Scrutinizer changelogs

Scrutinizer changelogs#

Changelog entries are displayed in the format DESCRIPTION (Ticket Number).

Note

For more information on Scrutinizer and the Plixer One platform , visit www.plixer.com or contact Plixer Technical Support.
Please refer to our End of Life Policy for EOL schedule details.

Scrutinizer v19.7.0 - October 2025#

Changelog

New features

Ability to filter ‘Ungrouped’ Device Group from the Explore Tab
Ability to Specify custom LDAP attributes (support for eDirectory LDAP)
Admin: Resources: SNMP Credentials
AI Assistant (Requires Plixer One Core or Plixer One Enterprise licensing and updated key)
Capture Netflow Info From Kubernetes Workloads
Experimental multi-tier storage support
Flow Hopper to the New UI
General Components: Context menu with copy & new window functions
Support for AES256 in SNMPv3
Support for Zscaler ZIA and ZPA
Topology: Primary view for beta feature

Enhancements

Ability to add multiple IP group definitions all at once
Ability to export the entire list of manage exporters as a CSV
Add firewall rules for outbound connections
Added details for report buttons in the Host entity view
Admin: Authentication Tokens filters
Admin: Direct links from the Configuration Checklist into the application
Always show what the report menu will filter on
Display timezone in the date selector
Endace Pivot for host pairs
General Components: Change branding and show licenses
Remember table column selects per user
Simplify the AI Settings

Fixes

Addressed various security issues
–set timezone writes to wrong configuration file (5059)
Admin > Alarm Monitor > ML Dimensions page table shows Protocol value of “ALL” as “HOPOPT” (2827)
Admin: Exporters and Interfaces - can disable all columns in table (2792)
Admin: FlowPro Probes - cannot save edits to settings without editing APM License Key for table entries (2702)
Admin: Mapping Groups ‘Make Default’ slider in Settings doesn’t update the table (2759)
Admin: Menu search bug (2660)
After removing a report gadget from all dashboards, the “Edit Gadget” menu in the Export tray changes to “Add to Dashboard” (2744)
Allow port numbers over for 45435 for syslog notifications (5060)
Auto-created Endace pivot (EndaceProbe P2P) does not work in New UI (1240)
AWS integration: Fix plxr_awss3 process memory leak (4975)
AWS integration: Scrutinizer Integration page bug with multiple S3 buckets (2722)
Bidirectional CSV Export only exporting single direction (5023)
Can’t see the exporter IP in a Report filter (2903)
Change default report time to “last X” instead of “custom” (2398)
Cloud icons on maps are chopped off on the left and right (2742)
Collections: Adding an unsaved report to a collection causes all future unsaved reports to appear as added (2890)
CSV Exported Client Server report displays EPOCH time (4422)
Customer Interface Gadget issue with filtering (4758)
Dashboard Differences - font sizes and text box colors not changeable in Maps (2679)
Dashboards: Custom Gadget External URLs allowed by default (2791)
Dashboards: Disable iframe gadget input if external URLs aren’t enabled (2846)
Dashboards: Problems with Double Sankey gadgets (2723)
Excessive stray files (5176)
Existing report names can be edited to include invalid characters (2752)
Explore: Exporters | Exporter tray Interfaces section broken link and errors (2898)
Explore>Entities: Filters do not stay cleared after clicking the active table again (2629)
Explore>Exporters: Packets and Flows columns sort incorrectly (2626)
Exported csv file name differences between hosts tab and policies tab (1807)
Filters are too persistent (2496)
Flow Rate under manage exporters doesn’t match vitals (4988)
FlowView isn’t hiding the last graph (2843)
Forecast Table Data Understated when reporting on Rate (2802)
Forecasts: Duplicate forecast creation is not restricted (1536)
gettingstarted.sh doesn’t use the custom SSL details entered (219)
Google Maps - View child map button not working (5149)
Interface Threshold Alarm Reports expiring quickly (5047)
Investigate>Alarm: Risk column sorting incorrectly (2616)
Issues with Syslog, SNMP Trap, and CEF test buttons (2819)
Investigate>Hosts: Underscores in IP Group names are replaced with spaces in src/dst charts (2079)
lang_key issue with designed reports “Custom_XXX” in report type drop down (4775)
Manage exporters flow rate does not match vitals reports (4980)
Mapping: Ampersand in report name displays as encoded “&” (2832)
Mapping: Remove duplicate refresh button (2717)
Mapping: Reports fail to load if report name contains parentheses (2845)
Mapping: Thresholds missing units and column information (2831)
Mapping: Usability issues with saved report connections (2850)
MappingObjects: Link for icon type objects cannot be modified (2704)
MappingObjects: Map does not update after Apply changes to a Text Box object (2777)
Missing checkbox for IAM authentication in 19.6.0 (4835)
Monitor > Dashboards: Cannot modify existing dashboard to default or read-only without renaming (1842)
Monitor: Alarms by Hosts - Show Host Names toggle not respected (2669)
Naming AWS vpc exporters reverts to vpc Id (4937)
NAT All Details report needs a column removed to work with Palo Alto (4563)
Old Host Indexing “first seen” data unavailable after upgrade (4011)
Reindexing error doesn’t halt upgrade (5179)
Report wizard “Run Report” button doesn’t activate (2649)
Reporting: Incorrect sorting on report name (2892)
Reporting: Summary Reports save differences (2813)
Reports requiring collector to collector communication (4940)
Reports that should default to stacked graph loading unstacked on first load (4647)
Reports | Other Options links open in new tab and new window, broken Report to ISP link (2900)
Reports: Avg Pkt Size report changes graph type when the report is re-run. (2678)
Reports: Cannot switch between Report Type if report has parentheses in the title (2863)
Reports: Sankey graph doesn’t render correctly on the last few pages of report (1781)
Reports: Sankey graphs are not adjusting correctly to container height (2712)
Reports: Should not be able to create a gadget from a Summary Report. (2653)
Reports: Summary reports do not populate/update Last Run timestamp. (2652)
Saved report contents disappear on dashboard refresh (2708)
Source Hosts and Destination Hosts reports both named hosts reports in the tray menu (2774)
Terminal Icons (on maps) display unkonwn icon when changing status (984)
Top Interfaces click on sparkline is broken (2902)
Top Interfaces Report: exclude filters shouldn’t be an option (2206)
UI allows emailing and scheduling reports with no email server configured (2849)
Unable to ingest VPC flow logs from AWS bucket that contains “reject-reason” information field (4858)
VA disk could fill with logs when deployed, but not configured for weeks (5130)

