Added ability to import Groups and IDs through Directory Agent.
System Status
Messages
Visualizer
Added screen to view Visualizer profiling information.
Reporting
Dashboard
Visualizer
Replaced all existing dashboards with Cyfin Visualizer. This new charting solution allows you to create and save panels on multiple dashboards as opposed to the single view that you had to configure each time you went to the charts. Any non-ad Cyfin logon will automatically be able to log into the visualizer using the same credentials as Cyfin.
Managing Metric Server Data Storage and Provisioning
Log in to Cyfin and your company’s personalized storage metrics will be detailed on the homepage. You will find the Average Daily Data Volume, Storage Remaining, and Days Remaining. This information will provide the ability to calculate your specific storage needs:
Avg. Daily Data Volume – Average amount of data stored per day.
Est. Days Remaining – Days remaining until total storage is used.
Storage Remaining – Amount and percentage of storage available.
Updated jQuery library to version 3.6.0 which corrects security issue.
Log Configurations
Added Cisco Umbrella Export.
Added Fortigate Export.
Added Sophos Web Application.
Updated CheckPoint config to handle HTTPS Inspection records and URL Filtering records to sites with invalid certificates.
Performance
Sped up startup by moving template verifier and empty indices tasks to job queue.
Corrections
Log Parser
Fixed parser not handling configurations that have optional header record line.
Fixed issue of not using correct port field to assign protocol.
Properly adjusting log date by timezone adjustment in config file.
Correctly dealing with escape characters in log fields.
Sped up performance by fixing method to consolidate configurations using the same tokenizer to single parser. An error in the method to identify identical tokenizers was leading to excessive parsers and incorrect stats.
Log Download
Fix log download issue by using js window for SSL download and php for non-secure.
Caching product update information to prevent constant polling while on home screen.
Settings
Email
Replaced all legacy e-mail client with newer version.
Added option for e-mail client to connect using ssl.
Added SSLStart capability to e-mail client.
Secure interface
Forcing TLS1.2 for default interface certificates.
TT-2232 Added Subject Alternate Names as option to generating Certificate Signature Request.
Reporting
Log File Text Parser
Updated next generation reporting engine to parse web type data configurations. Product now capable of reading multiple record types for single data configuration.
Added Office365 reporting module.
Added configuration option in Data Management – Setup.
Added Office365 option in Report Templates including all available reporting fields for creating Office 365 report sections.
Updated Reporting engine to pull data from Office 365 data stored in metric server.
Data Management
Added option to compressed log data that was generated by Wavecrest product (eg. syslog, or CyBlock). This option is disabled by default.
Syslog
TT-2287 Removed hostname look-up for each UDP syslog record received.
Corrections
System
Removed log4j and replaced with latest fully patched log4j2 version.
Improved UI speed by removing unnecessary health check calls.
Removed unused libraries from installer.
Implemented new library implementation for tracking CPU and Memory usage for Windows installs.
Data Manager – Log File Download
TT-2340 Fixed calendar incorrectly setting last available download date.
Reporting
Dashboard
TT-2337 Fixed Palo Alto Traffic chart query that was failing because Classifications is not available for Palo Alto Traffic categories.
TT-2337 Fixed Palo Alto Traffic chart query using wrong indices when querying data.
Dashboard Charts – Trend – Classifications
TT-2235 Corrected parameter issue that caused chart to not load.
Report Manager
TT-2314 Fixed the no network segments exist message.
Categorization
TT-2291 URLs that are uppercased in log source now properly match to list or custom URL entries.
Once this application is registered note the Application (client) ID and the Directory (tenant) ID. Then configure the authentication in the Certificates & Secrets section from the link provided above.
Configure Cyfin
Navigate to ‘Data Management – Log Data Source – Setup’
Select ‘Create New’ from the configuration dropdown and click ‘Next’
Click Office365 from the listed options
Fill in the appropriate fields with information gathered from the prerequisites. See below image.
Once completed continue to the next screen and name your configuration then click next once more to save.
Added SonicWall VPN firewall parser to existing SonicWall VPN configuration. This allows configuration to track network activity for active VPN sessions.
Report Templates
Added Bytes to VPN Heatmap metric options.
Updated Hits VPN Heatmap metric to use firewall connectivity information instead of just sessions logons and logoffs.
Corrections
Data Management – Import
Added catch for handling incorrect URL formats that was causing import to fail.
Setup – Restore
Fixed inability to properly upload Restore Point.
Log File Text Parser
Corrected byte storage from int to long to prevent parsing error when total bytes is greater than max int value causing record to be thrown out.
Add ability to cancel task for auto inspecting source log data for matching to known devices log formats.
Help
Support – Log Configurations
Added new feature to allow for inspection of syslog data and submission to Wavecrest for analysis. A link to this new page is given during the log configuration wizard when the syslog data is not matched to any known device log format.
Corrections
Reporting
Dashboard
The metric for “Visits” was missing from the selection in all the charts. Additionally, the Hit metric was displaying “Visits” legend label. These are now corrected.
