Good news, everyone! Log & Event Manager 5.5 is now available for download. Existing customers under maintenance for both LEM and SIM can download the upgrade on the Customer Portal, and if you're not yet a LEM customer, download the evaluation from our product page and check it out. There's a ton of changes especially for new and evaluating customers that'll help you get started with LEM.
I'll keep this post relatively short and instead send you to the previous blog post for the release candidate that covers all of the new features in detail: Log & Event Manager 5.5 Release Candidate is Here!
If you're new to LEM, an evaluating customer, or want to try LEM but hesitated before, you should check out version 5.5 because:
- You can get LEM installed and showing your syslog data faster than ever with our new connector auto-configuration/discovery
- You can spot issues in your data and see trends faster with our new top 10 and health widgets
- You can more quickly identify useful filters and track potential issues in real-time with the new default filters
- You want to deploy to Hyper-V on Windows 2012
If you've been a LEM (or SIM) customer for a while, you should check out version 5.5 because:
- You can mix and match real-time and historical data with the new top 10 widgets and spot agents or nodes that haven't been sending data lately with the new node health widget
- You can more quickly add new syslog devices and identify that new devices are logging (new "non-agent nodes" are added) with connector auto-configuration/discovery
- You have been confused by language and names within LEM, including things like "what's a tool or connector?" "why is it alert and not event? what's the difference?" and "what the heck is NATO5?", which is much more straightforward and consistent in this version
- You have experienced any issues or requested any features that are mentioned in our release notes such as:
- SNMP trap actions not working with thresholds
- SSL/TLS support for e-mail notifications
- Distinguishing between agent/non-agent nodes in the connected/disconnected nodes area
- Regularly spiking CPU on the LEM virtual appliance
Here's a couple of quick screenshots of the new features, borrowed from the previous post:
Node Health: see when an agent - or device - last sent events; and Top 10 Users: see the most frequent usernames present in your events (check out the other top 10 widgets for rules, events, and nodes)
Connector Auto-Configuration/Discovery: quickly add new nodes and start receiving data without manual configuration steps:
New Default Filters: find what you're interested in faster, in categories that make sense and came straight from customers like you:
For customers, you can find the download by going to "Choose Download" next to LEM in the Customer Portal/License Management, then selecting to download "Upgrade Package for Virtual and Hardware Appliance (includes Appliance, Console & Reports Upgrades) v5.5.0" from the grid.
Questions about this release? Comments about a new feature? Post them here as a reply to this post or in our Thwack discussion space: Security Event Manager (SEM) - Formerly Log & Event Manager. Ideas for new features or want to put in your two cents on what you think we should do next? Post, vote, and comment over in our Thwack Ideas space: Security Event Manager Feature Requests.