Scrutinizer v19.6.1 - June 2025#

Scrutinizer v19.6.0 - March 2025#

Changelog

New features

“DHCP Servers” and “LDAP Servers” IP Groups for ML Exclusion management
Ability to run reports menu from the host entity view
Ability to specify number of rows in a report gadget
Add support for Azure VNet Flow Logs
Add/Update support for Cisco VXlan IEs
Added additional CloudGenix / PaloAlto SDWAN reports
Additional support for additional Keysight
Admin UI for FlowPro Capture Rules
An interfaces tab to the host entity view when host is an exporter
Audit Report to Admin UI
Collect VPC Flow Logs from Google Cloud Platform
Direct links to Exporters and Interfaces in Explore
Disk space calculator as part of data settings under admin
Edit gadget features from Dashboards
External NAT filter
Full screen mode for Dashboards
Interactive configuration checklist
Interface entity view
LIKE/NOT LIKE filters to Alarm Monitor, Explore, and Admin views
Lollipop chart reporting graph type
MITRE ATT&CK dashboard gadget
ML behavior data in Alarm Monitor workflows
ML Exclusions Admin View
Move feature resources under system performance so it is per server
New Dashboard workflows
New report folder management workflows
New top interfaces dashboard gadget
Option to include full Interface names in reports
Oracle flow log ingestion
Reporting on VXLAN from sFlow samples
Reporting: Line Item gadget type
Ridgeline graph type
Ring Gauge reporting graph type
Scheduled Reports view
Slim navigation mode with vertical navigation bar
Support for TLS v1.3 with LDAP integration
Top Exporter report type
Top N dashboard gadgets
User behavior reports
User configurable horizon in report forecasting
Zabbix client package in our repositories

Enhancements

Add “Last Year” & “This Year” options to report custom time ranges
Add exclusion workflow from alarm monitor - front end
Add Google API key from mapping UI
Add link to host entity view in “Other Options” under report menu
Add link to user settings in the user menu
Add option to report on all interfaces bi-directionally
Admin menu search
Always search for report types in all report groups
Auto-expand active filter sections in tray
Entities: filter on click from host to alarm
External custom gadget URLs preference
FA setting to exclude internal or external communication for lateral movement
General components: improved severity display
General components: add plixTips when slimNav is collapsed and title tags when expanded
Include technology in the alarm monitor view somehow
Informative detailed error messages when UI can’t communicate with a reporter
Lateral movement FA algorithms and preferences
Mapping automatic grid layout
Mapping icons updated
Mapping workflows
New mapping workflows
Provide interface names in Sankey graph tooltips
Recategorized system preferences
Remember selected columns in alarm monitor
Rename “Favorites” to “Recent” in report menu
Report description tooltip issues
Report menu search by description and information element
Reports: hidden graph button shouldn’t be there if we don’t have a graph available
Reports: make the saved reports title clickable
Saved reports view
sFlow 801.2ah header support
Show active filter status for alarm monitor and reporting
Support newer versions of Cisco ISE for user name reporting
Workflows in manage exporters
Workflows in manage interfaces

