|
Date
|
Description
|
State
|
Version
|
|
|
|
|
|
01.02.2023
|
What's New:
- Added support to Windows 2022
- Fixed security vulnerabilities:
- Upgraded OpenSSL to version 1.1.1q
- Upgraded the Tinyxml to Tinyxml2
SHA-256 Checksum: dacbfb72be9e4bddcef19439f9d8aeb35e24fb915bf781bfd376e585944ef0ce
|
GA
|
4.34
|
|
|
|
|
|
03.11.2021
|
What's New:
- Added the Translation table in the Setup Ntevl (Enhanced) MCS Templates.
- Added the following Configuration options in the Setup Ntevl (Enhanced) MCS Templates.
- WMI Query Timeout
- WMI Timeout Interval Unit
- Alarm List Size
- Maximum Number of Threads
- Max Queue Size
- Wait on Max Queue Size
- Variable Name with non-ASCII characters
- Enable Position File Backup Interval
- Position File Backup Interval
- Disable continuous update of position file
- Position File Update Interval
Fixed Defects:
- Fixed an issue with the ntevl probe where a log message is updated if the events do not match the configured event selection criteria. Support case number 32797784
- Fixed an NTELV probe crashing issue. Support case number 32744289
- Fixed an issue related to the Admin console with the error message "Invalid Delimiter, enter any single character (including special character) or tab." Support case number 32788204
- Fixed the Optional Key length issue in OC which is limited to 50 characters by increasing to 256 characters. Support case number 32791496
- Fixed an issue related to the ntevl probe scanning the security log, even though it has been removed from the config. Support case number 32651306
- Fixed the issue with the ntevl probe generating older alarms on restart. Support case number 32679924
- Fixed an issue related to the field length in the NTEVL Templates. The issue is fixed by increasing the max length limit is increased to 256 characters. Support case number 32745066
- Fixed an issue where the ntevl probe crashes while passing the source values other than * for all 3 variants including IM, AC GUI, and MCS application. Internal ticket number DE469232
- Fixed an issue where the Ntevl probe does not generate alerts for the configured events. Support case number 32374750
- Fixed an issue with the ntevl probe which fails to start when using regular expressions. Support case number 32186154
- Fixed an issue in the ntevl mcs template where the probe goes into red state once 'Source' field is as the specified matching criteria. Internal ticket number DE477723
- Fixed an issue with the ntevl probe which crashes when pushing the "exclude profiles" from MCS. Support case number 31888856
- Fixed the ntevl probe issue which throws error 15001 and the job queues are exhausting. Support case number 20320022
- Fixed the installation issue of the Ntevl probe 4.3.2 on the Windows 2016 server. Support case number 01331643
- Fixed an issue with the ntevl probe which fails to start. Support case number 20100795
- Fixed an issue related to the copy operation, where copying a profile does not copy all the data in the profile. Support case number 20040337
- Fixed an issue with the Ntevl Enhanced template which does not allow the creation of the custom variables. Support case number 32747461
SHA-256 Checksum: edcd6567c22d8ea1dba2ef1e8efd85344b2ee53f8b58c7294ce7767b6ed78a70
|
|
4.33
|
|
|
|
|
|
31.10.2018
|
What's New:
- Updated this probe as part of removing dependency on the end-of-life (EOL) Microsoft Visual C++ Redistributables in CA UIM 9.0.2. CA UIM 9.0.2 now uses Microsoft Visual C++ Redistributable for Visual Studio 2017.
MD5 Checksum: d428abb60b5d5fb91130ba9c1b803176
SHA-1 Checksum: f406ae8ff41ebd0f66b9892a1c9bc550bfeddb9a
|
|
4.32
|
|
|
|
|
|
13.02.2018
|
What’s New:
1. The probe uses upgraded version of NTevl probe to send Windows event data to CA App Experience Analytics instead of using third-party tools such as NXLog. For more information, see the Create Profile for Log Analytics section in ntevl AC Configuration.
2. This version of the probe does not support Windows Server 2003.
Fixed Defects:
1. The probe was unable to monitor Windows Event Logs when the log name contained accent characters (é, è, ç, and so on). Support case number: 00849056
2. The 100-character limit on the alarm message in MCS Event Log Template. Support case number: 00821932
Important! This version of probe does not support AES encryption.
