Collector Release Notes Timeline

GD Collector 32.004

LogicMonitor GD Collector 32.004 is released on November 01, 2022. GD Collector 32.004 is a patch to the previously released GD Collector 32.003. This patch release mitigates the following high severity issue.

Fix

• Fixed an issue where wmi password in plain text was exposed in the Event viewer during Poll Now. We have masked the password to strengthen its security.

EA Collector 32.400

LogicMonitor EA Collector 32.400 is released on September 22, 2022 and includes the following updates.

Enhancements

• Upgraded Corretto JRE version to 11.0.16.8.1 to mitigate Xalan (XSLT) parsing vulnerability CVE-2022-34169.
• To resolve the delay in log ingestion, we removed the synchronisation added to send logs to ingest API. We also verified that the existing flow of logs is working.
• If the updateToNonRoot.sh script fails to migrate Linux Collector from root to non-root, or if there are any issues after migration, customers can now run the revertToRootUser.sh script to roll back migration. The script is available in the agent/bin folder.
• As most of the customers do not use jt400-full-6.0.jar (IBM iSeries/AS400 JAR) in core LogicMonitor DataSources to monitor IBM I series databases, we have removed support for this file.
• Since mail.jar is rarely used in Collector, we removed it from Collector codebase. We replaced it with jakarta.mail-2.0.1.jar.
• The Synthetics Selenium collection will now retry all commands rather than a specific subset, so that customer tests will be more resilient to failures due to minor timing discrepancies. Also, instead of maintaining multiple jars of the Synthetic library, we have now consolidated them in an all-in-one jar in the synthetics-monitoring-all-in-one:1.0.0-RC2.
• Improved the Enhanced Script NetScan feature by enabling NetScan to assign a single device to multiple resource groups.
• Collectors can receive SNMP traps, but they can only use one SNMP community string (V1 and V2C) or a set of credentials (V3) to decrypt the traps. This does not work if users have multiple systems sending traps with different community strings to the same Collector. To bridge this gap, users can now override eventcollector.snmptrap.* by setting that as a host property on the device. Collector will first check for the host property before checking agent.conf when decrypting a trap. If it is not specified in the host property, then it falls back on agent.conf eventcollector.snmptrap.*
• We added LM Log: Script type to LogSources. Using Groovy script you can now collect logs from scripts/APIs and send them to LogicMonitor. There is no need to separately create datasources to send logs from scripts to LogicMonitor. Instead, you can directly use Script LogSource for the same.
• It was reported that MBeans are not queried successfully because Collector does not support the first level attributes that contain dots, for example, jira-software.max.user.count. Collector treated it as composite attribute and split it based on the dots. To instruct Collector not to split the attribute, we added a backslash ( \ ) before a dot (.) such as jira-software\.max\.user\.count

Fixes

• It was reported that the currently used PostgreSQL JDBC jar version 42.3.2 is vulnerable to CVE-2022-31197. We therefore upgraded PostgreSQL JDBC jar to version 42.4.1.
• Fixed an issue where redundant data was concatenated during polling using Windows and Linux Collector for OpenMetrics. 

GD Collector 32.003

LogicMonitor GD Collector 32.003 is released on September 20, 2022. GD Collector 32.003 is a patch to the previously released GD Collector 32.002. This patch release mitigates the following high severity issue.

Fix

• After upgrading Collector from EA Collector 29.106 (or prior version) to MGD Collector 31.004, when you upgrade it to GD Collector 32.002, the upgrade fails with a null pointer exception. We have applied a fix to resolve this issue.

MGD Collector 31.004

LogicMonitor MGD Collector 31.004 is released on August 30, 2022. It is based on the previously released GD Collector 31.004, and includes the following updates:

Enhancement

• Upgraded log4j to version 2.17.1 to mitigate the log4j vulnerabilities. See Log4j Security Vulnerabilities.

Fixes

• To mitigate the Fastjson “Auto Type Bypass” CVE-2022-25845 RCE vulnerability, we have upgraded Fastjson to version 1.2.83.
• Issues were reported for batch script data collection due to multiple or no periods in the formation of instance name and datapoint name. For example, in the datasource the key value pair has multiple periods – keyvalue(##WILDVALUE##.storage.totalsize.filesystem) and therefore it failed.
  We have fixed this issue. A datapoint now will not fail even if it has multiple periods or no periods.
• An error was reported when installing Collector in the Kubernetes environment with proxy configuration. The installation failed due to a syntactical error.
  We have successfully fixed this issue. You can now install Collector in the Kubernetes environment.

GD Collector 32.002

LogicMonitor GD Collector 32.002 is released on August 29, 2022. GD Collector 32.002 is a patch to the previously released GD Collector 32.001. This patch release mitigates the following high severity issues.

Enhancements

• We have identified a security vulnerability in the JDBC Jar file for postgres. As per Veracode SCA scan report, the currently used Postgresql version 42.3.2 is vulnerable to CVE-2022-31197. It is therefore mandatory to upgrade to Postgresql version 42.4.1.

