Client Change Log

---

Version History

Latest Version

2.19.1 - 2.19.3

New Features

• Added support for secure syslog ingestion on port 6514.
• Added CrowdStrike syslog integration and dashboard.
• Added a Vulnerability delta report in XLSX format.
• Added an SPRS score card report in HTML, JSON, and XLSX formats.

Enhancements

• Reduced performance impact as a result of querying vulnerability data using Logstash’s JDBC input.

Fixes

• Fixed a bug that would prevent the packet inspection feature from working.
• Fixed a bug that would cause syslog coming from a public server to be dropped.
• Fixed a bug preventing the Detailed vulnerability report from generating in the event of an undefined variable.
• Limited the number of vulnerabilities returned in the vulnerability reports to the 25,000 highest severity results to address memory limitations.
• Fixed a bug that would show a maximum of 10 options in the Vulnerability reports task selector.

Agents

• 2.19.0 is the latest agent version.

Past Version(s)

2.19.0

New Features

• Added a detailed vulnerability report in XLSX format.
• Added a report detailing SSP changes in XLSX, HTML, and JSON formats.
• Added a report detailing SSP tasks in XLSX, HTML, and JSON formats.
• Integrated log collection for PreVeil, including a new dashboard.

Enhancements

• Added the ability to assign owners to SSP tasks.
• Added a ‘Next run’ column to the Scheduled reports table to show the next time a scheduled report will be run.
• Added open port information to the inventoried host flyout.
• All scheduled report attachments are sent via a single email.
• Added supported TLS version and hostnames to the Vulnerability host report.
• The Full inventory report download option has been removed from the Hosts tool.

Fixes

• Specified a minimum value of 0 for the QOD filter when creating a Most vulnerable hosts report and Vulnerability frequency report.
• Fixed an issue that would cause Cisco Meraki API log collection to stop ingesting logs.

2.18.0 / 2.18.1

New Features

• Cisco Secure Endpoint API integration has been added, including a new dashboard.

Enhancements

• The documentation flyout will open to the associated documentation page for the tool you are currently viewing in NeQter.
• Custom excel reports that are aggregated by a field now have their tabs labeled using the value of that field.
• Saved searches are alphabetized in the custom report form.
• The available list of aggregations in the custom report options are now filtered down by the data available.
• Added the ability to name on demand reports.
• Newly created reports are now displayed in the table with the user-defined name.
• Downloaded reports will now have a filename reflective of the user-defined name.
• Allowed HTML files to be added as artifacts in the Compliance tool.
• Added two new Vulnerabilities reports: Vulnerability frequency and Most vulnerable hosts.

Fixes

• Required saved searches are now protected from accidental deletion.
• Restored the search bar to saved search management.
• Fixed an issue where local users could not be edited after enabling multi-factor authentication.
• Fixed an issue that would prevent the on demand reports popover from closing.
• Fixed a bug that would sometimes create an invalid Excel file if no data was returned in a report.
• Fixed an issue with low disk space and no disk space alerts that would create events that don’t match the search.

2.17.0

New Features

• Multi-factor authentication (MFA) via email passcode has been introduced for all user types.
• A new ‘Reports’ feature has been added, with new report types and an improved scheduling system.
• Introduced the ability to modify and disable the auto logout timer.
• Implemented integration of Juniper firewall syslog as a new input.

Enhancements

• Added a loading spinner to the NeQter landing page.
• Added SonicWall legacy categories to the events.
• Added a message to SSP export documents in the event that revision data is missing.
• Removed ‘Early Release’ badges from the Hosts tool.
• ‘Events’ tab has been renamed to ‘Reports.’

2.16.0

New Features

• A new panel on the NeQter Landing page has been introduced to display basic information about accessible System Security Plans (SSPs). This panel includes an expandable progress bar.

