Release Information

New Features

• USR-670: SNMP Agent Improvements
  • SNMP V3 support added
  • Health monitoring parameters of log collector, data store, web app and licensing
    are exposed through SNMP Protocol.
• USR-464: Installation Improvements
  • Added support to remember installation parameters.
  • Added option for lab environments which uses less RAM
• BFX-709: Search & Live Stream UI Improvements
  • Search and live stream user interface improved to efficiently utilize the space to
    display longer messages better.
  • Added an option to copy message content and expand all messages
• USR-672: Backup encryption now defaults to AES 256 (Previously it was AES 128)
• USR-497: TLS 1.3 Support
  • The log collection and forwarding now supports TLS 1.3
  • TLS 1.2 and 1.3 are the only supported versions
  • Other versions are disabled by default.
• USR-711: Release numbering changes
  • Currently, Scribbler uses <Major>.<Minor>.<Build> format for production releases.
• Going forward, it will be still the same. But minor version will be bumped for every new
  release.
• Nil

Dependency Updates

•  USR-669: Updated to Microsoft dotnet 6.0.1 LTS (Long term support) release with latest
  security patches.
• USR-688: Log collector module (Logstash) updated to latest upstream version with
  security updates and patches.
• USR-688: Datastore (elastic search) updated to latest upstream version with security
  updates and patches.

Security Fixes

• Log4J Vulnerability (CVE-2021-44228, CVE-2021-45046, CVE-2021-45105).
  •  Scribbler Backend Service: Not using log4j for its internal logging. Vulnerability
    not applicable
  • Scribbler Log Collector (logstash): For log processing, filtering, and forwarding
    log4j is not at all used. Log4j is used by the log collector to write its own logs.
    Based on the vendor statement, it is vulnerable. But the vulnerability only
    applicable if any received data / user data is sent to log4j. Scribbler log collector
    does not send any user data to log4j hence the vulnerability is not applicable.
  • Scribbler Data Store (elasticsearch): Log4j is used to write its own log. But the
    vulnerability is not applicable because a security manager component already
    mitigated the issue.
  • However, the upstream modules (logstash, elastic search) patched the above
    vulnerability with the latest patch release. The fixes and patches are
    incorporated into scribbler.

Bug Fixes

• USR-686: Rare random start delay issue in scribbler fixed.
• BFX-713: Scribbler fails to work as expected with McAfee application control (solidifier)
  • Affected Version 1.6
  • Incorrect temp folder configuration of log collector
  • Scribbler takes long time to start in resource constrained environments and
    times out.
  • That is fixed by moving the time-consuming work into a background thread
    which runs after startup initialization is completed.
• BFX-706: A corner case authentication failure issue with Nested Active Directory Groups
  is fixed.
  • A user who is part of two similarly named nested groups had issues during login
    where the system throws access denied.
  • The problem is now correctly handled.

Known Issues

• Nil

Release Information

New Features

• USR-503: Option to forward messages with IP address instead of hostname.
  • Forwarding with hostname (old behavior) is the default.
  • To enable forward with IP Address, the option must be explicitly turned on from
    the syslog forward settings.

Bug Fixes

• Nil

Known Issues

• Nil