Submit a ticketCall us

Webinar: Web Help Desk for HR, Facilities and Accounting Departments
This webinar will focus on use cases for HR, Facilities and Accounting.

Having a unified ticketing and asset management system for all the departments in your company can provide end-users with a seamless experience and make things easier for your IT team. Yet, with different business tasks and objectives, many departments don’t fully understand the capabilities of Web Help Desk and how the software can be customized for effective use in their departments.
Register Now.

Home > Success Center > Log & Event Manager (LEM) > SolarWinds Log & Event Manager (LEM) 6.3.1 Release Notes

SolarWinds Log & Event Manager (LEM) 6.3.1 Release Notes

 

 

Last updated: February 20, 2017

This document summarizes new features, improvements, and fixed issues in LEM 6.3.1, as well as upgrade notes and workarounds for known issues.

The ReadMe for the latest LEM 6.3.1 Hotfix is available here.

New features and improvements

This section describes the new features in this release. 

Single sign-on

LEM now supports Active Directory single sign-on (SSO). When enabled, LEM does not ask users for a user name and password if they are already logged in to Active Directory (AD). Instead, AD authenticates the user in the background, and LEM automatically logs the user in with the appropriate user access rights. User access in the LEM consoles (both desktop and web), as well as the LEM reports console, is based on AD group membership.

To integrate LEM with Active Directory, a keytab file is required. The keytab file is exported from Active Directory and then imported into LEM. LEM uses this file to authenticate users with Active Directory and to enforce user account security. Kerberos authentication ensures that SSO details are securely transmitted between LEM and Active Directory.

See Set up single sign-on (SSO) in LEM in the SolarWinds LEM 6.3 User Guide for more information.


To configure single sign-on

To configure single sign-on in a web browser, open the Admin user interface available at the following URL: https://lem_manager_IP_address:8443/mvc/login

Use the Admin user interface to configure LDAP and SSO connection settings, import the Active Directory keytab file into LEM Manager, and enable or disable local user account access to LEM.


If using a web browser is not possible, you can also configure LDAP and SSO settings by choosing admin in the CMC management console menu. See the Open the Admin UI in a text browser section for more information.

CMC management console updates

The CMC Management Console includes an updated top-level menu with the following new commands:

cmc_management_console_menu.png
 

  • Open the Admin UI in a text browser

    Choose the admin CMC command on the main menu to open the Admin user interface in a text browser. Use this screen to make SSO and LDAP configuration changes without a web browser.

    authentication-menu.png
     

  • Import a keytab file

    If you set up SSO using the CMC console, use the import command on the main menu to import a keytab file into the manager. 
     

  • Set up SNMP monitoring on the Orion Web Console

    Use the snmp CMC command on the service menu to enable the SNMP Request Service on the LEM appliance. You can configure SNMP version 3 on the LEM appliance to communicate with SolarWinds Network Performance Manager (NPM) through ports 161 and 162. Use this configuration to monitor CPU, memory, and other critical components from the SolarWinds Orion Web Console.

    After you enable the service, set up a managed SNMP node in the Orion Web Console and configure an SNMP polling method to monitor the LEM appliance.


     

  • Create a disk usage warning when reaching certain set values

    Use the diskusageconfig CMC command on the appliance menu to set up an event in Monitor view that warns you when the partition reaches a predetermined use limit. 

    Below is an example of the diskusageconfig command. 

    cmc::appliance > diskusageconfig
    Current Disk Usage Configuration:
     # | Partition (filesystem) | Configured limit
    ================================================
     1 |    LEM (/user/local)   |        90%
     2 |    OS (/)              |        90%
     3 |    Logs/Data  (/var/)  |        10G
     4 |    Temp (/tmp)         |        90%
    ------------------------------------------------
    You can define your disk use limit by the percentage of unavailable disk 
    space (such as 75%) or the amount of free disk space (such as 58G). 
    Enter the partition number you want to change (enter'exit' and press 
    <Enter> to quit: 
    

    Set the disk use limit to a percentage of unavailable disk space (such as 90%), or to the minimum required amount of free disk space (such as 58G). When the limit is reached, an InternalWarning event displays in the Monitor view.

    For example:

    • If you set the OS disk partition limit (option #2) to 75%, the following event displays in the All Events grid and in SolarWinds Alerts when the 75% limit is reached:

      ManageMonitor Warning! Disk Usage: The OS filesystem is over 75% full!
       

