PA File Sight Change History

* Added more diagnostic logging
* Fix for slow right-click on Devices nodes in the Console
* New self-signed certificates default to being sha256 signed instead of sha1
* Checking DLL signatures when loading
* Added new Monitors: Replace Actions Bulk Config command
* Fix for File Sight alerting on ignored files in some cases
* Added /AUTO_LOGIN Console command line option
* Configuration Audit report will be written to unique directory so it doesn't overwrite other similar reports
* Fix for very rare crash in the Console
* Handling File Sight monitors overlapping with different Interpret Application Behavior settings
* Fix for some non-English date parsing
* Added new Monitor Statuses custom group report part
* Fix for crash during configuration restore from disk
* Added auditing entries for moving computers to different groups, and running Bulk Config
* Console updates status icons in navigation panel better
* Updated to OpenSSL 1.1.1l
* Updated to libcurl 7.78.0
* Updated to libssh2 1.10.0
* System Details WMI calls will use packet level authentication
* Added Regular Expression support to Dynamic Server List and Inventory Alerter monitors
* New hourly System Audit event that the service/Satellite is running
* Logging a host ping if the database connection is reconnected
* Dynamic Groups with missing base Dynamic Server List monitor will be deleted
* System Alerts use a message template that can be modified
* File Sight will show a warning at the top of the server report if no File Sight monitors are created
* Fix for errorneous "monitor stuck" alerts
* File Sight won't keep alerting multiple times when different users are blocked on different Satellites
* Fixed a bug so there is better email alert throughput under load
* Added Groups: Delete Groups to Bulk Config
* PA File Sight will attach to the driver in a more robust manner
* Setting process wide COM/DCOM security to RPC_C_AUTHN_LEVEL_PKT_PRIVACY
* Some optimizations around checking file types
* Console remembers navigation panel width between restarts
* Added Italian translation files
* Fix for configuration import problem
* Handle canceling out of the startup wizard better
* Added mouse scroll wheel support to some grids in the Console
* Updated to NAudio 1.8 with new API to play sounds more quickly

* New default self-signed certificates will use sha256 instead of sha1 for signature
* Fix for slow right-click on Devices nodes in the Console
* Added better error reporting to the Upgrade to 64-bit helper application

* Upgraded to amCharts4
* Fix for crash when viewing report index page
* Clicking the Parent Group button will refresh the parent report
* Configurable cache minutes for Server Status Report
* Pasting monitor will no longer try to customize them but will paste as-is
* File access by NT AUTHORITY/SYSTEM will show IP address 127.0.0.1
* Fix to File Sight Endpoint to for some patterns of I/O
* Less CPU usage in large installations
* File Sight will show local OS file access as coming from 127.0.0.1
* Servers coming out of Maintenance will be able to regardless of whether the Satellite is connected or not
* Fix for occasional problem in the Console when moving computers would show a double shadow computer
* Reduced CPU usage for large installations
* Variables html page written out in UTF-8 to handle non-ASCII characters
* Configuration to hide empty datasets when running a report on multiple datasets
* Speed increase for Console startup and in the Service and Satellite
* Rebuild with new code signing scheme
* Fix for START_MAINTENANCE and END_MAINTENANCE with GID of 0
* Better support for downloading CSV files from reports
* Fix for server charts showing wrong date
* Fix for rare Console synchronization bug
* Charts render asynchronously so the browser responds quicker
* Satellites and Endpoints have a better back-off when failing to connect
* Performance boost (less CPU usage)
* Additional XSS protection added (credit to Ryan Jones)
* Added CSV export icon to tables in most reports
* Report CSV files that are empty will have _no_data appended to the filename
* New user right for View Satellite status
* Starting and ending Immediate Maintenance handled asynchronously
* Enhancement to speed up chart rendering
* Significantly faster internal HTTPS server
* Fix for MONITOR_ENABLE External API call
* Entering and leaving maintenance will only fire the associated System Alert, not the "changes might affect monitoring" alert
* Added FORCE to Smart Config to force duplicates if specified
* HTTPS client reading much larger chunks to speed up Console sync
* Fix for some garbled PDF attachment filenames for non-latin character sets
* Updated File Sight Driver to fix a crash exposed by Windows Sandbox
* Run Now commands are handled asynchronously
* Added QFE Last Installed Date inventory field
* Fix for Inventory Report date parsing
* Can set Use Curl via Bulk Config for Satellites
* TLS 1.3 support added to the user interface
* Better dynamic TLS support for the Helper application based on installed .NET version
* Fix for charts that cover the daylight savings shift
* Performance improvements
* SystemDetails module of Inventory Collector uses correct domain with credentials
* Added Device IP/Hostname, Device Alias Only and Device Aliased Name inventory fields
* Set a maximum size of email message digests
* Performance improvements
* Added Source ID and ExternalRef columns to the Error Audit report and database
* Fixed the enabling and disabling of Automatic Configuration in the Console
* More efficient dedection of neighbor Satellites
* Performance improvements
* More reliable Satellite and Fail Over updates
* Creating SNAP Tunnels has additional security checks
* Failed login recording with automatic and configurable lockout
* New Bulk Config operation to securely copy device credentials from one Satellite to another
* Prevent overlapping template propagations
* Selecting device in a Dynamic Group won't cause the selection to jump to the 'home' group of the device
* Account locked messages show calling application type
* Changes to template propagation to increase robustness
* Fix for a few template propagations that would happen repeatedly

