PA File Sight Change History

* Alert on known ransomware file extensions, and even better, on any unexpected file extensions
* Single Sign On
* Configure user rights via groups or continue to use per-user rights.
* A new Security Audit report
* Custom Status Pages
* Graphical File Journey Report
* Automated server to server file copy between the Central Server and Satellites.
* Execute Script action supports PowerShell 7 if it is installed on the server
* Automatic self-signed certificate renewal based on configurable maximum age (note that ACME/Let's Encrypt has been supported for a long time)
* Sections of server reports (charts, monitor status, recent alerts) can be collapsible and default to open/closed
* Partial configuration import allowing you to import pieces of other configurations or just pieces from backup files
* New maintenance mode that can still monitor and record to the database, but not fire actions
* Much faster server and group status reports
* Additional internal security enhancements

* Increasing Strict-Transport-Security maximum age to 1 year
* Stricter failed login lockout counts
* Fixed memory leak
* Faster Inventory Database responses, which helps speed up server status reports
* File Sight audit file tests go further into the monitor internals
* Fixed copying custom properties to computers to not return an error when there wasn't one
* Improved server selector in a few places
* Stable inventory props that are stable don't have to be fresh (no stale check)
* Added help buttons to all monitors and actions
* Fix to handle path matching with wild cards on very long strings
* Fixed an extremely rare crash involving scanning long paths
* A better experience testing database connection strings
* Fixed issue of Console not getting monitor status updates if the Central Server restarts while the Console is running
* Fix for repeating change notifications in the System Audit database
* Inverting monitor status takes more statuses into account
* Saving a Trusted List saves the delta to better prevent overwriting changes from others
* Upgraded to OpenSSL 3.5.4
* Fix for configuration sync issues between the Central Server and Satellites
* Improved efficiency of communication with Satellites, which has also shown reduced memory usage in some cases
* Added Turkish language support
* Better handling when lack of TLS cipher support causes problems
* Added report creation, deletion and changes to the System Audit report
* Better handling of updates to the Trusted Application Rules and Lists
* Improved copy detection in the Endpoint
* Added computer name to IP address in many File Sight alerts
* Database Connection String tester/finder works better with the Encrypt keyword
* Fixed a case where directory reads/writes were not being reported
* Fixed a case where pre-v9 databases didn't get upgraded on install

* Fixed the ignored files always showing "Loading"
* Better handling of busy monitors
* Fixed uninstaller
* Fix for missing some records in PA File Sight when a very large glut of I/Os comes through
* Fixed the Satellite Configuration report
* Able to rename custom reports
* Forcing a monitor to OK state will also reset the Alert Suppression state
* Fix of bug introduced in 9.6.0 that caused some servers to not exit maintenance mode
* Fix for renaming a computer when the new and old names overlap
* Call URL Action's test will return much richer data
* More accurate stuck monitor detection
* Easier to read monitor/computer change notes
* File Sight will react quicker if not monitoring reads or writes
* Change to prevent a very rare deadlock in the File Sight monitor
* Fixed a problem with failing PagerDuty sends when a date was null
* Added $RowVarsCSV$ expansion variable
* Added a Test button to the Write To Event Log action
* Improved auto-forwarding of group reports
* Satellites can be set to auto update from the Central Server
* Fix for missing File Sight alerts about system load
* File Sight Ignored User List can be changed to a Only Watch These Users list
* New user account locked out (for failed PA File Sight logins) audit event
* Fixed a race condition in the Satellite if its clock is far off from the Central Server
* Small CPU efficiency improvement in the PALowPriorityHelper
* Default Global Monitors and templates won't be recreated on service restart
* Fix for missing file activities when Interpret Application Behaviors is turned off

* Upgraded to SQLite 3.50.0.4
* Changing the server name in the Set Server Type dialog will correctly change the name in monitors and credentials
* Fixed an expensive error log
* More efficient communication with Endpoints
* Files and folders going to Recycle Bin can be alerted on more accurately
* Added logging for alert suppression decisions
* Fixed error message when a SNAP Tunnel can't be created
* New Set Protected Satellite Config settings Bulk Config operation
* New Satellite Protected Settings lock
* Replacement variables like $Item(x)$ can use -1 for x to get the item that has a problem