Enhancements

• The Health panel on the NeQter Landing page will no longer be displayed if the user only has permission to access the Compliance tool.
• Added the option to import NeQter Compliance Guide responses into a new SSP.
• Added the NeQter Compliance Guide responses as a tab under each SSP assessment objective.
• The user and company names will now display exactly as they are configured.
• Improved the Cisco Firepower input filter to handle a wider range of log types, including ASA syslog.
• Updated and improved the parsing of SonicWall logs.
• Increased the rows per page options in the log archive table and archive restore flyout.
• Increased the number of events returned in the Events table to 10000.
• Added Excel spreadsheet exports to the Hosts tool.
• Added a Full Inventory report to the Hosts tool.
• Added TPM information to Windows hosts.
• Improved information on connected monitors for Windows hosts.

Fixes

• Fixed the OOB error for new OAuth authentications when enabling Google Workspace.
• Fixed a bug that would prevent the proper parsing of WatchGuard logs.
• Removed system restart and shutdown options from displaying to users who are not global admins.
• Fixed a bug that would prevent adding a Cisco Meraki syslog input.
• Fixed a bug that would prevent user authentication when assigned more than 14 companies.
• Fixed a bug that would prevent company admins from deleting SSPs.
• Fixed the Control search table to properly apply filters when selecting a control domain from an SSP overview page.
• Hid global admins from user lists when not signed in as a global admin.
• The log retention period is now required to be less than or equal to the archive retention period.
• Fixed the parsing of log timestamps for pfSense syslog.
• Fixed an issue where on some systems the configured asset tag would not be properly reported in the hosts hardware information.

2.15.5

New Features

• NeQter now has the ability to install updates while offline by using update files.
• Improved our log collector system including integrating Veeam Backup & Replication and implementing a new Veeam event ID template »* and dashboard.
• Integrated Cisco Meraki Dashboard API log ingestion and implemented a new Meraki API dashboard.

Enhancements

• Expanded the thresholds for low/no disk space alerts on the NeQter device.
• Increased the frequency at which the recent activity updates on the SSP overview page.
• Added vulnerability and network monitor charts to the NeQter home page.
• Events pulled from the vulnerability scanner now have increased detail.
• The Vulnerabilities section of the hosts tool now provides the ability to show the detected vulnerabilities as a list.
• The charts on the Vulnerabilities and Network monitor pages in the Hosts tool have been improved.
• Emailed alerts will now contain the local timestamp in addition to the UTC timestamp.

Fixes

• Fixed a bug that would prevent support mode from being enabled on non-admin sessions.
• Fixed a bug that would prevent NeQter admin users from signing in with LDAP.
• Reenabled packet inspection.
• Reenabled health metrics and dashboard.
• Fixed a bug that would prevent default admin restoration.
• Fixed a bug with the Linux failed login (grouped by IP address) alert template that would throw errors while the alert was present.
• Fixed parsing of some older format WatchGuard logs.
• Modified the button labels in the user edit flyout to clarify the actions taken.
• Fixed a bug where a user could be counted twice towards the total users given access to an SSP.
• Disabled the ability to add a port to ICMP monitors.
• Fixed the parsing of Barracuda WSG logs.

2.15.3 / 2.15.4

This update also includes 2.15.0 and 2.15.2 packaged in.

Enhancements

• Added HTML reports to vulnerability scan results.
• Vulnerability scan reports are no longer limited to 1000 results.
• Vulnerability overrides are now functioning as expected.

Fixes

• Added better support for our new V3 hardware.
• Fixed permissions for which tools Read-only users have access to.
• Fixed a bug that would prevent support mode from being enabled on non-admin sessions.
• Fixed a bug that would prevent NeQter admin users to sign in with LDAP.
• Reenabled packet inspection.

Security

• The NeQter operating system has been updated to Ubuntu 22.
• The vulnerability scanner has been upgraded to the latest version.

2.14.4

New Features

• Added a company management page to Settings.
• Added new company and user permissions to the Compliance tool.
• Added an SSP access flyout for assigning users to specific SSPs.
• Added a selector for switching between assigned companies.