* Fix for regression bug where Inventory Collectors on Satellites stopped reporting
* Fix for processes not showing up in Ignored list from Satellites (thanks Brendan!)
* Ability to change report email subjects to just the report title
* File Copy threshold alerts will show destination files
* Can specify independent Up and Down actions for Satellites

* Fixed rare problem where older state could show up in monitor status
* Added RENAME_USER_ACCESS command line to rename user access settings
* Fixed Bulk Config's Monitors: Delete Monitors to work on template-derived monitors
* Fixed some problems with database transfers
* Fixed race condition during template propagation where some monitors might get lost
* When a monitor comes out of Satellite Disconnected it will show its previous status
* Improvement to help prevent the internal HTTP server from getting behind
* Fix for UI glitch when chosing field values for reports
* Change for Endpoint status communication to Satellites so their clocks don't have to be synchronized as closely
* Internal changes to reduce CPU usage
* Changes to reduce CPU usage in large installations
* More shutdown logging
* GET_SERVER_PROP API function supports multiple property look ups per request
* Emailed report PDFs will use the report title for the PDF file name
* Better check for customer SSL/TLS certificates before regenerating
* Fixed case sensitive check in Include/Ignore extension check in PA File Sight monitor
* Not recording some temporary files that the File Sight Endpoint might see so it doesn't falsely consider some reads as copies
* More accurate file copy filtering in the Endpoint
* Performance improvement in File Sight monitor
* Fixed bug where directories not alerted on when two monitors watch the same folder
* Execute Script won't alert based on FireActions if $mon.ReportResults has already been called
* Larger file extension lists can be pasted into File Sight
* Rebuilt a library with (little used) SIMD extensions removed for broader CPU support
* Fix for missing Create (Read/Write) when a SACL/DACL change happens on the same file
* Added Group Name to Custom Group Report email subjects
* Better LDAP error when credentials are wrong
* Protect Console against a rare crash
* Added $mon.ComputerAlias for the Execute Script monitor
* Added operators % ^ & | to the expression evaluator
* Added support for multi-Item escalation in Execute Script monitors
* The Blocked User List shows by whom/how a user account was added
* Fix for Interpret Application Behavior for files with Alternate Data Streams
* When exporting computer config as a template, monitors are disconnected from templates as needed
* When importing computer config from a file, do not 'fit' monitors - import as-is
* Fix for group reports not showing internationalized titles
* Fix for File Sight not alerting on some directory reads
* Registry setting for optionally forcing HTTP connections to not get reused
* Registry setting so Run Now can optionally NOT override monitor period and dependencies
* Fix for Executive Summary report section titles
* Fix for report with Read setting

* Better HTTP filtering of requests that come from localhost * Better startup experience for first install * Bulk Config's Set Credentials works with using existing credentials * Registry configurable option to combine CSV report files * Added 'By Satellite' to Bulk Config's server selector * Scheduled Report 'contains' fields are restored properly * Fixed Dynamic Server List "Monitor Title" 'does not contain' operator * Added ENABLE_MONITOR external API function * Acknowledging errors can temporarily suppress alerts (see monitor's Advanced Options > Alert Suppression) * New report CSS * Change so the Endpoint can appropriately block or allow Bitlocker encrypted drives * Updated Content-Security-Policy so IFRAMEs can load poweradmin.com help pages * Upgraded to the latest PDF renderer * Added Bulk Config operation Computers: Notes to set or clear notes on multiple devices at once * Polished some start up wizard interaction * Fix for Two Factor Authentication when using Active Directory for logins * File Sight Custom Data Set report type allows filtering on the end-user's process name