Fixes

Addressed various security issues
‘Client Server’ report failure while filtering for domain (4068)
Ability to edit Flow Analytics Configuration rules in the new UI (4179)
Ability to save a key with an unsupported feature_set (4091)
Adding IP Group with Subnet Rules didn’t save mask selection on initial save (4439)
Admin: Guest users need these routes inaccessible (2243)
Admin: Set LEDs to refresh every 30 seconds and on click (2220)
Admin: Users & Usergroups not respecting routing (2080)
Apache server version is shown in header responses (4326)
Apply button for Single Host-Index search not functioning (1981)
automatic template naming (3154)
Azure NSG exporter naming for distributed collection (3989)
Azure NSG flow log bi-flow support (3993)
Changes made in the oldUI manage interfaces tab are not saved (4301)
Cleaned up Host Index Max Disk Space error when increasing too much (4219)
Collections: No Results Found still shown after creating a collection (2582)
Collector won’t run if the reporter is down (4147)
Copying or refreshing reporting URLs displays error (2108)
Dashboards: map resize on gadget resize (2075)
Date selector doesn’t always allow for shifting the date forward (2236)
Destination AS filter fails on top interfaces report (4309)
Editing an applied filter does not provide enough space (1996)
Expire history failing in some cases after upgrade (4376)
Explore > Exporters > Interfaces should prefer ifAlias over ifDesc (4397)
Exported PDF report has Subscription ending message (1359)
External links using the search route (2105)
Flow Analytics Admin workflow issues (2153)
Flow Version is not visible in new UI (2196)
FlowHopper can’t find flow starting from sFlow (4711)
Full Interface name in reports, sporadically displays (4230)
General Components: Adjust ML graph to take in entire time period, not just data extents (2211)
General Components: app-table pagination skip buttons (2116)
General Components: Inconsistent table header behavior (2047)
Gigamon tcpcontrolbits exceeding smallint value (4374)
Grafana Plugin (443)
Having a “/” in a report name breaks the ability to run that report from an alarm (4327)
Hidden interfaces showing in reports (4100)
Internal Server Error when editing Network Map connections (4063)
Investigate > Host: Learn More button “Host Details” option has no function, related observations (2491)
IP Groups, adding a child group displays wrong selection (4440)
IP V6 import hostfile is broken (4142)
IP/DNS in Flow Analytics Configuration (2014)
IPv6 Exporters don’t retain snmp configuration (2865)
Issues when graphing Silverpeak performance reports (microsecond values) (4657)
LDAP login slow with 100K+ group definitions (4038)
Less Than & Greater Than options missing from Advanced Filters (2299)
Manage Exporters & Explore Exporters – Slow / Not loading (4080)
Missing some country codes (4532)
Newline characters in report threshold alarm messages (4037)
Nightly clean all task is removing valid snmp credentials (4419)
Non-Admin users not able to run reports from alarm pages (4263)
Old Host Indexing “first seen” data is unavailable after upgrading. - Import From History Option (4011)
Other options menu opens new window (1965)
Out of file descriptor errors (3941)
Provide description of timeframes for top interfaces and exporters view in Explore (2224)
Recent and Recommended report groups need to show the group details (2536)
Report JSON link returns unnecessary data (2199)
Reports: Saving a report as ‘testSave’ results in ‘Test and Save’ in header name (2445)
Restore Manage Exporters view in the Classic UI (4317)
Saved Reports - Host filters get removed when pivoting (2322)
Scheduled email reports have the license subscription ending soon warning (4082)
Scheduled Traffic Volume reports revert to Line graph when set to Step (3962)
SSL langkey is blank in serverprefs after running set ssl on (4019)
Sync Primary taking too long in some cases (3384)
sysbench package should be installed (4682)
Targets CSV file has ‘violators’ in the name (2194)
Threats Domains temp directory is not always being cleaned out (4395)
Unable to zoom in on TopN report graph (2043)
Update certificate scripts for Oracle Linux (4468)
Usability issues with usergroup permissions in the new UI (1264)
User able to set ‘unlicensed’ in Manage Exporters (4362)
Usergroup Permissions do not carry over to new UI when editing saved reports (1316)
web certificate paths changed back to pre-19.5 location (4359)
When changing an alarm notification frequency to “Rate”, it reverts back to “Each Observation” (3906)

Deprecated

Remove “Additional notes” input from new object form

Scrutinizer v19.5.4 - November 2024#

Scrutinizer v19.5.3 - October 2024#

Scrutinizer v19.5.2 - July 2024#

Scrutinizer v19.5.1 - June 2024#

Scrutinizer v19.5.0 - May 2024#

Scrutinizer v19.4.0 - October 2023#

Changelog

New features

AWS Flowlog consumption 35x faster
AWS Flowlog consumption and processing can be spread across multiple collectors
Azure flow log ingestion
Azure NSG Reports
Security Groups for enabling groups of Exporters in Flow Analytics
Userpreferences Modifiable Template
Include Custom Designed Reports in Scrutinizer Configuration Backup
Support 18.20 -> 19.X offline upgrades where the repo server is the Scrutinizer server
sFlow vlan/sub-interface report
Merged target and violator alarm views into consolidated hosts view
Host entity alarm timeline view
Endpoint Analytics Risk and details into Alarm Monitor views
Multiple new Alarm Monitor visualizations
Connections graph type in reporting
New Admin interfaces
Default Flow Analytics Exclusion Groups under IP Groups
Include port name in DrDoS alarm messages
Support for FlowPro version 20