* Updated to OpenSSL 3.5.1
* Updated to latest vcredist (x86 and x64)
* Removed vcredist_x86-2012.exe from the installer
* Changed from SMPP v3.3 to v3.4 which is more common
* Upgraded to Chromium 109
* Fix for Central and Satellites not sharing Endpoint lists
* Improved Endpoint robustness
* Satellites will not send down notifications if the hosting server is in a maintenance window
* Added the status tab to the Advanced Options of the Inventory Collector monitor
* Added support for undocumented configuration merge. Contact Support for help
* SMPP action will try to use a persistent connection, and send one message at a time
* Syslog sender action can send using UTC (default) or local server time
* Fixed email maintenance reply command processing when email format is HTML
* Fixed a rare deadlock
* Chromium helper (Console.exe) processes shut down better
* Better Console operations for a user that doesn't have Windows admin rights on the local computer
* Added $Now(spec)$ replacement variable for usings parts of the date or time
* Added audit log for monitor templates being enabled and disabled
* File Sight will handle the Write TMP, Ren TMP > ORIG pattern that comes from Outlook saving attachments
* File Sight monitors can (registry setting) apply the Ignored Processes to the process returned from the Endpoint
* Minor report CSS improvement
* Deleting an item in the Console will ask for confirmation, with a checkbox to not ask again
* Fixed Dynamic Table reports that sometimes showed an empty first page
* Added Bulk Config "Computers: Copy Computer Custom Properties to Other Computers"
* File accessed by Endpoint can optionally be ignored by the Ignored Processes list
* Fixed a bug in a SQL Server error handler
* Added Support for {+/-}amount{d/w/m/y} for the $Now()$ replacement variable
* More protections from File Sight database writes blocking each other
* Visual Status Map handles the same light being on the map more than once
* Set Satellite Host can use the value DELETE to remove a setting
* Smaller MonitorStatusHistory table in busy installations
* Less CPU usage for large busy installations
* Don't let computers use not-yet-loaded icons in the Console
* Satellite reports will indicate status is the Last Status if not connected
* Fix for $mon.SendMail not working when run on a Satellite
* File & Directory Size monitor can alert separately on previously seen files vs target files not seen
* Load icons from custom folder AND the default folder
* User configurable (via registry) Execute Script editor font size, with larger default
* Monitors that were firing Alert Red were not firing actions
* More stringent user checks in Interpret Application Behaviors
* Fix for web interface reports list under View Existing Reports
* Fixed editing content of Executive Summary parts
* Logging failed login attempts that come through the web interface
* Giving the Helper more time to startup before timing out
* Renamed "System or Network" to "Network (or kernel)"
* New Console status dots - can be configured to go back to the colored borders
* Expression evaluation is more performant
* Fixed a recently introduced issue with rotated log files not getting deleted
* Template propagation is faster
* Fix for the report 12/24 hour setting not being honored everywhere
* More efficient log writing
* Fixed log file temporarily locking during in recursive situations
* Self-signed SSL certificates will automatically regenerate if about to expire
* Endpoints can set Agent_ID to VIRTUAL for VDI situations
* Status Overview report shows monitor status count details
* Better Endpoint support for VDI scenarios
* Fixed erroneous unneeded ODBC access attempt
* Fix for login failing with 2FA
* Saving monitor templates with no changes will not actually save, and thus not trigger a propagation
* Script editor works better with tabs
* PA File Sight driver updated to do less work when Trusted Applications feature not in use
* Fix for custom monitor Subjects not getting used when monitor is on a Satellite
* Faster Console navigation for large installations
* Made more dialog windows resizable
* Satellite configuration database will sync more often (to prevent Satellite Down alerts during fail over)
* Fixed some errors where somethings get stuck if the computer's clock is set into the future
* Find dialog (Ctrl+F) allows searching for objects by settings and properties
* Fix for reports that broke when some selected data sources didn't have any data
* Reduced memory usage by the File & Directory Change Monitor
* Group column report differentiate disabled from maintenance with icon
* Better support for parallel database queries
* Regression fix for some reports not showing up because they were missing a dataset title
* Email failing to send will list the email address in the global status message
* Fixed an issue where MS SQL Server-based reports could end up being truncated
* Fix for a deadlock in the File Sight monitor seen by one customer
* Fix for Satellites not regenerating expired SSL/TLS certificate
* Fixed a problem that can happen when multiple File Sight monitors are watching overlapping folders
* File Sight monitor performance improvements
* MessageBox action uses message templates better
* System Alerts can use monitor-specific replacement variables if defined in the alert context
* Fix for the Satellite using too much CPU when the Central Server can't be reached
* Improved some logging
* Fix for $mon.GetCredentialsObj for the Execute Script monitor
* Fixed crash in START_MAINTENANCE in External API
* Added right-click on monitor to force it to an OK state (to reset Event Escalation)
* Pasting a template into a Power Templates folders will differentiate it from existing templates if needed
* SendMail commands in Execute Script will try Direct Send if there are no SMTP server credentials
* Added auto recovery for PA File Sight if the monitors get stuck trying to load the driver
* Regresssion fix for Excel save pattern interpretation
* Added more File Sight configuration hints
* Added a check box to the File Sight Ignored Users tab so machine$ accounts can be ignored
* Loading large File Sight ignore lists won't hang the Console
* Slight improvement to dark mode color
* Improved handling of the Global Monitors object
* GET_MONITOR_INFO supports MID parameter
* Applying host:port settings in the Satellite configuration app will take effect immediately
* Fix for exporting tables to CSV when quotes, commas or new lines are in a field
* Call URL action can add extra headers
* Fixed rare database deadlock caused by specific database errors
* Improved the Monitor Changed diff for the audit report
* Registry configurable CSV separator character
* Fixed report parameter reading when the Console and Central Server are using different languages
* Error shown if empty username is used in the Credential Manager
* Import-Module will work in Powershell Execute Script monitors and actions
* Additional (redundant) protections against Satellites using extra CPU if they can't connect to the Central Server
* Satellites will use Central Server's CPU limit if a specific one was not set
* Auto-Recovery step of restarting the service (Central Service or Satellite) if the max CPU target is surpassed for 5 minutes after throttling is applied
* Fixed some locking in PA File Sight's monitor specific stats
* More thorough cleanup of network connections on shutdown
* Fix for changing where actions run from being ignore if it is the only change

* Updated to putty.exe v0.81.0.0
* Better error handling when writing to the System Monitoring Audit log
* Web login page will break out of frames
* Fix for some charts that aren't generating because of a data type change
* Added System Audit Events for sending commands to Endpoints
* Fix for DACL/SACL change skipping a read/write notification that followed it (not common)
* Fix for another database lock situation
* Fix for 2FA not being reliably enabled
* Performance enhancements for servers with many monitors
* Improved Failover setup compatibility checking
* Added $DeviceMAC$ replacement variable for using the MAC address
* Fixed bug where MonitorStatusHistory was cleaning up in batches that were too large
* MAC address lookup will use ARP table if a direct ARP request fails

* Fix for LDAP directory traversal when selecting groups in Remote Access
* More database lock prevention
* Added /LOCK command line to the Central Service to lock the service from stopping
* Fix for a reporting error when selecting the Copy type of operation
* Fix for using configured database filename length value when transferring the database
* Fix a database table that is preventing some reports from Satellites being shown correctly
* Restored a database optimization
* The load of the database transformation is configurable
* Fixed a problem of template variable replacements (like $Details["$1", "$True"]$) where the replacement contained a $ character
* Improved chance of database table ID update working in Satellites without needing to call the Central Server
* Improved the selection links at the top of the Endpoints page showing connected (or not) Endpoints

* Fix potential problem of storing computer names seen from Satellites
* Restored the function of truncating long file names for the database
* Fix intermittent database locking problem
* Updated to OpenSSL 3.0.13
* Fix for reports on versions of SQL Server older than 2016

* MAJOR FILE SIGHT DATABASE FORMAT CHANGE - reports will continue to work the same
* Fix for regression bug in the Email action editor
* Server status report can show monitor notes
* Current Errors group report can show monitor notes
* New user right to control who can set monitor notes
* File Sight monitor's Ignored Users list can contain local and Active Directory groups
* Users and groups can be deleted from the Ignored Users list in the File Sight monitor
* Fixed name replacement when copy/pasting monitor to same server
* Fix for session cookies timing out when an HTTP connection is reused for a while
* Additional change to further prevent Client De-Sync (CSD) attack
* Updated File Sight Driver (non-executable memory buffers, performance boost, diagnostics)
* Can no longer preserve File Sight data from v3.3 and earlier (16 years old at this point)
* Added Execute right to the Trusted Application rules
* Preventing negative performance counter values
* Live View lets you enter multiple comma separated filters
* Give the ability to change the SSL certificate and private key filenames
* Slowly cleaning out obsolete programs from the File Sight database
* Better at finding the appropriate Endpoint if coming through a proxy, gateway or VPN
* Fix for ignoring I/O when a wild card is used in the Programs to Ignore list
* Added file counts to the User Read/Write Amounts report
* Fixed a few more places where the server status report could render twice
* File Sight reports work better when the data is stored at the Satellite
* Enabled HTTP server on IPv6 by default for new installations
* Added File Activity Level report
* Added Dynamic Rules List rule "Has Monitor of Status"
* Fixed drill down links in some reports
* Doing some automatic index rebuilding to improve report performance
* Dynamic Groups can have different server chart definitions
* Improvement showing what changed in monitor configuration XML
* Web interface can scroll the navigation tree correctly
* File Sight prevents database errors when Satellites share a MS SQL Server with a Central Server and/or other Satellites
* Improved CA renewal detection to make it easier to delete the CA folder
* Fixed embedded Chromium from needing to login again so frequently
* Automatically use LDAPS instead of LDAP whenever possible
* Extra checks to remove deleted monitors from the run queue
* Updated to SQLite 3.44
* Force a good session in the External API if one doesn't exist
* Fix for some property operator handling in non-English
* Showing expired certificate errors more prominently
* Failed HTTP requests that failed to an IPv6 address will try again with IPv4
* Fix for Console not remembering login servers when logged in as non-admin
* New separate, smaller, default size for Monitoring Status History database table
* File Sight Rename/Moves will be shown in a small/more easily read format
* Making error when compressing databases visible
* Fixed All-Systems-GO race condition
* Fix for External API CREATE_CHART that wasn't honoring width and height
* PALowPriorityHelper_Net4 runs in 64-bit
* Added system audit entries for monitors start/ending maintenance, and for System Alerts
* Cleaning the Statistics database table more often
* Minor performance improvement - more noticable in larger installations
* Updated to curl 8.6
* Improved Broadcast message tracking
* $act.CustomProp can request custom properties from a Satellite in the case of a Satellite Down message
* Fix string sent for monitorCustomMessage in Powershell Execute Script
* Fix missing monitorCustomMessage sent with Satellite Down Messages
* Satellites can correctly inherit Custom Properties from the top Servers/Devices node
* Startup wizard fixes

