|System Monitor (SysMon)
LogRhythm 7.10.0 GA
LogRhythm 7.9.0 GA
Microsoft .NET Framework 4.7.2
LogRhythm System Monitor Agents for Windows require the Microsoft .NET Framework 4.7.2.
- Before upgrading your System Monitor Agent, confirm that .NET Framework 4.7.2 is installed.
- For information on determining which .NET version is installed, see https://docs.microsoft.com/en-us/dotnet/framework/migration-guide/how-to-determine-which-versions-are-installed.
- If necessary, install .NET Framework 4.7.2 and reboot your system. Because of the required reboot, we recommend that you perform this installation during off-peak hours.
- The AIX Agent installer now supports AIX version 7.2.
- Ubuntu 22 is now supported for Linux System Monitors.
No new improvements in this release.
LogRhythm has deprecated Check Point collection via OPSEC LEA in favor of the newer Check Point Log Exporter. Support for OPSEC LEA was removed starting with LogRhythm System Monitor Collector version 220.127.116.1104 and results in an error in the scsm.log file if this collection method is used. Customers who need to use OPSEC LEA for collection should not upgrade agents past System Monitor 18.104.22.16802 release. For information on how to configure Check Point Log exporter, see Syslog - Check Point Log Exporter device configuration guide.
Salesforce Case ID
Found in Version
|Collecting logs from a remote Agent no longer causes an issue with the position file in certain situations.
|The Client Console no longer allows a regex greater than 1024 characters.
|The Agent now assigns date and time based on date-time in the raw log to explicitly define the year.
Resolved Issues - Security
No security-related resolved issues in this release.
Found In Version
|When collecting sFlow Expanded Flow Format logs, warnings are constantly written to the System Monitor log file.
Expected Results: The System Monitor Agent should collect this log format without producing warnings in the log file.
Workaround: The System Monitor Agent does not support sFlow Expanded Flow Format. You must convert these logs to NetFlow to collect the data. There is a Golden Nugget posted to LogRhythm Community that shows you how to convert from sFlow Expanded Flow to NetFlow. You can find it on the Community here: https://community.logrhythm.com/t5/Golden-nuggets/LogRhythm-Golden-Nugget-Use-Case-sFlow-Expanded-Flow-Format-No/m-p/109276.
When setting up log collection on AWS CloudTrail S3 and trying to establish a trust relationship for the SSL/TLS secure channel, customers may receive the following error exception message:
**ERROR** Exception msg: A WebException with status TrustFailure was thrown.
Expected Results: Customers should be able to configure CloudTrail S3 log collection without errors.
Workaround: Use Open Collector to collect from CloudTrail S3 log sources or suppress the trust check.
|When enabling cleanup scripts for Mimecast collection, customers may receive tracking errors and collection may not be reliable.
Expected Results: Collection should be reliable during cleanup.
Workaround: There is no workaround for this issue.