Fixes

Addressed various security issues
On demand PDF/email/csv use server time zone when they should use user time zone (1069)
Optimize TCP/UDP FA algorithms (2695)
Turning SSL off breaks the UI (2728)
Double quotes in SSL serverprefs (2927)
Distributed upgrades should have collectors run a curl check for Internet access (2958)
Exporters Not Deleting with Domain Exclusions (3110)
Event severity timeline (3329)
Editing FA host exclusions doesn’t update caches (3332)
Distributed Upgrade Installer handle proxy configuration prompt (3339)
System Performance View shows red when resources exceed the matrix (3351)
Implement sFlow version 4 (3357)
Filter all FA sliding windows by streamexporter (3377)
set myaddress fails on Hardware appliances (3386)
CSV export column header shifted by one position for Connection reports (3400)
Reporting - Source / Destination Port EXCLUDE Port Range - Error: “report failed” (3402)
Setting timezone can pause alarms (3405)
Issue with units label for application latency report threshold messages (3471)
Added paged requests to LDAP authentication to handle large lists of Active Directory Security Groups (3481)
Fix overstated utilization when sFlow counters are dropped (3485)
Optimize Explore By Exporters view (3541)
Clean history table orphans in batches (3555)
RADIUS shared secret needed to be re-entered after v19.3 upgrade (3591)
scrut_util ‘set ssl on/off’ requires root - but should not be run as root (3624)
Escape special characters in interface details (3636)
Fix a logs-based disk space leak (3667)
Store AWS interface in the aws_interface element - don’t map to ingressinterface (3687)
Optimize FlowPro FA algorithms (3695)
Optimize Packet Flood FA algorithm (3699)
Optimize Slow Port Scan Algorithm (3700)
Legacy Baselining is now EOL (3704)
Made UDP receive buffers configurable (3711)
Mixing include and exclude advanced filters could restrict more results than necessary (3757)
Don’t allow “Host Index Max Disk Space” setting to exceed available disk space (3779)
Manage Exporters and Manage Collectors were removed from the classic Admin UI (3808)
Monitor.top_stdout Parsing Errors (3828)
AWS Upgrade package dependency problem (3862)
scrut_util check heartbeat database as root user error (3873)
Move slog directory out from under html (3882)
No packet or octet values for exporter sending samplingpacketspace of 0 (3903)
distributed_stats_exporters wasn’t being cleaned out (3931)

Scrutinizer UI fixes

Reports: Restructure to allow proper placement of app-page-toolbar and tray (1001)
Dashboards: Too much air in vitals (1054)
Dashboard Recent Alarms gadget is out of sync with current alarms (1114)
Alarms: Show DNS & IP information in messages (1252)
Acknowledged Alarms View Doesn’t auto-refresh (1417)
Explore Event Traffic links do not respect PlixCal filter (1441)
Exported CSV from Entities page displays host names with ‘Show Host Names’ deselected. (1463)
Spatial Map: Modified timestamp gets wrongly updated to all the existing maps (1498)
Explore>Entities: “dbQueryError” seen in console when applying filters (1574)
Admin: Default Status, Tab & View (1591)
Default map defined for user does not open when accessing Network Maps in new UI (1598)
Change Endpoint “Identity Score” to “Profile Match” (1617)
Reporting: Phantom selected select box (1712)
Issue with displaying child groups with a parent group filter (1877)

Scrutinizer v19.3.2 - September 2023#

Scrutinizer v19.3.1 - April 2023#

Scrutinizer v19.3.0 - December 2022#

Scrutinizer v19.2.2 - September 2022#

Scrutinizer v19.2.0 - May 2022#

Changelog

New features

Added option to toggle how device group hierarchy is displayed (153)
Prioritize exporters that get disabled last in the event that a license overage causes some exporters to be disabled (203)
Ship Scrutinizer with sysbench and a test script in files (1269)
Expand CEF message content to include ports and usernames (2001)
Improve messaging on “Unapproved Transport Protocols” alarm page (2161)
AWS flowlogs: add support for new version 5 fields (2410)
Workflow issue: unapproved protocol policy report pivot should include protocol filter (2426)
AWS S3 test button: test the required permissions (2428)
Improved alarm policies report link filters (2468)
Run report on packet flood event does not filter on the traffic that triggered the alert (2499)
Don’t use unencrypted connections for upgrades (port 80) (2607)
Include shortened report URL in report threshold policy (2636)
Create some new AWS reports for v5 elements (2651)
Audit log entries for key management/encryption changes (2723)
Ability to set a key lifetime (2724)
VPC flow logs now require interface-id and flow-direction (2817)