Enhancements

• User types are now ‘read-only’ and ‘read/write’, with the addition of ‘company administrator’ in the new Multi-company mode.
• Checkboxes for the Compliance, Hosts, and Dashboard/Discover tools have been added to the user form.

Fixes

• Fixed a bug that would allow user emails to be edited to an email already in use.
• Fixed a bug where the parent requirements of NIST 3.1.1[c] would not show.
• Fixed a bug for the High Risk Country searches and alerts that would match logs with no source country.
• Fixed a bug that would cause WatchGuard log ingestion to fail due to improper key/value separation.

2.14.3

Fixes and Changes

• Added a mass delete option to the Agents tab in the hosts tool.
• Fixed an issue where some companies could not register more than 100 hosts.
• Increased the number of visible events on the Host Events tool to 10,000
• Fixed an issue where the ‘Auto’ option in the remote backups option was not working.
• Changed the severity of inventory change events from ‘low’ to ‘none’.
• Fixed all hosts that have been incorrectly labeled as ‘Manually added’
• Network interface speed is no longer tracked as an inventory change event.
• Fixed a problem that would prevent the Office 365 logging service from being disabled.
• Fixed the CSV export from failing when trying to download a large amount of data.
• Added the ability to choose the columns that will be used in a CSV download.
• Added the ability to change the order of CSV columns in an export.
• Fixed an issue where ‘Other’ inputs were not viewable in the discover tab.

2.14.2

• Fixed the colors on the mini status charts located on the Inventory tab.
• Fixed an issue where in some situations Dashboard settings cannot be saved.
• Fixed the search bars in the new Hosts tool.
• Fixed the asset tag validation to allow spaces.
• Removed zeroes that would appear in the Monitor flyout
• Added SPRS scoring and implementation to draft and revision SSP PDF export.
• Fixed the display of review status and cleared due dates in the Change history tab of controls in the Compliance tool.
• Fixed the sorting in the control search table of the Compliance tool.

2.14.0 / 2.14.1

Hosts tool
The new Hosts tool is an expansion on the previous Agent Manager tool. New features include:

• The updated insight tool can now display host traffic, vulnerabilities, network monitor status, system metrics, and events. This is in addition to the previously available hardware and software sections.
• The new Inventory tab is to view and sort all of your known hosts.
• The network monitor tool, previously a seperate tool on the neqter core, has been moved into the Hosts tool and is now accessible through the Monitor tab.
• A vulnerabilities tab will organize the results of previously ran vulnerability scans by IP address and display the vulnerabilities associated with each.
• A new unknown tab displays all the IP addresses found by vulnerability scans that are not currently within the inventory. Hosts can be scanned from the unknown tab giving the user the ability to discover important details like the operating system and open ports.
• The previously called Audit tab has been renamed to Events and will now show system changes in addition to network monitor events.”

Compliance features

• Introduced a tool for converting SSPs to the latest frameworks or from one framework to another. *Added SPRS scoring and guidance to the NIST 800-171 with Assessment Objectives framework.”

Enhancements

• Added the option to create a PDF focused on SPRS scoring and implementation status.
• Improved the efficiency of parsing Watchguard logs.
• Added a ‘Needs review’ status to SSP controls for clear indication of controls requiring attention.”

Fixes

• SSPs will now properly display the time it was last modified and by whom in the Compliance landing page.
• Fixed a bug preventing the use of the Backup error NeQter template.

2.13.2

• Update 2.13.2 includes improvements to the alerting system and other bug fixes.

New Features

• Added a slider to the alert creation flyout to set a delay time between repeat events.

2.13.2 Hotfix

• Update 2.13.0 would cause a large number of events to be created after updating. This update fixes the problem and implements a delay between repeat event triggers.

Enhancements

• Added a slider on the alert creation flyout to define a timeout between the creation of repeat events.
• Added a default delay of one minute between repeated events to prevent email spam and email server overloads.

Fixes

• Added missing controls to the new NIST framework.
• Fixed parsing of Barracuda logs that would cause some dashboard visualizations to be blank.

