LEM 6.3.0 Release Notes
These release notes describe the new features, improvements, and fixed issues in this release. They also provide information about upgrades and describe work-arounds for known issues.
New features and improvements
Read this section for descriptions of the new features and improvements LEM offers in this release.
Single sign-on (SSO) allows you to enforce user access to the LEM appliance using one set of credentials. When you set up SSO in your deployment, you can enable the LEM appliance to use Lightweight Directory Access Protocol (LDAP) Kerberos-based authentication credentials to access your Microsoft Active Directory database and control user access to LEM roles and database reports.
Admin user interface
The new Admin user interface assists you with configuring your SSO and LDAP configuration settings on your LEM appliance. You can configure and manage your SSO connection, set up a new LDAP configuration, enable or disable user access to the console, and download your keytab file to the LEM Manager.
You can also access the user interface from the admin menu in the CMC management console. This interface uses a text browser to help you set up your SSO configuration.
Updated CMC management console
The CMC Management Console includes an updated top-level menu with a new look and feel and new commands that help you enhance your LEM deployment.
Open the Admin UI in a text browser
The new admin command in the main menu opens the Admin user interface in a text browser. This process allows you to configure your SSO and LDAP configuration without a web browser.
Import a keytab file
The new import command in the main menu lets you import a keytab file into the manager if you are setting up SSO through the cmc. After the import you can then use that reference that file when setting up SSO through the cmc.
Set up SNMP monitoring on the Orion Web Console
The service menu now includes the snmp command to enable the SNMP Request Service on the LEM appliance. You can configure SNMP version 3 on your LEM appliance to communicate with SolarWinds Network Performance Monitor (NPM) through ports 161 and 162. This configuration allows you to monitor CPU, memory, and other critical components from the SolarWinds Orion Web Console.
After you enable the service, you can set up a managed SNMP node on your Orion Web Console to monitor your LEM appliance using an SNMP polling method you configure in the Orion Web Console.
Create a disk usage warning when reaching certain set values
The appliance menu now includes the diskusageconfig command. Use this command to set up an event in the Monitor view that warns you when the partition reaches a predetermined use limit.
Below is an example of the diskusageconfig command.
cmc::appliance > diskusageconfig Current Disk Usage Configuration: # | Partition (filesystem) | Configured limit ================================================ 1 |LEM (/user/local) |90% 2 |OS (/)|90% 3 |Logs/Data (/var/) |10G 4 |Temp (/tmp)|90% ------------------------------------------------ You can define your disk use limit by the percentage of unavailable disk space (such as 75%) or the amount of free disk space (such as 58G). Enter the partition number you want to change (enter'exit' and press <Enter> to quit:
The disk use limit can be set a percentage of unavailable disk space (such as 75%) or the amount of free disk space (such as 58G). When the limit is reached, an InternalWarning event displays in the Monitor view.
For example, when you set the OS disk partition limit to 40%, an event displays in the All Events grid and SolarWinds Alerts when the limit is reached.
ManageMonitor Warning! Disk Usage: The OS filesystem is over 40% full!
If you set the OS disk partition limit to 2GB, an event displays in the All Events grid and SolarWinds alerts when the limit is reached.
ManageMonitor Warning! Disk Usage: The OS filesystem has under 2G left!
When you set the Logs/Data partition (3), a message displays prompting you to consider changing the database disk configuration using the dbdiskconfig command. SolarWinds recommends setting the Logs/Data partition and the database disk configuration to the same value.
Monitor multiple managers in the console
The multimanagerconfig command enables the multimanager so you can connect to multiple managers in the console.
If you enable multimanager, some security scanners may generate security warnings about your appliance for crossdomain. If this feature is not required, keep it disabled.
- "What's New" widget in the Ops Center describes new features and improvements in this release.
- Oracle Java version 8 provides security enhancements and improved agent integration with systems running Microsoft® Windows® 10.
New customer installation
For information about installing LEM, see the SolarWinds Log & Event Manager 6.3.0 Quick Start and Deployment Guide.
How to upgrade
If you are upgrading from a previous version, use the following resources to plan and implement your upgrade:
- Use the LEM Upgrade Guide to help you plan and execute your upgrade.
- When you are ready, download the upgrade package from the SolarWinds Customer Portal.
If you are using multimanager, LEM Managers are disconnected after the upgrade to 6.3.0. To reconnect, setcrossdomainconfig to True (enabled). Your Flex cache must be cleared (F12 hotkey) to see the change.