Fixes

Addressed various security issues
Fixed issue where configuration wouldn’t synchronize when all settings are removed (473)
Admin > settings > proxy server has been renamed ‘Google Maps Proxy Server’ (941)
PDFs for large reports show the “painting a Plixer” screen for the report screen shot (1054)
Device tree hierarchy doesn’t carry over to user groups with explicit device group permissions (1500)
Restore username details to alarm notifications (1999)
Distributed data expiry errors without events/trends (2190)
Deactivate sliding windows when FA algos are disabled (2310)
ACL ‘like’ filters don’t work for ACL descriptions (2312)
DDoS and DRDoS alarms no longer present CSV access to the offender source list (2343)
AWS S3 test button: test from the specified collector (2355)
Improved incident correlation algorithm (2380)
Emailed reports from report threshold alert sometimes have incomplete report images (2413)
ipfixify-template filepath updated in manual (2445)
Unable to export report to PDF or email report for SSL not using port 443 (2463)
“Report Direct Link” doesn’t work for on-demand emailed reports (2485)
Run report option in report threshold violation event list does not use the saved report filters (2491)
Unable to export saved reports to CSV with space in saved report name (2506)
Report threshold violation email’s URL should load the timeframe of the violation (2539)
inserter.pm stops polling for SAFs, sampled SAFs, totals if the database is temporarily unavailable (2556)
Graph and table show in different timezones (2562)
Top asn overstates exporter count (2595)
Proxy server support needed for online upgrades (2608)
Remove ICMP ping check from upgrades and pass through variables (2609)
Enable SSL as the default for offline repo servers (2618)
SonicWALL IPFIX extension templates not being read correctly in v19.X (2622)
AWS flow reports - can’t filter on the interface (2630)
AWS flowlogs temp dir missing after upgrade to 19.1.0 (2670)
Allowed transports aren’t sync’d to all collector nodes (2675)
FA NULL scan algo doesn’t exclude destinations (2681)
scrut_util –enable ram_spools blows away /etc/fstab (2684)
Sflow inserting - extra data after last expected column (2697)
Latency value ingesting from Ixia not show up properly on Scrutinizer UI (2709)
Special case sFlow interface instances missing (2712)
FA worm algos don’t exclude hosts (2732)
Update docs.plixer.com to reflect how syslog alerts are configured (2773)
events.backfill_summaries() crashing with ddos events (2774)
FA breach algo doesn’t exclude servers (2805)
An offline update server with self signed certificates may try http (rather than https) and fail (2812)
Host index is now configured in flow analytics (2856)
Reparser will not redefine templates without hard restart (2882)
Running single direction report via the top interfaces view returns ‘No Template’ (2883)
Scrutinizer device inactivity threshold is not triggering violations (2890)
Remove plixer_syslogd from systemctl on upgrade (2892)
FCGI timeout settings removed after upgrade (2893)
Install fails with dependency error on ‘device-mapper-multipath’ (2905)
Distributed upgrade hanging at TASK [Gathering Facts] (2907)
Disabling an algorithm does not remove its exporters from plixer.streams_config (2944)
FA reverse shell doesn’t exclude source (2952)
Low spool disk space “FA Streaming was disabled” does not disable FA streaming (2979)
Event policy customization improvements (2985)
Events with empty target/violator lists crash the policy view (3010)

Plixer Scrutinizer UI new features

Unapproved Protocol Policy third donut chart now has top hosts using protocol (966)
Include Time Zone in the report date/time display (1012)
Monitor -> Network Maps Grid view delete option (1030)
Better DNS Resolve Setting description (1053)
Latest alarm message to events table (1199)
CSV links in Policy entity (1207)

Plixer Scrutinizer UI fixes

Naming a dashboard “Network” in V19.0.2 renames it to “Subnet” (909)
History Navigation shows Alarms by ID instead of English Description (924)
Navigating into alarm monitor sometimes throws an ExpiredRequestID error (975)
inbound and outbound interface reports from explore device tab do not apply the correct filter (988)
Regression: Traffic %, Other, and Total displaying for sFlow reports (1004)
New UI doesn’t use the time zone user preference in reports (1013)
Time Stamps on Line and Step Stacked 1m data source, 1m resolution overlap (1017)
Deleting the default collection causes “notExists” error when trying to add to the default collection (1027)
Host Entity View -Top Alarms bell icon mouseover text does not align with click action. (1029)
Reports against an exporter with no current flow data does not allow for timeframe changes. (1031)
New UI | Explore -> Interfaces -> Refresh Rate is not saved (1033)
Changing Report Options triggers direction back to INBOUND when bidirectional is allowed (1038)
Clicking the add or remove selected buttons keeps the tooltip on screen (1050)
Recent Alarms Dashboard gadget shows UTC timestamp for Last Event and Last Notification (1112)
Explore: Devices not using User Default Unit setting - Shows Percent always (1113)
Toggling Hostname resolution does not change IPs to hostnames in alarm policy views (1135)
Device/Interface report filter inconsistent with the Show DNS or IP modes (1216)
Host to Host Index search doesn’t render a report menu when clicking exporter hyperlinks (1218)
Alarms Monitor Filtering Option by Violators/Targets returning “noDataAvailable” (1221)
CSV export of a report loses DNS names (1241)
PDF export of report only shows 10 lines (1242)
Peak and 95th Percentile not showing on saved reports (1244)
Report filters not showing up in the “Additional Filters” drop down (1259)
Show Others displaying when set to No (1267)

Machine learning engine new features

Add ML Engine metrics to Vitals reports (338)
Support high availability (419)
Support Zerologon detection (446)
Support SIGRed detection (447)

Scrutinizer v19.1.1 - September 2021#

Scrutinizer v19.1.0 - May 2021#

Changelog

New features

Scrutinizer services not required to run as root (187)
Client - Server reports (261)
Encrypt stored keys (516)
Copy to clipboard button to api json tab (733)
Option to toggle Show System Policies (786)
Expanded and reworked Host Index and H2H Search (883)
Target / Violator views and filtering in Alarm Monitor(898)
Show Host Names and Show Acknowledged Events for Alarms(948)
Include collector IP address in all vitals reports for grouping and filtering(1971)
Refactor Alarms backend for better performance (2053)
Flexible notification policies based on event criteria (2060)
Autoreplicate support for multiple replicators (encrypt multiple passwords) (2111)
Ability to set Alarm policies to inactive or store (2231)
root login disabled on new deployments (2361)
Cisco SDWan (Viptela) integration updated to support version 20 (2374)

