Saltar a contenido

Release 25.04

Release notes for 25.04.3

  • Release date: 08/May/2025
  • Type: Standard
  • Main changes: redborder-webui This is the release notes for the patch 25.04.3 of redBorder NDR version 25.04.

This release introduces a new PF_RING DAQ connector and module for enhanced packet capture in redborder-intrusion, along with support for downloading Snort 3 rules via the web UI. Performance improvements have been made to the incidents display, and several issues have been resolved, including pagination failures in Druid queries, sensor tree inconsistencies, and problems editing worklog notes.

What's new

  • #20993 [redborder-intrusion] - Add PF_RING Daq connector to libdaq
  • #20644 [redborder-intrusion][libdaq] - Create new DAQ Module for packet capture using PF_RING drivers
  • #18896 [redborder-webui] Download snort rules job for Snort 3

Improvements

  • #20884 [redborder-webui] Optimize show method of incidents_controller

Resolved Issues

  • #21102 [redborder-webui] Druid query logging pagination in cluster mode is failing
  • #20747 [redborder-webui] Incidents-Worklog. Can't Edit or delete notes on worklog from playbook
  • #20864 [redborder-webui] Moving an IPS sensor on sensor tree from a organization to a namespace doesn't remove the organization.

Release notes for 25.04.2

  • Release date: 07/May/2025
  • Type: Standard
  • Main changes: redborder-webui

This is the release notes for the patch 25.04.2 of redBorder NDR version 25.04.

This release does not introduce new features but includes several UI improvements, such as enhanced sorting in reports, additional device association visibility, and optimized sensor queries. Numerous issues have been resolved across various components, addressing memory errors, interface misconfigurations, UI bugs, and data synchronization problems to improve overall stability and performance.

What's new

There are no new features introduced in this release.

Improvements

  • #20896 [redborder-webui] Reports should be listed by created_at desc (by default)
  • #20733 [redborder-webui] Add a column in MacObject to show the macObjects that has associate InventoryDevice
  • #21106 [redborder-webui] Optimize Inventory Device Flow query to cover at least all the sensors

Resolved Issues

  • #21087 [cookbook-druid] Druid Historical Java Heap Out Space Error
  • #21013 [cookbook-rb-manager][cookbook-rb-ips][cookbook-rb-intrusion][cookbook-rb-proxy][webui] Empty string on organization's megabytes_limit causes no data from sensor
  • #20686 [cookbook-rb-manager] Do not pass memory variable (not in use by memcached cookbook)
  • #20980 [redborder-ips][redborder-intrusion] management_interface is not set in a IPS with one interface and a bypass card
  • #20968 [cookbook-druid] Wrong calculation of indexer memory
  • #20952 [redborder-cgroups] rb_check_cgroups is broken after chef-workstation update
  • #20940 [redborder-manager][redborder-proxy][redborder-ips][redborder-intrusion] openssl-3.0.1.gemspec is back after an update breaking chef-client
  • #20985 [redborder-webui] Tools -> Jobs & Workers not autorefreshing
  • #20939 [redborder-webui] Cannot delete a user that has response_actions
  • #20891 [redborder-webui] In Tools -> license, IPS sensor show as 0/100 even with the licenses apply to the sensor
  • #20890 [redborder-webui] Delayed job that check status of AP is failing after druid update
  • #20807 [redborder-webui] Not generating outliers by selecting with a name that has an accent
  • #20797 [redborder-webui] Error when creating alarm through form after creating alarm with import option
  • #20777 [redborder-webui] User search in Tools -> Users don't work
  • #20734 [redborder-webui] only menu for type ip in events list
  • #20716 [redborder-webui] Adjust top bar correctly and Incidents tab is not seen reducing the screen width
  • #20672 [redborder-webui] Fix "is updating" on Force Update Assets button while job is executing
  • #21097 [redborder-webui] Error undefined method gsub for nil app/views/jobs/info.html.erb
  • #20971 [redborder-webui] Failure to load sensors when IPS module is disabled
  • #20897 [redborder-webui] Default report is created every time a report / external report is created
  • #20898 [redborder-webui] PDF needs to be uploaded again if you edit a report

Release notes for 25.04.1

  • Release date: 21/April/2025
  • Type: Standard
  • Main changes: redborder-webui

This is the release notes for the patch 25.04.1 of redBorder NDR version 25.04.

This release brings significant enhancements to asset management, including the ability to import/export assets, apply multiple type filters with icons, and view the "Locked" status in the index. The CEP service has been integrated into the NG environment, and key components like Chef Infra and Druid have been updated. UI improvements include more intuitive searches, better display elements, and usability tweaks. Additionally, several issues have been resolved to ensure greater stability and a smoother user experience across the platform.

What's new

  • #20665 [redborder-webui] Assets: Add option to Import / Export assets
  • #20662 [redborder-webui] Assets: Add multiple type filters (with the icons) and fix type filters checkbox not resetting
  • #20657 [redborder-webui] Show "Locked" status of Assets in index table and search/filter by this attribute
  • #20474 [redborder-manager][cep] Integrate cep service in NG, activate some rules, check that works
  • #20195 [chef-client] Update version of Chef Infra Client due EOL
  • #19925 [redborder-webui] Add a way to notify visually in the webui when druid historicals are missing
  • #19922 [redborder-manager] Create rb_clean_druid_historical.sh script
  • #17733 [druid] Update to latest Druid, Kafka, Zookeeper Version

Improvements

  • #20778 [redborder-webui] Make user search not case-sensitive when assign a user in Incidents
  • #20774 [redborder-webui] Make source names shorter in incidents and assets
  • #20731 [redborder-webui] Remove "Public IP" as default tab in Traffic
  • #20673 [redborder-webui] Assets: Show Total assets in index assets view

Resolved Issues

  • #20932 [cookbook-keepalived] Remove depedency NetAddr gem
  • #20895 [redborder-webui] Reports search is broken
  • #20892 [rb-aioutliers][cookbook-rb-aioutliers] Update druid broker port
  • #20880 [redborder-webui] Druid discoverypath references not up to date after druid update
  • #20875 [redborder-webui] Druid Indexing has an error 500 when enter (related to task of druid historical #19925)
  • #20865 [redborder-webui] Error when editing cep rules in web
  • #20769 [redborder-webui] Assets: Filter is not working for all fields, it seems only working for Mac Address
  • #20757 [redborder-webui] Fix mitre modal in incidents and reports tab
  • #20738 [redborder-webui] GLPI: Add missing assets comments after asset rework + OS matching improvement needed
  • #20711 [redborder-webui] Assets: Fix the index table in lower screen width
  • #20670 [redborder-webui] Assets: Implement a character limit for the comments field to prevent long entries and do not show full comment in index table
  • #20669 [redborder-webui] Assets: Add validation to ensure MAC and IP addresses are not empty and conform to the correct format using regex.
  • #20660 [redborder-webui] Assets: Return error when updating en asset with empty MacObject
  • #20625 [redborder-webui] The advanced search in the signature policy filters returns a 500 error