NetMon 5.0.5 Release Notes - 14 April 2026
Welcome to NetMon 5.0.5! This version continues to improve upon the 5.0.0 release by upgrading ElasticSearch and Kibana, allowing for smoother workflows, easier searching, and quicker movement through the UI. Additionally, the support timeframes for archived network indices have been increased to give all NetMon users, licensed or freemium, more visibility for their data.
What’s new in NetMon 5.0.5:
New Features
ElasticSearch and Kibana Upgrades
NetMon 5.0.5 features an upgraded Elasticsearch engine (version 7.10.2), delivering improvements in performance, security, and search capabilities. Experience reduced memory usage and benefit from critical security updates. You can also take advantage of case-insensitive searching, more efficient handling of long-running queries with Async Search, and consistent results with the new Point in Time (PIT) reader. Additionally, this version introduces support for Event Query Language (EQL) for threat hunting, along with new data types for versioning and large integers.
The updated Kibana engine includes Kibana Lens, offering intuitive drag-and-drop dashboard creation with new chart types (treemaps, donut charts) and multi-index support. You can also create direct URL drilldowns from dashboards to external tools, passing data parameters for seamless workflow integration.
Expanded Timeframe Support for NetMon ElasticSearch Indexes
With NetMon 5.0.5, the timeframe for stored network indices has been increased for the freemium and licensed versions of NetMon:
Version | Old Storage Timeframe | New 5.0.5 Storage Timeframe |
|---|---|---|
Freemium | 3 days | 30 days |
Licensed | 30 days | 90 days |
These expanded timeframes improve historical visibility while ensuring controlled and predictable storage usage for all NetMon users going forward.
For more information on the differences between the licensed and freemium versions of NetMon, refer to NetMon Freemium.
Action Required for Saved Searches
Starting with this release of NetMon, query rules must be updated to accommodate the new ElasticSearch enhancements by adding the “wildcard” (asterisk) symbol to the end of the query. This allows the search to return results for variable letters using the new ElasticSearch components.
To update your saved query rules, from the NetMon front page:
Click Rules, and then Query Rules.
In the Actions column, click the Edit Rule button (pencil icon).
In the Search field, add an asterisk (*) to the end of the string.
Click Save.
Click Confirm.
Refer to the Search column in the screenshot below for examples:
For Rule1, results that begin with “http” will be returned regardless of how that rest of the string ends because of the addition of the asterisk to the end of the search string (http*).
For more information on query rules and alarms in NetMon, refer to Manage Alarms in NetMon.
Important NetMon 5.0.5 Upgrade Process
Before upgrading to NetMon 5.0.5, you must be running NetMon 5.0.4. However, if you are on an older version of NetMon, you can use the 5.0.5 ISO to re-install your NetMon appliance, but you cannot upgrade from a version of NetMon prior to 5.0.4 directly to NetMon 5.0.5.
Upgrade from 5.0.4 to 5.0.5
Refer to the Upgrade NetMon Software section for information on upgrading NetMon directly from version 5.0.4 to 5.0.5.
Install NetMon 5.0.5
If installing/re-imaging to NetMon 5.0.5 from a version prior to 5.0.0, refer to the Install NetMon section of our documentation for the complete process.
Known Issues
Bug # | Found in Version | Description | Notes |
|---|---|---|---|
ENG-63022 | 5.0.0 | Adjusting NTP settings within the NetMon web UI results in an error. | Expected Results: NTP settings can be updated within the NetMon web UI. Workaround: Use the Configure Time Sync and Time Zone guide to adjust the time zone and time sync options. |