Open Collector 2024.01 Release Notes
January 2024 Release Details
The 2024.01 release of Open Collector requires Knowledge Base version 7.1.682.0 (or above).
Software Component | Version Number | New Version? |
|---|---|---|
Open Collector | 5.6.20 | |
LRCTL Script | 6.0.1 | |
LRCTL Container | 6.5.16 | Yes |
LRJQ | 5.1.4 | |
Metrics | 6.0.5 | |
OC Pipeline | 5.1.7 | |
OC-Admin | 6.0.13 | |
OC-DB | 6.0.2 | |
AWS S3 Beat | 6.2.2 | |
Azure Event Hubs Beat | 6.0.9 | Yes |
Carbon Black Cloud Beat | 6.0.7 | |
Cisco AMP Beat | 6.1.6 | |
Darktrace Beat | 6.0.0 | |
Duo Authentication Security Beat | 6.0.5 | |
Generic Beat | 6.1.2 | |
Gmail Message Tracking Beat | 6.0.3 | |
GSuite Beat | 6.0.4 | |
Kafka Beat | 6.0.6 | |
Microsoft Graph API Beat | 6.0.5 | |
Okta Beat | 6.0.4 | |
Prisma Cloud Beat | 6.0.1 | |
Proofpoint Beat | 6.0.3 | |
PubSub Beat | 6.0.3 | |
Qualys FIM Beat | 6.0.5 | |
Salesforce Beat | 6.0.2 | Yes |
Sophos Central Beat | 6.0.3 | |
Symantec WSS Beat | 6.0.3 | |
Webhook Beat | 6.1.7 | Yes |
Improvements
Feature or Beat | Description | Relevant Documentation Updates |
|---|---|---|
Open Collector Web Console Management | Support for the following beats has been added to the Web Console’s beat management:
| https://docs.logrhythm.com/OCbeats/docs/configure-open-collector-connection-to-the-siem https://docs.logrhythm.com/lrsiem/7.14.0/log-collection-in-web-console |
Resolved Issues
Bug ID | Found in Version | Release Notes |
|---|---|---|
ENG-39570 | 2023.06 | The “maxpayloadsize” property has been added to the Webhook Beat configuration file to help resolve an issue with an error message that could be obtained when ingesting very large logs using the Webhook Beat. |
ENG-41561 | 2023.08 | The Azure Event Hubs Beat now correctly collects Sentinel One logs when configured using the JSON parsing method. |
Known Issues
Defect ID | Components | Release Notes |
|---|---|---|
ENG-23908 | Beats: Generic Beat | Issue: Configuring the Generic Beat to collect SailPoint logs is causing “unknown certificate authority” errors. Expected Results: Beat setup should be successful with no errors. Workaround: There is currently no workaround for this issue. |
ENG-24578 | Beats: GMail Message Tracking Beat | Issue: Configuring the GMail Message Tracking Beat results in “panic” errors. Expected Results: Beat setup should be successful with no errors. Workaround: There is currently no workaround for this issue. |
ENG-37054 | Beats: MSGraph API Beat | Issue: MSGraph API Beat collects sign-in logs in bursts of 100k and then stops collecting. Expected Results: Logs should collect as they are generated. Workaround: There is currently no workaround for this issue. |
ENG-39921 | Beats: MSGraph API Beat | Issue: MS Graph API Beat initially collects Azure AD logs, but then immediately stops and no further logs are collected. Expected Results: The MS Graph API Beat should continue to collect Azure AD logs as expected. Workaround: There is currently no workaround for this issue. |