Resolved issues in 10.0.1 and 10.0.2

The current release of the product resolved these issues. For a list of issues fixed in earlier releases, see the Release Notes for the specific release. Release notes are available on the Knowledge Center.

ACE 1181790 Added notifications when correlation rules, threshold, and deviations exceed maximum packet length.
1157940 Deviation component for flows using event count as the deviation field now successfully writes out to the ACE.
1187430, 1187677 Resolved an issue that caused alarms to trigger more frequently than the Maximum Condition Trigger Frequency (cooldown) setting.
1174838 Resolved an issue that would allow an unsupported field to a deviation.
1177421, 1172007, 1178857 Resolved an issue where eStreamer would not write out correct json to be parsed.
1184113 Resolved an issue where the correlation rule was not triggering under specific conditions.
1185031 Set the maximum allowed value for ACE Risk Correlation Manager threshold to 99%.
Alarms 1180258 Alarm acknowledge date and time now correctly display in the details panel and the clipboard.
1157922 Clicking "Case Link" on an alarm's Actions tab no longer results in an error if the case summary contains pipe ('|') character.
1150774 Device status change alarms now accurately trigger at the data source level.
1191951, 1192154 Triggered Alarms in 9.6.1 and 10.0.1 do not log event
Custom Types 1163035 Custom types in Name/Value groups are now displayed in the event view for Japanese UI.
Data Enrichment 1173204 The enrichment process now uses the LDAP "Description" field content correctly.
1153814 LDAP Data Enrichment now returns results if a non-ASCII character is used in the query.
1189341 Non-ASCII data in Path field Fails in Source of Data Enrichment
1174315 When a user adds a data enrichment with a lookup field custom type = 5, the destination fields are replaced.
Database 1139436 Improved the logic to clean temporary files from archive directory when dbserver restarts.
1174542 The TNS module in the DBM now handles a particular data encoding that TOAD (Tool for Oracle Application Developers) uses.
Distributed ESM 1171969 Destination user and Object fields are more consistent in propagating up to the parent ESM.
1168003 Added a retry when pulling packet data. This ensures that packet data is pulled.
1169223, 1185517 Resolved an issue that caused the ACE to show out of sync on a distributed ESM.
ELM 1126930 Data collection now resumes after rebooting VMware vCenter Server.
1183890 ELM Backup settings now load properly.
1158297, 1180636, 1181997, 1184605, 1184764 Enhanced ELM log retrieval to search through all possible log files instead of just one log file. Some log entries in aggregated events were not being displayed.
1164411, 1168229, 1153616 Fixed the counting of files for the rsync status to not include close matching numbers like 1, 10 and 11 multiple times.
1160429 Improved handling for displaying elm search metadata for different date formats.
1162888, 1179314 Logs sent to ELM are no longer deleted if an entry is not found in the ds2rg table.
1189834 MGTDB Mirrored storage device now appears in the Migrate DB screen.
1163240 Resolved an issue that caused incorrect raw logs to appear in the UI if ELM logs had duplicate archive IDs.
1185261 Resolved an issue that prevented a redundant ELM from syncing completely.
1111767, 1190876 Resolved an issue that would cause ELM Statistics to show zero logs for some Data Sources, even though the ESM UI shows there are logs in ELM.
1123306, 1168730, 1130254 Resolved an issue that would trigger a device health alarm on a non HA receiver of: "HA status changed from Critical to Warning".
1182029 Resolved an issue that, in rare instances, prevented logs from being displayed when a user was connected to an ELM through SFTP.
1154596, 1155865 Resolved an issue where ELM logs would not be fully decoded when retrieved through ELM Search.
1164452 Resolved an issue where the "Being moved" lock file was not cleaned up after an ELM DB size increase.
1158910 When reducing the size of a storage pool the amount of available space now displays correctly in the storage pools tab of ELM properties.
ESM 1184492 Removed symlinks to non-existent startup script.
1182573 Accumulator field is now displayed for Correlation Events.
1191699, 1193823 Resolved an issue that caused user to get 500 and 503 errors after upgrading to 10.0.1.
1182465 Set a limit on DAS drive size to avoid running out of disk space.
1164757 Corrected the DataSource time zone for Istanbul.
1186236 The ESM now exports views with non-ASCII titles to PDF.
1180687, 1192187 Prevents multiple job processes from running concurrently.
1187443 Resolved an issue that caused the port number setting to be ignored when importing SFTP data source settings from a CSV file.
1188301, 1188302, 1188448 Resolved an issue that caused false error messages when users tried to view event data.
