BlackStratus SIEM Storm - Leap Day Announcement for Feb 2016
As you may know, BlackStratus recently released the latest update to SIEM Storm, 4.2 Point Update 4. Among the fixes contained in this update is one pertaining to the upcoming Leap Day. Previous versions of SIEM Storm do not properly parse timestamps on Leap Day of device types that do not include a year in their messages, and the messages will be added to the database with an incorrect date. The following device types are affected:
• Barracuda
• Cisco CSC SSM
• Cisco EAP Over UDP
• Cisco IPS over syslog
• Cisco Iron Port – Syslog
• Cisco PIX / ASA / FWSM
(without timestamp from the device)
• Cisco VPN
• F5 BIG IP
• F5 FirePass, IOS ACL
• IOS FW
• IOS IDS
• JunOS FW
• Netscreen FW
• Netscreen IDP
(over syslog from JunOS)
• Nokia IPSO OS Syslog
• Palo Alto
• PeakFlow DoS
• Snort – Syslog
• Tripwire
• VMWare ESXi/VShield Zones
• WatchGuard
If you are currently using SIEM Storm 4.2 the solution is to upgrade to PU-4 any time prior to 2/29/2016.
This will avoid any potential issues with data entry on February 29th.
For customers on prior versions of SIEM Storm, we strongly recommend applying this upgrade as well. However, BlackStratus understand such an update may not be possible in all cases. If for any reason you are unable to upgrade to 4.2 PU-4 at this time, please contact your BlackStratus Support as soon as possible. They will be able to provide a workaround that can be applied after March 1st which will correct any timestamp issues.
If you have any other questions about the Leap Day fix or SIEM Storm 4.2 Point Update 4, please do not hesitate to contact our Support team.
Kind Regards
Comments
0 comments
Article is closed for comments.