LEM 6.3.0 fixes the following issues:
|The Event Details pane in the Monitor view now displays accurate information in the InsertionIP and DetectionIP fields to improve search results.|
|LEM is now running Apache Tomcat® version 8 for improved security.|
|744453||Running BlazeDS in a LEM environment no longer generates "out of memory" messages.|
|828868||An issue with the Rapid7 Nexpose Connector was resolved.|
|828868||An issue with the Rapid7 Nexpose Reader was resolved.|
|849537||Rules that include a SourceMACaddress correlation condition will now fire properly.|
|For improved security, LEM no longer supports the Transport Layer Security version 1 (TLSv1) cryptography.|
|861621||An issue with the Microsoft SQL (MSSQL) Auditor connector was resolved.|
|865152||LEM will no longer lose its connection to the syslog server when you upgrade to version 6.2.0 and change the host name.|
|Installing an AIX agent no longer generates errors or installation issues.|
|871908||To meet the U.S. Department of Defense requirements, LEM now generates an alert when the LEM appliance hard drive capacity reaches 75%.|
|828273||The LEM Console login screen no longer fills unpopulated username and password fields with asterisks (******).|
|An issue with an agent detecting its own IP address was resolved. The agent can properly connect to the manager appliance.|
|An issue with the HyperSQL database was resolved.|
|N/A||CVE-2015-3195 - OpenSSL sensitive information leakage|
|N/A||CVE-2015-3197 - Possible to use disabled ciphers|
|N/A||CVE-2015-3269 - BlazeDS XXE|
|N/A||CVE-2015-7547 - Critical vulnerability of glibc|
|N/A||CVE-2016-0703 - Bleichenbacher RSA padding oracle|
|N/A||CVE-2016-0777 - OpenSSH sensitive information leakage|
|N/A||CVE-2016-0778 - OpenSSH DoS/buffer overflow|
|N/A||Java/RMI deserialization vulnerability|
|N/A||CVE-2015-7575, CVE-2015-4835, CVE-2016-0686 - Oracle Java SE Multiple Vulnerabilities|
|N/A||SSH Weak Algorithms Supported|
|N/A||CVE-2015-4000 - SSL/TLS Diffie-Hellman Modulus <= 1024 Bits (Logjam)|
|N/A||CVE-2015-5174 - Directory traversal vulnerability in RequestUtil.java in Apache Tomcat|
|N/A||CVE-2015-5345 - Directory discovery vulnerability in RequestUtil.java in Apache Tomcat|
|N/A||CVE-2015-5346 - Session Fixation vulnerability in Tomcat|
|N/A||CVE-2015-5351 - CSRF token leak in Tomcat|
|N/A||CVE-2016-0706, CVE-2016-0763 - Security manager bypass in Tomcat|
|N/A||CVE-2016-0714 - Security Manager bypass via persistence mechanisms|
|N/A||Adobe cross-domain http://www.adobe.com/devnet/adobe-media-server/articles/cross-domain-xml-for-streaming.html|
LEM 6.3.0 includes the following connectors.
|872821||Barracuda Load Balancer ADC|
|637488||Barracuda SSL VPN|
|854919||Cisco® ISE data not standard syslog|
|828484||Windows® Network Address Translation (WinNAT) Operational log-DirectAccess|
|828482||Base-Filtering-Engine (BFE) Resource Flows Operational log-DirectAccess|
|734401||Applications And Services Logs|
|867735||Windows VMWare® logging|
|916812||Arbor® Networks Peakflow®|
|938303||Cerberus FTP Server|
Installing the 6.3.0 HP-UX agent may generate errors
Issue: When you run the 6.3.0 HP-UX agent installer, you may receive unexpected results.
Work-around: Install the agent using the 6.2.1 HP-UX agent installer.
Using underscores in custom report search terms does not return report data
Issue: When you open the Reports console and generate a report using an underscore ( _ ) in your search query, the report does not include your search data.
Work-around: Avoid using underscores in your report search queries.
Widgets and filters may not load for a new LEM user
Issue: When you click Build > Users and create a new Admin user, the widget and filter options do not load into their Ops Center and Monitor views.
Work-around: Log out of the console, clear your browser cache, and then log back in to the console.