* Internal Python initialized in a safer way * Added LOOKUP_CID and SERVER_ENABLE to the External API * Diagnostics for the File Sight Endpoint * Updated from OpenSSL 1.1.1c to 1.1.1d

* Minor UI update. See the View menu to change back * Fix for Satellites use of the Add to Block List action * Satellites can block users more quickly * Fix for rare crash * File Sight will fire actions after 50 reportable I/O actions have been accumulated * Fixed the PDF button when used within the Console * Decreased short term memory use, and a small performance increase * Fix for form-post escaping * Dynamic Server List rule for Server/Device names accepts wildcards * Error History OK Time field will be filled in even if unacknowledged alerts * Fix for User Access interface when rights not automatically granted to new users * Fix for File Sight Endpoint copy detection * Change to DriveSight and the Endpoint to better eject USB drives, necessitated by a change in Windows 10 * Quicker drive ejection in the Endpoint * New Alerts menu to Broadcast text to user alert actions * Default Message Templates will use the correct default language setting after it changes * File Sight Endpoint will monitor for block USB or CD/DVDs every second * Uninstaller will unregister from All-Systems-GO as needed * Failed action notifications won't cycle and alert via the same failed action, causing a crash * Improved computer name mapping, better local computer detection * More helpful diagnostic message when a report fails to run * Fix for Set Maintenance Schedule user right * CSS change to prevent wrapping in the report index tree * Added GET_NOTES and SET_NOTES to External API * Protection against bad response from DNS server

* Better, Faster, Stronger - many improvements in monitor performance, template propagation, etc * 64-bit, which means almost no memory limitations. * All-Systems-GO monitor to be assured your monitoring system is up and running * IPv6 support * More Bulk Config operations * Group notes (similar to Server Notes) * New User Rights for more control * Fix for not being able to add users to the Block User List * Better check for existing child groups or contained devices before deleting a group * Fix for Copy field in Custom Data Set reports * File Sight change to better handle concurrent Interpret Application Behavior checks * Changed cipher list ordering for Weak cipher list so Windows 2003 can still connect * Improved accuracy of Interpret Application Behavior * Address Resolver handles ISATAP IPv6 addresses * Two Factor Authentication can be enabled on a per-user basis at Settings > Remote Access > Filter User Access * Can use a remote login to the local Central Monitoring Service to get a full Local Console if: local Admin, admin rights in app, rights to top Servers/Devices group * Can disable the local credential-less login * Reordered some lines in the HTTP/S server to potentially reduce locking * Increased performance of DNS resolver

* WMI (Inventory Collector), PDF, and charts use the .NET 4 Helper * Handle double-width charts in Executive Summary/Custom Group reports * Defaulting to requiring a login to view web reports * New User Right for setting maintenance schedules * Fix for row variables in Execute Script actions * Fix for crash when setting up Fail Over

