Collector Release Notes Timeline

GD Collector 31.004

LogicMonitor GD Collector 31.004 is based on the previously released GD Collector 31.003. It was released on June 29, 2022 and includes the following changes.

Enhancements

• Upgraded log4j to version 2.17.1 to mitigate the log4j vulnerabilities. See Log4j Security Vulnerabilities.

Fixes

• To mitigate the Fastjson “Auto Type Bypass” CVE-2022-25845 RCE vulnerability, we have upgraded Fastjson to version 1.2.83.
• Issues were reported for batch script data collection due to multiple or no periods in the formation of instance name and datapoint name. For example, in the datasource the key value pair has multiple periods –  keyvalue(##WILDVALUE##.storage.totalsize.filesystem) and therefore it failed.
  We have fixed this issue. A datapoint now will not fail even if it has multiple periods or no periods.

• An error was reported when installing Collector in the Kubernetes environment with proxy configuration. The installation failed due to a syntactical error.
  We have successfully fixed this issue. You can now install Collector in the Kubernetes environment.

Looking Ahead

• MGD Collector 31.004 which is based on GD Collector 31.004 will be released on August 30, 2022. It will be forced upgraded on September 29, 2022.

EA Collector 32.200

LogicMonitor EA Collector 32.200 is released on June 27, 2022 and includes the following updates and fixes.

Enhancements

• In addition to CyberArk single account, we have now extended support to CyberArk dual account. This method eliminates delays such as password rotation that may be encountered when using CyberArk single account.
• LogicMonitor now automates the OSS license report generation process. With every Collector EA release, a report of OSS licenses used by the Collector will be generated and bundled with the Collector installer. You can access the report file at the following locations:
  • Linux – /usr/local/logicmonitor/agent/lib/THIRD-PARTY-NOTICES.txt
  • Windows – C:\Program Files\LogicMonitor\Agent\lib\THIRD-PARTY-NOTICES.txt
• In case of persistent script cache, Collector now throws an exception if you set a script cache entry with a value greater than 5 MB. Groovy scripts will then handle this exception in their script.
• As most of the customers have already migrated to script based DataSources to monitor MongoDB instances, we have stopped supporting MONGO as a separate Collector Type. You can still use other collector types, such as SCRIPT, and DataSources to monitor MongoDB instances. For more information, see MongoDB Monitoring. We do not expect this to impact many customers.
• On the Logs page, you can now view values indicating the level of severity as text and not as numbers. The following table displays the new text values for the old number values:

Similarly, for Facility you can view values as text. The following table displays the new text values for the old number values:

• Updated Oracle JDBC jar to version 21.5.0.0. LogicMonitor now supports Oracle database version upto 21c.
• Updated JRE to Amazon Corretto 11.0.15.9.1 as a part of security updates.

Bug Fixes

• To mitigate the Fastjson “Auto Type Bypass” CVE-2022-25845 RCE vulnerability, we have upgraded Fastjson to version 1.2.83.
• Fixed an issue that prevented Collector from downloading link that has large file when executing the HTTP debug command. This caused the Collector to display “outofMemoryError”. To ensure that the HTTP debug command is not used for downloading or reading large files on the debug window, the following updates have been made:
  • Although the HTTP debug command accepts all URLs, it will provide response only for the following supported content types: 
    • text/html
    • text/xml
    • text/javascript
    • text/css
    • text/plain
    • application/json
    • application/xml
      If a URL contains file with non-supported content type, then a message indicating the list of supported content type displays.
  • The HTTP debug command provides file data only for URLs that have less than 10 MB file size. If the file size exceeds 10 MB, a message displays indicating “Response was successful but file size limit exceeded, Supported file size limit is 10 mb.”

EA Collector 32.100

LogicMonitor EA Collector 32.100 was released on June 3, 2022 and includes the following updates and fixes:

Enhancements

We made the following improvements to the Netscan policy:

• You can now configure Netscan policies individually to include or exclude network and broadcast addresses when scanning CIDR ranges. 

• We added a new toggle on the Netscan UI. If the toggle is disabled, the Netscan policy does not scan the network or broadcast address when passed a CIDR range. If it is enabled, the Netscan policy will include the network and broadcast addresses for any CIDR ranges it is scanning. This toggle is applicable only for CIDR notation.