2.13.1

New Features

• Added updated NIST 800-171 with assessment objectives and CMMC 2.0 frameworks to the Compliance tool.

Enhancements

• Added a banner on the Backups configuration page when a vulnerability scan is running to notify the user that backups will be paused until the scan completes.
• Added the ability to disable LDAP authentication after it is enabled.
• Improved the detailed view of event flyout display of triggered events.
• Disabled the ‘Run backups’ button when a vulnerability scan is running.
• Alphabetized users by first name in the Users table.
• Added a ‘User Type’ column in the Users table.
• If a user deletes their own accounts, they will immediately be logged out of the NeQter system.
• Changed Memory Utilization gauge on the landing page to static green.
• Parsed the event ID from Cisco ASA logs.
• Parsed the User ID, User Name, and User Type from Windows event logs.

Fixes

• Fixed the issue where alerts were not being triggered even though the associated search would find logs.
• Fixed parsing of pfSense logs that would cause some dashboard visualizations to be blank.
• Fixed an issue where our agent communication would stop if a wildcard certificate was uploaded into NeQter.
• Fixed an issue in the Sophos XG log parsing that would cause some logs to be dropped.
• The alert deletion popup is no longer hidden behind the alert configuration flyout on the Discover tab.
• Corrected the colors for event severity in generated system reports.
• Fixed the scaling on the EULA display viewed on smaller displays.
• Prevented users from deleting or changing the user type of the last administrator account on the appliance.
• Fixed pre-configured NeQter alert search templates that were intended to aggregate data by IP address.
• Fixed an issue in the Watchguard log parsing that would cause the log ingestion of NeQter to stop.

2.12.1

New Integrations:

• Added support for Palo Alto firewalls.
• Created a new firewall dashboard for Palo Alto devices.
• LDAP can now be utilized by the NeQter Core for user account authentication on the neqter itself.

Changes:

• Added event IDs 4616 and 4622 to the Windows PC Monitoring defaults.
• Removed the option to choose the age of logs that get backed up. This feature was no longer needed and caused problems for some clients.
• Added 5 new fields to the Cisco Firepower log parsing.

Fixes:

• In some situations over a samba connection the backups system was entering a condition where it would pause.
• Fixed issue where customers could not enable / disable tool backups or change how long they will be saved.
• Fixed issue where some systems running on hardware would incorrectly reporting failing hard drives.

2.11.8

• Fixed vulnerabilities caused by log4j.

2.11.6 / 2.11.7

Fixes

• Disk failure detection fix applied for a small subset of users on RAID1 systems receiving events stating their disk test encountered an error.
• Backups stalling due to issue related to Vulnerability Scan Settings.

2.11.5

IMPORTANT NOTE

The new 2.11.5 agent is using different ports than the old 2.11.X agent. Agent communication will now be transmitted over port 5001 and logs will be sent over port 5045.

Agent Manager

• In the agent manager there is a new Audit tab that records system changes to hosts with the NeQter Agent installed.
• Linux and macOS are now supported by the new agent manager.
• On Windows systems the agent is more efficient when it is gathering system information.
• SSL has been enabled for the new NeQter 2.11.5 agents.

Packet Inspection

• NeQter can now use one of its network interfaces for packet inspection. Users can enable packet inspection by navigating to the desired network interface and turning on the new ‘Enable inspecting’ option.
• Three new dashboards have been created to visualize the data generated by the new packet inspection system.

Events

• Events can now be dismissed in bulk. There is also a new option to dismiss every event in one click.
• When a user fails to authenticate when logging into NeQter a failed user login event will be generated.
• When an administrator logs into NeQter an event will be generated.

Backups

• The backup / restore system that controls tool settings has had a feature update to allow users to choose which tools they want to restore.
• Users can now upload tool backups into NeQter.

Disk Health

• On hardware systems NeQter can now alert in the event one of the hard drives is having a problem. Users can also see the health of their hard drives on the landing page of NeQter.

