What's New in This Release

• Monitoring Console: Starting from version 6.3.0 of LogLogic LMI, the TIBCO Hawk® Console is available in LogLogic LMI as the Monitoring Console. Using the Monitoring Console you can monitor the applications and operating systems and define actions for the predefined conditions. For more information, see Monitoring Console in the TIBCO LogLogic® Log Management Intelligence User Guide.
• From the System Settings > General page, you can enable or disable the Advanced Aggregation and Monitoring Console features separately.

• Distributed Advanced Search Queries: You can run Advanced Search queries on a Management Station and specify a list of Remote Appliances to which the query should be distributed. The query is run on all appliances specified, and the combined search results are displayed on the Management Station. For more information, see Distributed Queries in Advanced Search in the TIBCO LogLogic® Log Management Intelligence User Guide.
• DISTINCT statement: You can use the DISTINCT statement in Advanced Search queries to fetch distinct values of data in the search results. The statement can be used in SQL, EQL, and ECL queries. For more information, see FILTER Statement in the TIBCO LogLogic® Log Management Intelligence User Guide.
• Log source picker: You can use data model names in an Advanced Search query or select log sources from the log source picker to generate a query that includes the selected sources. For more information, see Log Source Picker in the TIBCO LogLogic® Log Management Intelligence User Guide.
• Scheduled queries
  • You can run scheduled queries immediately by clicking the Run Now button on the Edit Scheduled Query page.
  • You can choose to send search results as email attachments in PDF, HTML, or CSV format. Earlier search results could be sent only as CSV file attachments.
  For more information about scheduling queries, see Configuring Query Schedules in the TIBCO LogLogic® Log Management Intelligence User Guide.
• A new infrastructure query has been provided to view the status of correlation alerts. For more information, see Correlation Alert SLA Status in the TIBCO LogLogic® Log Management Intelligence User Guide.
• NOT IN function: You can use the NOT IN function in EQL and SQL queries in Advanced Search.

• The following functionality enhancements have been introduced in widgets:
  • Widgets can now be moved or copied to other dashboards.
  • Loading widget data: Earlier, if a query was incorrect, the widget took a long time to display data. Starting with this release, you can stop loading data on the widget and return to the widget settings to verify the query, columns, and so on.
  • In a Number widget, the background color changes to green, yellow, or red based on value of the threshold field.
• New widgets: The following new built-in widgets have been introduced on the Dashboards > Advanced Dashboards > System Status dashboard.
  • stDataFile, indexFiles, metaIndexFiles - Sizes in MB
  • Remote Storage
  • Forwarder Rules
  • File Transfer Rules
  • IO Statistics
  • Estimated time to reach maximum disk usage
  • Status of LogLogic LMI engines
  For more information, see System Status Dashboards in the TIBCO LogLogic® Log Management Intelligence User Guide.
• The following new widget types have been introduced:

  New widget types

  Widget type	Description	For more information, see...
  Bubble chart	Displays data as a bubble chart or a scatter plot.	Bubble Chart in the TIBCO LogLogic® Log Management Intelligence User Guide
  Gauge widget: New types of gauges	Displays the data as needle, wheel, or solid. Previously, only the needle type was displayed.	Gauge Widget in the TIBCO LogLogic® Log Management Intelligence User Guide

• File System Support for Archiving Data: In addition to EXT2 and EXT3, you can use XFS and EXT4 file systems on SAN devices for archiving data. For more information about archiving, see Archiving of Log Data in the TIBCO LogLogic® Log Management Intelligence Administration Guide.
• You can now backup and archive to Amazon S3 buckets. For more information, see Backup Methods in the TIBCO LogLogic® Log Management Intelligence Administration Guide.

