RSA, a Dell Technologies business, announces the release of RSA® Security Analytics 10.6.5  

Document created by RSA Product Team Employee on Dec 4, 2017Last modified by RSA Product Team Employee on Dec 4, 2017
Version 4Show Document
  • View in full screen mode

Dear Valued RSA Customer,

 

Summary:

RSA is pleased to announce the general availability of RSA® Security Analytics 10.6.5.

 

This service pack includes new and enhanced features along with 36 fixes. The following are the highlights of the release. Please refer to product documentation for further details.

  • Improvements for Log Identification and Indexing
  • Better Flexibility for Syslog Source Support
  • Enhancements for Endpoint Integration 

 

There are significant improvements to facilitate Log Parsing and capture more valuable information. By automatically recognizing and parsing common fields – this will deliver immediate value to analysts who rely on meta but may not be parsing experts.  This will speed the time to value when there are new sources feeding the RSA NetWitness Logs solution. 

Highlights for Log Identification and Indexing:

  • Improvements to Log Text Indexing
    • Detect and parse patterns in logs not matching a parser
      • RFC3339 timestamps
      • Domain names
      • Syslog timestamps
      • E-mail addresses
      • IP Addresses
      • URLs
  • Ability to send both IP and hostname for logs configured for collection from a destination hostname
  • Ability to accept logs from event sources that do not fully conform to syslog rfcs
  • Allows saving custom parser modifications to parser.custom file, allowing the updating of the parser from Live without losing customizations

 

 Fixes:

  • 4 issues with Security
  • 12 issues with Server
  • 1 issue with Health & Wellness
  • 3 issues with Investigation
  • 1 issue with Administration
  • 1 issue with Reporting
  • 6 issues with Log Collector
  • 1 issue with ESA
  • 6 issues with Core
  • 1 issue with Warehouse Connector

 

Please refer to RSA Security Analytics 10.6.5 Release Notes for details on fixes referenced above and for update instructions.

 

Affected Products:

RSA Security Analytics 10.5.1 or later

RSA Security Analytics 10.6.0 or later

 

Recommendation:

Customers running Security Analytics 10.5.1.x or 10.6.x.x should apply this Service Pack. For customers on earlier versions, please refer to the upgrade documentation for full details of supported upgrade paths. 

 

EOPS Policy:

RSA has a defined End of Primary Support policy associated with all major versions. Please refer to the Product Version Life Cycle for additional details.

Attachments

    Outcomes