Enabling and disabling rules may generate unexpected results
Issue: When you click Build > Rules and enable or disable a rule, the console redirects you to the All Rules category. The rule status does not change.
Work-around: Refresh the console.
Reports console generates an error when entering a date format
Issue: When you open the Reports console, generate a report, and select a date format, the console generates an error stating that your selected format is not a valid date and time.
Work-around: Use the supported date format. See "Run and schedule reports" in the LEM User Guide for the supported date formats.
Creating FIM rules in a clustered environment generates unexpected results
Issue: After you install the 6.3.0 HP-UX agent, the system may generate errors.
Work-around: Use Windows File Auditing instead of File Integrity Monitoring (FIM). See your Windows Server operating system documentation for more information.
Unable to generate a report using a separate database appliance
Issue: If your LEM appliance is connected to a separate database appliance, you cannot generate the following reports in the Reports console:
- List of Subscription Rules by User
- List of Users
- List of Rules for Rule Subscriptions
Workaround: No known workaround. This issue may be resolved in a future release.
USB Defender disables access to IronKey flash drives
Issue: When you install an IronKey™ flash drive into your USB port, USB Defender prevents you from entering a password to access the drive.
Work-around: Disable USB Defender when using an IronKey flash drive.
Legacy LDAP users display in the List of Users report
Issue: When you migrate from legacy to new LDAP users in the LEM Manager and generate a List of Users report in the Reports console, the legacy users appear in the report.
Work-around: Log on to the CMC, open the Manager menu, and restart the Manager Service. This will take the Manager offline for 1–3 minutes.
Legacy LDAP users do not display in the console
Issue: When you migrate from a legacy LDAP to a new LDAP configuration, legacy LDAP users do not display in the LEM Console. Additionally, these users are not assigned to subscriptions or email actions to rules after the upgrade.
Work-around: Migrate users to the new LDAP configuration using the following procedure:
Upgrade LEM to version 6.3.
- Prompt all users previously running in version 6.2 to log in to the LEM console. If these users do not log in, they will not be migrated to the new LDAP configuration.
- Disable your legacy LDAP configuration.
- Set up a new LDAP configuration in the Admin user interface. All users who logged in to the LEM console are migrated and display in the console.
Error message displays when you upgrade the Desktop Console
Issue: When you upgrade the SolarWinds LEM Desktop Console to version 6.3.0, an error message displays stating that the application cannot be installed due to a certificate problem.
Work-around: Uninstall the current Desktop Console. When you are finished, install Desktop Console version 6.3.0.
Unable to establish an HTTPS connection to the LEM Manager running Windows 7
Issue: When you connect to the LEM manager using Internet Explorer or the Adobe AIR-enabled desktop console on a workstation running Windows 7, HTTPS is disabled. You can establish an HTTPS connection using Google Chrome or Mozilla Firefox.
Work-around: Install the latest Windows 7 updates or upgrade to the latest supported operating system.
© 2016 SolarWinds Worldwide, LLC. All rights reserved.
This document may not be reproduced by any means nor modified, decompiled, disassembled, published or distributed, in whole or in part, or translated to any electronic medium or other means without the prior written consent of SolarWinds. All right, title, and interest in and to the software and documentation are and shall remain the exclusive property of SolarWinds and its respective licensors.
SOLARWINDS DISCLAIMS ALL WARRANTIES, CONDITIONS OR OTHER TERMS, EXPRESS OR IMPLIED, STATUTORY OR OTHERWISE, ON SOFTWARE AND DOCUMENTATION FURNISHED HEREUNDER INCLUDING WITHOUT LIMITATION THE WARRANTIES OF DESIGN, MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE, AND NONINFRINGEMENT. IN NO EVENT SHALL SOLARWINDS, ITS SUPPLIERS, NOR ITS LICENSORS BE LIABLE FOR ANY DAMAGES, WHETHER ARISING IN TORT, CONTRACT OR ANY OTHER LEGAL THEORY EVEN IF SOLARWINDS HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.
The SolarWinds and other SolarWinds marks, identified on the SolarWinds website, as updated from SolarWinds from time to time and incorporated herein, are registered with the U.S. Patent and Trademark Office and may be registered or pending registration in other countries. All other SolarWinds trademarks may be common law marks or registered or pending registration in the United States or in other countries. All other trademarks or registered trademarks contained and/or mentioned herein are used for identification purposes only and may be trademarks or registered trademarks of their respective companies.