative including a non-HTML version of the content. This is useful for email clients that are not capable of displaying HTML messages and for filtering (rules) in MS Outlook
  • Wildcard support for filters was added
  • The following additional variables for the SMTP target were included: $EVENTSOURCE, $EVENTCATEGORY, $EVENTTYPE, $EVENTID
  • The $HOSTNAME variable is now supported in the SMTP Sender email field
  • The built-in event log viewer allows you to query web sites to obtain information on a particular event
  • Installer features (Management package) improved

Bugfixes:

  • The syslog hostname (as logged & reported by the syslog daemon) was truncated
  • The welcome screen might show an invalid event log summary when connected to a remote machine
  • Day/Time summaries are sometimes not read correctly on the fly, a service restart is necessary
  • Changing the debug logging level requires a service restart
  • Various improvements in the management application

Version 2.11 released

2003-08-18

Features:

  • Customizable Welcome Screen shows important information such as event log summary and more
  • Display speed of the built-in event viewer was greatly improved
  • Invalid filter order is detected by management interface
  • Some menu options renamed for improved usability
  • Sample ASP pages for querying a ODBC database were added
  • On German Operating Systems EventSentry logs German messages to the event log

Bugfixes:

  • Service (agent) underwent a major security code review
  • Memory usage reduced and optimized
  • Exclude filters using more than one target would not exclude events properly
  • Drag & Drop would sometimes not work properly
  • Creating filters or targets would fail when clicking with mouse instead of hitting enter
  • Remote update would sometimes not connect to certain machines
  • Import wizard would only show ~250 computers
  • Size & positioning issues with desktop notification feature were corrected
  • Potential problems in the network target have been resolved
  • Problems with the summary notification have been resolved

Version 2.10 released

2003-07-03

Features:

  • Custom event logs can now be managed and monitored

Bugfixes:

  • Fixed problems in the built-in event viewer
  • Other minor fixes / optimizations

Version 2.01 released

2003-06-18

Features:

  • Added checkbox functionality for remote update
  • All filter groups can now be updated at once

Bugfixes:

  • Fixed problems in the remote update feature (including service installation)
  • Fixed problems in built-in event viewer

Version 2.00 released

2003-06-05

Features:

  • Added installer software
  • Completely redesigned the GUI (graphical user interface)
  • Filters can be assigned to multiple targets
  • Smtp target enhancements
  • Added network target (ala net send)
  • Added process target
  • Added sound target
  • Added desktop target

Bugfixes:

  • Permanent summary notification on Windows NT4 might not work due to missing %TEMP% variable

Version 1.15 released

2003-03-11

Features:

  • Summary features events are now stored through service restarts, filter option "Filter Text" is not case sensitive anymore

Bugfixes:

  • "Stop processing other filters" didn't work in combination with summary feature under some circumstances
  • Other minor bug fixes

Version 1.14 released

2003-02-25

Features:

  • Targets can now be enabled/disabled, multiple concurrent instances of the GUI are prevented

Bugfixes:

  • The "stop processing other filters" option didn't work correctly under some circumstances
  • Bootscan would report too many events under some circumstances
  • Using ODBC with a MS SQL Server would sometimes not write events to the database
  • Excluding filters for particular targets would under some circumstances not work

Version 1.12 released

2003-02-10

Features:

  • no new features

Bugfixes:

  • The filter summary dialog box is cleared/reset under some circumstances
  • A filter group update does not correctly set the active filter group on the target computer
  • Sending emails with certain mail servers would fail.

Version 1.10 released

2003-02-04

Features:

  • Introduced filter groups (see help for an explanation)
  • Added the parallel ASCII-printer target
  • Added email importance flags
  • Added/improved computerlist import/export
  • Added GUI tips

Bugfixes:

  • A special kind of eventlog entry could crash the service
  • Database DATETIME field was not used (text was used instead)
  • Eventlog entries would sometimes be ignored
  • Fixed GUI ALT-F4 issue
  • Other minor fixes in both GUI and service

Version 1.03 released

2003-01-16

Features:

  • Added the $HOSTNAME variable for the SMTP subject and FILE filename
  • Added HTML customization options

Bugfixes:

  • If an eventlog is configured to "overwrite events as needed" and events are being overwritten (because the eventlog is full) then EventSentry can stop monitoring this particular eventlog under certain circumstances. All customers are encouraged to update.

Version 1.02 released

2002-12-22

Bugfixes:

  • Under some circumstances the GUI could crash when performing any kind of batch update. The EventSentry service is not affected by this problem.

Version 1.00 released

2002-12-19

Bugfixes:

  • This is the initial public release of EventSentry.