ImmuneSecurity (now called Logpoint) proudly presents LogInspect™ version 5.1.1. This version contains numerous enhancements as well as some bug fixes.
The highlights for this release are:
- Introduction of LI Lite for distributed collection of logs from remote locations.
- Higher availability of logs from the main LogInspect can be made by creating a copy of a repo in the remote LogInspect.
- Introduction of tenants for effective object management between various organizational units.
A selection of the major enhancements of LogInspect™ v5.1.1 is listed below in detail.
Devices and Collection
- Logs can be forwarded into the system from different platforms using the Distributed Collector. This support is available for LI Lite at the moment.
- IPv6 support is extended to the following collectors and fetchers: SNMP fetcher, sflow collector,FileInspect collector, SNMP trap collector and the netflow collector.
- The CIDR IP address, is supported for all of the collectors.
- Log parser’s pattern can be validated by checking against the example message.
- SNMP fetcher works for leaf OIDs.
Search and Queries
- Fields in search query can now be renamed.
- Grouping constructs support “order by” syntax.
- Inline list now supports, using whitespace enclosed by quotes.
- Cmd + click (Ctrl + click) opens and displays the search result on a new tab.
Dashboard and User Interface
- Growl position setting, can now be managed from preferences page.
- Dashboard tabs are now moveable.
- LDAP authentication supports three different login formats: “Sam Account Name”, “UID” and “DN”. This can be configured from “Advance LDAP Settings”.
- SSL implemented for Directory Access Protocol (LDAP Strategy).
- Username is now made non editable.
Correlation and Alert
- Ownership of rules can be transferred to other users.
System and Performance
- Critical security updates for the system can be applied by uploading the tested security patch and installing them.
Backup and Storage
- Backup scheduling is made optional.
- For backups, its now possible to apply a retention policy.
- Windows events can now be collected, by using the “Windows Event Log Reader” checkmark, while configuring the FileInspect client.
- Queries in reports templates are now editable.
A selection of the major bug fixes of LogInspect™ v5.1.1 is listed below.
- Netflow v9 now contains all available fields.
- HTTPS certificate can now be applied, without rebooting the server.
- Problem with configuration backup has been fixed.
- Vendor dashboard can now be used through the “use action”.
If you have any inquiry or questions, please don’t hesitate to contact us.