Submit a ticketCall us

AnnouncementsFace your biggest database issues head-on

Our new eCourse helps you navigate SQL Server performance blocks by teaching you how to recognize and deal with the three DBA Disruptors: Performance Hog, Blame Shifter, and Query Blocker. Register today to learn how to defend your environment and fend off menacing disruptions.

Register for your free eCourse.

Home > Success Center > Log & Event Manager (LEM) > Log & Event Manager (LEM) Documentation > SolarWinds Log & Event Manager (LEM) 6.4 Release Notes

SolarWinds Log & Event Manager (LEM) 6.4 Release Notes

Updated: June 12, 2018

This document summarizes new features, improvements, and fixed issues in LEM 6.4, as well as upgrade notes and workarounds for known issues.

New features and improvements

This section describes the new features in this release. 

LEM Events Console

The LEM Events Console provides instant access to live event monitoring and filtering as well as historical record archives for in-depth analysis and troubleshooting. Within the console view, you can quickly switch between real-time event streaming and historical log views based on user-defined date and time parameters. In addition to live and historical keyword search options, all established LEM Monitor filters are accessible in the LEM Events Console Filters pane. You can access the console view by clicking Visit LEM Events Console in the top-right section of the LEM console.

View the LEM Events Console in HTML5

The LEM Events Console view is presented in HTML5 format, which means no requirement for Adobe® Flash® or other third-party media players. This update also results in a more robust console that can run on any computer operating system as well as most web browsers.

The LEM Events Console is currently the only LEM feature in this format. The remaining LEM console views have not transitioned to HTML5.

Filter and monitor events in Live Mode

Switch the LEM Events Console to Live Mode to monitor events as they occur in your environment. This is particularly useful when troubleshooting active network problems. You can apply "live" filters to target and identify issues using the Filters pane and Live filter keywords, and then conduct a historical log search for additional event analysis.

LiveModeButtonIII.png

Live Mode also reconciles device polling gaps by processing and correlating a consistent stream of log event data.

Search and filter historical event logs

The LEM Events Console includes an advanced search capability to access your aggregated event logs based on existing Live Mode filters and a specified time range. To set your search parameters, click Historical Search, enter a specific keyword, and then open the custom time picker to set your time frame. You can further refine your search by changing the keyword in the search field.

Monitor multiple console tabs

You can open and monitor multiple LEM Events Console tabs in your web browser. You can also apply the same filters simultaneously in Live and Paused Modes, and initiate multiple search queries.

Running multiple searches simultaneously can negatively impact LEM performance due to hardware resource limitations.

Remote database (L4) configuration

Configuring the LEM Events Console with a remote database limits available console functionality. You can still search, filter, and monitor live events, but historical records and event details are not accessible. In this instance, a remote database notification appears in the top-right of the console reminding you of the limited functionality.

CMC command updates

In LEM 6.4, some CMC commands are deprecated, merged, or modified. See the LEM Administrator Guide for a current list of CMC commands.

LEM Debian version upgrade

Debian version 9.4 (codename stretch) is currently installed on LEM 6.4. This version eliminates the 2TB data storage restriction applicable to previous LEM releases, and significantly reduces potential security risks and vulnerabilities.

Exceeding the previous 2TB limit requires a fresh deployment based off the new OVA template. Please contact SolarWinds support for assistance with migrating your data and settings. 

LEM SMB version support

LEM 6.4 currently supports Microsoft Windows SMB versions 2 and 3.

New customer installation

For information about installing LEM, see the SolarWinds Log & Event Manager Installation Guide and the SolarWinds Log & Event Manager Getting Started Guide.

How to upgrade

If you are upgrading from a previous version, use the following resources to plan and implement your upgrade:

If you are using multimanager, LEM Managers are disconnected after the upgrade to 6.4. To reconnect, set multimanagerconfig to True (enabled). Clear your Flex cache (F12 hotkey) to see the change.

File system consistency check (fsck)

During your upgrade, the system may run a fsck check during reboot. This can last 30 or more minutes depending on the quantity of data in the data partition. With the Debian version upgrade, the file system is configured to initiate the check when certain conditions are met:

  • 21 mounts since the last check (during the 22nd reboot). -or-
  • Six months since the last check.
Oracle Solaris Agent Upgrades

Beginning with version 6.3, LEM supports the 64-bit Java 8 Runtime Environment (JRE). Since Oracle did not release a 32-bit version of Java for Solaris, you must manually upgrade the agents running on these systems. 

To upgrade your 32-bit Solaris SPARC and Solaris Intel agents, download the Solaris SPARC Agent and Solaris Intel Agent installers from the Customer Portal and run these installers on your Solaris systems. In a future release, the LEM console will support updates for 64-bit Solaris agents when they are available. 


Supported connectors

Find LEM connector information on Thwack


Fixed issues

LEM 6.4 fixes the following issues.

