ManageEngine Eventlog Analyzer – Build 11123 Released

11.12 Build 11123 – Standalone Edition

New Features

• Secure archival of log files: Checksums are now used to maintain the integrity of archived log files, thus helping meet compliance requirements.
• Supports Huawei firewall: Predefined reports and alert profiles help easily audit security events of Huawei firewalls.
• Supports Malwarebytes: Predefined reports and alert profiles help in auditing logs from Malwarebytes, thereby improving the threat detection mechanism.

Enhancements

• Kerberos has been added as an authentication method for log collection.
• Removable Disk Auditing now supports more device types.
• The object access policies enabled by default in an agent have been optimized to reduce log dropping.
• The IP address of the remote device has been added as a field in file integrity monitoring logs.
• Permission changes for files are now audited.
• All logs generated during agent downtime will be collected from the Event Viewer, once the agent recovers.

Fixes

• Issue with restarting of the log collector has been fixed.
• Issue in specifying multiple entries in the fields of database filters has been fixed.
• Issue in log collection filter for Windows logs forwarded as syslog has been fixed.
• Consistency issue in deletion events of folders with child objects has been fixed.

GA Release of EventLog Analyzer 11.12 Build 11123 – Distributed Edition

• Sync issue between the admin server and managed servers has been fixed.
• The new features, enhancements, and bug fixes for the Distributed Edition – Managed Server are the same as that of the Standalone Edition.