* Fixed a rare case where a monitor could be reported stuck when it is actually fine
* New External API filter in the HTTP Server Settings dialog
* Added license information to the [System Summary Reports] > System Statistics report
* Always using SHA256 with certificates, even on low sercurity setting
* Trusted Application list names are not translated to local languages
* Fix for regression bug in the Email action editor

* Setting to control the maximum number of propagation threads
* Using CIM APIs (WS-Man) before falling back to WMI for Inventory Collector
* Updated to amCharts 5.4.2
* Some chart performance improvements
* Fix for Satellite registration table database error
* Added support for more TLS 1.3 elliptic curve sets
* Monitors on Satellites won't lose their internal status after the a reconnect with the Central Server
* Trying WMI before WS-Man by default, but showing WS-Man error if both fail
* Improved client TLS 1.3 support
* Added check box in Auto Recovery dialog to disable the notification banner
* Quieting bogus errors in the log file from OpenSSL
* Exporting a report table includes field headers
* Performance improvement in the Trusted Application rules
* Better logging of errors coming from OpenSSL
* Better LDAP connection management
* Fixed a javascript quoting problem in the web interface
* Fixed error in web based report creator for a few data types
* Targeting .NET 4.8 for TLS 1.3 support (TLS 1.3 only available in Windows 11 and Server 2022)
* Updated embedded CEF (Chromium) browser
* Upgraded to OpenSSL 3.0.10
* Standardized SystemDetails_Log.txt location
* Improved File Sight database transfers
* Added ADMIN_ONLY_APPS list to Trusted Applications
* Trusted Application Rules can refer to any list, not just custom lists
* Added two new Trusted Application default rules
* Trusted Application rules and lists are automatically backed up once per day
* Can import and export monitor templates in the Console
* Added triggering rule to Trusted Application alerts
* File Sight will show non-existent computers in the report picker if data exists for the computer
* All Servers report can show monitor titles
* Fix for File Sight reports to show data for computers that are no longer monitored
* Added search and replace for Custom Property operations via Bulk Config
* Fixed a bug preventing the File Sight Endpoint driver from automatically installing on 32-bit Windows
* Endpoint logs can be requested via the Endpoint Operations page
* Better performing Console, especially for large installations
* Updated ODBC Driver for SQL Server from 17 to 18 in the installer
* Fixed potential race condition in Endpoint regarding ignoring PIDs
* Fixed ordering GUI for All Servers and Group Summary reports
* Overview report (column report) can show custom columns from monitor title filter
* Fixed charts not showing in PDFs

* Limiting how large a ErrorHistoryDB description string can grow to
* Fixing when Strong cipher settings are shown if the cipher list doesn't match
* Note on Delete menu option when monitor or action is locked
* Quieted some noisy alerts coming from the service when All-Systems-GO first can't be reached
* Fail Over Console will be able to show HTTP server settings
* Consoles connected to the Fail Over can show more reports
* Fix for some missing Inventory property values
* Made the PASystemDetails.exe NOT depends on the Windows CRT DLLs
* Fix for some File Sight reports involving the Type of Change field
* HTML Table and CSV reports will correctly remove the 'empty value' sentinel
* Fix for broken Satellites summary link in the web interface
* Fix for being able to view Satellites in web interface without having the View Satellite Status user right
* Added titles to Console nav button bar
* Added REQUESTOR_HAS_ENDPOINT, REQUEST_FROM_NETWORK and REQUEST_IPADDRESS to Trusted Application rules * Fixed duplicate fields in some Configuration Audit reports
* Satellites report all IP addresses
* Improved Credential Manager usability
* OpenSSL initialized with prime256v1 curve group
* Added the Satellite Configuration Summary report
* Allow access to the HTTP Settings and Database Settings dialogs from the Fail Over Slave
* Stop syncing the HTTP server port from Central Server to Fail Over Server
* Ability to disable a server that is maintenance mode in the Console
* Fixed problem with Satellites not knowing about other Satellites
* Added REQUEST_HOST statement
* Fix for repeating text in Recent Alerts
* Fixed tooltip links in dark mode
* Added tooltips to see all errors on the All Servers report

* Templates can be marked so the derived monitors automatically disconnect from the template after propagation
* Added ability in Auto-Recovery options to enable or disable auto restart for SQLSetConnectAttr problems
* Monitors and actions can be locked and unlocked
* The Configuration Audit report can show which monitors and actions are locked
* Protection against memory leaks caused by report template problems
* Updated the File Sight driver to enable faster responses in some cases
* Fixed multiple login that happens during a web login
* Fix for crash in HTTPS server from unusual request
* Additional diagnostics and logging
* File Sight database records recorded with a more accurate time
* Fixed some web interface display issues
* Using per-product web session IDs
* SSL/TLS certificates (including CA) will be recreated if the MD hash is SHA1
* Fix for the Endpoints causing a crash when regenerated in the background (not the default setting)
* Web interface fixes for selecting items
* Fixed bug where full reset to Satellite didn't reset the configuration database
* Fix for web based report Generate button when custom logos are used
* Fix for crash caused by asynchronous request to Satellite
* Fix for some corrupted text in certain scenarios
* File Sight driver uses less stack space

* Added additional details to the output of the GET_MONITOR_INFO External API call
* Cleaned up and standardized the message template implementation
* New report parameters to report on files copied to USB or local cloud folders
* "Strong" cipher setting is using an update list of allowed encryption ciphers for SSL/TLS
* Automatically try curl when on 2012R2 or order when ERROR_WINHTTP_SECURE_FAILURE (12175) errors happen
* Limit can't run or error alerts to once every 2 minutes per monitor
* Performance increase throughout the product
* Current Errors report will show monitors where the Satellite is disconnected
* Satellites will dynamically scale up callback threads as needed
* Fix so same ErrorID (AlertID) is used for error and fix events in more cases
* Fix for template propagation timing out at Satellites
* Added Green and Grey status icons for monitors, servers and groups
* Ability to show the Startup Wizard again from the Configuration menu
* Performance gains in running the Trusted Application rules
* Fixed some parsing/displaying of expression strings with double backslashes
* Endpoints report can show Endpoints that aren't currently connected from a history database
* Added more troubleshooting hints to common errors
* New navigation bar in the Console
* Reduced load Endpoints will make on the Central Server/Satellite
* Fixed some HTML problems
* Changed dark mode icons
* Fixed Console resource leak
* Installer checks to ensure Satellites can't be installed on Central Servers, and vice versa
* Fix for Recent Alerts not showing up in emailed server status reports
* Improved default sorting in reports