1188742, 1188746, 1188751, 1188752 Resolved an issue where editing blacklist IP addresses would fail due to extra '\' characters present in the commands parameters.
1130033 Selecting a custom time range and a date format other than mm/dd/yyyy could produce incorrect data sets and time ranges.
1168675 Active Directory account is now automatically unlocked after the unlock threshold elapses.
1192904 Corrected an issue that caused invalid Signature ID validation errors.
Health Monitor 1175569 Enhancements to health monitor for device communication errors.
Localization 1186914 Corrected a translation error in SNMP Traps configuration.
1186458 Corrected the Japanese translation of the title of the 'Add Device Wizard' window.
1186440 Corrected the Japanese translation of the 'Query Archived Partitions' error message.
Other 1189266 Improved memory handling when the ESM populates the device tree and when retrieving a list of correlated events.
1172474 Added a check for a running thread before starting a new UpdateMTISThreads thread.
1192771, 1193227 Resolved a failed boot up issue.
1183723 Resolved an issue where the bloom does not get set when duplicate ELM id's span multiple partitions.
1180066 Corrected an issue that prevented upgrading an ELMERC to version 10.0.
Policy 1176269 Added user information to policy change history.
1166780 Modified import logic to correctly maintain the encoding of Japanese characters.
Receiver 1156585 Modified error handling to ensure that data collection resumes after rebooting VMware vCenter Server.
1163200, 1171319, 1175912 IPMI now functions with ERC 1260 receivers.
1183281 Resolved an issue that caused syslog messages to be sent to a data source when the host name matched but the port did not match.
1168356 Resolved an issue that prevented parsing of an HTTP data source due to extra white space.
1154790, 1169537, 1160950 Resolved an issue that would cause an error message to report that re-keying a device failed when it was actually successful.
1163730, 1167571 Resolved an issue where unknown events would show at the data source parent level when using SIEM Collector.
1186823 Removed dead links to prevent invalid symlink errors when powering off a REC.
1159989 IPMI now functions with ERC 1260 receivers.
1174380 Resolved an issue where the default gateway was not being assigned to the shared IP interface after switching to the primary server.
Redundant 1167541 ACL setting are now replicated to redundant ESMs.
1153616 Fixed the counting of files for the rsync status to not include close matching numbers like 1, 10 and 11 multiple times.
Reports 1181713, 1187291, 1195305 Events in report are now visible in hexadecimal format.
1178305 Added a requirement for a device to be selected before running a report.
1171229 Resolved an issue that prevented deselected emails in an email group from being removed from group.
1174556 Resolved an issue that would cause stacking distribution charts to contain incorrect 'others' values.
1183572 Resolved an issue where the ESM would incorrectly delete temporary files that were being used for running report queries.
Rules 1184522 Resolved an issue that caused extra rows to be added when saving ASP rule text.
System Properties 1187542 Removed URL length limit that was causing a "{$ctrl.flashContent}" message to be displayed after uploading .crt file.
1186285 Corrected a user permission issue that caused a "ER 60 Bad Request" error.
1188924 Resolved an issue that caused overlapping data on the display.
User Interface 1167177 Resolved an is where changing the hostname or vendor/model of a client data source would fail if the data source vendor/model and host name were in use by another clients.
1170168 Resolved an issue that prevented expanding of correlated events in source events when logged as a limited user.
1184292 Updated the label of the ACE communication configuration panel to be correct.
1168222 Resolved an issue that caused Correlation Rule Engine parameter names to display as "unknown".
1173929 When doing a host lookup with correlation events, the host lookup now displays in the correct column.
1177260 Added notifications when correlating with a large threshold caused packet lengths to exceed the maximum supported packet length.
1144706 Changed parsing method to enable a user to add custom time formats in ASP rules when using a non-English version.
1184405 Scrolling in bar charts no longer generates tool tip errors.
1188402 User name is now displayed after a session timeout or another session login.
1189504 Time zone caching no longer causes incorrect time to be displayed.
Views 1184250 Resolved an issue that prevented components from binding to custom types.
1189513 Filter bar and widget settings can now filter on specific client and child data sources.
1186466 Added validation to preclude invalid characters when filtering with PolicyID.
1150643 Improved the handling of special characters for filtering and views.
1185315 Resolved an issue that inserted an extra column when exporting event views, which caused misalignments.
1161125 Resolved an issue that would cause long running delete queries to spawn additional queries.
1186448 Resolved an issue that caused nonsense titles to appear on the 'Event Destination Zones' window.
Watchlist 1171864 Watchlist now gets file hashes when uploading from an ATD Cyberthreat feed.