Version 19.0.1 - December 2020

Plixer Scrutinizer

New Features

- DDOS: Support IPv6 (12)

- Add AWS Role Based Authentication for use in AWS (377)

- Allow AWS flowlog polling at 1m frequency (940)

- Enforce password policy on password change and restrict from using last four values (1235)

- Summary Reports added to new UI (1459)

- Add “scrut_util –show datasize” to enumerate DB schemas and their disk usage. (1539)

- Define Allegro IEs (1633)

- Support for new format of VPC flow logs (1890)

- Provide descriptions for AWS entity IDs (1891)

- Add Velocloud 4.0 IEs (tcpRttMs and tcpRetransmits) (1899)

- Document new AWS integration requirements (1992)

Fixes

- Mapping: Show Utilization only works for percent (54)

- Not excluding protocols by default (304)

- Secondary reporters show incorrect clock drift (696)

- Apache HTTP Server 2.4.0 - 2.4.39 Remote Open Redirect Vulnerability in mod_rewrite (739)

- Cannot Filter on S3 Bucket Element aws_account_id in a designed report (765)

- Internal Server Error when emailing PDF report name includes / (1065)

- Unable to Exclude IP address from DDoS algorithim (1316)

- Collector log error sflow buffer overrun at ./protocol/sflow/buffer.hpp line 146 (1480)

- VPC Flow Logs should be cleaned up more aggressively (1482)

- The plixer.idp.login_url field appears to be vestigial (1579)

- Other Options > GeoIP links not working (1592)

- Login banners are not working (1660)

- Interface names with special characters cause errors when triggering thresholds (1728)

- Alarm when disabling algorithms or ML stream (1734)

- Group Labels retain original input on Maps Dashboard Widget (1743)

- Host2host and host index lookups to work in distributed setup (1744)

- pgbouncer wont start after yum update (1796)

- Some reports were unable to display in percent interface view (1797)

- Reparser freezes on error during minutely exporter status updates (1812)

- No drillp-down into Connection on Maps (1813)

- Reparser memory leak in sFlow parser (1817)

- Devices blue after upgrade to version 19 (1840)

- ServiceNow Integration doesn’t work when server response is too large (1842)

- Reporting: No Data for Timeframe automatically sends to start report wizard (1879)

- Sliding windows falling behind after upgrade to v19 (1911)

- Fix rollup issue for droppedPacketDeltaCount<unsigned64> (1912)

- Closing the report modal doesn’t keep the report open (1917)

- Entity Views: sorting by bytes does not account for units (1918)

- Using LDAP user is authenticated but never added to a group when group list was too long (1920)

- Unable to disable unlicensed FA features (1930)

- Unrecognized key type: AWSLogs/xxxxxxxxxxx/ inc/lib/plixer/scrutinizer/awss3.pm line 547 (1941)

- Awss3.pm:373 – get_flowlogs() encountered an error while processing s3_connection_list: Invalid data Invalid data(unknown) for aws_account_id (1942)

- get_flowlogs() encountered an error while processing s3_connection_list: Invalid data (-) @ 1084 for transform (1945)

- Alarm Report data interval default empty for large time frame events (1946)

- NetFlow v5 sampling crashes postgres (1969)

- Too many open files (1981)

- multicast send failure 22: Invalid argument (1984)

- CEF notifications missing ‘Device Version’ (1988)

- Set ‘ssl_prefer_server_ciphers’ by default (1994)

- Missing sflow records after an upgrade (2002)

- Report values as rates in tables are incorrect after drilling in on a graph (2021)

- Distributed: AWS S3 secret failing when assigned to remote collector (2029)

- The application is running a vulnerable version of Apache (2068)

- The application is running a vulnerable version of Perl (2069)

- XSS Vulnerability in old UI mechanism to create groups (2070)

- Local file inclusion (2072)

- Autoreplicate support for multiple replicators (encrypt multiple passwords) (2111)

- Formula injection vulnerability in the ability to create third-party CrossCheck methods (2071)

Plixer Scrutinizer UI

New Features

- Entities: Hosts: Anomaly Chart (652)

- Summary Reports: Filtering (692)

Fixes

- Report filter descriptions don’t always fill in (657)

- Dashboards not deleted (685)

- Drilling into Policy from Collection loses consistency vs Monitor View (688)

- Apache httpd: CWE-345: Insufficient verification of data authenticity (693)

- Reporting: Summary reports not stretching on page (744)

- Stop ‘topping’ the graphs (765)