* Monitors that cannot run will fire System Alerts at most once every 15 minutes (instead of on every run) * Added SNAP Tunnel audit events * Advanced Deduplication will block all actions on a duplicate as documented, not just notifications * Added some database caching for frequent requests to increase performance * Fix for Calculated Status monitor for rapidly running monitors * Optimizations to better handle large user lists in the File Sight monitor * Fixed Monitor Change auditing event * Fix for Satellite Up/Down messages that were missing the Satellite name * File Sight service/Satellite will use fewer driver buffers * Added new All Actions Access permission * Email send throttling can be controlled via registry setting * View System Activity shows template propagation * Fix for template dependencies not propagating properly * Enforce OpenSSL server cipher order * Template propagation speed improvement when Satellites are involved * Group-level Notes that can be added to Group reports (similar to Server Notes) * Added $DeviceNameOrAliasOnly$ replacement variable * Fix for Smart Config that wasn't adding actions when using a template as the base monitor * Fixed device property "Date Added for Monitoring" from getting reset * Better performance in heavy monitoring situations * Fixed memory leak in File Sight reports * File Sight will report triggering changes more quickly * Reports can be run that are not limited by memory size * Fix for dependencies on templates * Fix for rare crash in SNAP Tunnels * Increased reporting speed in some cases * Updated expiring SHA1 code signing certificate * Upgraded to IPWorks 16 * Handle very large emails more efficiently * Using different heap memory management settings * First template propagation will wait until the Central Service has been running for two mintues * Ignored File specifications in File Sight are back to being case insensitive * More efficient log file writer (easily handles 10X the logging) * Added Bulk Config to enable/disable monitoring of Servers/Devices * Bulk Config can be used to disable the internal HTTPS service within the Satellite (will break Inventory Collector) * New Bulk Config operation - Computers: Allow/Prevent Template Propagation * Quieted DB_LIMIT false-positive alerts * Fix for rare configuration synchronization failure * Disabled servers leaving maintenance mode won't become enabled * Prevent Bulk Config from misconfiguring a template with the Monitors: Set Monitor Parameters operation * Much faster processing of GetNextID for large installations (used in template propagation) * Added the ability to block some accounts (external customers for example) from seeing Recent Alerts on servers and Current Errors in groups * Can start and end Immediate Maintenance on servers in Dynamic Groups * Bulk Config's Monitors: Set Monitor Parameters works with the Active Directory Login Monitor filters * Fix for regression crash in SNAP Tunnels * Fixed View Template button at the top tempate bar in the Console * Added Show Monitoring Coverage on Group reports user right * Retry on failure to get VMWare ESX information * Fix to the Startup Wizard * Fixed the "Show devices that do not contain specified monitors" parameter for the Configuration Audit report * Removed source of some Audit Failure login events in target servers' Security Event Logs * Small reduction in memory usage for large installations * Tool tips for most fields that are too long to display * Caching domain lists * Startup Wizard fixes * The Central Service and Fail Over Service will wait longer for Satellites to reconnect after just starting up * Central Service will sync a fresher copy of the Satellite status database to the Fail Over Service * Added missing index for File Sight table that will speed up database cleanup * Set Server Maintenance action shows server names with groups * Monitors in Can't Run state (or Internal Error) will NOT move through Event Escalation steps, but instead reset escalation to the beginning. * Email Message Digest age is registry configurable (defaults to 1 minute) * Less memory usage when sending large host name lists to the central server * Tighter syncing between the Console and Central Service * Fix for ability to disable Drag and Drop in the Console * Fix for very rare memory corruption bug that can happen during log rotation * Added time stamps to Satellite up/down and also System alerts * Optimized internal locking to give better concurrency * File Sight can output and report on the "Read Entire File" field in reports * Ability to message digest all emails, including the first one in a while * Change that should prevent the CompNameCache database from growing so much * Performance increase in the File Sight monitor * Fix for Day Light Savings transition date calculations * Fix for Interpret Application Behavior feature in the File Sight monitor * Fix for rare race condition in Cache Manager that caused configuation updates to get lost * Enhancement that reduces CPU usage on heavliy loaded systems * Better SNAP Tunnel performance (RDP to Satellite for example) * Fixed false positive FILESIGHT_AUDIT_TEST_FILE test alerts * File Sight sends the ignored process list to the driver more reliably * Increased report refresh reliability * Added ability to have group reports refer to child group reports * Fix for incompatibility with Windows Update * Optimizations for increased performance * Configuration checker indicates which settings need to change on a monitor to match its purpose * Test File Name button to check against included or excluded file extensions * Reason shown if a user can't be added to the Blocked List (such as it being a core OS account, etc) * ChangeMonitorStatus from Execute Script monitors and actions can correctly update the running monitor's status * Change to report page refresh functionality if an HTTP error happens * Change to report page refresh functionality if an HTTP error happens * Fixes for duplicate columns in the Group Overview report (column report) * New Bulk Config to cleanup unknown Actions * New Credential Manager * Fix for generating PDF of Custom Reports that might be for a different report * Fixed a small memory leak * Outgoing alert emails will be processed in parallel more for greater throughput if needed * Restored the missing Hourly Error Count chart * Write to Log File action has a configurable output template * Fix for possible crash in Execute Script monitor * Protection against crash in PAPDH * Fix for Welcome Dialog with newer versions of IE * A little better tracking of who creates computers when done via Network Scanner * Remote Console failure to write to its log file will not broadcast a System Alert * Master server won't do a Fail Over file sync for first 10 minutes of the service starting up * Don't alert on monitors missing actions if the monitor (or server) is disabled * Updated OpenSSL to 1.1.1c * Satellite disconnected status shown on devices and monitors with a striped background * Explicit SSL/TLS version selection in the HTTP Settings dialog * Better Live View (with simple filtering) * Explicit SSL/TLS version selection in the HTTP Settings dialog * Better Live View (with simple filtering) * Resolve IP addresses in Active Directory Login Monitor for more meaningful alerts * Fixed rare crash in IPv6 address resolver * More robust Endpoint upgrade batch file * Logging will recover from network errors better * Upgraded to AmCharts 3.21.15 from 3.20.4 * Better chart resizing * Fix for regression bug for cases where a folder is watched by multiple monitors * Fixed ignore test in File Sight configuration * Added audit change events for Servers/Devices and Actions * Updated to SQLite 3.29.0 * Better database cleanup routine for Active Directory Login monitor * Top-level Monitor Templates won't propagate into the *Automatic Configuration groups * Upgraded to InnoSetup 6 * Interpret Application Behavior works better with newer versions of MS Office