For Detailed Release Notes-Please refer
https://docops.ca.com/rest/ca/product/latest/topic?format=rendered&language=&space=UIMPGA&hid=ntevl_RN
Note: Support case(s) may not be viewable to all
SHA-1: c836bbd3ecfff1d55462c3789a5938066217a6d2
MD5: 5a3da68d2bb5f2be29c5a962b084a731
|
|
4.31
|
|
|
|
|
|
10.03.2017
|
What's New:
- The probe now supports AES-128 encryption, which is required for FIPS compliance.
- The probe will monitor Windows systems where FIPS encryption is enabled. For more information, see Enable FIPS Encryption section in ntevl IM Configuration.
Note: You cannot configure the probe from any Admin Console, AC or AC2, interfaces on a FIPS compliant environment.
For Detailed Release Notes-Please refer to https://docops.ca.com/rest/ca/product/latest/topic?format=rendered&language=&space=UIMPGA&hid=ntevl_RN
md5sum: 47a48ec927ce94779a1e685571614108
sha1sum: 4fdb55418fcf0f7e54085f01793e32994e1f60d7
|
|
4.30
|
|
|
|
|
|
30.09.2016
|
What's New:
When deployed on any UNIX based robot, the probe no longer creates a Probename folder on the system.
The probe supports monitoring with an IPv6 environment.
Important! The system, where CA UIM is installed, must be configured with dual stack (IPv4-IPv6).
Fixed Defects:
1. The probe did not save the log list on upgrade. For more information, see the Known Issues section. Support case number 276629
2. Updated ntevl IM Configuration to explain how to use the custom variables as command arguments when Run Command on Match is enabled. Support case number 478602
For Detailed Release Notes-Please refer
http://wiki.ca.com/rest/ca/product/latest/topic?hid=ntevl_RN&space=UIMPGA&language=&format=rendered
Note: Salesforce case(s) may not be viewable to all customers.
|
|
4.24
|
|
|
|
|
|
13.05.2016
|
Fixed Defects:
1. The probe crashed due to incorrect logging of the probe and the evlWMI library. Support case number 255938
2. The probe prompted to restart even when no configuration was changed. Support case number 294129
3. The probe did not interpret 0 as a valid delimiter character on the Admin Console. Support case number 321092
4. The probe configuration did not save on the ntevl Admin Console version 4.21, on Windows 2003 servers. Support case number 323135
For Detailed Release Notes-Please refer
http://wiki.ca.com/rest/ca/product/latest/topic?hid=ntevl_RN&space=UIMPGA&language=&format=rendered
Note: Salesforce case(s) may not be viewable to all customers.
|
|
4.23
|
|
|
|
|
|
18.02.2016
|
What's New:
1. Added support in Infrastructure Management (IM) to specify maximum queue size for larger events to restrict huge memory consumption.
For more information, see Configure Probe Properties.
2. Removed default monitoring of security logs on fresh probe installation. There is no impact on the existing security log monitoring during upgrade from previous versions.
Fixed Defect:
The probe version 4.21 caused high memory and CPU utilization. Support case numbers 00292089, 00291482, 00289006, 00280297, 00276629, 00245245, 00165265
For Detailed Release Notes-Please refer
http://wiki.ca.com/rest/ca/product/latest/topic?hid=ntevl_RN&space=UIMPGA&language=&format=rendered
Note: Salesforce case(s) may not be viewable to all customers.
|
|
4.22
|
|
|
|
|
|
29.12.2015
|
Fixed Defect:
1. Updated information about monitoring security logs for Microsoft Domain Controllers in documentation. Salesforce case 70006645.
What's New:
1. Added support to exclude System, Application and Security logs for monitoring.
For Detailed Release Notes-Please refer
http://wiki.ca.com/rest/ca/product/latest/topic?hid=ntevl_RN&space=UIMPGA&language=&format=rendered
Note: Salesforce case(s) may not be viewable to all customers.
|
|
4.21
|
|
|
|
|
|
11.12.2015
|
Fixed Defect:
1. ERROR eventlog was not mapped with the correct UIM alarm severity. Salesforce case 70007434
2. Updated information about monitoring security logs for Microsoft Domain Controllers in documentation. Salesforce case 70006645
What's New:
1. Re-designed the probe to improve scalability.
2. The new probe design is applicable for Windows Vista and later.
3. Added support to exclude System, Application and Security logs for monitoring.
For Detailed Release Notes-Please refer
http://wiki.ca.com/rest/ca/product/latest/topic?hid=ntevl_RN&space=UIMPGA&language=&format=rendered
Note: Salesforce case(s) may not be viewable to all customers.
