ยซ Changelog History


Wazuh v3.5.0 Release Notes

Release Date: 2018-08-10 // almost 6 years ago

  • โž• Added

    • ๐Ÿ‘Œ Improved configuration of OVAL updates. (#416)
    • โž• Added selective agent software request in vulnerability-detector. (#404)
    • ๐Ÿง Get Linux packages inventory natively. (#441)
    • ๐Ÿ Get Windows packages inventory natively. (#471)
    • ๐Ÿ‘Œ Supporting AES encryption for manager and agent. (#448)
    • โž• Added Debian and Ubuntu 18 support in vulnerability-detector. (#470)
    • โž• Added Rids Synchronization. (#459)
    • โž• Added option for setting the group that the agent belongs to when registering it with authd (#460)
    • โž• Added option for setting the source IP when the agent registers with authd (#460)
    • โž• Added option to force the vulnerability detection in unsupported OS. (#462)
    • Get network inventory natively. (#546)
    • โž• Add arch check for Red Hat's OVAL in vulnerability-detector. (#625)
    • Integration with Osquery. (#627)
      • Enrich osquery configuration with pack files aggregation and agent labels as decorators.
      • Launch osquery daemon in background.
      • Monitor results file and send them to the manager.
      • New option in rules <location> to filter events by osquery.
      • Support folders in shared configuration. This makes easy to send pack folders to agents.
      • Basic ruleset for osquery events and daemon logs.
    • ๐ŸŽ Boost Remoted performance with multithreading. (#649)
      • Up to 16 parallel threads to decrypt messages from agents.
      • Limit the frequency of agent keys reloading.
      • Message input buffer in Analysisd to prevent control messages starvation in Remoted.
    • Module to download shared files for agent groups dinamically. (#519)
      • Added group creation for files.yml if the group does not exist. (#1010)
    • โž• Added scheduling options to CIS-CAT integration. (#586)
    • โฌ†๏ธ Option to download the wpk using http in agent_upgrade. (#798)
    • โž• Add 172.0.0.1 as manager IP when creating global.db. (#970)
    • ๐Ÿ†• New requests for Syscollector. (#728)
    • cluster_control shows an error if the status does not exist. (#1002)
    • ๐Ÿ Get Windows hardware inventory natively. (#831)
    • Get processes and ports inventory by the Syscollector module.
    • โž• Added an integration with Kaspersky Endpoint Security for Linux via Active Response. (#1056)

    ๐Ÿ”„ Changed

    • โž• Add default value for option -x in agent_control tool.
    • ๐Ÿšš External libraries moved to an external repository.
    • Ignore OverlayFS directories on Rootcheck system scan.
    • Extracts agent's OS from the database instead of the agent-info.
    • ๐Ÿ“œ Increases the maximum size of XML parser to 20KB.
    • Extract CVE instead of RHSA codes into vulnerability-detector. (#549)
    • Store CIS-CAT results into Wazuh DB. (#568)
    • โž• Add profile information to CIS-CAT reports. (#658)
    • ๐Ÿ”€ Merge external libraries into a unique shared library. (#620)
    • ๐Ÿ”Š Cluster log rotation: set correct permissions and store rotations in /logs/ossec. (#667)
    • Distinct requests don't allow limit=0 or limit>maximun_limit. (#1007)
    • ๐Ÿ—„ Deprecated arguments -i, -F and -r for Authd. (#1013)
    • Increase the internal memory for real-time from 12 KiB to 64 KiB. (#1062)

    ๐Ÿ›  Fixed

    • ๐Ÿ›  Fixed invalid alerts reported by Syscollector when the event contains the word "error". (#461)
    • Silenced Vuls integration starting and ending alerts. (#541)
    • ๐Ÿ›  Fix problem comparing releases of ubuntu packages. (#556)
    • ๐Ÿ Windows delete pending active-responses before reset agent. (#563)
    • ๐Ÿ›  Fix bug in Rootcheck for Windows that searches for keys in 32-bit mode only. (#566)
    • Alert when unmerge files fails on agent. (#731)
    • ๐Ÿ›  Fixed bugs reading logs in framework. (#856)
    • Ignore uppercase and lowercase sorting an array in framework. (#814)
    • Cluster: reject connection if the client node has a different cluster name. (#892)
    • Prevent the JSON object must be str, not 'bytes' error. (#997)
    • ๐Ÿ›  Fix long sleep times in vulnerability detector.
    • ๐Ÿ›  Fix inconsistency in the alerts format for the manager in vulnerability-detector.
    • ๐Ÿ›  Fix bug when processing the packages in vulnerability-detector.
    • Prevent to process Syscollector events by the JSON decoder. (#674)
    • Stop Syscollector data storage into Wazuh DB when an error appears. (#674)
    • ๐Ÿ›  Fix bug in Syscheck that reported false positive about removed files. (#1044)
    • ๐Ÿ›  Fix bug in Syscheck that misinterpreted no_diff option. (#1046)
    • ๐Ÿ›  Fixes in file integrity monitoring for Windows. (#1062)
      • Fix Windows agent crash if FIM fails to extract the file owner.
      • Prevent FIM real-time mode on Windows from stopping if the internal buffer gets overflowed.
    • ๐Ÿ”Š Prevent large logs from flooding the log file by Logcollector. (#1067)
    • ๐Ÿ›  Fix allowing more than one wodle command and compute command timeout when ignore_output is enabled. (#1102)

    โœ‚ Removed

    • โœ‚ Deleted Lua language support.
    • โœ‚ Deleted integration with Vuls. (#879)
    • Deleted agent_list tool, replaced by agent_control. (#ba0265b)