* Newly pasted servers will be disabled to give a chance to make any changes before enabling for monitoring * Added explicit locale to javascript date/time rendering * Object selection user interface with very large lists (thousands) loads much quicker * Fix for Bulk Config not filtering on monitor templates correctly in all cases * Automatically use IE embedded browser if older than Windows 7 (Chromium browser won't work) * Don't clear actions when coming out of Can't Run if also now in Alert state * Fixed hot-links to help pages * Additional logging added * Large report warning/redirect page will not be used when generating PDFs * More diagnostics when Satellites can't connect * External diagnostic ping done on a failed connection to the Central Service * Increased File Sight driver MaxRecords default to 150000 * Fix crash that can happen when doing HTTPS logging * Satellite has 'FTP Logs to Support' button * Fixed some non-English date parsing for report periods * Calling StoreValue in scripts won't trigger a Monitor Changed audit event * Newly added Custom Properties will show up in the Alert Reminders editor * Updated SQL ODBC driver client to version 17.2 * Fixed archived log files getting deleted too soon * Cleaned up monitor changes in the audit report * Fix for users with low rights being able to register their mobile phone for alerts * Find dialog can now also find monitors, actions and groups * New Bulk Config operation to force re-propagation of all templates * Scheduled Reports and Ad Hoc reports can be grouped into folders via the new Report Group tab * Extra logging around the Fail Over Slave status * Data from Endpoints recorded to the database in more cases * Unstable OS time alerted on (affects monitoring) * Better control of memory usage when communicating with Endpoints * Endpoint reports more concise list of files written to on a copy * Endpoint will show local IPv6 addresses * Syslog action can send alerts in a single line of text for easier 3rd party integration * Pasting a monitor will put it in a 5-minute maintenance mode. This behavior can be changed in Advanced Services > Advanced Settings "PastedMonitorMaintMin" * Right-clicking a monitor in the Console will show the monitor's status information line (with truncation if needed) * Fail Over Slave will do less when it is not active * Driver update to detect full file reading more accurately * Give long file operations more time before alerting * More efficient use of driver buffers * Large configurations are sent in batches to the Console if needed * Similar to maintenance mode, monitors will ignore activity that happened while they were disabled * New Monitoring Coverage report which can output data to CSV, etc * Console loads much quicker * Email server connections are disconnected after a failure so subsequent connection can succeed * Better Satellite backoff when many are trying to connect at once * Satellites make initial connection quicker * No database errors if the same file is ignored twice in the same File Sight monitor * Fix for File Sight reporting file writes as Permission Changed * More diagnostics in the Satellite configuration app * More diagnostics when configuring the Fail Over * Support for using curl when the Windows TLS support is too old to connect * Faster Console response * Listing all .NET 4 versions that are supported in the .config files * Fix for Fail Over Slave not receiving all configuration data * Improved responsiveness in the File Sight Endpoint * Better Console performance for limited rights users * Added IPv4 and IPv6 Inventory fields * File Sight service reacts to file activities quicker * Protection against Action List loops * Fixed issue with Inventory data getting deleted * Quieted some nuisance alerts from the Fail Over * Added $Satellite_Name$ replacement variable * Able to use Endpoint Operations to set Endpoint host:port pairs - will verify it can reach an active Central/Satellite * File Sight will write and then delete FILESIGHT_AUDIT_TEST_FILE.TXT in a monitored folder every 10 minutes to monitor proper functioning * CSV file output is a little easier to read * Fix rare crash/memory corruption caused by multi-threaded reports * Fix for missing report PDF in email when email report images are disabled * Better Satellite configuration message when a Satellite is connected to an inactive Fail Over * Filename field of PA File Sight's Custom Data Set report can take a comma delimited list, and ! specifier to filter out files * Configuration syncing to a Fail Over works better with very large installations * Limited access users will see the group reports defined at the top Servers/Devices level * Alert if a ineligible (non-local) drive is configured for monitoring * Satellites are automatically accepted by default