Legacy

• The legacy policy builder has been removed from NeQter. If you still have data that you need to migrate please reach out to NeQter Support.

Fixes

• There has been a modification to the parsing of WatchGuard syslog events to support newer systems.
• There has been a modification to the parsing of Synology syslog events to support newer systems.
• If an agent aged out of the agent manager then it would cause a problem that would prevent a user from accessing the page. This problem has been resolved.
• Fixed an issue that prevented the reports system from generating reports.
• OCS fix applied for legacy inventory agents unable to contact the inventory system.

2.11.0

Agent Manager

• You can now configure and view the computers that have a NeQter agent installed with our new Agent manager tool.
• Organize hosts into groups and create group based logging configurations.
• View a host’s hardware and installed software.
• View attached hardware devices across all of your devices.
• View the software that is installed on all of your hosts.

2.10.0 / 2.10.1

Policy builder

• Optionally include tasks in SSP PDF export. Include the tasks you have created in the compliance tool as a section attached to your associated control.
• Export task list in CSV format.
• Integrated task management page. Tasks can now be managed (viewed, created, edited, deleted) from a single location.
• Optionally include control requirement descriptions in CSV Exports.

Features

• Export up to 10,000 of your logs in CSV or JSON format from the discover tab. An export option has been added along the top row, next to the existing "Alerts" button.
• Added support for authentication of GCC High/Government domains for Office 365 subscriptions.

Fixes

• Grammatical errors fixed within the appliance update process, and the Cisco ASA connection denied alert template.
• Controls listed in the compressed control search incorrectly included controls of all levels.
• GSuite and Office 365 log retrieval services now stop when disk usage has reached 90%.
• In some cases, syslog priorities would be visualized incorrectly on dashboards.
• Fixed an issue preventing Office 365 log ingestion when utilizing the newly introduced options for GCC and GCC High subscription plans.

2.9.1

Update to prepare NeQter for the installation of 2.10.0.

2.9.0

Features

• New alerts templates have been added for all of our different syslog integrations.
• New reports system will deliver a status report to your email on a daily, weekly, or monthly time frame.

Security

• This update includes system and security updates for the NeQter operating system.

Fixes

• New user accounts created in an Active Directory environment are not being shown on the Windows - Active Directory - Dashboard.
• In some situations a migration from the old policy compliance tool would fail.
• Syslog priorities were being improperly parsed on some syslog dashboards.
• Some customers have reported that their SCAP and CERT databases for the vulnerability scanner were out of date.
• In some situations the vulnerability scanner services will not properly start after a system reboot.
  
  

2.8.0

Compliance tool

• Artifact (file) evidence can now be uploaded and attached to security controls in the compliance tool.
• Supported file upload types include image (JPG, PNG, GIF), spreadsheet (XLS, XLSX, CSV), text (DOC, DOCX, RTF, TXT, JSON), presentation (PPT, PPTX), and PDF documents with a maximum size of 100MB.
• Added a new section to the security control page for uploading, viewing, and managing attached artifact evidence
• A list of attached artifacts and their descriptions are now included in exported SSP PDFs and CSVs.
• An archive of attached artifacts will be created and stored when new revisions of an SSP are created for easy retrieval.
• Modifications to controls made by attaching/detaching artifacts are now tracked in the control’s change history.
• PDF and image artifacts can be previewed from within the compliance tool.

Artifact management

• Artifact files can be uploaded, edited, deleted, and retrieved from the new artifact management page or from the control page that they have been attached to.
• Artifacts can be retrieved (downloaded) individually or as a collection in a ZIP archive.
• Multiple artifacts can be attached to a security control quickly by uploading them simultaneously on the control page or by selecting them from the existing collection of uploaded files.
• Artifacts can be given a description for easier identification or as explanation of their purpose as supporting evidence.
• Deleting an SSP will also delete all artifact files that have been uploaded to that SSP’s file repository.