* Fix for reports that contain $ which was showing an error
* Right clicking a monitor in the All Monitors trees can take you to the owning computer
* Passing Powershell the default credentials the same as we do with WMI requests
* Preventing report render "bouncing" in the Console
* Restarting the service once per day if too many SQLSetConnectAttr errors are seen
* Fix for File Sight-ReadCheck database schema version setting
* Fixed some date parsing in some non-English languages such as Japanese and Chinese
* Satellite down computers/monitors are correctly shown red/yellow according to the setting
* Boosted All-Systems-GO monitor priority so it doesn't run late
* Trusted Application Rules can individually alert and/or record to the database
* Trusted Application Rules can optionally alert when access is granted
* New Trusted Application statements involving copy detection
* Dynamic groups can have their own server reports settings
* Improved the status pop-up for monitors at the top of group reports
* All Servers Report indicates if there are more monitors in alert state
* CSS cleanup
* Enabling Servers/Devices in Bulk Config lets you indicates whether monitors should be enabled or disabled
* New "IPv4 Address Range" rule for Dynamic Server Lists
* Fix for first item missing in some datasets in the web report interface
* Alerting user to expired SSL cert on login attempt
* Fixed error when saving report PDF to archive location
* Added Box.com cloud folder detection
* Added [System Summary Reports] > Monitor Uptime report type
* Optional status colors on Console nav icons
* More advanced database connection string parsing
* Switching back to non-stubbed PALowPriorityHelper_net4.exe
* Small optimizations for Console navigation tree status updates for large installations
* Console can show Dynamic Server List <> Dynamic Group linkage
* Fix for crash in Pager Duty action
* Web interface works better if report protection is turned off
* Fixes to the Error History report
* DB_LIMIT errors will show which value needs to be increased
* Protection against Client-Side Desync attack in HTTPS server
* Moved to OpenSSL 3.0.8
* Regenerating certificates to ensure SHA256 message digest
* Setting Syslog sender to use RFC 5424 format by default
* Better error when when Lock (log file lock) can't be locked
* Better handling for some non-ASCII column label images
* Moved to the richer PagerDuty v2 API
* Show message template type (alert, satellite, report, etc)
* If OpenSSL reports MD is too weak, regenerate certs as needed

* Added new Wait action (useful for Action Lists and Scheduled Actions)
* Fixed some bugs in the Configuration Audit report
* Passing service Run-As credentials in WMI request if no other credentials are being used
* Fixed high memory usage that can occur in an Endpoint when the Central Server is down

* Dark mode
* New web interface
* Trusted Applications (application white listing, file access control)
* When Network Scanner copies computer configuration, it will also copy credentials
* Fix for Console sorting issue
* Better report template error handling
* Exception logging in PALowPriorityHelper_Net4
* Fixed XML unescaping
* Fix for escaping strings sent to Helper for Powershell scripts
* Restored PALowPriorityHelper_Net4 to a 64-bit process
* Introduced $CustomProp_Raw(x)$ custom property which does not do any character escaping
* Applying computer config (from a Bulk Config copy operation, or a Network Scanner monitor) can copy credentials even when they are remote
* Fix for PALowPriorityHelper_Net4 having wrong version in some build scenarios
* Updated amCharts5 version
* Can now Resume paused Trusted Application Checking in Endpoints
* Can ignore small Explorer reads to cut down on noisy alerts
* Web interface handles limited-rights users better
* Fix for Endpoints not showing up as connecting to a Satellite
* When updating Satellites and Endpoints, the Satellites will update the Endpoints after they update themselves
* Fix to startup wizard
* Added a message template to the Syslog Sender action
* Reflecting device's Satellite-disconnected state out to Consoles better
* Discovery end IP address is now inclusive
* Fixed passwords getting lost when configurations are imported
* Fixed credentials not getting propagated when the Network Discovery monitor finds new devices
* Fixed report parsing bug when language is set to French
* Failed emails don't send System Alerts so soon
* Reduced CPU usage
* Setting failed mail sending global status after 3 failures
* Improved cases where PDF renderer works

* Added OAuth support to the Email Action and Error Acknowledgement
* Added an Auto Recovery feature to automatically rename corrupted database files. See Settings > Auto Recovery
* Added support for $TunneledHostPort(remote_port)$ to Console_Operations.ini
* On a failed audit alert in PAFS, log the attached drives, and force a mount recheck
* Status updates from multiple Satellites won't cause repeating alerts to fire
* Added IP address to the "Sent From" field in alerts
* New File Sight driver
* When an Action can't run, the source monitor will be shown when possible
* Fix for rare case where reports that get stuck looping while generating
* Fix for the HTTPS client accepting an expired certificate
* New automatic system check for the internally used SSL certificate's expiration and warn if getting close
* Fixed rare deadlock in heavily loaded system
* Protection for Action Lists to not fire non-notification actions in System Alerts
* Added 'First day of current month' time selector for reports
* More efficient sending of large emails
* Monitors don't lose their Last Run time on a Satellite after a restart
* Added ALIAS option to the ADD_SERVER External API
* Inventory Collector collects serial numbers/service tags from more devices for your local database
* Fixed case were username look up via WMI failed
* Additional internal security checks
* Fix for a string comparison bug
* Cleaning up extra tabs in critical fields during an import/read
* Updated to zlib 1.2.12
* Updated to curl/libcurl 7.82.0_2 (because of zlib)
* Using UTC time for maintenance end times so time zones are not an issue
* Added optional file path filter to User Read/Write Amounts and User Changes reports
* Updated 7za (7-Zip) to 21.7.0
* Simplied SSL certificate names in CA folder
* PDF renderer will wait longer for retries
* Prevent HTTP request storms to/from Satellites
* Fix for some template changes not getting propagated
* Greatly improved efficiency of device mapping and finding
* Fix for custom chart editor sorting
* Improved automatic language translation process
* Added registry-based extra Play Sound methods
* Fixed promoting a monitor to a template when the monitor is selected in a different category
* Use a shorter timeout for remote requests on the UI thread in the Console to keep it more responsive
* Local IP address shown in reports, etc can be changed by index number into list of local addresses
* Updated to OpenSSL 1.1.1o
* Better job figuring out system PID
* Updated to latest PAExec
* Updated .config files to reference .NET 4.8 and 4.8.1
* Better XML diff in audit messages

