Proofpoint | ObserveIT On-Premises Release Notes Version 7.11.0

This document provides information about new features, issues that were discovered and fixed since the previous release of ObserveIT, and limitations of the release.

It is important that you read this document before you install and configure Proofpoint | ObserveIT 7.11.0.

For information about how to install and upgrade, see:

When installing Windows Agents to a custom location:

include a subfolder in the path, for example C:\custom path\Sub folder for Observeit agent \{agents files and folders}
use the installation script and include the INSTALL parameter (see Installation Parameters)

Resolved Issues

[SUP-19, SUP-166]: Loading time issue for Alert page with many alerts has been resolved.
[SUP-21]: New threshold added for winserv trace file with control for maximum size on the Agent.
[SUP-30, SUP-125]: In some cases, in the Email Diary, recipient information was missing for contacts that were already in the local address book. This has been resolved.
[SUP-106]: Opening a PDF file in a browser is no longer reported as Upload.
[SUP-114]: Improved tracking on Linux when opening a shell from a sudo command.
[SUP-128]: Resolved tampering message when Agent offline data was sent in Activity Replay mode.
[SUP-138]: When using Agent API, you are not able to activate Key Logger
[SUP-148]: Fixed printer detection when regular user (not admin user) send to the printer.
[SUP-150]: Resolved issue when user reached Dashboard page and no users displayed.
[SUP-155]: After upgrading backend, some inactive alerts during duplication were reactivated. This has been resolved.
[SUP-159]: Fixed partial screen for 4K monitor with 150% scale.
[SUP-152]: Improved processing offline data.
[SUP-154]: Issue of missing screenshots after changing sessions after a session timeout, has been resolved.
[SUP-156]: Resolved multiple Updater issue.
[SUP-163]: Device ID field is extracted consistently for both USB connect and copy to USB
[SUP-164]: All Agent DLLS are now monitored for tampering.
[SUP-168]: Resolved issue of non-interactive SSH taking too long to complete on Linux.
[SUP-169]: ObserveIT TA has been updated to support Python to integrate with Splunk 8.0 and higher.
[SUP-172]: Improved indexing of a few key tables to improve DB performance.
[SUP-174, SUP-177]: In reports on Endpoints, in some cases, the value of the recording status showed as active. The issue was resolved.
[SUP-176]: In some cases, timeline displayed empty in User and Endpoint diaries. This has been resolved.
[SUP-178]: Improved screenshot storage during data movement from Hot to Warm.
[SUP-193]: Archiving issue after upgrade has been resolved.

Limitations

Limitations and Known Issues

Release 7.12.0

For files with any of the following extensions: RTF, TXT, PNG, BMP, JPG, JPEG, XML, ZIP, upon adding or removing a label that has protection in a way that the file is renamed (for example, from .txt to .ptxt), the indication for Label Change in some cases is not displayed in the File History tab.
If 2 applications exist with the same name within the Credentials screen in the Developer Portal, then the upgrade process will not be completed successfully, and agents won't be able to be installed.
If you perform a backup and restore of the SQL database, Upgrades registered by the Updater before the restore, will not re-registerand any Upgrade Sets will not be assigned to the Upgrade Updaters.

You will need to force the Updater to re-register the Upgrades server.

For each endpoint, delete oitsettings.json file located in <updater installed location>\Updater Utility\config

For example (default location):

C:\Program Files\Windows Client Utility\Updater Utility\config

Deprecation

The following have been deprecated as they are no longer supported from version 7.11.0:

Internet Explorer is no longer supported for viewing the ObserveIT Web Console.