This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

General Availability of Transformation Hub 3.0, Investigate 2.40, ArcMC 2.92 & SmartConnector 7.13.0

<update #1 on August 5, 2019: ArcSight SmartConnectors Load Balancer 1.4.0 has also been released and is available for download as of August 3, 2019.>

Original Announcement on August 1, 2019:

We are very excited to announce the general availability of Micro Focus ArcSight Transformation Hub 3.0 (formerly known as ‘Event Broker’), ArcSight Investigate 2.40, ArcSight ArcMC 2.92 & ArcSight SmartConnectors 7.13.0.

Here are the new features and improvements.

ArcSight Transformation Hub 3.0 (formerly known as ‘Event Broker’)

  • Supports the latest Container Deployment Foundation (CDF) code-base.
    • The ‘Arcsight Installer’ process is replaced by the native CDF Installer process.
    • Installation uses the latest CDF release, improving stability and manageability from prior CDF releases.
    • Customers can now choose infrastructure size from a single, shared Worker Node to 10 or more nodes.
    • Upgrades to future releases from version 3.0.0 and patches/hotfixes are now supported in the native CDF Installer, using rolling upgrades through the nodes in the cluster.
    • Installation can use a non-root USER.
    • Changing execution parameters results in a rolling stop/restart of cluster pods to enable the new settings.
    • Supports FIPS at the OS level
  • Wizard-based Container Installer - A far-simpler and more intuitive, wizard-based Installer. Fewer initial configuration properties, with appropriate defaults and allows post-deployment reconfigurations.
  • Non-Container Install Option – Supports install into customer-provided and managed Kafka infrastructure.
  • Completely rewritten documentation. A new CDF Planning Guide used to set up the infrastructure OS, network and storage and a reorganized and rewritten Deployment Guide now contain explicit instructions and more samples and diagrams.
  • Due to the adoption of the native CDF Installer, a fresh Transformation Hub install is required

 

ArcSight Investigate 2.40

  • Data ingestion performance improvements to the Vertica Kafka Scheduler now support hundreds of thousands of Events-per-Second ingestion rates in a multi-node Vertica cluster.
  • Significant search speed performance improvements have been achieved
    • Database locale now defaults to case sensitive searching, greatly improving search speeds. While your speed increases may vary, testing has shown improvements between 17 times faster on a 3-node Vertica cluster to 164 times faster on a 14-node Vertica cluster.
    • Hybrid text indexing improvements, including removal of unnecessary columns.
    • More efficient INTEGER column casting results in far less disk storage required for NULL INTEGER values.
  • Support for the latest Container Deployment Foundation (CDF) code-base.
    • The ‘Arcsight Installer’ process is replaced by the native CDF Installer process.
    • Installation uses the latest CDF release, improving stability and manageability from prior CDF releases.
    • Customers can now choose infrastructure size from a single, shared Worker Node to 10 or more nodes.
    • Upgrades to future releases from version 2.40 and patches/hotfixes are now supported in the native CDF Installer, using rolling upgrades through the nodes in the cluster.
    • Installation can use a non-root USER.
    • Changing execution parameters results in a rolling stop/restart of cluster pods to enable the new settings.
    • Supports FIPS at the OS level
  • Wizard-based Container Installer - A far-simpler and more intuitive, wizard-based Installer. Fewer initial configuration properties, with appropriate defaults and allows post-deployment reconfigurations.
  • Completely rewritten documentation. A new CDF Planning Guide used to set up the infrastructure OS, network and storage and a reorganized and rewritten Deployment Guide now contain explicit instructions and more samples and diagrams.
  • Due to the adoption of the native CDF Installer and significant Vertica improvements, a fresh Investigate install is required

 

ArcSight ArcMC 2.92

  • Centralized upgrade of 32-bit Connectors to 64-bit Connectors from ArcMC
  • Address vulnerabilities and update components to latest releases
  • OS Update Patch
  • Refer to the Release Notes for a list of specific customer-reported issues and  features addressed.
  • Now supports the rebranded Transformation Hub component (formerly Event Broker) and its new Kafka Topic names
  • Improved usability, error handling and performance of infrastructure host management
  • Updated components – Updated JRE, OpenSSL and MONIT and security vulnerability fixes

 