* Added more diagnostic logging
* Fix for slow right-click on Devices nodes in the Console
* New self-signed certificates default to being sha256 signed instead of sha1
* Checking DLL signatures when loading
* Added new Monitors: Replace Actions Bulk Config command
* Fix for File Sight alerting on ignored files in some cases
* Added /AUTO_LOGIN Console command line option
* Configuration Audit report will be written to unique directory so it doesn't overwrite other similar reports
* Fix for very rare crash in the Console
* Handling File Sight monitors overlapping with different Interpret Application Behavior settings
* Fix for some non-English date parsing
* Added new Monitor Statuses custom group report part
* Fix for crash during configuration restore from disk
* Added auditing entries for moving computers to different groups, and running Bulk Config
* Console updates status icons in navigation panel better
* Updated to OpenSSL 1.1.1l
* Updated to libcurl 7.78.0
* Updated to libssh2 1.10.0
* System Details WMI calls will use packet level authentication
* Added Regular Expression support to Dynamic Server List and Inventory Alerter monitors
* New hourly System Audit event that the service/Satellite is running
* Logging a host ping if the database connection is reconnected
* Dynamic Groups with missing base Dynamic Server List monitor will be deleted
* System Alerts use a message template that can be modified
* File Sight will show a warning at the top of the server report if no File Sight monitors are created
* Fix for errorneous "monitor stuck" alerts
* File Sight won't keep alerting multiple times when different users are blocked on different Satellites
* Fixed a bug so there is better email alert throughput under load
* Added Groups: Delete Groups to Bulk Config
* PA File Sight will attach to the driver in a more robust manner
* Setting process wide COM/DCOM security to RPC_C_AUTHN_LEVEL_PKT_PRIVACY
* Some optimizations around checking file types
* Console remembers navigation panel width between restarts
* Added Italian translation files
* Fix for configuration import problem
* Handle canceling out of the startup wizard better
* Added mouse scroll wheel support to some grids in the Console
* Updated to NAudio 1.8 with new API to play sounds more quickly

* New default self-signed certificates will use sha256 instead of sha1 for signature
* Fix for slow right-click on Devices nodes in the Console
* Added better error reporting to the Upgrade to 64-bit helper application

* Upgraded to amCharts4
* Fix for crash when viewing report index page
* Clicking the Parent Group button will refresh the parent report
* Configurable cache minutes for Server Status Report
* Pasting monitor will no longer try to customize them but will paste as-is
* File access by NT AUTHORITY/SYSTEM will show IP address 127.0.0.1
* Fix to File Sight Endpoint to for some patterns of I/O
* Less CPU usage in large installations
* File Sight will show local OS file access as coming from 127.0.0.1
* Servers coming out of Maintenance will be able to regardless of whether the Satellite is connected or not
* Fix for occasional problem in the Console when moving computers would show a double shadow computer
* Reduced CPU usage for large installations
* Variables html page written out in UTF-8 to handle non-ASCII characters
* Configuration to hide empty datasets when running a report on multiple datasets
* Speed increase for Console startup and in the Service and Satellite
* Rebuild with new code signing scheme
* Fix for START_MAINTENANCE and END_MAINTENANCE with GID of 0
* Better support for downloading CSV files from reports
* Fix for server charts showing wrong date
* Fix for rare Console synchronization bug
* Charts render asynchronously so the browser responds quicker
* Satellites and Endpoints have a better back-off when failing to connect
* Performance boost (less CPU usage)
* Additional XSS protection added (credit to Ryan Jones)
* Added CSV export icon to tables in most reports
* Report CSV files that are empty will have _no_data appended to the filename
* New user right for View Satellite status
* Starting and ending Immediate Maintenance handled asynchronously
* Enhancement to speed up chart rendering
* Significantly faster internal HTTPS server
* Fix for MONITOR_ENABLE External API call
* Entering and leaving maintenance will only fire the associated System Alert, not the "changes might affect monitoring" alert
* Added FORCE to Smart Config to force duplicates if specified
* HTTPS client reading much larger chunks to speed up Console sync
* Fix for some garbled PDF attachment filenames for non-latin character sets
* Updated File Sight Driver to fix a crash exposed by Windows Sandbox
* Run Now commands are handled asynchronously
* Added QFE Last Installed Date inventory field
* Fix for Inventory Report date parsing
* Can set Use Curl via Bulk Config for Satellites
* TLS 1.3 support added to the user interface
* Better dynamic TLS support for the Helper application based on installed .NET version
* Fix for charts that cover the daylight savings shift
* Performance improvements
* SystemDetails module of Inventory Collector uses correct domain with credentials
* Added Device IP/Hostname, Device Alias Only and Device Aliased Name inventory fields
* Set a maximum size of email message digests
* Performance improvements
* Added Source ID and ExternalRef columns to the Error Audit report and database
* Fixed the enabling and disabling of Automatic Configuration in the Console
* More efficient dedection of neighbor Satellites
* Performance improvements
* More reliable Satellite and Fail Over updates
* Creating SNAP Tunnels has additional security checks
* Failed login recording with automatic and configurable lockout
* New Bulk Config operation to securely copy device credentials from one Satellite to another
* Prevent overlapping template propagations
* Selecting device in a Dynamic Group won't cause the selection to jump to the 'home' group of the device
* Account locked messages show calling application type
* Changes to template propagation to increase robustness
* Fix for a few template propagations that would happen repeatedly

* Fix for regression bug where Inventory Collectors on Satellites stopped reporting
* Fix for processes not showing up in Ignored list from Satellites (thanks Brendan!)
* Ability to change report email subjects to just the report title
* File Copy threshold alerts will show destination files
* Can specify independent Up and Down actions for Satellites

* Fixed rare problem where older state could show up in monitor status
* Added RENAME_USER_ACCESS command line to rename user access settings
* Fixed Bulk Config's Monitors: Delete Monitors to work on template-derived monitors
* Fixed some problems with database transfers
* Fixed race condition during template propagation where some monitors might get lost
* When a monitor comes out of Satellite Disconnected it will show its previous status
* Improvement to help prevent the internal HTTP server from getting behind
* Fix for UI glitch when chosing field values for reports
* Change for Endpoint status communication to Satellites so their clocks don't have to be synchronized as closely
* Internal changes to reduce CPU usage
* Changes to reduce CPU usage in large installations
* More shutdown logging
* GET_SERVER_PROP API function supports multiple property look ups per request
* Emailed report PDFs will use the report title for the PDF file name
* Better check for customer SSL/TLS certificates before regenerating
* Fixed case sensitive check in Include/Ignore extension check in PA File Sight monitor
* Not recording some temporary files that the File Sight Endpoint might see so it doesn't falsely consider some reads as copies
* More accurate file copy filtering in the Endpoint
* Performance improvement in File Sight monitor
* Fixed bug where directories not alerted on when two monitors watch the same folder
* Execute Script won't alert based on FireActions if $mon.ReportResults has already been called
* Larger file extension lists can be pasted into File Sight
* Rebuilt a library with (little used) SIMD extensions removed for broader CPU support
* Fix for missing Create (Read/Write) when a SACL/DACL change happens on the same file
* Added Group Name to Custom Group Report email subjects
* Better LDAP error when credentials are wrong
* Protect Console against a rare crash
* Added $mon.ComputerAlias for the Execute Script monitor
* Added operators % ^ & | to the expression evaluator
* Added support for multi-Item escalation in Execute Script monitors
* The Blocked User List shows by whom/how a user account was added
* Fix for Interpret Application Behavior for files with Alternate Data Streams
* When exporting computer config as a template, monitors are disconnected from templates as needed
* When importing computer config from a file, do not 'fit' monitors - import as-is
* Fix for group reports not showing internationalized titles
* Fix for File Sight not alerting on some directory reads
* Registry setting for optionally forcing HTTP connections to not get reused
* Registry setting so Run Now can optionally NOT override monitor period and dependencies
* Fix for Executive Summary report section titles
* Fix for report with Read setting