• Malicious attacks can be prevented by enabling the CSRF guard property. For more information, see Cross-site Request Forgery in the TIBCO LogLogic® Log Management Intelligence User Guide.
• Security can be enhanced by enabling two-factor authentication. For more information, see Security Settings in the TIBCO LogLogic® Log Management Intelligence Administration Guide.
• You can choose to have emails sent to an SMTP server using the TLSv1 protocol. For more information, see Configuring SMTP in the TIBCO LogLogic® Log Management Intelligence Administration Guide.
• Federal Information Processing Standard (FIPS) libraries are preinstalled in LogLogic LMI. You can now enable or disable the FIPS mode on your LogLogic LMI appliance. Enabling the FIPS mode ensures that FIPS-compliant libraries are used during secure communication. For more information, see the TIBCO LogLogic® Log Management Intelligence Administration Guide.

• An administrator can configure the maximum message length of jumbo messages within the limit of message length that can be processed in LogLogic LMI.
• Jumbo messages from Check Point interfaces can now be processed in LogLogic LMI.

• When you add an aggregation rule from the Management > Advanced Features > Rules > Aggregation page:
  • In the new Compute aggregation for field, you can specify the time when the aggregation computing must start. A one-time calculation of aggregation happens on the data that was already collected prior to the creation of the aggregation rule.
  • In the new Maximum Aggregated Data Storage Size in MB field, you can specify the maximum storage size of aggregated data based on the storage availability in your setup.
  For more information, see Adding an Aggregation Rule in the TIBCO LogLogic® Log Management Intelligence User Guide.

• New System Alerts: The following alerts have been added to the preconfigured system alerts:
  • Emergency Disk Usage
  • Engine Status
  For more information, see Preconfigured System Alerts in the TIBCO LogLogic® Log Management Intelligence User Guide.
• Notifications for Advanced Alerts: In addition to email or syslog notifications for Advanced Alerts, you can now set an SNMP alert notification. For more information, see Manage Triggers in the TIBCO LogLogic® Log Management Intelligence User Guide.

• SNMP Traps: You can now choose to have the SNMP trap cleared after the issue is resolved. You can select the Issue SNMP Trap Clear check box on the Alerts > Manage Alert Rules > Edit Alert Rule > General tab for the required alert rule. For more information, see Adding a New Alert Rule in the TIBCO LogLogic® Log Management Intelligence User Guide.
• Socket timeout: The JDBC read timeout values for the Oracle Audit Database collector can be modified if required.
• New parsers: Now you can use JSON and XML parsers to parse log data. For more information about these parsers, see Data Models in the TIBCO LogLogic® Log Management Intelligence User Guide.
• REST API is now available for creating correlation rules. For more information, see REST API Support for Correlation Rules and Triggers in the TIBCO LogLogic® Log Management Intelligence User Guide.
• A new data type, DURATION, is introduced for sorting, parsing, and formatting timestamps. For more information about scheduling queries, see Supported Data Types in the TIBCO LogLogic® Log Management Intelligence User Guide.
• ROUND function: A new math function has been added in the EQL predefined functions. The ROUND function returns the FLOAT value of the numeric argument rounded to the number of decimal places specified by an integer. For more information, see Predefined Functions in the TIBCO LogLogic® Log Management Intelligence User Guide.
• ULDP library: Implementation of the ULDP library is available in Python version 3.6
• The llversion command displays versions of all components of LogLogic LMI. For more information, see TIBCO LogLogic® Log Management Intelligence Administration Guide.

• Security Guidelines: A new guide that describes the security guidelines for various components of LogLogic LMI has been added in this release. It is available only in PDF format. See TIBCO LogLogic® Log Management Intelligence Security Guidelines.
• LogLogic Glossary: A list of glossary items has been added in the LogLogic LMI documentation in this release. Glossary is available only in HTML format. See TIBCO LogLogic® Log Management Intelligence Glossary.

• The dm-crypt and gocrypt encryption systems are used instead of eCryptfs to encrypt data stored in the appliance.

  dm-crypt is used for encrypting local storage, and gocrypt for remote file storage.

  For more information, see Data Encryption in the TIBCO LogLogic® Log Management Intelligence Administration Guide.
• The data vault feature is not supported in an Amazon AWS environment. Use encrypted volumes such as Amazon EBS or Amazon S3 instead.

system keycopy dsa