Proofpoint | ObserveIT On-Premises Release Notes version 7.13.3
Version 7.13.3
This document provides information about new features, issues that were discovered and fixed since the previous release, and any limitations of the release. It is important that you read this document before you install and configure this version.
For information about how to install and upgrade, see:
This version includes security fixes.
New Features and Enhancements
Dynamic Proxy for Windows Auto Updater
This version supports Dynamic Proxy for Windows Auto Updater allowing Updater-Server communication to go through different proxies dynamically based on PAC file rules.
Prerequisites:
-
Dynamic Proxy requires that Proxy Auto-Configuration (PAC) resides on an accessible Web server.
-
This feature is based on proxy settings defined at the Operating System level. The Operating System must be configured to use dynamic proxy for applications running under the System account (not user account). In order to set it (together with PAC file location) or to find out if it’s already set you can run the following commands as Administrator in CMD or Powershell:
To set it:
-
bitsadmin /util /setieproxy localsystem AUTOSCRIPT http://test.com/proxy.pac
To find out if it’s already set:
bitsadmin /util /getieproxy localsystem
From WinAgentUpdater64bit, configure the settings with ProxyType set to 2
ProxyType=2 Dynamic proxy
Use the following command line arguments for Proxy Server Installation during installation;
ProxyType=0 No proxy (default)
ProxyType=1 Static proxy
ProxyType=2 Dynamic proxy
-
The following apply only to static proxy
ProxyServerHostname="<URL/IP>"
ProxyServerPort="<Proxy Port>"
ProxyDomain="<Domain Login>"
See: Installing the Updater for Agent Auto Upgrade - Proxy Support
Excluded Users in Anonymization Features
These features are accessed from Configuration > Security & Privacy > Security & Privacy > Anonymization in the Exclude Users from being Anonymized area.
Export/Import To populate the list of users/groups that you want to exclude from anonymization, an import/export option has been added. You can import a list of multiple users or groups from a .CSV file. An export option is also available.
It is possible to import a list of multiple users or groups from a .CSV file. CSV file can contain up to 5000 entries.
Items are /imported in the following format with 3 columns, separated by a comma ,.
<Domain of User/Group>, <User/Group name, <Type is either User or Group>
domain.proofpoint.com,bar1,Group domain.proofpoint.com,admin,User domain.proofpoint.com,bar2,Group *,food1,Group*
Exported file name is in the following format:
Excluded Users from being Anonymized - yyyy-MM-dd--HH-mm.csv (example of a valid date is: 2022-08-15--11-56 ).
Domain Field
When excluding users or groups from being Anonymized, you can now use * wild card in the Domain Name field. This will allow you to exclude the same users/groups with existing on different domains.
Exclusion of User/Groups Regardless of Domain Field Name
When excluding users for or groups from being Anonymized, you can now use * wild card in the Domain Name field. This will allow you to exclude the same users/groups with existing on different domains.
Control Access to Anonymization from Console User Settings
When you create or edit a console user, you can allow or block the user access to the Anonymization screens.
From Configuration > Console User > Create User. select Allow access to Anonymization screens if you want to allow the user to access. This option is only available for Admin, Config Admin and Settings Admin roles. When selected, users will have access to the Anonymization tab (Configuring Anonymization) and User Exposure Requests tab (Managing Requests for User Exposure). (These screens are disabled for users without this capability.)
The above configuration is applicable also upon creating or editing an AD Group.
See:Creating and Managing Local Console Users
System Events and Audit information for Report API
Both System Events and Audit information are now externalized to Report API.
Following are the report IDs.
| Tab | Report ID |
|---|---|
| System Events: | system_events_v0 |
| Audit on Logins to Web Console | audit_logins_v0 |
| Audit on Session Playback | audit_session_playback_v0 |
| Audit on Saved Sessions | audit_saved_sessions_v0 |
| Audit on Configuration Changes | audit_configuration_changes_v0 |
Externalized Linux Command Output to Report API (also for Jump Servers)
The output of Linux commands is now externalized to Report API. The new report can be used also on a Jump Servers.
The Report ID is user_command_output_stream_v0
Updated Support
Support Windows Server 2022 (for both Agent & Server)
Auto-install Rosetta (emulation) if it does not exist on Mac M1 supported
Agent for Linux with GUI on Debian 11
Updated to Node js 16.17.0
Updated to .Net 6.0.8
Apple macOS machine running with the M2 chip supported
Windows Installation Wizard Modification
The Repair option was removed from the Windows Installation wizard.
Resolved Issues
[Issue 747]: Upgrade to 7.13.x or versions that included old archived data was resolved.
[Issue 745]: Session playback for some sessions where some screenshots were missing was resolved.
[Issue 740]: Large print job (10 pages or more) is now detected correctly.
[Issue 739]: The issue of failing to play some of the sessions from archive was resolved.
[Issue 734]: The dropdown of visited URL within Alert rules was fixed to remove duplicate entries.
[Issue 720]: Session playback that contains bug file activity was fixed.
[Issue 717]: Enhanced screen recording activation script to improve granting auto-permission for screen recording.
[Issue 707]: Registration of Agent on VMware now has correct hostname.
[Issue 703]: Start-up functionality for Linux Agent on Amazon Linux was resolved.
[Issue 658]: Memory leak related to rcdcl Agent process was resolved.
[Issue 435]: Blocking message on Mac was adapted to also support macOS machines working in Dark mode.
[Issue 408}: The issue of missing screenshots with the Video Player for some user activity was resolved.
[Issue 31]: Upgrade process of backend components that were installed on a non-OS drive (not on the C Drive), was resolved.
[Issue 655, 470]: When an Alert rule was created on exfiltration to all Sync folder vendors, there was an issue with triggering to One Drive. This issue has been resolved.
Supported Versions
SQL Server 2012 is no longer supported.
32 bit is not supported from version 7.13.0 for Agent and Updater.
In-App Elements are no longer supported. In-App element options still appear in some places in the UI, they will be removed in 2022.
For server side components such as the Application Server and Web Console, the following software development frameworks are supported for this version:
Version 7.13.0 and up can be deployed only on SQL Servers that support partitions
You can upgrade to 7.13 (or later) only if your original deployment was installed as partitioned. If your system was installed not as partitioned, a migration will need to be performed. Contact Support to get help with it.
To see whether your current SQL Server deployment supports partitions. use the following commands:use observeit
go
/*
You want to see the following partition schema: PS_Day
PS_Day_DayTime
*/ select * from sys.partition_schemes
go