* Better HTTP filtering of requests that come from localhost * Better startup experience for first install * Bulk Config's Set Credentials works with using existing credentials * Registry configurable option to combine CSV report files * Added 'By Satellite' to Bulk Config's server selector * Scheduled Report 'contains' fields are restored properly * Fixed Dynamic Server List "Monitor Title" 'does not contain' operator * Added ENABLE_MONITOR external API function * Acknowledging errors can temporarily suppress alerts (see monitor's Advanced Options > Alert Suppression) * New report CSS * Change so the Endpoint can appropriately block or allow Bitlocker encrypted drives * Updated Content-Security-Policy so IFRAMEs can load poweradmin.com help pages * Upgraded to the latest PDF renderer * Added Bulk Config operation Computers: Notes to set or clear notes on multiple devices at once * Polished some start up wizard interaction * Fix for Two Factor Authentication when using Active Directory for logins * File Sight Custom Data Set report type allows filtering on the end-user's process name

* Internal Python initialized in a safer way * Added LOOKUP_CID and SERVER_ENABLE to the External API * Diagnostics for the File Sight Endpoint * Updated from OpenSSL 1.1.1c to 1.1.1d

* Minor UI update. See the View menu to change back * Fix for Satellites use of the Add to Block List action * Satellites can block users more quickly * Fix for rare crash * File Sight will fire actions after 50 reportable I/O actions have been accumulated * Fixed the PDF button when used within the Console * Decreased short term memory use, and a small performance increase * Fix for form-post escaping * Dynamic Server List rule for Server/Device names accepts wildcards * Error History OK Time field will be filled in even if unacknowledged alerts * Fix for User Access interface when rights not automatically granted to new users * Fix for File Sight Endpoint copy detection * Change to DriveSight and the Endpoint to better eject USB drives, necessitated by a change in Windows 10 * Quicker drive ejection in the Endpoint * New Alerts menu to Broadcast text to user alert actions * Default Message Templates will use the correct default language setting after it changes * File Sight Endpoint will monitor for block USB or CD/DVDs every second * Uninstaller will unregister from All-Systems-GO as needed * Failed action notifications won't cycle and alert via the same failed action, causing a crash * Improved computer name mapping, better local computer detection * More helpful diagnostic message when a report fails to run * Fix for Set Maintenance Schedule user right * CSS change to prevent wrapping in the report index tree * Added GET_NOTES and SET_NOTES to External API * Protection against bad response from DNS server

* Better, Faster, Stronger - many improvements in monitor performance, template propagation, etc * 64-bit, which means almost no memory limitations. * All-Systems-GO monitor to be assured your monitoring system is up and running * IPv6 support * More Bulk Config operations * Group notes (similar to Server Notes) * New User Rights for more control * Fix for not being able to add users to the Block User List * Better check for existing child groups or contained devices before deleting a group * Fix for Copy field in Custom Data Set reports * File Sight change to better handle concurrent Interpret Application Behavior checks * Changed cipher list ordering for Weak cipher list so Windows 2003 can still connect * Improved accuracy of Interpret Application Behavior * Address Resolver handles ISATAP IPv6 addresses * Two Factor Authentication can be enabled on a per-user basis at Settings > Remote Access > Filter User Access * Can use a remote login to the local Central Monitoring Service to get a full Local Console if: local Admin, admin rights in app, rights to top Servers/Devices group * Can disable the local credential-less login * Reordered some lines in the HTTP/S server to potentially reduce locking * Increased performance of DNS resolver

* WMI (Inventory Collector), PDF, and charts use the .NET 4 Helper * Handle double-width charts in Executive Summary/Custom Group reports * Defaulting to requiring a login to view web reports * New User Right for setting maintenance schedules * Fix for row variables in Execute Script actions * Fix for crash when setting up Fail Over