Case number Description
1170529
1203980
1195052
1180987
1239478
1195751
1182585
1174010
1171725
1170238
1356460
1199799
1197746
Added SMB 2 and SMB 3 support.
00029996 Fixed kernel oops stacktrace in 6.3.1 version of LEM manager running on Hyper-V.
00054564
1185945
1235263
00054521
1175551
1234325
00068202
00092665
1341023
1359876
Fixed BSOD caused by FIM.
1337668
1317605
1315324
1235810
1320935
1148037
1124956
00046855
1289923
1211917
968093
Upgraded to Debian version 9.4.

n/a

Resolved Debian DSA-4172-1 security vulnerability (Perl security update).
1239842
941038
942272
942776
937960
915827
Upgraded v2 Debian packages.
n/a Built new FIM from source code with updated version for version 6.4.0. 
1071589
1068783
1069345
1069040
Fixed Dirty COW vulnerability.
00048438
00079087
Resolved LEM library jackson-databind deserialization vulnerability (CVE-2017-7525, CVE-2017-17485).
996820 Set automatic Time-Out Time-Frames for SSH connections to the LEM.
00073619 Fixed vulnerability of LEM 6.3.1 instance to CVE-2017-15906
n/a

Fixed Meltdown and Spectre exploits.

n/a Upgraded Apache Tomcat to 8.0.45 after identifying vulnerability in version 8.0.44 (after HF 5).
1235711
1190546
Disabled TLS 1.1 for web console in favor of TLS 1.2.
1338245
1211489
Resolved an issue with https not working after upgrade when exportcertrequest is unfinished.
n/a Placed the lemra.conf file in config backup to ensure configuration backup is running appropriately.
1156783
1170376
Resolved issue with dead-locked receiving agent communication.
1129326
1136177
1133304
1124947
Upgraded SSH library to support AES encryption by default.
n/a Removed .keystore password from LogBundle.
n/a keyStorePassword=xxx no longer appears when processes are listed by ps -auxMove.
n/a Resolved an issue with .keystore and .truststore passwords.
n/a Fixed a vulnerability in restrictssh command.
n/a Fixed an improper access control vulnerability.
n/a Corrected an arbitrary command injection vulnerability.
1142662
1112443
Corrected an OpenSSH vulnerability in 6.3.1 HF2.
1101622
1095284
Resolved an issue where "All Installed Agents" group FQDN field is set to IP address when reverse DNS request doesn't return the hostname.
1101692 Fixed a vulnerability with mgrconfig.pl being editable by editbanner CMC command.
1096628 Resolved an issue with Windows Remote Installer being unable to install to Program Files folder.
1069477
112370
Resolved an issue with the agent requiring multiple restarts to work after deleting spop folder, taking 1 CPU full by Java process.
1174573 Fixed Tomcat logging errors and other logging issues.
1135264
1027365
1205624
1055750
1088857
Resolved an issue with user settings getting corrupted in some situations.
884629
862122
Upgraded an outdated and vulnerable Java JDK.
n/a Resolved CMC archiveconfig issues.
1119532
1031619
884629
1087625
862122
Fixed missing .keystore files for LEM Customers.
n/a Resolved an issue with protecting credentials used in scripts.
1002133
1015694
Fixed an issue with Flash crossdomain policy allowing access.
750844 Resolved an issue with widgets and filters in monitor not loading for new LEM users.
1007369
931684
1025955
683139
809926
1074516
1080153
683139
Resolved an issue with connector no longer reading events after log rotation.

 

Known issues

Issue: After upgrading LEM 6.3.1.hf7 to 6.4.0.1500, the blue screen incorrectly indicates that no IP address is assigned when connected directly from a Hyper-V or vSphere window.

Workaround: To find the IP address:

  1. Open your hypervisor and connect to the LEM VM:
  • For VMware vSphere, click the Console tab, select Advanced Configuration on the main console screen, and then press Enter to access the command prompt.
  • For Hyper-V, click Action > Connect, and then click the Console tab.
  1.  Use the arrow keys to navigate to Advanced Configuration, and then press Enter.

        The CMC menu appears with a cmc> prompt.

  1. If the machine has an assigned IP address, you can find it in the menu next to the admin option.

Issue: In the Flex UI (Manage > Nodes > Add Node), the agent download links download outdated files.

Workaround: None. This issue will be fixed in the RTM version of LEM 6.4. 

 


Legal notices

 

© 2018 SolarWinds Worldwide, LLC. All rights reserved.

This document may not be reproduced by any means nor modified, decompiled, disassembled, published or distributed, in whole or in part, or translated to any electronic medium or other means without the prior written consent of SolarWinds. All right, title, and interest in and to the software, services, and documentation are and shall remain the exclusive property of SolarWinds, its affiliates, and/or its respective licensors.

SOLARWINDS DISCLAIMS ALL WARRANTIES, CONDITIONS, OR OTHER TERMS, EXPRESS OR IMPLIED, STATUTORY OR OTHERWISE, ON THE DOCUMENTATION, INCLUDING WITHOUT LIMITATION NONINFRINGEMENT, ACCURACY, COMPLETENESS, OR USEFULNESS OF ANY INFORMATION CONTAINED HEREIN. IN NO EVENT SHALL SOLARWINDS, ITS SUPPLIERS, NOR ITS LICENSORS BE LIABLE FOR ANY DAMAGES, WHETHER ARISING IN TORT, CONTRACT OR ANY OTHER LEGAL THEORY, EVEN IF SOLARWINDS HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.

The SolarWinds, SolarWinds & Design, Orion, and THWACK trademarks are the exclusive property of SolarWinds Worldwide, LLC or its affiliates, are registered with the U.S. Patent and Trademark Office, and may be registered or pending registration in other countries. All other SolarWinds trademarks, service marks, and logos may be common law marks or are registered or pending registration. All other trademarks mentioned herein are used for identification purposes only and are trademarks of (and may be registered trademarks) of their respective companies.

 

 

Last modified

Tags

Classifications

Public