|
|
4.20
|
|
|
|
|
|
17.10.2015
|
Fixed Defect:
1. Alarm variables were not expanding for non ASCII Characters. Salesforce case 00166695
2. The probe crashed due to incorrect logging in the probe. Salesforce case 00162278
For Detailed Release Notes-Please refer
http://wiki.ca.com/rest/ca/product/latest/topic?hid=ntevl_RN&space=UIMPGA&language=&format=rendered
Note: Salesforce case(s) may not be viewable to all customers.
|
|
4.12
|
|
|
|
|
|
29.06.2015
|
Upgraded support for factory templates.
For Detailed Release Notes-Please refer
https://wiki.ca.com/rest/ca/product/latest/topic?format=rendered&language=&space=UIMPGA&hid=ntevl_RN
|
|
4.11
|
|
|
|
|
|
15.06.2015
|
Upgraded OpenSSL to version 1.0.0m.
For Detailed Release Notes-Please refer
https://wiki.ca.com/rest/ca/product/latest/topic?format=rendered&language=&space=UIMPGA&hid=ntevl_RN
|
|
4.10
|
|
|
|
|
|
27.03.2015
|
Added support for Factory templates
For Detailed Release Notes-Please refer
https://wiki.ca.com/rest/ca/product/latest/topic?format=rendered&language=&space=UIMPGA&hid=ntevl_RN
|
|
4.03
|
|
|
|
|
|
30.01.2015
|
Added the Enable Position File Backup Interval check box on the Properties tab (Salesforce Case: 0145842)
Fixed Defects:
1.Messages appeared in reverse order when the probe was run on Windows Server 2003 Standard x64 Edition R2 (SP2). (Salesforce Case: 00149339)
2.Probe CPU consumption was very high.(Salesforce Case: 00148116,00152031,00151572,00150479)
For Detailed Release Notes-Please refer
https://wiki.ca.com/display/UIMPGA/NT+Event+Log+Monitor+%28ntevl%29+Release+Notes
Note:Salesforce case(s) may not be viewable to all
|
|
4.02
|
|
|
|
|
|
26.09.2014
|
New Feature:
1. Added the localization support for B-Portuguese, Chinese (simplified and traditional), French, German, Italian, Japanese, Korean, and Spanish languages from both IM and Admin Console GUI. For localization support through Admin Console GUI, the probe must run with PPM 2.38 or later version.
2. Updated the probe IM GUI and Admin Console GUI for specifying the character encoding in different locales.
Note: Do not use the Raw Configure GUI for updating the probe configuration in the non-English locales because it can corrupt the probe configuration file.
Fixed Defects:
1. Fixed the issue of removing quotes, double quotes, and comma from the event message text when generating alarm (Salesforce Case: 00142620, 00140474).
2. Fixed the issue of not displaying Critical alarm severity in the drop-down list, when the probe is hosted on Windows Server 2008 operating system (Salesforce Case: 00132207).
3. Fixed the defect of IM probe GUI where the probe is not saving updated log level in the probe configuration file (Salesforce Case: 00140301).
4. Fixed the issue where is the probe is not resolving the $severity_str variable value (Salesforce Case: 00140472).
5.Fixed the defect where the probe is adding extra characters to the date string while displaying event details on IM probe GUI and in alarms. (Salesforce Case: 00134035, 00133326).
For Detailed Release Notes-Please refer
http://docs.nimsoft.com/prodhelp/en_US/Probes/AdminConsole/ntevl/ReleaseNotes/index.htm
|
|
4.01
|
|
|
|
|
|
27.12.2013
|
Added support for displaying locale specific severity strings.
Added XML view of the event in the probe GUI.
Fixed Defects:
Defect fixed related to probe defaults by deactivating the allerrors profile, which was causing flood of alarms after deploying the probe.
Defect fixed related to two QoS definitions, which the probe was generating even if all the profiles are inactive by default.