Windows 7/2008 R2 or newer is required for the Console to use the embedded Chromium browser. Otherwise IE with some limitations will have to be used. * Able to clear credentials in the Changed Stored Passwords dialog by entering a blank password * Auto report forwarding in groups now works with the Executive Summary report * Improved credential caching for remote cases * Execute Script actions run faster and more can run at once * Execute Script and Call URL actions can be configured to run wherever the calling monitor ran * Thread Pool will alert if it is falling far behind * Updated 7za to version 18.05 because of CVE-2018-10115 * File I/O events won't be marked as failed after a failed Get End of File request * Added $AlertType$ replacement variable * Added $AlertID$ and $AlertType$ columns to the Write to Log File * Added warning to installer about Windows 7/2008 R2 requirement for embedded Chromium browser * Fix for regression bug in ADD_SERVER external API function * Fix for very rare crash when backing up the Configuration database for a Fail Over Slave * File Sight and the Endpoint attempt to detect copies through RDP sessions * File Sight/Endpoint report Probable Copy Yes or Yes[2] in alerts and reports * Fix for remote access filter user interface involving groups that get moved * Ability to copy and paste devices * Better reconnection attempts for Satellites that are disconnected * Alert Reminders can use Custom Properties

Windows 7/2008 R2 or newer is required for the Console to use the embedded Chromium browser. Otherwise IE with some limitations will have to be used. * System Alerts that are fired for servers entering and leaving maintenance will use a Maintenance status instead of Alert status * Possible to use the Fail Over without a shared database, though data monitored during Fail Over will NOT be available to reports * New flat icons and buttons to modernize the look of the Console a bit * File Sight Endpoint will filter out local writes that happen before server reads when reporting back * Fixed a rare deadlock * Monitors coming out of server maintenance will revert to their previous status instead of going to Scheduled * Drive Sight monitor supports comments via # after the ID * Drive Sight functionality (CD/USB drive blocking) supported in the PAFS Endpoints * Fix for Drive Sight monitor exceptions * New support for USB\external drive blocking in the File Sight Endpoint * Fix for rare crash while checking Endpoint alert conditions * Activity Chart shown in navigation column when the button bar is hidden * Syslog Sender action can send alert description and/or row variables * Added -LOCK command line parameter to the PAFS Endpoint * Changes to speed up Snap Tunnels, for better RDP tunneling experience * Bulk Config's Computers: Set Automated Maintenance Schedule can clear all maintenance schedules if specified * Fix for servers on Satellites that would come out of maintenance when the central service was restarted * Extra ENDPFLOW logging for tracking Endpoint connection/routing problems * Fix for reports on Copy operations * Fix for alert message in Drive Sight monitor * Setting to allow File Sight Satellites to see all Endpoints, when remote networks use unique IP address ranges * Added SET_GROUP_PROP and GET_GROUP_PROP to the External API * Added "Last" {day} of month to scheduled items (monitor, reports, maintenance, etc) * Improved initial database connection error reporting * Fixes for some errors in the language translation files * Upgraded to CEF (Chromium) 3.3325.1756 * Monitors are automatically enabled (if needed) when promoted to a template * Removed duplicate custom logo when report shown within frame of outer page when using Web interface * Faster group reports in large installations * Fix for charts not showing up in PDFs generated from the web report * Returning newly created ID for External APIs ADD_MONITOR, ADD_GROUP and optionally for ADD_SERVER * Removed 3DES ciphers from High security setting

