Net Report French Web site http://www.netreport.fr

 

Release Notes

Net Report Monitoring Center Version 4.40

 

Version 4.40.03

Version 4.40.02

Version 4.40.00

 

New Features in Version 4.40.03

  • New Features

Syslog Parser

The Syslog Parser has been optimized to be 40% faster than the previous version. The following features have been added:

Mode: how the Syslog message should be treated. Three choices are available.

  • Send Record: sends a record to the Net Report Engine.

  • Log to File:  this option writes in a flat file the syslog messages received by the parser and enables you to define the Base File Name for the flat file via the Base File Name field.

  • Log to File and Send Record: this option writes in a flat file the syslog messages received by the parser, enables you to define the Base File Name for the flat file via the Base File Name field and send the record to the Net Report Engine.

Base File Name: how the Syslog message should be treated. Select the folder or file name you want to add a splitter to and then select one of the following five splitters.

  • IP Splitter: splits the file path and/or file name by the IP Address of the Device sending the Syslog, when the IP address changes a new flat file will be created in the directory you define. 

  • Year Splitter: splits the file path and/or file name by Year, when the year changes a new flat file will be created in the directory you define. 

  • Month Splitter: splits the file path and/or file name by Month, when the month changes a new flat file will be created in the directory you define.

  • Day Splitter: splits the file path and/or file name by Day, when the day changes a new flat file will be created in the directory you define.

  • Hour Splitter: splits the file path and/or file name by Hour, when the hour changes a new flat file will be created in the directory you define.

 

Blue Coat Filter

It is now possible to parse additional fields via the BlueCoat Filter. The following fields can be parsed, s-computername and s-action.

 

Iron Port Filter Optimized

Iron Port AysncOS has been integrated in the E-mail category (in addition to the Content Filtering category that Iron Port was already integrated in. The following new anti-spam filtering types are now treated by Net Report:

  • BlackList: the e-mail is deleted because of the bad reputation of the sender’s domain.

  • LDAPACCEPT: the e-mail addressee is unknown.

Optimized Net Report Remote WMI Service Connection

The Net Report Remote WMI Service’s communication with the Server has been improved. Please note that the service update may ask you restart the Windows on the machine which the Net Report Remote WMI Service is installed on.

Proxy Cubes

It is now possible to generate cubes either by Source IP or by User.

Utilities Reports

All the Device Utilities Reports can now be planned either for a configurable fixed date, for example N-1 to N-1 for « Yesterday » (with ranges possible for hours, minutes and seconds), or for an interval of dynamic dates, for example from N-7 to N-1 for the last seven days (with ranges for hours, minutes and seconds).

Dashboard Reports Optimized

Proxy Dashboards

The data sorting by KB has been optimized.

Content Filtering Dashboards

Pictures optimized on the first page of the Content Filtering dashboards.

E-mail Dashboards

Pictures were optimized on the first page of the Email Dashboard.

New Help for Regular Expressions

A new section has been added to the Net Report Management Console User Help with further information on Net Report specific Regular Expressions and how to use the Generic Parser in the Net Report Management Console. Examples are given on how to perform the following:

  • Write Regular Expressions via the Records Parser.

  • Parse Test Values.

  • Test the expressions.

  • Create Header Records.

  • Use the Net Report Includes Parser.

http://www.net-report.net/knowledgebase/UserHelp/11_Reference_Material/05_Regular_Expressions/regular_expressions_examples.htm

 

New Features in Version 4.40.02

  • New Features
  • Bug Fixes

Version 4.40.02

  • New optimized Content Filtering Dashboards presenting consolidated data for your e-mail and web content.
  • The criteria on the date and hour fields has been optimized to enable Net Report to considerably reduce the generation time for Daily and Monthly Reports.
  • The first page and related bookmarks for each device category report have now been renamed “Dashboard” (instead of “Statistics”).
  • Parameters have been added to the following Report Books to ensure that when no data is available for a given report empty pages are not generated:
    • UTM Statistics Dashboard Report
    • Proxy Statistics Dashboard Report
    • Content Filtering Statistics Dashboard Report
    • Alert Statistics Dashboard Report

    For each of the above reports, each report in a report book can be hidden if there is no data available.

  • The following three report books have been modified to ensure that if the report book is generated for a date for which there is no data available, then only the dashboard (i.e. the first page) will be printed without any data indicating that there is no data available for the date. In addition, the other reports in the report book will not be generated:

    • E-mail Statistics
    • Firewall Statistics
    • IPS Statistics
  • It is now possible to generate OLAP Cubes for optimized data manipulation of Microsoft (WMI) Windows Management Instrumentation cubes.
  • It is now possible to define the order in which log treatment actions appear in the Net Report Configurator.
  • It is now possible to define the name of the following actions : <actionLogInFile>, <actionLogInCSVFormat> and <actionStoreInDatabase> via WZAction for a filter.