* Monitors that cannot run will fire System Alerts at most once every 15 minutes (instead of on every run) * Added SNAP Tunnel audit events * Advanced Deduplication will block all actions on a duplicate as documented, not just notifications * Added some database caching for frequent requests to increase performance * Fix for Calculated Status monitor for rapidly running monitors * Optimizations to better handle large user lists in the File Sight monitor * Fixed Monitor Change auditing event * Fix for Satellite Up/Down messages that were missing the Satellite name * File Sight service/Satellite will use fewer driver buffers * Added new All Actions Access permission * Email send throttling can be controlled via registry setting * View System Activity shows template propagation * Fix for template dependencies not propagating properly * Enforce OpenSSL server cipher order * Template propagation speed improvement when Satellites are involved * Group-level Notes that can be added to Group reports (similar to Server Notes) * Added $DeviceNameOrAliasOnly$ replacement variable * Fix for Smart Config that wasn't adding actions when using a template as the base monitor * Fixed device property "Date Added for Monitoring" from getting reset * Better performance in heavy monitoring situations * Fixed memory leak in File Sight reports * File Sight will report triggering changes more quickly * Reports can be run that are not limited by memory size * Fix for dependencies on templates * Fix for rare crash in SNAP Tunnels * Increased reporting speed in some cases * Updated expiring SHA1 code signing certificate * Upgraded to IPWorks 16 * Handle very large emails more efficiently * Using different heap memory management settings * First template propagation will wait until the Central Service has been running for two mintues * Ignored File specifications in File Sight are back to being case insensitive * More efficient log file writer (easily handles 10X the logging) * Added Bulk Config to enable/disable monitoring of Servers/Devices * Bulk Config can be used to disable the internal HTTPS service within the Satellite (will break Inventory Collector) * New Bulk Config operation - Computers: Allow/Prevent Template Propagation * Quieted DB_LIMIT false-positive alerts * Fix for rare configuration synchronization failure * Disabled servers leaving maintenance mode won't become enabled * Prevent Bulk Config from misconfiguring a template with the Monitors: Set Monitor Parameters operation * Much faster processing of GetNextID for large installations (used in template propagation) * Added the ability to block some accounts (external customers for example) from seeing Recent Alerts on servers and Current Errors in groups * Can start and end Immediate Maintenance on servers in Dynamic Groups * Bulk Config's Monitors: Set Monitor Parameters works with the Active Directory Login Monitor filters * Fix for regression crash in SNAP Tunnels * Fixed View Template button at the top tempate bar in the Console * Added Show Monitoring Coverage on Group reports user right * Retry on failure to get VMWare ESX information * Fix to the Startup Wizard * Fixed the "Show devices that do not contain specified monitors" parameter for the Configuration Audit report * Removed source of some Audit Failure login events in target servers' Security Event Logs * Small reduction in memory usage for large installations * Tool tips for most fields that are too long to display * Caching domain lists * Startup Wizard fixes * The Central Service and Fail Over Service will wait longer for Satellites to reconnect after just starting up * Central Service will sync a fresher copy of the Satellite status database to the Fail Over Service * Added missing index for File Sight table that will speed up database cleanup * Set Server Maintenance action shows server names with groups * Monitors in Can't Run state (or Internal Error) will NOT move through Event Escalation steps, but instead reset escalation to the beginning. * Email Message Digest age is registry configurable (defaults to 1 minute) * Less memory usage when sending large host name lists to the central server * Tighter syncing between the Console and Central Service * Fix for ability to disable Drag and Drop in the Console * Fix for very rare memory corruption bug that can happen during log rotation * Added time stamps to Satellite up/down and also System alerts * Optimized internal locking to give better concurrency * File Sight can output and report on the "Read Entire File" field in reports * Ability to message digest all emails, including the first one in a while * Change that should prevent the CompNameCache database from growing so much * Performance increase in the File Sight monitor * Fix for Day Light Savings transition date calculations * Fix for Interpret Application Behavior feature in the File Sight monitor * Fix for rare race condition in Cache Manager that caused configuation updates to get lost * Enhancement that reduces CPU usage on heavliy loaded systems * Better SNAP Tunnel performance (RDP to Satellite for example) * Fixed false positive FILESIGHT_AUDIT_TEST_FILE test alerts * File Sight sends the ignored process list to the driver more reliably * Increased report refresh reliability * Added ability to have group reports refer to child group reports * Fix for incompatibility with Windows Update * Optimizations for increased performance * Configuration checker indicates which settings need to change on a monitor to match its purpose * Test File Name button to check against included or excluded file extensions * Reason shown if a user can't be added to the Blocked List (such as it being a core OS account, etc) * ChangeMonitorStatus from Execute Script monitors and actions can correctly update the running monitor's status * Change to report page refresh functionality if an HTTP error happens * Change to report page refresh functionality if an HTTP error happens * Fixes for duplicate columns in the Group Overview report (column report) * New Bulk Config to cleanup unknown Actions * New Credential Manager * Fix for generating PDF of Custom Reports that might be for a different report * Fixed a small memory leak * Outgoing alert emails will be processed in parallel more for greater throughput if needed * Restored the missing Hourly Error Count chart * Write to Log File action has a configurable output template * Fix for possible crash in Execute Script monitor * Protection against crash in PAPDH * Fix for Welcome Dialog with newer versions of IE * A little better tracking of who creates computers when done via Network Scanner * Remote Console failure to write to its log file will not broadcast a System Alert * Master server won't do a Fail Over file sync for first 10 minutes of the service starting up * Don't alert on monitors missing actions if the monitor (or server) is disabled * Updated OpenSSL to 1.1.1c * Satellite disconnected status shown on devices and monitors with a striped background * Explicit SSL/TLS version selection in the HTTP Settings dialog * Better Live View (with simple filtering) * Explicit SSL/TLS version selection in the HTTP Settings dialog * Better Live View (with simple filtering) * Resolve IP addresses in Active Directory Login Monitor for more meaningful alerts * Fixed rare crash in IPv6 address resolver * More robust Endpoint upgrade batch file * Logging will recover from network errors better * Upgraded to AmCharts 3.21.15 from 3.20.4 * Better chart resizing * Fix for regression bug for cases where a folder is watched by multiple monitors * Fixed ignore test in File Sight configuration * Added audit change events for Servers/Devices and Actions * Updated to SQLite 3.29.0 * Better database cleanup routine for Active Directory Login monitor * Top-level Monitor Templates won't propagate into the *Automatic Configuration groups * Upgraded to InnoSetup 6 * Interpret Application Behavior works better with newer versions of MS Office

* Newly pasted servers will be disabled to give a chance to make any changes before enabling for monitoring * Added explicit locale to javascript date/time rendering * Object selection user interface with very large lists (thousands) loads much quicker * Fix for Bulk Config not filtering on monitor templates correctly in all cases * Automatically use IE embedded browser if older than Windows 7 (Chromium browser won't work) * Don't clear actions when coming out of Can't Run if also now in Alert state * Fixed hot-links to help pages * Additional logging added * Large report warning/redirect page will not be used when generating PDFs * More diagnostics when Satellites can't connect * External diagnostic ping done on a failed connection to the Central Service * Increased File Sight driver MaxRecords default to 150000 * Fix crash that can happen when doing HTTPS logging * Satellite has 'FTP Logs to Support' button * Fixed some non-English date parsing for report periods * Calling StoreValue in scripts won't trigger a Monitor Changed audit event * Newly added Custom Properties will show up in the Alert Reminders editor * Updated SQL ODBC driver client to version 17.2 * Fixed archived log files getting deleted too soon * Cleaned up monitor changes in the audit report * Fix for users with low rights being able to register their mobile phone for alerts * Find dialog can now also find monitors, actions and groups * New Bulk Config operation to force re-propagation of all templates * Scheduled Reports and Ad Hoc reports can be grouped into folders via the new Report Group tab * Extra logging around the Fail Over Slave status * Data from Endpoints recorded to the database in more cases * Unstable OS time alerted on (affects monitoring) * Better control of memory usage when communicating with Endpoints * Endpoint reports more concise list of files written to on a copy * Endpoint will show local IPv6 addresses * Syslog action can send alerts in a single line of text for easier 3rd party integration * Pasting a monitor will put it in a 5-minute maintenance mode. This behavior can be changed in Advanced Services > Advanced Settings "PastedMonitorMaintMin" * Right-clicking a monitor in the Console will show the monitor's status information line (with truncation if needed) * Fail Over Slave will do less when it is not active * Driver update to detect full file reading more accurately * Give long file operations more time before alerting * More efficient use of driver buffers * Large configurations are sent in batches to the Console if needed * Similar to maintenance mode, monitors will ignore activity that happened while they were disabled * New Monitoring Coverage report which can output data to CSV, etc * Console loads much quicker * Email server connections are disconnected after a failure so subsequent connection can succeed * Better Satellite backoff when many are trying to connect at once * Satellites make initial connection quicker * No database errors if the same file is ignored twice in the same File Sight monitor * Fix for File Sight reporting file writes as Permission Changed * More diagnostics in the Satellite configuration app * More diagnostics when configuring the Fail Over * Support for using curl when the Windows TLS support is too old to connect * Faster Console response * Listing all .NET 4 versions that are supported in the .config files * Fix for Fail Over Slave not receiving all configuration data * Improved responsiveness in the File Sight Endpoint * Better Console performance for limited rights users * Added IPv4 and IPv6 Inventory fields * File Sight service reacts to file activities quicker * Protection against Action List loops * Fixed issue with Inventory data getting deleted * Quieted some nuisance alerts from the Fail Over * Added $Satellite_Name$ replacement variable * Able to use Endpoint Operations to set Endpoint host:port pairs - will verify it can reach an active Central/Satellite * File Sight will write and then delete FILESIGHT_AUDIT_TEST_FILE.TXT in a monitored folder every 10 minutes to monitor proper functioning * CSV file output is a little easier to read * Fix rare crash/memory corruption caused by multi-threaded reports * Fix for missing report PDF in email when email report images are disabled * Better Satellite configuration message when a Satellite is connected to an inactive Fail Over * Filename field of PA File Sight's Custom Data Set report can take a comma delimited list, and ! specifier to filter out files * Configuration syncing to a Fail Over works better with very large installations * Limited access users will see the group reports defined at the top Servers/Devices level * Alert if a ineligible (non-local) drive is configured for monitoring * Satellites are automatically accepted by default

