System Monitor (SysMon)
18.104.22.1689 and 22.214.171.1240 (*NIX)
This System Monitor Agent release is compatible with LogRhythm SIEM core versions that have not reached their end of life date. For more information, see End of Life Policies for Software and Hardware.
Microsoft .NET Framework 4.7.2 or higher
LogRhythm System Monitor Agents for Windows require the Microsoft .NET Framework 4.7.2 or higher.
Before upgrading your System Monitor Agent, confirm that .NET Framework 4.7.2 or higher is installed.
For information on determining which .NET version is installed, see https://docs.microsoft.com/en-us/dotnet/framework/migration-guide/how-to-determine-which-versions-are-installed .
If necessary, install .NET Framework 4.7.2 or higher and reboot your system. Because of the required reboot, we recommend that you perform this installation during off-peak hours.
Every Beat configuration now includes the option to send JSON parsing directly to a System Monitor Agent. For more details, see Configure Beats for JSON Parsing.
Open Collector and Beat management is now available in the Web Console. For more details, see Log Collection in Web Console.
Microsoft Visual C++ upgraded to version 2022.
LogRhythm has deprecated Check Point collection via OPSEC LEA in favor of the newer Check Point Log Exporter. Support for OPSEC LEA was removed starting with LogRhythm System Monitor Collector version 126.96.36.19904 and results in an error in the scsm.log file if this collection method is used. Customers who need to use OPSEC LEA for collection should not upgrade agents past System Monitor 188.8.131.5202 release. For information on how to configure Check Point Log exporter, see Syslog - Check Point Log Exporter device configuration guide.
Found in Version
The recommended value and the default value of the OriginalMessage are now set to True for an Agent in the Advanced Properties of the Client Console.
The Syslog timestamp UTC offset calculation now correctly calculates the UTC offset value.
After updating to version 7.14, customers can override the ReceiveBuffer Limit to prevent data loss and log drop issues for UDP Syslog log collection.
When SSLStream cannot send logs to the Mediator, the Agent does not show the sent message in the log.
Office 365 log collection no longer stops even when volume is reduced.
Resolved Issues - Security
Resolved security-related defects can be viewed on the Community.