Sensor update set – 6/27/2023
NOTE: This update set includes the following in addition to all existing sensors.
Sensor Name | Details of Update |
|---|---|
Supervisor Service Not Found | Name changed to Supervisor Not Installed |
Supervisor Service Not Running | Name changed to Supervisor Installed Not Running |
SysTrack Agent Not Responding | Name changed to Agent Not Talking to Supervisor |
SysTrack Agent Restarted | Name changed to Agent Restarted by Supervisor |
Failed SysTrack Connections | Retired |
SysTrack Connections Rejected | Retired |
MS Office Outdated | Bug fix for case of no usage data available |
Possibly Battery Issues | Bug fix for SQLite endpoint databases |
Health Score Issues | New Sensor |
Password Expiration | Bug fix for non-expiring password accounts |
Application Crash After Software Change | Bug fix for SQLite endpoint databases |
Sensor update set – 5/15/2023
NOTE: This update set includes the following in addition to all existing sensors.
Sensor Name | Details of Update |
|---|---|
Unused System | Updated to avoid false positives on systems where the SysTrack agent was just installed |
WebEx - Excessive IOPs | Name changed from WebEx - Excessive Disk Utilization |
Critical App Connectivity | Updated description |
Application Connectivity Problem | Updated description |
USB Device Plugged In | New Sensor |
License - Vendor Daemon CPU Usage | Updated default variable value to match units returned from the sensor |
Sensor update set – 4/3/2023
NOTE: This update set includes the following in addition to all existing sensors.
Sensor Name | Details of Update |
|---|---|
Zoom Faults | Renamed to Zoom - Crash |
Teams - Faults | Renamed to Teams - Crash |
WebEx - Faults | Renamed to WebEx - Crash |
CPU Throttling | Updated description to include trigger conditions |
PhishMe Reporter Add-In Disabled | Updated to reflect the new name of the Addin. Sensor name changed to Cofense Reporter Add-In Disabled |
BitLocker Encryption Method | Bug fix |
Real Time Latency Impact | Updated Resolution |
Cisco AnyConnect VPN Client Disabled | Disabled by default. Enable using the CiscoAlwaysOn variable. This sensor is intended for environments where VPN should be always on. |
PVS - Cache Disk Low Space | Changed evaluation rate to once every 60 seconds to speed up response to data changes |
Java Plugin Disabled in IE | Link in Resolution fixed |
Disk Space Available | New sensor |
Firewall Status | New sensor |
Encryption Status | New sensor |
Reboot Status | New sensor |
Password Expiration | New sensor |
GPO Up-to-Date | New sensor |
Operating System Up-to-Date | New sensor |
Critical Application Crash | New sensor |
AD Password Expiration | Updated to only evaluate for the logged on, active user account |
Sensor update set – 1/13/2023
NOTE: This update set includes the following in addition to all existing sensors.
Sensor Name | Details of Update |
|---|---|
BitLocker Conversion Status | Updated to only evaluate C and D drives by default, controlled by Included_Drives variable, updated Prevent description. |
BitLocker Encryption Method | Updated to only evaluate C and D drives by default, controlled by Included_Drives variable. |
BitLocker Protection Status | Updated to only evaluate C and D drives by default, controlled by Included_Drives variable, updated Prevent description. |
Suggested System Restart | Modified to avoid potential false positives. |
Symantec Management Agent Service Stopped | Modified to avoid potential false negatives, added logic to delay evaluation by 10 minutes after a reboot or startup. |
Software Inventory Service Stopped | Added logic to delay evaluation by 10 minutes after a reboot or startup. |
Qualys Cloud Agent Disabled | Added logic to delay evaluation by 10 minutes after a reboot or startup. |
Qualys Cloud Agent Stopped | Added logic to delay evaluation by 10 minutes after a reboot or startup. |
Possible Battery Issues | Updated to avoid data conversion issue on SQLite databases |
NetScaler - STA Conn Failure | Updated to avoid potential false positives |
Unexpected Local Administrator | Added a new variable, Nonstandard_local_admin, for dynamic local admins (format of SystemName\AccountName), disabled by default (enable using Unexpected_Local_Admin_OnOff variable), updated Resolution. |
Teams - Faults | Updated to include support for MacOS systems |
Teams - Hangs | Updated to include support for MacOS systems |
GDI Object Leak Detected | Fixed issue so the days leaking number displays accurately |
Handle Leak Detected | Fixed issue so the days leaking number displays accurately |
Memory Leak Detected | Fixed issue so the days leaking number displays accurately |
Non-Paged Pool Leak Detected | Fixed issue so the days leaking number displays accurately |
Paged Pool Leak Detected | Fixed issue so the days leaking number displays accurately |
Thread Leak Detected | Fixed issue so the days leaking number displays accurately |
User Object Leak Detected | Fixed issue so the days leaking number displays accurately |