Windows 7/2008 R2 or newer is required for the Console to use the embedded Chromium browser. Otherwise IE with some limitations will have to be used. * Able to clear credentials in the Changed Stored Passwords dialog by entering a blank password * Auto report forwarding in groups now works with the Executive Summary report * Improved credential caching for remote cases * Execute Script actions run faster and more can run at once * Execute Script and Call URL actions can be configured to run wherever the calling monitor ran * Thread Pool will alert if it is falling far behind * Updated 7za to version 18.05 because of CVE-2018-10115 * File I/O events won't be marked as failed after a failed Get End of File request * Added $AlertType$ replacement variable * Added $AlertID$ and $AlertType$ columns to the Write to Log File * Added warning to installer about Windows 7/2008 R2 requirement for embedded Chromium browser * Fix for regression bug in ADD_SERVER external API function * Fix for very rare crash when backing up the Configuration database for a Fail Over Slave * File Sight and the Endpoint attempt to detect copies through RDP sessions * File Sight/Endpoint report Probable Copy Yes or Yes[2] in alerts and reports * Fix for remote access filter user interface involving groups that get moved * Ability to copy and paste devices * Better reconnection attempts for Satellites that are disconnected * Alert Reminders can use Custom Properties

Windows 7/2008 R2 or newer is required for the Console to use the embedded Chromium browser. Otherwise IE with some limitations will have to be used. * System Alerts that are fired for servers entering and leaving maintenance will use a Maintenance status instead of Alert status * Possible to use the Fail Over without a shared database, though data monitored during Fail Over will NOT be available to reports * New flat icons and buttons to modernize the look of the Console a bit * File Sight Endpoint will filter out local writes that happen before server reads when reporting back * Fixed a rare deadlock * Monitors coming out of server maintenance will revert to their previous status instead of going to Scheduled * Drive Sight monitor supports comments via # after the ID * Drive Sight functionality (CD/USB drive blocking) supported in the PAFS Endpoints * Fix for Drive Sight monitor exceptions * New support for USB\external drive blocking in the File Sight Endpoint * Fix for rare crash while checking Endpoint alert conditions * Activity Chart shown in navigation column when the button bar is hidden * Syslog Sender action can send alert description and/or row variables * Added -LOCK command line parameter to the PAFS Endpoint * Changes to speed up Snap Tunnels, for better RDP tunneling experience * Bulk Config's Computers: Set Automated Maintenance Schedule can clear all maintenance schedules if specified * Fix for servers on Satellites that would come out of maintenance when the central service was restarted * Extra ENDPFLOW logging for tracking Endpoint connection/routing problems * Fix for reports on Copy operations * Fix for alert message in Drive Sight monitor * Setting to allow File Sight Satellites to see all Endpoints, when remote networks use unique IP address ranges * Added SET_GROUP_PROP and GET_GROUP_PROP to the External API * Added "Last" {day} of month to scheduled items (monitor, reports, maintenance, etc) * Improved initial database connection error reporting * Fixes for some errors in the language translation files * Upgraded to CEF (Chromium) 3.3325.1756 * Monitors are automatically enabled (if needed) when promoted to a template * Removed duplicate custom logo when report shown within frame of outer page when using Web interface * Faster group reports in large installations * Fix for charts not showing up in PDFs generated from the web report * Returning newly created ID for External APIs ADD_MONITOR, ADD_GROUP and optionally for ADD_SERVER * Removed 3DES ciphers from High security setting

* File Sight monitor works better with Bulk Config's Set Monitor Parameters operation * File Sight Endpoint Operations page - lock/unlock and upgrade individual/groups of Endpoints * File Sight Endpoint will no longer respond to -LOCK and -UNLOCK command line parameters (see above) * File Sight Endpoint reports added to the web interface * Fix for File Sight report bug * New Remove from Blocked List page in the Console and web interface, requires a new Right via User Access > Filter User Access * Fix for database error * New HTMLEmail_NoDataFiles setting to not attach CSV files to reports * Fix for better detecting connected Endpoints when they are connected to a different Satellite * Endpoints can connect even if there are no File Sight monitors running * Fix for saved CSV and PDF filenames (@@@ was getting appended) * Log ping result if an HTTP/S connection fails * Updated to OpenSSL 1.0.2n * Fix for FS Endpoint crash * File Sight's User Activities and Copy Detection settings no longer require settings on the File Activities tab * Detailed monitor activity chart can show data from the Satellites * Ensure sent emails go to the Audit Log, regardless of the (separate) Perm Log setting * Better manageability and stability of the File Sight Endpoints * Connection string editor/parser won't remove unrecognized fields * Performance monitor will attempt to translate counter into local languages during template propagation * Fix for Active Directory Login database writer that would write multiple copies to the Overflow database when erroring * Changes to help the StatIDs stay synced between the Central Service and Satellites * Detailed logging added to the Endpoint * Fix for extra data from Endpoints not showing up in reports (be sure to update Satellites) * Satellites dynamically throttle how quickly data is sent to the Central Service based on load * Enhanced Endpoint Operations filtering * The Syslog Action can use replacement variables and custom monitor messages * Diagnostic access checks are performed when the Service/Satellite starts to report to the user if there are problems with their configuration * Dynamic Server Lists will trigger template propagation on server removes too * File Sight Endpoint files will always be in C:\Windows\Temp\~PAFSEndp if access to that folder is available * New Endpoint alerts for detecting when Endpoints aren't reporting in * Added more Endpoint Operations filters * Improved Endpoint communications * User File Activities alerts are triggered sooner when Endpoints are in use * Added $Notes$ replacement variable for us in actions, email templates, etc * Protection against very large HTTP to HTTPS URL overflow * Fixed memory leak * Instructional message boxes added to the Block User action * File Sight monitors run more often to more quickly respond to ransomware * Fixed small memory leak * Users with limited rights will only see Actions that are attached to Monitors that they can see * Fix for Restart Satellite command in the Console which would restart the Satellite service more than once * Added several HTTP/S security headers * Fix for sending emails when graphics, PDFs and attachments have all been disabled

* The Blocked Users List will block access to all files on all drives for all servers monitored by PA File Sight. * The File Sight Endpoint keeps track of where server files go on the client computer. With this information, it can detect file copy operations * System Audit Report lets you easily run a report and see what email alerts have been sent, when and how users were added or removed from the Blocked Users List, etc * User Activity Report lets you see a list of users that have done X number of activities of a certain