    • If you set the OS disk partition limit (option #2) to 5GB, the following event displays in the All Events grid and in SolarWinds Alerts when the 5GB limit is reached:

      ManageMonitor Warning! Disk Usage: The OS filesystem has under 5G left!
       

    • If you set the Logs/Data disk partition limit (option #3), a message prompts you to use the dbdiskconfig command to change the database disk configuration. SolarWinds recommends setting the Logs/Data partition and the database disk configuration to the same value.
       
  • Monitor multiple managers in the console

    Use the multimanagerconfig CMC command to enable the multimanager feature that lets you manage information in one place by connecting to multiple managers in the console

    Note: If you enable the multimanager feature, some security scanners may generate cross-domain security warnings about the LEM appliance. Keep this feature disabled if it is not required.

See CMC Commands in the SolarWinds LEM 6.3 User Guide for more information.

Other improvements

  • "What's New" widget in the Ops Center describes new features and improvements in this release.
  • You can now access LEM manager using Secure Shell (SSH) port 22 or port 32022. 
  • Oracle Java version 8 provides security enhancements and improved agent integration with systems running Microsoft® Windows® 10. 

New customer installation

For information about installing LEM, see the SolarWinds Log & Event Manager Quick Start and Deployment Guide.

 


How to upgrade

If you are upgrading from a previous version, use the following resources to plan and implement your upgrade:

If you are using multimanager, LEM Managers are disconnected after the upgrade to 6.3.1. To reconnect, set multimanagerconfig to True (enabled). Your Flex cache must be cleared (F12 hotkey) to see the change.

 

Oracle Solaris Agent Upgrades

Beginning with version 6.3, LEM supports the 64-bit Java 8 Runtime Environment (JRE). Since Oracle did not release a 32-bit version of Java for Solaris, you must manually upgrade the agents running on these systems. 

To upgrade your 32-bit Solaris SPARC and Solaris Intel agents, download the Solaris SPARC Agent and Solaris Intel Agent installers from the Customer Portal and run these installers on your Solaris systems. In a future release, the LEM console will support updates for 64-bit Solaris agents when they are available. 


Fixed issues

LEM 6.3.1 fixes the following issue:

Case number Description
n/a Fixed an issue where when a rule fires on 2 or more events the data filled out in actions is empty.

LEM 6.3.0 fixes the following issues.

Case number Description

840408 

839963 

864103 

880401 

The Event Details pane in the Monitor view now displays accurate information in the InsertionIP and DetectionIP fields to improve search results.

756763

785994

875682

877194

886729

LEM is now running Apache Tomcat® version 8 for improved security. 

738045

960907

1002133

LEM will no longer open concealed hyperlinks (clickjacking).

744453

Running BlazeDS in a LEM environment no longer generates "out of memory" messages. 

828868

An issue with the Rapid7 Nexpose Connector was resolved. 

828868

An issue with the Rapid7 Nexpose Reader was resolved. 

849537

Rules that include a SourceMACaddress correlation condition will now fire properly. 

850931

852523

882875

929871

933431

For improved security, LEM no longer supports the Transport Layer Security version 1 (TLSv1) cryptography.

861621

An issue with the Microsoft SQL (MSSQL) Auditor connector was resolved. 

865152

LEM will no longer lose its connection to the syslog server when you upgrade to version 6.2.0 and change the host name. 

868246

865352

Installing an AIX agent no longer generates errors or installation issues. 

871908

To meet the U.S. Department of Defense requirements, LEM now generates an alert when the LEM appliance hard drive capacity reaches 75%.

828273

The LEM Console login screen no longer fills unpopulated username and password fields with asterisks (******).  

890851

969439

An issue with an agent detecting its own IP address was resolved. The agent can properly connect to the manager appliance. 