Fixes

• Modifications made between revisions are now tracked correctly. In specific cases, modifying a field then returning it to its initial state would generate blank revision modification history.
• In specific cases, SSPs without revisions that were migrated from the Policy Compliance Tool (PCT) would fail to show modifications before creating a new revision.
• New revisions that do not contain any modifications should now display correctly in the revision history of the exported PDF report.
  
  

2.7.1 / 2.7.2

Vulnerability Scanner

• New and refreshed vulnerability scanner UI
• Vulnerability scanner is now more stable
• List NVT of the found CVEs at the report details page

Dashboards

• All new vulnerability scanner dashboard displays scan results as they are found

Fixes

• Vulnerability scanner displaying a blank page on load requiring a system reboot
• Vulnerability scanner not performing authenticated scans on windows hosts
• NeQter tool settings not backing up
  
  

2.6.1

Compliance tool fixes

• Fixed an issue that could result in a failed data migration from the PCT.
• Generating PDF exports should no longer fail when using certain options.
• Fixed an issue that could result in accidental deletion of data from one SSP when deleting a separate SSP.
  
  

2.6.0

Web UI Overhaul.

• Navigation Bar was cleaned up, some pages were reformatted such as settings to be more user friendly.

New compliance tracking tool

• An early release version of the new Compliance tool is now available. The Policy Compliance Tool (PCT) will remain accessible at port 5001, but will soon be deprecated and removed in favor of this new toolset.
• Existing SSPs, tasks, and comments created in the PCT can be easily migrated into the new Compliance tool.
• The Compliance tool has been integrated directly into NeQter along with our other tools and features and can be accessed from the side navigation using your existing user accounts. (Note: only users with administrator privileges can access the tool at this time).
• Visual overhaul of the existing PCT for ease of use and to match other UI elements.
• Support for multiple System Security Plans (SSP) has been added.
• Support for the Cybersecurity Maturity Model Certification (CMMC) framework has been added.
• Generated PDF reports have been completely reworked with support for additional options and customization.
• SSP data can now be exported in CSV format.
• Requirement tracking has been streamlined. Requirement implementations, status, due date, owners, and tasks are now tracked and displayed together rather than in a separate Plan of Action and Management (POAM).
• Improved visualizations for tracking requirements’ status.
• Simplified revision creation and tracking of changes between revisions.

2.4.x

User notice

Version 2.4.0 changes the field names in many indices. Indices that were created before this update will be migrated tonight in the background. Until this operation is complete you may not be able to see all of the logs on your NeQter appliance. You can check the status of this operation by navigating to the backups page. You can start the process now by manually initiating a backup.

General enhancements

• New and refreshed UI
• Newly designed landing page
• New auto logout system prompts inactive user before ending their session
• The way a user resets their password has been rewritten to be more secure

Agents

• Created a new command line interface
• Support for debian based linux distributions (command line only)
• Support for MacOS (command line only)
• Fixed issue where agents were being reported as running when stopped
• Added support for additional event ids (windows)
• Added new log file monitoring

Dashboards

• All dashboards have been recreated to have a more uniform look
• Redesigned file integrity dashboard
• Redesigned metrics overview dashboard
• New metrics host dashboard
• New files overview dashboard
• New system audit dashboard for linux systems
• New dashboard for Cisco Meraki
• New ‘Other’ dashboard for inputs not supported by NeQter

Events and alerts

• New visualization on the events landing page
• Removed event id 4648 from failed login alerts

Help

• Added links to our support documentation

Logs

• New consistent field names implemented across all syslog inputs
• Logs from unknown manufactures will have a prefix of Other- to avoid conflicts with supported log types

Mail

• Users can now use a username rather than email address for external SMTP servers

Network monitor

• New visualization on the network monitor landing page

Fixes

• Non-admin users can view system health visualizations on the landing page
• Log tuner can now filter fields that have a ‘.’ in them
• Backups system can now backup to a remote SMB path that has special characters in the path

2.3.x

General Enhancements

• Creating and restoring log archives is now significantly faster.
• Archives created before version 2.0.0 can now be restored.
• Exceptions can now be created to manually select when log archives will be rotated.
• Log archives can now be uploaded to NeQter.
• Backups and restores can now be stopped while in progress.
• Downloading archives is now faster.
• Indices from multiple archives can now be restored simultaneously.
• Restyled system usage visualizations on the landing page.
• Inputs will now show their receiving status on the inputs’ settings page.
• Updates no longer require a system reboot.
• Previous change logs are now available for review in the NeQter support portal.