Bug Fixes

• Fixed an issue where Collector bootstrap installation failed when trying to reuse the bootstrap installation binary.

• Fixed an issue where the remote session failed to connect because in the agent.conf file the Collector proxy properties (proxy.host and proxy.port) were not populated.

Known Issue

• The Collector versions are known to have memory leak issues with IPMI on Windows Server 2019. We recommend using Windows Server 2022 on Collectors that need to monitor devices with IPMI.

Looking Ahead

• As most of the customers have already migrated to script based DataSources to monitor MongoDB instances, with the upcoming LogicMonitor EA Collector 32.200 we will no longer have MONGO as a separate Collector Type. You can still monitor MongoDB resources using other Collector Types. For more information, see MongoDB Monitoring. We do not expect this to impact many customers. For more information, see MongoBD Collector Type Removal Notice.

GD Collector 32.000

The GD Collector 32.000 is based on the previously released EA Collector 31.200.

LogicMonitor GD Collector 32.000 was released on June 03, 2022 and includes the following changes.

Enhancements

• LogicMonitor Collector now monitors and identifies changes in the jar files shipped during the Collector installation. Changes are highlighted on the Collector status page.

• Upgraded Amazon Java Corretto to version 11.0.14.10.1.

• On the Logs page, you can now view values in the “Level” column as text and not as numbers:

• To scale Netflow collection and support more devices, the following improvements were made to Netflow configurations:

In addition, the following Netflow configurations were added:

Bug Fixes

• Fixed an issue for Thycotic vault where a slash in credentials (e.g., abc\efg) was displayed as double slash (e.g., abc\\efg) in Collector.
• Fixed an issue where the Collector stopped collecting data from a webpage and displayed a task timeout error when it was redirected from a website/web server to another website that had an extra forward slash ( / ) at the end of the URL. To fix the issue, the webpage.normalize.uri property was added to the agent.conf file and set the value to “true”. This allows customers to manually normalize the redirected URL.
• Fixed a security issue that occurred when the ##WMI.PASS## property used with a single quote ( ‘ ) in the Powershell script exposed the WMI password in the script file.
• Fixed an issue that led to instance grouping failure when the Regular Expression group method was used for empty strings.
• Fixed an issue where the JDBC driver did not load properly. To fix the issue, the following properties were added to the JDBC data collection settings in the agent.conf file:
  • forced.register.jdbc.drivers.enable = true
  • forced.register.jdbc.drivers.list = Name of the drivers. For example, com.sybase.jdbc4.jdbc.SybDriver
• Fixed an issue where modules that relied on ScriptCache to store relatively large payloads failed on the latest EA Collector 31.100. To fix the issue, in the agent.conf file you must set value of the property collector.script.cache.isPersistence to “false” to enable “in-memory” implementation of script cache. To avoid this issue in EA Collector 31.200, the collector.script.cache.isPersistence property is set to “false” by default.
• To resolve scalability and performance issues identified with SSE, we have temporarily disabled SSE starting with EA Collector 31.200. For all new Collector installations in EA 31.200 for Windows and Linux (bootstrap and full-package) the default configuration groovy.script.runner has been set to “agent”.
• Fixed an issue with Windows EventSource alert suppression. Alerts are now suppressed based on the event id.
• Fixed an issue where for Windows Collector the log file EventSources sometimes failed to alert on the last lines. To fix this issue, the eventcollector.logfile.autoAppendEndOfFile property was added to the agent.conf file and its value is set to “false” by default. You can manually set it to “true” to auto append carriage return to consider the last line.

EA Collector 31.200

LogicMonitor EA Collector 31.200 was released on March 31, 2022 and includes the following updates and fixes:

Enhancements

• LogicMonitor Collector now monitors and identifies changes in the jar files shipped during the Collector installation. Changes are highlighted on the Collector status page.
• Upgraded Amazon Java Corretto to version 11.0.14.10.1.
• On the Logs page, you can now view values in the “Level” column as text and not as numbers:

• To scale Netflow collection and support more devices, the following improvements were made to Netflow configurations:

In addition, the following Netflow configurations were added:

Bug Fixes

• Fixed an issue for Thycotic vault where a slash in credentials (e.g., abc\efg) was displayed as double slash (e.g., abc\\efg) in Collector.
• Fixed an issue where the Collector stopped collecting data from a webpage and displayed a task timeout error when it was redirected from a website/web server to another website that had an extra forward slash ( / ) at the end of the URL. To fix the issue, the webpage.normalize.uri property was added to the agent.conf file and set the value to “true”. This allows customers to manually normalize the redirected URL.
• Fixed a security issue that occurred when the ##WMI.PASS## property used with a single quote ( ‘ ) in the Powershell script exposed the WMI password in the script file.
• Fixed an issue that led to instance grouping failure when the Regular Expression group method was used for empty strings.
• Fixed an issue where the JDBC driver did not load properly. To fix the issue, the following properties were added to the JDBC data collection settings in the agent.conf file:
  • forced.register.jdbc.drivers.enable = true
  • forced.register.jdbc.drivers.list = Name of the drivers. For example, com.sybase.jdbc4.jdbc.SybDriver

• Fixed an issue where modules that relied on ScriptCache to store relatively large payloads failed on the latest EA Collector 31.100. To fix the issue, in the agent.conf file you must set value of the property collector.script.cache.isPersistence to “false” to enable “in-memory” implementation of script cache. To avoid this issue in EA Collector 31.200, the collector.script.cache.isPersistence property is set to “false” by default.
• To resolve scalability and performance issues identified with SSE, we have temporarily disabled SSE starting with EA Collector 31.200. For all new Collector installations in EA 31.200 for Windows and Linux (bootstrap and full-package) the default configuration groovy.script.runner has been set to “agent”.
• Fixed an issue with Windows EventSource alert suppression. Alerts are now suppressed based on the event id.
• Fixed an issue where for Windows Collector the log file EventSources sometimes failed to alert on the last lines. To fix this issue, the eventcollector.logfile.autoAppendEndOfFile property was added to the agent.conf file and its value is set to “false” by default. You can manually set it to “true” to auto append carriage return to consider the last line.

EA Collector 31.100

LogicMonitor EA Collector 31.100 was released on February 17, 2022 and includes the following updates and fixes.

Enhancements

• Made improvements to LiveHostSet implementation of data store using chronicle map. This will reduce chronicle map corruption and ensure that script cache will remain after Collector reboot.
• Added support for three new LogicModules: Windows Events Logs Collection, Kubernetes Events, and Kubernetes Pod Logs.
• If you have Synthetics enabled, and you have defined variables in your SIDE file, you can now insert variable values via configuration. You can set them to an instance property, device property, or agent configuration.
• Added debug commands to Syslog LogSource for troubleshooting issues such as pushed logs not being sent to LogicMonitor for a device after applying LogSource.
• For Linux users, the permission assigned to the agentid.cache file is no longer dependent on the umask value set in customer environments.
• Added the ability to select more than one label for instance definitions in the OpenMetrics wizard. You can now create a unique instance key if a single label is not sufficient.
• Added two new fields to the Netflow Collector: ‘PACKETS_TOTAL’ (field ID = 86) and ‘BYTES_TOTAL’ (field ID = 85) . To add these fields, we added two new properties: netflow.latestFlowRecordCache.maxSize and netflow.latestFlowRecordCache.recordExpireInterval.
• Upgraded SSHJ library from version 0.27.0 to 0.32.0. We also improved the user auth implementation for SSHJ. The new implementation now supports the “none” authentication method and the public key authentication.
• Added a whitelist for SHA file verification to ignore unnecessary file verification checks and prevent misleading warnings in the logs. Files with .txt, .pid, and .lock are excluded from SHA verification.
• Extended Collector support for NetFlow monitoring for Meraki devices. We also resolved an issue that prevented Meraki devices with hostnames ending with “.invalid” from resolving DNS for endpoints on the Traffic tab.
• Added a new configuration variable to the agent.conf file ‘autoprops.detectors.ignore.snmp.versions’ to ignore SNMP v1, v2c, and v3 detection tasks by passing either v1, v2c, or v3 values. This prevents autoprop tasks for specified SNMP versions from getting blocked due to the firewall security in the customer environments.
• The Credential Vault integration now runs successfully for PropertySources. PropertySources are now applied to the devices that have Vault integration enabled.
• Improved settings related to log processing and removed the flags for enabling a specific LogSource implementation. Without enabling any flags in the agent.conf file, the LogSource will now start processing logs as soon as users apply LogSource to a device.
• Batch script data collection instance mapping is no longer case sensitive.

