System Monitor (SysMon)
This System Monitor Agent release is compatible with LogRhythm SIEM core versions that have not reached their end of life date. For more information, see End of Life Policies for Software and Hardware.
Microsoft .NET Framework 4.7.2 or higher
LogRhythm System Monitor Agents for Windows require the Microsoft .NET Framework 4.7.2 or higher.
Before upgrading your System Monitor Agent, confirm that .NET Framework 4.7.2 or higher is installed.
For information on determining which .NET version is installed, see https://docs.microsoft.com/en-us/dotnet/framework/migration-guide/how-to-determine-which-versions-are-installed.
If necessary, install .NET Framework 4.7.2 or higher and reboot your system. Because of the required reboot, we recommend that you perform this installation during off-peak hours.
Linux System Monitor Agents are now completely supported on Rocky Linux 9.
Windows System Monitor Agents are now completely supported on Windows 11 and Windows Server 2022.
We’ve updated our LogRhythm SysMon Documentation. You can now select documentation associated with a specific version (starting with 7.12.0). Click on the version picker in the upper-right corner on the SysMon landing page.
LogRhythm has deprecated Check Point collection via OPSEC LEA in favor of the newer Check Point Log Exporter. Support for OPSEC LEA was removed starting with LogRhythm System Monitor Collector version 220.127.116.1104 and results in an error in the scsm.log file if this collection method is used. Customers who need to use OPSEC LEA for collection should not upgrade agents past System Monitor 18.104.22.16802 release. For information on how to configure Check Point Log exporter, see Syslog - Check Point Log Exporter device configuration guide.
Found in Version
The MaxMessageCount limit in the Client Console can now be set to 50k per cycle to enable faster log collection.
System Monitor agent service actions (start/restart) initiated from the Client Console now work as expected.
The exact version information of the agent is now available in the connection request on the LogRhythm console installed in the Ubuntu 20 server.
The Linux-based System Monitor memory leak is now resolved by significantly improving the performance of Ubuntu 20.
Log Source Virtualization on Linux Collection Host now works fine.
Resolved Issues - Security
Resolved security-related defects can be viewed on the Community.