New
- Apache Commons Text vulnerability check: We updated the Insight Agent's data collection capabilities to support a check for an Apache Commons Text vulnerability (CVE-2022-42889).
- Patch Tuesday, October 2022: We updated the Insight Agent's data collection capabilities on Windows to support Patch Tuesday vulnerability checks for October 2022.
- New primary identifier for Windows Process Start events: We updated the primary identifier of Process Start events collected by the Events Monitor. The identifier will be set to the Sysmon UUID.
Improved
- Insight Agent communication performance: We improved how the Insight Agent communicates with the Insight Platform to ensure the fastest recovery time in case of an event data ingestion issue.
Fixed
- Network Sensor logs now upload successfully to the Insight Platform.
Other Changes
- We removed the optional
Signature Details
field from the parent process of Process Start events within Logsearch. The Process Start event itself is not affected by this change.
Release Note Update
- We updated the Dec 10, 2021 Insight Agent release notes group to include release information for the Sysmon Installer and Events Monitor components.