Defect fixed related to alarms not being sent when domain name is provided in lower case
For Detailed Release Notes-Please refer
http://docs.nimsoft.com/prodhelp/en_US/Probes/AdminConsole/ntevl/ReleaseNotes/index.htm
|
|
3.90
|
|
|
|
|
|
16.10.2013
|
Japanese event logs issue fixed.
|
|
3.85
|
|
|
|
|
|
12.07.2013
|
Supression Key override with subsystem issue fixed.
Fixed issue related to Alarms generated from ntevl probe are getting de-duplicated.
|
|
3.84
|
|
|
|
|
|
25.04.2013
|
Incorrect event type display issue on japanese text suppported system fixed
Fixed: Log Window does not maximize
Latest event not displayed in Probe GUI, Issue fixed now.
Fixed a defect where select_events does not correctly work from probe utility
invalid characters - slow performance.
|
|
3.83
|
|
|
|
|
|
21.01.2013
|
Corrected usr from DomainName/User to DomainName\User
|
|
3.82
|
|
|
|
|
|
21.12.2012
|
Added functionality to monitor Operational and Admin event logs (introduced from Vista/Windows 2008 onwards).
Added Probe Defaults.
Fixed a defect where probe GUI is slow in responding in case of large number of events.
Fixed memory leaks.
|
|
3.81
|
|
|
|
|
|
14.12.2012
|
Added functionality to monitor Operational and Admin event logs(introduced from Vista/Windows 2008 onwards).
|
|
3.80
|
|
|
|
|
|
25.09.2012
|
Added functionality to allow generation of variables in post message.
Added functionality to provide run command on matching of criteria in watchers.
Fixed the issue of high CPU usage in event mode.
Added 2 byte character support.
Fixed issue of exclusions in alphabetical order missing.
|
|
3.70
|
|
|
|
|
|
07.06.2012
|
Fixed Soc Defects.
|
|
3.63
|
|
|
|
|
|
10.11.2011
|
Fixed a crash occurring when filtering out events.
Added support for adding new variables in profiles without configuring thresholds.
|
|
3.62
|
|
|
|
|
|
04.10.2011
|
Fixed windows event message NOT displayed in Alarm Console on UMP.
Added support for converting event description to a localized form.
Fixed a crash which use to occure when event description is more than 2K size.
|
|
3.61
|
|
|
|
|
|
30.06.2011
|
Support for critical event logs in Windows 2008.
Operator(<, >, <=, >=, =, !=) support for alarm counter.
Support for -Z option to reset the position and start the probe normally.
Fixed DST time difference in Windows NT 5.2.
Fixed SOC defect.
|
|
3.60
|
|
|
|
|
|
20.01.2011
|
Added fixes for web-based Service Oriented Configuration
|
|
3.51
|
|
|
|
|
|
30.12.2010
|
Added support for internationalization.
Added support for reading alarm tokens from cfg.
Added support for Web-based Service Oriented Configuration (SOC).
Added fix for probe stopping to work after an eventstorm.
Added fix for repeated message problems.
Added suppression fix.
Fixed number of instances logic to allow old behaviour.
|
|
3.50
|
|
|
|
|
|
18.08.2010
|
Applied a fix to remove extra white space which was appearing after removing newline characters.
|
|
2.36
|
|
|
|
|
|
05.07.2010
|
Added a fix for replacing recurring hard returns with a single delimiter in description field.
Added a feature in the GUI to enable/disable removal of recurring hard returns.
|
|
2.35
|
|
|
|
|
|
30.06.2010
|
Made changes to libraries with respect to configuration locking.
Fixed defect in display of logs on 64-bit Windows 2008 Server platform.
|
|
3.41
|
|
|
|
|
|
14.05.2010
|
Enhanced the probe to allow generation of variables from message body, and also to send alerts on this variables.
Added support to raise an alert only after a particular number of instances of an event within a particular time frame.
|
|
3.40
|
|
|
|
|
|
18.03.2010
|
Added support for extended NIS database information.
|
|
3.30
|
|
|
|
|
|
30.12.2009
|
Resolved the problem where only a partial event list was fetched. The most obvious situation was on computer restart.
|
|
3.23
|
|
|
|
|
|
18.11.2009
|
Added a fix in evlWmi library for fetching InsertionStrings column value from WMI if Message value is not available.
|
|
3.22
|
|
|
|
|
|
18.11.2009
|
Fixed a crash in evlWmi library.