ArcSight SmartConnectors 7.13.0

New Device, Component, OS Version Support

  • Tenable Nessus .nessus File 8.3.1
  • Microsoft Windows Event Log – Native
  • Added support for Windows PowerShell in WINC connector for the following log types:
    • Windows Powershell
    • Microsoft-Windows-PowerShell/Operational
  • Oracle SYSDBA Audit Multiple Folder DB version 18c
  • Oracle Audit XML File version 18c
  • Oracle Audit Windows Event Log Native version 18c
  • Oracle Audit Syslog version 18c
  • Oracle Audit DB version 18c
  • Symantec Endpoint Protection DB SEP DB 14
  • McAfee ePolicy Orchestrator DB version 5.3 added support for McAfee Application and Change Control (SolidCore) 6.2
  • Dell ChangeAuditor DB version 6.9
  • Symantec Data Center Security DB version 6.7
  • IBM Site Protector DB added support for Proventia Network Intrusion Prevention System and Security Network Protection
  • MS DHCP File added support for Windows Server 2019

 

Smart Connectors support and/or Improved parsing and mapping for

  • Oracle Unified Audit Trail DB
  • Apache HTTP Server Syslog
  • FlexConnector REST
  • MS Forefront Threat Management Gateway File
  • Symantec Endpoint Protection DB
  • McAfee ePolicy Orchestrator DB
  • Linux Audit Syslog/ Linux Audit File
  • Pulse Secure Pulse Connect Secure Syslog
  • Check Point Syslog
  • McAfee Network Security Manager DB (Time-based)
  • Cisco Secure ACS Syslog
  • Squid Web Proxy Server File
  • Citrix NetScaler Syslog
  • McAfee ePolicy Orchestrator DB
  • McAfee Network Security Manager DB (ID-based)
  • Microsoft Azure Monitor Event Hub
  • Various security fixes, feature updates, and bug fixes.

 

ArcSight Collectors 7.13.0

  • This product will be re-released at a later date. Please watch for a separate announcement at the "ArcSight Product Announcements" page.
  • Please note, if you require this solution sooner than the GA release, please open a Support Ticket by contacting Customer Support.

 

ArcSight SmartConnectors Load Balancer 1.4

  • This product will be re-released at a later date. Please watch for a separate announcement at the "ArcSight Product Announcements" page.
  • Please note, if you require this solution sooner than the GA release, please open a Support Ticket by contacting Customer Support.

 

Downloading Software through Software Entitlement Portal

Please note that all ArcSight Transformation Hub, ArcSight Investigate, ArcSight Management Center and ArcSight SmartConnector customers with active support subscription can upgrade to the latest releases mentioned above. If you own these components individually, then you can access the new software from the software entitlement portal.

ADP / Security Data Platform customers - Please note that, with this release, that name has changed to Security Open Data Platform (SODP).

Documentation can be found as follows:

ArcSight Transformation Hub 3.0

  • Transformation Hub 3.0.0 Administration Guide
  • Transformation Hub 3.0.0 Release Notes
  • Transformation Hub 3.0.0 Deployment Guide
  • CDF Planning Disk Sizing Calculator
  • CDF 2019.05 Planning Guide
  • Transformation Hub Non Containerized (THNC) 3.0.0 Deployment Guide

ArcSight Investigate 2.40

  • ArcSight Investigate 2.40 Release Notes
  • ArcSight Investigate 2.40 User's Guide
  • ArcSight Investigate 2.40 Deployment Guide

ArcSight Management Center (ArcMC) 2.92

  • ArcMC 2.92 Release Notes
    ArcMC 2.92 Administrator's Guide

ArcSight Smart Connector Framework 7.13.0

  • Smart Connector Framework 7.13.0 Release Notes
  • Smart Connector Framework 7.13.0 User Guide
  • Smart Connector Framework 7.13.0 Configuration Guides

If you have any questions, please contact Customer Support.

Thank you,

ArcSight Product Team

Labels:

ArcMC
SmartConnectors
Investigate
Transformation Hub
Event Broker
Announcements
Parents
  • 0

    I tried to update a 7.12 SC to 7.13 (ArcSight-7.13.0.8178.0-Connector-Linux64.bin) and got below message [1]

    Am I the only one?

    Cheers

    A

     

    [1]

    ===============================================================================
    Previous Installation Found - No Update Possible
    ------------------------------------------------

    A previous installation of an ArcSight SmartConnector was found in the
    selected folder, however, ArcSight SmartConnector installer is unable to
    update it automatically. Please select a different folder.

    PRESS TO ACCEPT THE FOLLOWING (OK):

     

  • 0 in reply to 

    Hello,

    I think, that this error/message appear if you have more than one connector deployed in container. In this case, upgrade should be possible via ArcMC.

    We performed some upgrades 7.12 --> 7.13 without problem.

    Josef

Reply
  • 0 in reply to 

    Hello,

    I think, that this error/message appear if you have more than one connector deployed in container. In this case, upgrade should be possible via ArcMC.

    We performed some upgrades 7.12 --> 7.13 without problem.

    Josef

Children