Fixes

• NeQter will no longer become unresponsive when downloading a large update on a slower connection.
• Fixed an issue that prevented new filters from being created in the Log Tuner.
• Tool backups to a remote server will now include vulnerability scanner data.
• Users will now be prompted before transferring log and toolset archives to a remote server.
• Vulnerability scanner stability improvements.
• Fixed an issue where the wrong search would be applied when creating an alert with the ‘Archiver experiences an error’ template.
• Inputs with the type of ‘Other’ and labels longer than 20 characters can now be deleted.
• Fixed an issue where single-digit IP addresses were not useable in the Network Monitor.

2.2.x

General Enhancements

• Added support for Office 365! Users can now configure an input to retrieve user, admin, system, and policy actions and events from Office 365 and Azure AD activity logs.
• Updates will now be cached periodically to improve update times.
• Updated the log ingestion pipeline to improve stability.

Fixes

• Cisco ASA log parser will now correctly parse the source interface value.
• Fixed a case within the inventory app where the non-inventoried network interfaces page was inaccessible.
• Removed excess information from system health logs.
• Removed unnecessary warnings from logs tab.
• Removed extra fields in the Windows logs that aren’t useful.
• Certificate settings now support spaces in the fields.
• Fixed raw_log field not existing in some situations.
• Fixed an issue that could cause the vulnerability scanner to crash during definition updates.
• Cisco dashboard now shows all traffic on source and destination maps.
• Removed empty columns from dashboards.
• Removed extra fields from Cisco logs.
• Removed duplicate devices from the active directory dashboard.
• Updated dashboards now have an easier to understand pie chart.
• Removed unneeded fields from windows logs.

Dashboards

• Added Office 365 dashboard to provide information about user, admin, and events from Microsoft Office 365.
• Updated File Auditing dashboard with more refined fields for auditing.
• Updated Windows Active Directory dashboard to unify data across the visuals.
• Updated Windows Event Logs dashboard to provide relevant user information.
• Updated Sophos UTM Firewall dashboard to show a clear overview.
• Updated Sophos UTM Web Filter dashboard to show a clear overview.
• Updated Cisco ASA Firewall Dashboard to highlight useful information.

2.1.x

General Enhancements

• Changed internal service monitoring to enhance overall stability.

Dashboards

• ​​​​Improved descriptions on some dashboards.

Vulnerability Scanner

• Changed startup scripts to increase stability of the scanner. E-mail reports will now be sent using the SMTP relay server if one is configured.

Security

• Increased security of samba credential storage.
• Improved input validation across NeQter.

Fixes

• Fixed an issue that caused update download issues on slower networks.
• Fixed an issue that prevented index fields from being searched on the Log Tuner settings page.
• Fixed an issue that could cause some search templates used for alerts to not be available.
• Restoring the default Administrator account now restores the account with the appropriate settings.
• Services are now properly stopped and restarted during updates.
• NeQter will no longer send unnecessary mail notifications.
• Fixed issue where syslog.category value in the Sophos UTM dashboard was incorrect. Deleting an agent input in the input settings will now stop the flow of data.

Agent Manager

• Created default event ID options for Windows Server configuration.

2.0.2

Fixes

• Fixed an issue that prevents the system from successfully booting when a network cable is not connected.
• Fixed an issue that would prevent users from updating the NTP server in Time settings.
• Fixed an issue that would cause NTP settings to not be correctly reapplied when users chose not to keep their settings after failing to synchronize.
• NTP server settings are now correctly applied after being saved.

---