Fixes

Addressed various security issues
Mapping: add checks and errors for duplicate map connections (313)
Sorting by bytes does not account for units in Entity Views (724)
New UI reports do not display Host Names (793)
PDF Export of Summary Reports Top N and Overview failure (805)
Classic View option from user menu doesn’t work (893)
Fix scrolling issues for Exporter Details list in Report Settings (939)
Alarms takes too long to load and acknowledge (1586)
Reverse DNS exclusions for alarms (1798)
Reparser crash when Linux ARP cache filled (1970):
Adding a notification profile to a saved report threshold doesn’t work (1977):
Child Groups not enforced for FA exclusion (2030):
Vitals process crashing with extremely high MFSNs in flow streams (2090):
Custom URL Dashboard Gadgets not working (2214):
Valid licenses with Expired PNI/PSI eval’s prevent the upgrade from running (2217):
Stream bloat on heavily loaded systems could cause disk space problems (2235):
Running out of file descriptors on heavily loaded systems (2250):
Invalid certificates in distributed upgrades (2273):
TopN views are not always populated (2279):
LDAP login takes too long with a very large list of security groups (2300):
P2P Alarm report link not working (2307):
Improve handling of truncated sFlow sampled headers (2336):
Flow collection doesn’t resume at the end of a network outage (2346):
Set webui_timeout not working (2358):
Scheduled report tasks called wrong binary name after upgrade (2379):
IP exclusion only checking source IP for RST/ACK and Host Reputation (2382):
Fix incorrect or missing sFlow interface numbers for instances above 63 (2393):
AES key not syncing on upgrade affecting SNMP, AWS, and other credentials needed on a collector (2401):
License Exceeded alarm detail shows no data in Alarm Monitor (2414):
Addressed CVE-2021-28993 (2457):

Scrutinizer v19.0.2 - January 2021#

Scrutinizer v19.0.1 - December 2020#

Changelog

New features

DDOS: Support IPv6 (12)
Add AWS Role Based Authentication for use in AWS (377)
Allow AWS flowlog polling at 1m frequency (940)
Enforce password policy on password change and restrict from using last four values (1235)
Summary Reports added to new UI (1459)
Add “scrut_util –show datasize” to enumerate DB schemas and their disk usage. (1539)
Define Allegro IEs (1633)
Support for new format of VPC flow logs (1890)
Provide descriptions for AWS entity IDs (1891)
Add Velocloud 4.0 IEs (tcpRttMs and tcpRetransmits) (1899)
Document new AWS integration requirements (1992)

Fixes

Mapping: Show Utilization only works for percent (54)
Not excluding protocols by default (304)
Secondary reporters show incorrect clock drift (696)
Apache HTTP Server 2.4.0 - 2.4.39 Remote Open Redirect Vulnerability in mod_rewrite (739)
Cannot Filter on S3 Bucket Element aws_account_id in a designed report (765)
Internal Server Error when emailing PDF report name includes / (1065)
Unable to Exclude IP address from DDoS algorithim (1316)
Collector log error sflow buffer overrun at ./protocol/sflow/buffer.hpp line 146 (1480)
VPC Flow Logs should be cleaned up more aggressively (1482)
The plixer.idp.login_url field appears to be vestigial (1579)
Other Options > GeoIP links not working (1592)
Login banners are not working (1660)
Interface names with special characters cause errors when triggering thresholds (1728)
Alarm when disabling algorithms or ML stream (1734)
Group Labels retain original input on Maps Dashboard Widget (1743)
Host2host and host index lookups to work in distributed setup (1744)
pgbouncer wont start after yum update (1796)
Some reports were unable to display in percent interface view (1797)
Reparser freezes on error during minutely exporter status updates (1812)
No drillp-down into Connection on Maps (1813)
Reparser memory leak in sFlow parser (1817)
Devices blue after upgrade to version 19 (1840)
ServiceNow Integration doesn’t work when server response is too large (1842)
Reporting: No Data for Timeframe automatically sends to start report wizard (1879)
Sliding windows falling behind after upgrade to v19 (1911)
Fix rollup issue for droppedPacketDeltaCount<unsigned64> (1912)
Closing the report modal doesn’t keep the report open (1917)
Entity Views: sorting by bytes does not account for units (1918)
Using LDAP user is authenticated but never added to a group when group list was too long (1920)
Unable to disable unlicensed FA features (1930)
Unrecognized key type: AWSLogs/xxxxxxxxxxx/ inc/lib/plixer/scrutinizer/awss3.pm line 547 (1941)
Awss3.pm:373 – get_flowlogs() encountered an error while processing s3_connection_list: Invalid data Invalid data(unknown) for aws_account_id (1942)
get_flowlogs() encountered an error while processing s3_connection_list: Invalid data (-) @ 1084 for transform (1945)
Alarm Report data interval default empty for large time frame events (1946)
NetFlow v5 sampling crashes postgres (1969)
Too many open files (1981)
multicast send failure 22: Invalid argument (1984)
CEF notifications missing ‘Device Version’ (1988)
Set ‘ssl_prefer_server_ciphers’ by default (1994)
Missing sflow records after an upgrade (2002)
Report values as rates in tables are incorrect after drilling in on a graph (2021)
Distributed: AWS S3 secret failing when assigned to remote collector (2029)
The application is running a vulnerable version of Apache (2068)
The application is running a vulnerable version of Perl (2069)
XSS Vulnerability in old UI mechanism to create groups (2070)
Local file inclusion (2072)
Autoreplicate support for multiple replicators (encrypt multiple passwords) (2111)
Formula injection vulnerability in the ability to create third-party CrossCheck methods (2071)