910494

909992

918736

923329

924007

An issue with the HyperSQL database was resolved.

n/a

CVE-2015-3195 - OpenSSL sensitive information leakage

n/a

CVE-2015-3197 - Possible to use disabled ciphers

n/a

CVE-2015-3269 - BlazeDS XXE

n/a

CVE-2015-7547 - Critical vulnerability of glibc

n/a

CVE-2016-0703 - Bleichenbacher RSA padding oracle

n/a

CVE-2016-0777 - OpenSSH sensitive information leakage

n/a

CVE-2016-0778 - OpenSSH DoS/buffer overflow
n/a Java/RMI deserialization vulnerability

n/a

CVE-2015-7575, CVE-2015-4835, CVE-2016-0686 - Oracle Java SE Multiple Vulnerabilities
n/a SSH Weak Algorithms Supported

n/a

CVE-2015-4000 - SSL/TLS Diffie-Hellman Modulus <= 1024 Bits (Logjam)

n/a

CVE-2015-5174 - Directory traversal vulnerability in RequestUtil.java in Apache Tomcat

n/a

CVE-2015-5345 - Directory discovery vulnerability in RequestUtil.java in Apache Tomcat

n/a

CVE-2015-5346 - Session Fixation vulnerability in Tomcat

n/a

CVE-2015-5351 - CSRF token leak in Tomcat

n/a

CVE-2016-0706, CVE-2016-0763 - Security manager bypass in Tomcat

n/a

CVE-2016-0714 - Security Manager bypass via persistence mechanisms
n/a Adobe cross-domain http://www.adobe.com/devnet/adobe-media-server/articles/cross-domain-xml-for-streaming.html

LEM 6.3.0 and 6.3.1 include the following connectors.

Case number Connector

840610

Cyphort™

842263

Securelink Device 

872821

Barracuda Load Balancer ADC 

637488

Barracuda SSL VPN 

854919

Cisco® ISE data not standard syslog 

828484

Windows® Network Address Translation (WinNAT) Operational log-DirectAccess 

828482

Base-Filtering-Engine (BFE) Resource Flows Operational log-DirectAccess

734401

Applications And Services Logs

846866

PIKAEvents

586782

NetMotion® Mobility™

782135

PostgreSQL

867735

Windows VMWare® logging

916812

Arbor® Networks Peakflow®

938303

Cerberus FTP Server

 


Known issues

"Log in automatically next time" and "Save Credentials" are not working

Issue: The "Login Automatically Next Time" and "Save Credentials" settings are lost after a user logs out of the LEM web console and refreshes the login page (F5).

Work-around: Set up single sign-on. See "Set up single sign-on (SSO) in LEM" for details.

 

Nodes view shows Windows Server 2016 as unknown 

Issue: The LEM console lists computers running Windows Server 2016 as Windows NT (unknown).  

Work-around: None. This issue will be fixed in the next version of LEM. 

 

Installing the LEM Windows agent on Windows Server 2016 fails

Issue: Installing the LEM 6.3.1 Windows agent installer on Windows Server 2016 results in an error.  

Work-around: To install the agent on Windows Server 2016, run the remote agent installer from another machine that is not running Windows Server 2016.

 

Installing the 6.3.1 HP-UX agent may generate errors 

Issue: When you run the 6.3.1 HP-UX agent installer, you may receive unexpected results. 

Work-around: Install the agent using the 6.2.1 HP-UX agent installer.  

 

Using underscores in custom report search terms does not return report data

Issue: When you open the Reports console and generate a report using an underscore ( _ ) in your search query, the report does not include your search data. 

Work-around: Avoid using underscores in your report search queries. 

 

Widgets and filters may not load for a new LEM user

Issue: When you click Build > Users and create a new Admin user, the widget and filter options do not load into their Ops Center and Monitor views.

Work-around: Log out of the console, clear your browser cache, and then log back in to the console. 

 

Enabling and disabling rules may generate unexpected results

Issue: When you click Build > Rules and enable or disable a rule, the console redirects you to the All Rules category. The rule status does not change. 

Work-around: Refresh the console.

 

Reports console generates an error when entering a date format

Issue: When you open the Reports console, generate a report, and select a date format, the console generates an error stating that your selected format is not a valid date and time. 

Work-around: Use the supported date format. See "Run and schedule reports" in the LEM User Guide for the supported date formats.  

 

Creating FIM rules in a clustered environment generates unexpected results 

Issue: After you install the 6.3.0 HP-UX agent, the system may generate errors. 

Work-around: Use Windows File Auditing instead of File Integrity Monitoring (FIM). See your Windows Server operating system documentation for more information.  