* File Sight monitor works better with Bulk Config's Set Monitor Parameters operation * File Sight Endpoint Operations page - lock/unlock and upgrade individual/groups of Endpoints * File Sight Endpoint will no longer respond to -LOCK and -UNLOCK command line parameters (see above) * File Sight Endpoint reports added to the web interface * Fix for File Sight report bug * New Remove from Blocked List page in the Console and web interface, requires a new Right via User Access > Filter User Access * Fix for database error * New HTMLEmail_NoDataFiles setting to not attach CSV files to reports * Fix for better detecting connected Endpoints when they are connected to a different Satellite * Endpoints can connect even if there are no File Sight monitors running * Fix for saved CSV and PDF filenames (@@@ was getting appended) * Log ping result if an HTTP/S connection fails * Updated to OpenSSL 1.0.2n * Fix for FS Endpoint crash * File Sight's User Activities and Copy Detection settings no longer require settings on the File Activities tab * Detailed monitor activity chart can show data from the Satellites * Ensure sent emails go to the Audit Log, regardless of the (separate) Perm Log setting * Better manageability and stability of the File Sight Endpoints * Connection string editor/parser won't remove unrecognized fields * Performance monitor will attempt to translate counter into local languages during template propagation * Fix for Active Directory Login database writer that would write multiple copies to the Overflow database when erroring * Changes to help the StatIDs stay synced between the Central Service and Satellites * Detailed logging added to the Endpoint * Fix for extra data from Endpoints not showing up in reports (be sure to update Satellites) * Satellites dynamically throttle how quickly data is sent to the Central Service based on load * Enhanced Endpoint Operations filtering * The Syslog Action can use replacement variables and custom monitor messages * Diagnostic access checks are performed when the Service/Satellite starts to report to the user if there are problems with their configuration * Dynamic Server Lists will trigger template propagation on server removes too * File Sight Endpoint files will always be in C:\Windows\Temp\~PAFSEndp if access to that folder is available * New Endpoint alerts for detecting when Endpoints aren't reporting in * Added more Endpoint Operations filters * Improved Endpoint communications * User File Activities alerts are triggered sooner when Endpoints are in use * Added $Notes$ replacement variable for us in actions, email templates, etc * Protection against very large HTTP to HTTPS URL overflow * Fixed memory leak * Instructional message boxes added to the Block User action * File Sight monitors run more often to more quickly respond to ransomware * Fixed small memory leak * Users with limited rights will only see Actions that are attached to Monitors that they can see * Fix for Restart Satellite command in the Console which would restart the Satellite service more than once * Added several HTTP/S security headers * Fix for sending emails when graphics, PDFs and attachments have all been disabled

* The Blocked Users List will block access to all files on all drives for all servers monitored by PA File Sight. * The File Sight Endpoint keeps track of where server files go on the client computer. With this information, it can detect file copy operations * System Audit Report lets you easily run a report and see what email alerts have been sent, when and how users were added or removed from the Blocked Users List, etc * User Activity Report lets you see a list of users that have done X number of activities of a certain

* Fixed sorting problem in the Console's navigation tree

* Added new All Servers part for Executive Summary reports * Added Debug Logging as a setting that can be set via Bulk Config to Satellites * Added Satellite name to Configuration Audit report * Fixed slow startup if server can't resolve SIDs * Additional logging and diagnostics added * Added File Sight bulk Rename alerting, same as bulk Read, Write and Delete alerting * Fix for File Sight database cleanup on Satellites * Changed installer's ODBC driver to: Microsoft ODBC Driver 13.1 for SQL Server * Fixed problem with the Console viewing the Fail Over Slave's status page * Won't sync DB Connection string to Fail Over Slave so it can be different if needed (different driver version for example) * Fix for the local Console so it can login using the hostname, and not just 127.0.0.1 * Added IsDeviceType dynamic rule * Added the $WinDir$ replacement variable * Updated EULA indicating a customer's logos can be shown on our website unless asked not to * Added option to control whether TLS 1.2 can be disabled (like for SSLv3, TLS1, and TLS1.1) * Fix for broken import when PAFS Ultra is doing a complete configuration import * Satellites forcing command filter to * so that PASystemDetails and PALowPriorityHelper can connect * First character of Live View can be a ! to show all lines that are NOT the given line * Fix for broken language translation in the service * Added a filter to View System Activities * Fixed API_GET_MONITOR_INFO which was not checking all status values * Better interface for Dynamic Server List rule selection * New registry-value based Dynamic Server List rule * Don't block the email sending thread with an exception message box * New GET_PERF_STATS external API * More robust initialization * Ignored files (full path) get picked up by the monitor immediately * Removed some internal bottlenecks * Fix for very rare database locked-caused crash * Added options for what alerts to combine in Email Digests * Fix for thread balancing error * Increased shutdown timeout value that was too short * The Group Summary Report won't show dynamic group contents to prevent massive reports * Additional efforts to get Central Service and Satellite to shutdown nicely * Subscriptions will report sooner to prevent becoming unlicensed * Diag's SETCONFIG command can set numeric values now as well as text * Quicker service start reporting * File System Analyzer will report failure if the top folder could not be monitored * File System Analyzer will show folders that couldn't be scanned in monitor status summary * File & Directory Size monitor will report failure if the top folder could not be monitored * File & Directory Change monitor is recording file size and date to the database for reports * Reports stuck in a loop will break out and fail so other reports can run * Fix for reports that can get stuck in a loop * The Group Summary report will NOT show Dynamic Groups by default, but report settings can change that * Disk Space monitor will remove drives when templates are propagated, and use settings during normal running of the monitor