Scrutinizer UI new features

Entities: Hosts: Anomaly Chart (652)
Summary Reports: Filtering (692)

Scrutinizer UI fixes

Report filter descriptions don’t always fill in (657)
Dashboards not deleted (685)
Drilling into Policy from Collection loses consistency vs Monitor View (688)
Apache httpd: CWE-345: Insufficient verification of data authenticity (693)
Reporting: Summary reports not stretching on page (744)
Stop ‘topping’ the graphs (765)

Scrutinizer v19.0.0 - August 2020#

Scrutinizer v18.20 - April 2020#

Scrutinizer v18.18 - December 2019#

Scrutinizer v18.16 - September 2019#

Changelog

New features

Viptela SD-WAN reports (16)
Permission configuration on a role basis (270)
Changed AWS Flow Log collection to use S3 buckets and added support for multiple regions and customer IDs (378)
VeloCloud SD-WAN reports (550)
Service Now Notification support (569)
Appliance self migration from CentOS 6 to CentOS 7 (826)
Ability to Add/remove/update Defined Applications via the API (891)
Single-Sign-On support through SAML 2.0 (897)
Alarm when authentication tokens will expire in 30 days or have expired (937)
Deleting an exporter doesn’t block collection (992)
Removed device specific status notifications (1099)
Audit logs can now be expired after a configurable duration (1171)
FDW option to Database migrator for faster PostgreSQL migrations (1205)
Flow inactivity alarms are now checked across a distributed cluster and are per exporter rather than per interface (1254)
Support for Fortinet application names (1425)
Support Nokia (formerly ‘Alcatel-Lucent’) IPFIX (1735)
Support for Gigamon Application Intelligence (1832)

Fixes

Schedule emails will now use the theme from Admin > Settings > System Preferences (185)
The ability to use an auth token with any URL (308)
UTF8 issue with Japanese characters in email alert notifications (636)
‘Truncate map labels’ was grabbing an extra character sometimes (700)
Addressed an issue with flow class sequence numbers with distributed upgrades (753)
Removed admin restriction on running group level reports (841)
Clarify several log error messages, and reduce their volume (846)
Some Scrutinizer custom gadgets break the ability to add any gadget for all users (900)
AMI: set partitions doesn’t remount pg_stat_tmp as a RAM drive (1066)
Issue where deleted exporters may not be cleared out of LED stats table (1079)
Issue where system updates could revert a setting causing “Panic: Can’t find temp dir” errors and the interface failing to load (1082)
Higher default timeouts for collect asa_acl task (1085)
Issue with special characters in PRTG integration (1117)
Warnings when an exporter sends the same multiplier data two different ways as long as what it sends is consistent (1120)
UNION SELECT errors in migrator (1132)
Autofilling IP on host search from report tables (1140)
Scheduled reports last sent time used incorrect (1142)
SQL GROUP BY ERROR in the collector log (1145)
Issue with Auto SNMP Update not disabling all SNMP calls (1158)
PostgreSQL logs using too much disk space (1209)
Special characters in notification profile breaks threshold’s ‘save & edit policy’ option (1229)
Added stray columnar file check and alarm policy (1231)
Monitor association of /var/db/fast and RAM spools (1239)
Issue with running yum update on AWS EC2 instances (1249)
Issue with load time of Admin > Host names view (1272)
Defined application changes now realized on distributed collectors w/o a collector restarts (1297)
Issue with alarm details and FQDN data for clusters using DB encryption (1314)
DB disk usage stats did not always expire on distributed installs (1322)
Collect support files includes the PostgreSQL log (1385)
Allow snmpSystem details longer than 255 characters (1392)
Errors from set tuning when two changes require a collector restart (1422)
Getting Internal Server Error (500) when trying to access Maps > CrossCheck and Service Level Reports (1431)
Some administrative changes for authentication did not generate audit events (1440)
Addressed issue with ASA ACL collection when the reporter can not communicate with all firewalls (1447)
- Issue with LDAP/TACACS usernames being case sensitive (1458)
LDAP authentication was not failing over to try other servers (1489)
Backup method documentation on docs.plixer.com (1506)
Advanced TCP flag filters using strings would generate log noise (1527)
Improved performance of Persistent Flow Risk algorithm (1536)
Developer tasks_view hours filter causes Internal Server Error (500) (1542)
Dashboards with multiple saved report gadgets cause oops errors (1544)
Reporting across migrated data and new data doesn’t use the migrated totals tables (1553)
Migrated totals tables have the wrong scrut_templateid (1556)
Peak values being less then the total values in the volume -> traffic volume reports (1588)
Some English values in foreign language themes were out of date (1599)
New reparser performance (1632)
Migration from 16.3 mysql to 18.14 removed dashboard gadget permissions (1663)
LDAP group checking was using sAMAccountName instead of the value specified in the configuration page (1668)
Map object icons change colors based on polling availability (1691)
The default group was not being set correctly for new users (1731)
Payload size preventing CSV rendering of reports (1733)
Saved reports belonging to users that no longer exist would not show up in report folders (1789)

NOTE: (1458)*: User accounts are no longer case sensitive when being checked on login. If multiple user accounts existed in Scrutinizer prior to the upgrade which were identical except for case, the excess accounts should be deleted from the interface.