Fixes

• It was reported that it takes more time to upgrade Collector version from MGD Collector 30.002 to GD Collector 31.002. When it crosses more than 3 minutes, a false event is generated which leads to Collector down alert. Although the issue was fixed in EA Collector 32.100, we have again provided a patch to it in this current release.

EA Collector 32.300

LogicMonitor EA Collector 32.300 is released on August 9, 2022 and includes the following updates.

Enhancements

• Improved Advance NetScan by adding a new Enhanced Script NetScan method. It inherits all the features of the existing Script NetScan and includes other new features:
  • Ability to filter resources based on properties for Script NetScan.
  • Resource-level properties are used as filters to determine which resource should be discovered. These properties are analysed during NetScan.
  • Auto create Resource group for Script NetScan. The group name is optional. If the group is not available, the device is assigned to the default group.
  • Users can mention any group name. If it does not exist, the group is created and the device is added to the newly created group.
• As part of the new Enhanced Script NetScan, we have added an ability to assign devices from a single Script NetScan to different Collectors. 
  • The Script output will be a JSONArray containing multiple JSONObjects. Each JSONObject will correspond to one host. 
  • The device credentials can be inherited from a device group, device, or use custom credentials for the scan.
• Upgraded fastjson to version 1.2.83 to mitigate CVE-2022-25845 vulnerability.
• Collector was unable to start services as CentOS Stream R9 did not have the /etc/init.d directory. We have now made changes to support systemd/system as the default Daemon directory to support the CentOS Stream versions.

Looking Ahead

• As most of the customers do not use jt400-full-6.0.jar (a jdbc driver used in Collector) in standard LogicMonitor mod datasources to monitor IBM I series databases, with the upcoming LogicMonitor EA Collector 32.400, we will discontinue support for this jar. We recommend that customers who have custom datasources should check if they are monitoring any IBM I series database and the occurrence of this jar in their datasource scripts. See Adding Groovy Libraries.
• MGD Collector 31.004 which is based on GD Collector 31.004 will be released on August 30, 2022. It will be forced upgraded on September 29, 2022.

GD Collector 32.001

The GD Collector 32.001 is based on the previously released GD Collector 32.000.

LogicMonitor GD Collector 32.001 was released on June 29, 2022 and includes the following changes.

Enhancements

• LogicMonitor Collector now monitors and identifies changes in the jar files shipped during the Collector installation. Changes are highlighted on the Collector status page.

• Upgraded Amazon Java Corretto to version 11.0.14.10.1.

• On the Logs page, you can now view values in the “Level” column as text and not as numbers:

• To scale Netflow collection and support more devices, the following improvements were made to Netflow configurations:

In addition, the following Netflow configurations were added:

Bug Fixes

• To mitigate the Fastjson “Auto Type Bypass” CVE-2022-25845 RCE vulnerability, we have upgraded Fastjson to version 1.2.83.
• Fixed an issue for Thycotic vault where a slash in credentials (e.g., abc\efg) was displayed as double slash (e.g., abc\\efg) in Collector.
• Fixed an issue where the Collector stopped collecting data from a webpage and displayed a task timeout error when it was redirected from a website/web server to another website that had an extra forward slash ( / ) at the end of the URL. To fix the issue, the webpage.normalize.uri property was added to the agent.conf file and set the value to “true”. This allows customers to manually normalize the redirected URL.
• Fixed a security issue that occurred when the ##WMI.PASS## property used with a single quote ( ‘ ) in the Powershell script exposed the WMI password in the script file.
• Fixed an issue that led to instance grouping failure when the Regular Expression group method was used for empty strings.
• Fixed an issue where the JDBC driver did not load properly. To fix the issue, the following properties were added to the JDBC data collection settings in the agent.conf file:
  • forced.register.jdbc.drivers.enable = true
  • forced.register.jdbc.drivers.list = Name of the drivers. For example, com.sybase.jdbc4.jdbc.SybDriver
• Fixed an issue where modules that relied on ScriptCache to store relatively large payloads failed on the latest EA Collector 31.100. To fix the issue, in the agent.conf file you must set value of the property collector.script.cache.isPersistence to “false” to enable “in-memory” implementation of script cache. To avoid this issue in EA Collector 31.200, the collector.script.cache.isPersistence property is set to “false” by default.
• To resolve scalability and performance issues identified with SSE, we have temporarily disabled SSE starting with EA Collector 31.200. For all new Collector installations in EA 31.200 for Windows and Linux (bootstrap and full-package) the default configuration groovy.script.runner has been set to “agent”.
• Fixed an issue with Windows EventSource alert suppression. Alerts are now suppressed based on the event id.
• Fixed an issue where for Windows Collector the log file EventSources sometimes failed to alert on the last lines. To fix this issue, the eventcollector.logfile.autoAppendEndOfFile property was added to the agent.conf file and its value is set to “false” by default. You can manually set it to “true” to auto append carriage return to consider the last line.