Bug Fixes

• Fixed an issue that prevented Collectors from upgrading from GD Collector 30.000 to EA Collector 30.102.
• Fixed an issue that prevented Collectors from upgrading because the previous upgrade package failed to exit. The timeout of the upgrade process is now configurable using the configuration variable “upgrader.exit.wait.time.Insec” and defaults to 30 seconds.
• Fixed an issue where LM Logs used the property  lmlogs.syslog.useTimestampWhenCollectorReceivedLogs=true from the agent.conf file even if the Use Received Time instead of Log Timestamp setting was set to “false”.
• Fixed an issue where a Collector incurred exceptions in the logs as the script parameters were not getting parsed for external PowerShell scripts such as wmi.pass and wmi.user without quotes on the DataSource configuration page.
• Fixed an issue that prevented the Bootstrap installer from downloading for Linux Collectors.
• Fixed an issue where, while installing a Collector using a proxy, if the proxy.port value is not provided on the command line, the proxy.port value is displayed the same as the proxy.host value in the agent.conf file after installation.
• Fixed issues with CWE-757 and CWE-297 in SNISSLSocketFactory in Collectors.
• Fixed an issue where MongoDB instances were not discovered during Active Discovery using the Mongo Discovery task.
• Fixed an issue where after a Collector was downgraded from version 31.100 to 30.001, the proxy details were not retained in the website.conf file.
• Fixed an issue that led to an error when installing a Collector using Kubernetes.
• Fixed an issue where the elapsed time was calculated incorrectly when the PropertySource task failed.
• Fixed the Windows Collector installation issue where the installer failed to accept proxy details entered in the Proxy settings.
• Fixed an issue where the OpenMetrics collection task for multi-instance DataSources failed to get the Active Discovery result.
• Fixed an issue where the Windows Event Log alert messages displayed garbled Japanese 2 byte characters.
• Fixed an issue with the Windows Collector which prevented some OpenMetrics from being reported to Santaba.
• Fixed an issue where Active Discovery failed to parse due to an empty instance in the discovered instances from OpenMetrics.
• Fixed a parsing issue in NetFlow that occurred due to no value in the OUT_PKTS/OUT_BYTES fields in a Collector. The value of IN_PKTS/IN_BYTES will now be populated in these fields.
• Fixed an issue that led to failure in getting Batch script output results in a Windows Collector due to the new line character “/r/n”. System.lineSeparator now splits new lines in Batch script output for all OS types.

GD Collector 30.003

The GD Collector 30.003 is based on the previously released MGD Collector 30.002.

LogicMonitor GD Collector 30.003 was released on February 17, 2022 and includes the following change.

Updates

• Upgraded log4j to version 2.17.1 to mitigate the log4j vulnerabilities. See Lo4j Security Vulnerabilities.

GD Collector 31.003

LogicMonitor GD Collector 31.003 which is based on GD Collector 31.002 is released on January 17, 2022 and includes the following changes.

Updates

• Upgraded log4j to version 2.17.1 to mitigate the log4j vulnerabilities. See Log4j Security Vulnerabilities.

Fixes

• Issues were reported for batch script data collection due to multiple or no periods in the formation of instance name and datapoint name. For example, in the datasource the key value pair has multiple periods –  keyvalue(##WILDVALUE##.storage.totalsize.filesystem) and therefore it failed.
  We have fixed this issue. A datapoint now will not fail even if it has multiple periods or no periods.

• An error was reported when installing Collector in the Kubernetes environment with proxy configuration. The installation failed due to a syntactical error.
  We have successfully fixed this issue. You can now install Collector in the Kubernetes environment.

GD Collector 31.002

LogicMonitor GD Collector 31.002 was released on December 21, 2021 and includes the following changes.

Updates

• Updated log4j to version 2.17 to mitigate the log4j vulnerabilities. See Log4j Security Vulnerabilities.

Known Issues

• When NBAR is enabled on GD Collector 31.002, there could be a delay in Netflow data getting displayed on the UI.
  Workaround: You may set the value of netflow.use.new.logic = false in the Collector agent.conf and restart the Collector.

MGD Collector 30.002

LogicMonitor MGD Collector 30.002 was released on December 17, 2021 and includes the following bug fix:

Updated log4j to version 2.16 to mitigate the Log4shell vulnerabilities. For more information, see Log4j Security Vulnerabilities.