 

Unable to generate a report using a separate database appliance

Issue: If your LEM appliance is connected to a separate database appliance, you cannot generate the following reports in the Reports console: 

  • List of Subscription Rules by User
  • List of Users
  • List of Rules for Rule Subscriptions   

Workaround: No known workaround. This issue may be resolved in a future release. 

 

USB Defender disables access to IronKey flash drives

Issue: When you install an IronKey™ flash drive into your USB port, USB Defender prevents you from entering a password to access the drive.  

Work-around: Disable USB Defender when using an IronKey flash drive.  

 

Legacy LDAP users display in the List of Users report 

Issue: When you migrate from legacy to new LDAP users in the LEM Manager and generate a List of Users report in the Reports console, the legacy users appear in the report.

Work-around: Log on to the CMC, open the Manager menu, and restart the Manager Service. This will take the Manager offline for 1–3 minutes.

 

Legacy LDAP users do not display in the console

Issue: When you migrate from a legacy LDAP to a new LDAP configuration, legacy LDAP users do not display in the LEM Console. Additionally, these users are not assigned to subscriptions or email actions to rules after the upgrade.

Work-around: Migrate users to the new LDAP configuration using the following procedure:

  1. Upgrade LEM to version 6.3.
  2. Prompt all users previously running in version 6.2 to log in to the LEM console. If these users do not log in, they will not be migrated to the new LDAP configuration. 
  3. Disable your legacy LDAP configuration.
  4. Set up a new LDAP configuration in the Admin user interface. All users who logged in to the LEM console are migrated and display in the console. 

 

Error message displays when you upgrade the Desktop Console

Issue: When you upgrade the SolarWinds LEM Desktop Console to version 6.3.0, an error message displays stating that the application cannot be installed due to a certificate problem.

Work-around: Uninstall the current Desktop Console. When you are finished, install Desktop Console version 6.3.0. 

 

Unable to establish an HTTPS connection to the LEM Manager running Windows 7

Issue: When you connect to the LEM manager using Internet Explorer or the Adobe AIR-enabled desktop console on a workstation running Windows 7, HTTPS is disabled. You can establish an HTTPS connection using Google Chrome or Mozilla Firefox. 

Work-around: Install the latest Windows 7 updates or upgrade to the latest supported operating system. 

 


Version History

 

LEM Release Notes Version 6.3.0

LEM Release Notes Version 6.2.1

LEM Release Notes Version 6.2

LEM Release Notes Version 6.1

LEM Release Notes Version 6.0.1

LEM Release Notes Version 6.0

LEM Release Notes Version 5.7

LEM Release Notes Version 5.6

LEM Release Notes Version 5.5

LEM Release Notes Version 5.4

LEM Release Notes Version 5.2

 


Legal notices

 

© 2016 SolarWinds Worldwide, LLC. All rights reserved.

This document may not be reproduced by any means nor modified, decompiled, disassembled, published or distributed, in whole or in part, or translated to any electronic medium or other means without the prior written consent of SolarWinds. All right, title, and interest in and to the software and documentation are and shall remain the exclusive property of SolarWinds and its respective licensors.

SOLARWINDS DISCLAIMS ALL WARRANTIES, CONDITIONS OR OTHER TERMS, EXPRESS OR IMPLIED, STATUTORY OR OTHERWISE, ON SOFTWARE AND DOCUMENTATION FURNISHED HEREUNDER INCLUDING WITHOUT LIMITATION THE WARRANTIES OF DESIGN, MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE, AND NONINFRINGEMENT. IN NO EVENT SHALL SOLARWINDS, ITS SUPPLIERS, NOR ITS LICENSORS BE LIABLE FOR ANY DAMAGES, WHETHER ARISING IN TORT, CONTRACT OR ANY OTHER LEGAL THEORY EVEN IF SOLARWINDS HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.

The SolarWinds and other SolarWinds marks, identified on the SolarWinds website, as updated from SolarWinds from time to time and incorporated herein, are registered with the U.S. Patent and Trademark Office and may be registered or pending registration in other countries. All other SolarWinds trademarks may be common law marks or registered or pending registration in the United States or in other countries. All other trademarks or registered trademarks contained and/or mentioned herein are used for identification purposes only and may be trademarks or registered trademarks of their respective companies.

 

 

Last modified
08:58, 19 Aug 2016

Tags

Classifications

Public