GD Collector 31.004

LogicMonitor GD Collector 31.004 is based on the previously released GD Collector 31.003. It was released on June 29, 2022 and includes the following changes.

Enhancements

• Upgraded log4j to version 2.17.1 to mitigate the log4j vulnerabilities. See Log4j Security Vulnerabilities.

Fixes

• To mitigate the Fastjson “Auto Type Bypass” CVE-2022-25845 RCE vulnerability, we have upgraded Fastjson to version 1.2.83.
• Issues were reported for batch script data collection due to multiple or no periods in the formation of instance name and datapoint name. For example, in the datasource the key value pair has multiple periods –  keyvalue(##WILDVALUE##.storage.totalsize.filesystem) and therefore it failed.
  We have fixed this issue. A datapoint now will not fail even if it has multiple periods or no periods.

• An error was reported when installing Collector in the Kubernetes environment with proxy configuration. The installation failed due to a syntactical error.
  We have successfully fixed this issue. You can now install Collector in the Kubernetes environment.

Looking Ahead

• MGD Collector 31.004 which is based on GD Collector 31.004 will be released on August 30, 2022. It will be forced upgraded on September 29, 2022.

EA Collector 32.200

LogicMonitor EA Collector 32.200 is released on June 27, 2022 and includes the following updates and fixes.

Enhancements

• In addition to CyberArk single account, we have now extended support to CyberArk dual account. This method eliminates delays such as password rotation that may be encountered when using CyberArk single account.
• LogicMonitor now automates the OSS license report generation process. With every Collector EA release, a report of OSS licenses used by the Collector will be generated and bundled with the Collector installer. You can access the report file at the following locations:
  • Linux – /usr/local/logicmonitor/agent/lib/THIRD-PARTY-NOTICES.txt
  • Windows – C:\Program Files\LogicMonitor\Agent\lib\THIRD-PARTY-NOTICES.txt
• In case of persistent script cache, Collector now throws an exception if you set a script cache entry with a value greater than 5 MB. Groovy scripts will then handle this exception in their script.
• As most of the customers have already migrated to script based DataSources to monitor MongoDB instances, we have stopped supporting MONGO as a separate Collector Type. You can still use other collector types, such as SCRIPT, and DataSources to monitor MongoDB instances. For more information, see MongoDB Monitoring. We do not expect this to impact many customers.
• On the Logs page, you can now view values indicating the level of severity as text and not as numbers. The following table displays the new text values for the old number values:

Similarly, for Facility you can view values as text. The following table displays the new text values for the old number values:

• Updated Oracle JDBC jar to version 21.5.0.0. LogicMonitor now supports Oracle database version upto 21c.
• Updated JRE to Amazon Corretto 11.0.15.9.1 as a part of security updates.

Bug Fixes

• To mitigate the Fastjson “Auto Type Bypass” CVE-2022-25845 RCE vulnerability, we have upgraded Fastjson to version 1.2.83.
• Fixed an issue that prevented Collector from downloading link that has large file when executing the HTTP debug command. This caused the Collector to display “outofMemoryError”. To ensure that the HTTP debug command is not used for downloading or reading large files on the debug window, the following updates have been made:
  • Although the HTTP debug command accepts all URLs, it will provide response only for the following supported content types: 
    • text/html
    • text/xml
    • text/javascript
    • text/css
    • text/plain
    • application/json
    • application/xml
      If a URL contains file with non-supported content type, then a message indicating the list of supported content type displays.
  • The HTTP debug command provides file data only for URLs that have less than 10 MB file size. If the file size exceeds 10 MB, a message displays indicating “Response was successful but file size limit exceeded, Supported file size limit is 10 mb.”

EA Collector 32.100

LogicMonitor EA Collector 32.100 was released on June 3, 2022 and includes the following updates and fixes:

Enhancements

We made the following improvements to the Netscan policy:

• You can now configure Netscan policies individually to include or exclude network and broadcast addresses when scanning CIDR ranges. 

• We added a new toggle on the Netscan UI. If the toggle is disabled, the Netscan policy does not scan the network or broadcast address when passed a CIDR range. If it is enabled, the Netscan policy will include the network and broadcast addresses for any CIDR ranges it is scanning. This toggle is applicable only for CIDR notation.

Bug Fixes

• Fixed an issue where Collector bootstrap installation failed when trying to reuse the bootstrap installation binary.

• Fixed an issue where the remote session failed to connect because in the agent.conf file the Collector proxy properties (proxy.host and proxy.port) were not populated.

Known Issue

• The Collector versions are known to have memory leak issues with IPMI on Windows Server 2019. We recommend using Windows Server 2022 on Collectors that need to monitor devices with IPMI.

Looking Ahead

• As most of the customers have already migrated to script based DataSources to monitor MongoDB instances, with the upcoming LogicMonitor EA Collector 32.200 we will no longer have MONGO as a separate Collector Type. You can still monitor MongoDB resources using other Collector Types. For more information, see MongoDB Monitoring. We do not expect this to impact many customers. For more information, see MongoBD Collector Type Removal Notice.