Scrutinizer v18.14 - May 2019#

Scrutinizer v18.12.14 - January 2019#

Scrutinizer v18.9 - September 2018#

Scrutinizer v18.7 - July 2018#

Scrutinizer v18.6 - June 2018#

Changelog

New features

Test button for LDAP/RADIUS/TACACS setup (9911)
Ability to acknowledge alarms with any combination of filters (15154)
scrut_util command to disable ping for devices that have not responded (16826)
Manufactured columns can be included in the report designer (17589)
Full back button support (18291)
Automatically detect which SNMP credentials to use for exporters (19981)
Ability to manage interface details via API (20068)
Ability to filter on a port range (21522)
All interface reports now account for metering on each interface in the report (21744)
Host -> AS -> Host reports for additional BGP reporting (21770)
Major release upgrade to PostgreSQL 9.6 and 10 (22220)
scrut_util command to enable/disable ipv6 (22773)
User can be locked out after n failed login attempts (23267)
Full foreign datastore support in collection and rollups (23478)
Ability to exclude domain names from flow analytics (23924)
Ability to edit URLs for custom gadgets (24134)
Milliseconds now included with formatted timestamps where applicable (24164)
Columnar store support for AWS Scrutinizers (24297)
Ability to customize the login page (24452)
Improved support for configuration of multiple LDAP servers and domains (24600)
Ability to grant dashboards to other users / groups (24661)
Default PostgreSQL datastore is columnar. Better disk space utilization and IO performance. (24781)
Performance improvements for flow class lookups (24948)
Support IPv4-mapped IPv6 addresses in subnet and ipgroup filters (PostgreSQL) (25077)
Report IP Group with protocol and defined applications (25216)
Support for Flowmon probe elements (25289)
DrDoS detection for memcached and CLDAP attacks (25396)
Ability to schedule operating system updates (26187)

Fixes

Flow metrics vitals times now align with ingestion time (12972)
Ungrouped now visible by non-admin users (22530)
Tidy up loose ends when deleting exporters. Deleted exporters will stay deleted. (22588)
Stop showing disabled exporters in the exporters LED (22654)
Some timezones were duplicated in the selector (24107)
Latency reports per exporter (24115)
Addressed issue reporting on multiple interfaces with different metering configured (24659)
Issue with generating PDF with device group filters (24703)
Restrict PaloAlto username collection to only internal IPs (24790)
Donut/Pie Graph not available in Top -> Interfaces report (24875)
Map interface utilization arrows always pointed in the same direction (24893)
‘cancel report’ button truly cancels backend reporting requests. (24899)
Device menu in Google maps (24993)
Cleaned up log noise from Cisco ISE data collection (25027)
Scheduled reports font issue on AWS (25111)
Remove memcached external exposure CVE-2017-9951 (25317)
FlowPro APM jitter report (25323)
Audit report times now display as clients timezone (25399)
Addressed CVE-2014-8109 (25419)
Issue with Queue Drops >> Queue Drops By Hierarchy (25660)

Scrutinizer changelogs

Contents

Scrutinizer changelogs#

Scrutinizer v19.7.0 - October 2025#

Scrutinizer v19.6.1 - June 2025#

Scrutinizer v19.6.0 - March 2025#

Scrutinizer v19.5.4 - November 2024#

Scrutinizer v19.5.3 - October 2024#

Scrutinizer v19.5.2 - July 2024#

Scrutinizer v19.5.1 - June 2024#

Scrutinizer v19.5.0 - May 2024#

Scrutinizer v19.4.0 - October 2023#

Scrutinizer v19.3.2 - September 2023#

Scrutinizer v19.3.1 - April 2023#

Scrutinizer v19.3.0 - December 2022#

Scrutinizer v19.2.2 - September 2022#

Scrutinizer v19.2.0 - May 2022#

Scrutinizer v19.1.1 - September 2021#

Scrutinizer v19.1.0 - May 2021#

Scrutinizer v19.0.2 - January 2021#

Scrutinizer v19.0.1 - December 2020#

Scrutinizer v19.0.0 - August 2020#

Scrutinizer v18.20 - April 2020#

Scrutinizer v18.18 - December 2019#

Scrutinizer v18.16 - September 2019#

Scrutinizer v18.14 - May 2019#

Scrutinizer v18.12.14 - January 2019#

Scrutinizer v18.9 - September 2018#

Scrutinizer v18.7 - July 2018#

Scrutinizer v18.6 - June 2018#

Scrutinizer v17.11 - November 2017#