What's new in the 11.1.x release

Releases can introduce new features and enhancements or update platform support.

This version is an update release for the Windows SIEM Collector(SC) v11. It can be used to upgrade the previously released v11 versions and v10 versions.

We do not support the automatic upgrade of a pre-release software version. To upgrade to a production release of the software, contact your beta representatives.

Updated platform, environment, or operating system support

  • SIEM Collector has been tested with Microsoft Windows Server 2016 and Windows Server 2019.
  • SIEM Collector now uses the message bus-based libraries in McAfee® Agent.

Known issues

Heavy data collection using the EVT client can cause the SIEM Collector service to exit abnormally. It restarts automatically. Event data is not lost. The issue will be corrected in a future release.

Connecting to a remote computer outside the current domain or within a workgroup might not work (Ref# 1130191). For the time being, you can work around this behavior by:

  • Adding the computer to the domain the SIEM Collector resides in.
  • Adding a trust relationship between the domains.
  • Installing a SIEM Collector directly on the computers in the other domain.