Bugs Fixed in Version 4.40.02

  • Please find below the list of bugs fixed in Net Report Version 4.40.02:

Bug

Description
3231

Each time the user presses Apply in the Net Report Configurator, the Net Report Remote WMI Agent Maximum Number of Connections parameter is reset to the default value (10). This bug has been fixed.

 

New Features in Version 4.40

  • New Features
  • Bug Fixes

Version 4.40

New Content Filtering Dashboards

  • New optimized Content Filtering Dashboards presenting consolidated data from your e-mail and web content filtering devices. Results are intuitive, dynamic and interactive. Net Report's new Content Filtering Dashboards display the following:
    • General information on viruses, spams and other threats.
    • Viruses, spams and other threats received and sent by day.
    • Blocked web content.
    • Blocked URL categories, web sites and users.
    • Blocked FTP sites and users.
  • Our Content Filtering Dashboards are available for the following devices
    • IronPortAsyncOS
    • Trend Micro IWSS Versions 2.0, 2.5
    • Trend Micro IMSS for Windows Version 5.5
    • Fortinet Fortigate Versions 2.5, 2.8, 3.0
    • BLue Coat Security Gateway

New UTM Dashboards

  • Net Report's UTM (Universal Threat Management) Dashboards unify and integrate data from your multi-function security appliances to bring you integrated security data management. Multipurpose UTM appliances are increasingly winning favor as easy-to-manage devices, since they consolidate firewall/VPN, content filtering, intrusion prevention and more into a single box. Net Report's UTM Dashboards display the status of your security functions in a combined dashboard with dynamic navigation options. They offer a more flexible way of analysing multiple security features in a single report, help users to thwart blended threats, offer a wide variety of functionalities and reduce complexity to ease security administrators' jobs.
  • "Net Report's UTM Dashboards bring you real-time knowledge on the state of your integrated multi-function security appliances. Our UTM Dashboards are a key diagnostic tool enabling you to simplify perimeter defenses and improve daily administrative workflow." Franck Burtin, VP Sales & Marketing, Net Report.

Optimized Net Report Remote WMI Agent

  • Remote WMI Agent queues now have a size limit. Performance Counters have been added to help you configure and monitor Net Report Remote WMI. The Remote WMI Agent uses the following two queues:
    • 1. Received WMI Events Queue: each WMI event received is transformed and put into the second queue of events (WMI Events to Send Queue).
    • 2. WMI Events to Send Queue: a queue of events to be sent to the Net Report Engine.
  • Each queue cannot exceed 5000 events by default. However, you can modify the queue size limit by modifying the following registry values:
    • Received WMI Events Queue:
      HKEY_LOCAL_MACHINE\SOFTWARE\NetReport\RemoteWmiSvc\maxevents
    • WMI Events to Send Queue:
      HKEY_LOCAL_MACHINE\SOFTWARE\NetReport\RemoteWmiSvc\maxnelrfs
  • The number of events in each queue and the Remote WMI Agent's activity can be monitored via the following Net Report Remote WMI Performance Counters:
    • The number of events in the Received WMI Events Queue.
    • The number of events in the Events to Send Queue.
    • The number of events received per second.
    • The number of events processed per second.
    • The number of events sent per second.

New Generate Dashboard Action

  • The Net Report Management Console now includes a Generate Dashboard action. This action enables you to configure the report you want to export and define the destination path and file suffix. Once you have created a Generate Dashboard action you can, for example, then run a scheduled task via the Event Scheduler Agent.

 

Bugs Fixed

  • Please find below the list of bugs fixed in Net Report Version 4.40:

Bug

Description
3199 Log Time Zone Settings were not saved in memory for the Syslog Parser. This bug has been fixed.
3204 If users edited a text box in the Parameters section of the Net Report Web Portal before selecting the adjacent check box then the text box appeared empty. This bug has been fixed.
3205 The mask file generated by the creation of a Net Report Log Vault configuration for Remote WMI (Windows Management Instrumentation) is incorrect. THe mask for files spied on by the Log Vault configuration was incorrect. This bug has been fixed.
3206 Under certain conditions the addition of a Log Vault configuration for Remote WMI (Windows Management Instrumentation) is incorrect. The mask for files spied on by the Log Vault configuration was incorrect. This bug has been fixed.
3207 The Net Report Configurator enables a Log Vault configuration to be added to archive Remote WMI logs but does not correctly activate log archival for the Microsoft WMI filter.This bug has been fixed.
3209 When editing values for parameters in the Net Report Web Portal, characters with accents are displayed in XML mode. This bug has been fixed.
3212 When using two RDNS Net Area initialisations for MSSPs, a problem arises when the same IP Address is used in two different sub-networks and when the name of the two zones is different. This bug has been fixed.
3222 The Record.time field in the NELRF is not correctly updated with each new record, meaning that alert dates were not calculated correctly.
3224 The archival service does not work correctly when a spied directory contains a directory with the same name as the archival configuration mask. This bug has been fixed.

Quick Links

Compliance Center

Data Sheets

Latest News

Contact us

Quick Links

Products & Services

 

Latest News

  • Our Company

  • Net Report Monitoring Center

  • Press Room