Added a fix for replacing recurring hard returns with a single delimiter in description field.
Added a feature in the GUI to enable/disable removal of recurring hard returns.
|
|
3.21
|
|
|
|
|
|
30.10.2009
|
Added fix in the probe and GUI for replacing hard returns with user defined delimiter in event description field.
Fixed Day Light Saving time issue.
Stopped using regular expression comparisons to detect duplicate events.
|
|
3.20
|
|
|
|
|
|
30.09.2009
|
LATEST VERSION FOR WINDOWS 2000.
Fixed an issue in excludes activation when probe is upgraded from previous version where excludes activation/deactivation option was not there.
Now, after upgrading from previous version the probe sets all the excludes to active by default.
|
|
2.34
|
|
|
|
|
|
30.09.2009
|
Updated configuration file for event logs, added preconfigured event logs (Application, System and Security) in section.
Updated WMI library for handling custom event logs.
Added key (wmi_timeout) in the setup section of configuration file. This key can be used to set the WMI query timeout in seconds if there are huge number of events.
No propagation alarm functionality issue fixed.
Added fix in Windows Vista running service pack version 1 or below to fetch the event indexes using WMI. Vista version prior to SP2 had an issue where the probe was unable to fetch the event indexes properly.
Added a fix in the evlWmi library for handling computer's FQDN. In some windows platforms when a machine is in a domain the computer field of event logs shows computer FQDN. Earlier the probe was failing when checking watchers/excludes computer field.
|
|
3.10
|
|
|
|
|
|
14.07.2009
|
Fixed an issue in excludes activation when probe is upgraded from previous version where excludes
activation/deactivation option was not there. Now after upgrading from previous version the probe
sets all the excludes to active by default
Added support for checking underlying OS version detection, if the OS version is Windows 2000 or
below the probe triggers an alarm and stops execution
|
|
3.02
|
|
|
|
|
|
30.04.2009
|
Fixed a probe crash on probe deactivate.
Fixed some minor GUI issues.
Optimized GUI & probe code performance.
Added support to prevent alarm flooding in upgrade Added a $evlData variable to get the data associated with the event.
Changed the library from evl to evlWmi (wmi event interface)
|
|
3.01
|
|
|
|
|
|
29.04.2009
|
Fixed the problem of probe not starting on Windows 2000.
Fixed some minor UI issues.
Added support for Windows on Itanium 2 systems (IA64).
Added support for alarm queuing to avoid NAS overloading.
Added severity_str as a message variable.
Fixed some the win64 porting issues/warnings.
Modified the msgEnterVar code to use NimBUS apis instead of custom code.
Fixed the clear exclude issue in evl.lib.
Active/Inactive checkbox for the exclude profiles.
Fixed the bug with the profile ordering in GUI.
Event message fiel lookup revised for Vista/2008.
|
|
2.31
|
|
|
|
|
|
19.12.2008
|
Rebuild following NimBUS library fixes.
|
|
2.23
|
|
|
|
|
|
11.09.2008
|
Improved error handling on finding log file sizes.
Added support for 64-bit Windows (x64).
Please note that, for version 2.21 and higher of this probe, NimBUS Robot version 3.00 (or higher) is a prerequesite. You are advised to carefully read the document
"Upgrading the NimBUS Robot"
before installing/upgrading.
|
|
2.21
|
|
|
|
|
|
28.09.2007
|
Modified regular expression comparison code to avoid
problems with large string comparisons in exclude profiles.
|
|
2.15
|
|
|
|
|
|
05.01.2007
|
Opens registry with the minimum necessary access rights to avoid generating security events on Windows 2003 Server.
|
|
2.14
|
|
|
|
|
|
10.11.2006
|
Added possibility to enter 'localhost' in the computer field of the watch and exclude profiles to only match on events from the local machine to the probe.
|
|
2.13
|
|
|
|
|
|
06.01.2006
|
Modified initial configurator sorting of events. Added option to allow starting the configurator without fetching the event list.
|
|
2.10
|
|
|
|
|
|
03.12.2004
|
Support added for variables in alarm message, suppression key and subsystem. The variables are: profile, description, source, event_id, category, message, log, severity, user, computer and time_stamp.
Quality of service message added for number of events found.
|
|
2.02
|
|
|
|
|