* Fix for missing database table when using MS SQL Server

* Change to handle Slack call in Call URL action * MAINT x can be added to Ack emails to put a server into maintenance, though it has to be enabled via the registry. Acknowledge Alerts * Upgraded AmCharts and ExtJS * Can paste list of file extensions to watch or ignore into File Sight monitor * New File Sight Live Stream chart and live File List on Server Status report * Changed how often a Satellite will switch hosts, and don't switch until trying for 45 seconds * Fix for not being able to remove a report part for the Server Status report * Handle file types of TEST.* by silently changing it to *\TEST.* * File Sight database writer has it's own thread to keep up better under heavy load * Updated to Chromium 3.2623 * Updated to SQLite 3.13.0 * Fix for email ack checker that was checking too many lines * Added Credentials button to the Call URL configuration dialog * Getting email bodies handles mulitpart/alternative which helps the Email Ack processing * Look for Microsoft's ODBC Driver for SQL Server when building connection strings * PagerDuty action can report configuration errors * New FORCE parameter for the START_MAINTENANCE external API command * Template propagation will take the target server type when progating a template * Template progagation can be disabled on an individual server basis via right-click menu * Fixed Scheduled Report renaming GUI bug * Console poll cycle time can be synced from Central Service * Added permission change values to File Sight reporting options * Monitoring System Auditing (user logins, service restarts, etc) added. Not visible yet - contact us for access * Protection against a slowing Console when there are thousands of reports * Added Bulk Config - Cleanup: Reset All Server and Group Reports to Top Node * Fixed RegEx filter to use regex_search instead of regex_match * New $FILEONLY$ variable that can be used in alerts - only shows the filename, not the full path * New Advanced Settings dialog make obscure settings more visible * Fix for Desktop Notifier not connecting * Complete logging for CRT installation * Fixed deleting of empty groups (and not deleting non-empty groups) * Better handling MIME encoded emails in Email Ack * Fix for possible incomplete exports from the Console * Added Group, Computer, Monitor, Template, and Action creation and deletion to the coming audit log * Additional Satellite connection logging * Call URL action correctly escapes variable values when using application/json content type * Fix for Satellite Down notifications that use escalation, but none in the Do Immediately node * Fix to handle credentials with a few specific characters * Applying a configuration file to a device will also set the device type * The Satellite update will update the installed Console as well * Fix for VCRedist failing to install during setup when the temp folder contains a ~ * Fixed $CustomProp()$ in Satellite Down notifications * Added in-depth heart beat chart in the Console (double-click current chart) * Added ADD_MONITOR to External API * Uninstall will not show the uninstall web page for Satellite or remote Consoles * Added a filter to the Live View dialog * Fixed bug where Custom Properties set on templates could get reverted * Added rel="noreferrer noopener" to target="_blank" links * Added support for PA File Sight subscriptions * Fix for custom message templates that were not imported from file * Bulk Config's Set Event Deduplication ID will also set the fire actions override values * Fix in File Sight reports to sort by Process * Can save PDF files directly when generating them from within the Console * Smart Config's Action selection dialog supports multi-select, and has Select All and Unselect All buttons * Setting to control truncation in Recent Alerts * SimpleStatDB initialized by monitors in cases where it fails initially * Upgraded to OpenSSL 1.0.2j, and disabled Triple-DES cipher when using High Security to prevent SWEET32 attacks * Desktop Notifications will use top-most message boxes * Fix for reports that get their cookie values mixed up * Drop down list for help setting Custom Properties * Network Message action properly truncates messages * Added SATID parameter for ADD_SERVER external API * File Sight monitor will load the Ignored list asynchronously to protect it against database down timeouts * Less memory reallocation * Multiple monitors watching the same files won't write duplicate entries into the database * New optional parameters supported for GET_MONITOR_INFO * Added support for a configurable Details column in the ErrorHistory database

* Template monitor dependencies on non-template monitors works better * SetMonitorStatus support added to Execute Script for PowerShell * Fix: Ability to uncheck dependency even if the hosting server exists in multiple groups (dynamic groups) * Configuration Audit report has an option to show servers that have or don't have the specified monitors * Fix for Network Map reports when displaying Dynamic Groups * Fix for a monitor skipping sending Fixed alerts if it goes from Alert to Busy to OK * Can't Run 'fixed' actions only run if 'alert' actions were also run for the original Can't Run event * Monitor starvation (never getting to run) alert moved to System Alerts instead of putting monitor into Alert state * Extra diagnostic logging added * Upgraded to SQLite 3.11 * Console won't show login page after service is restarted * Fix for internal Satellite StatID mismatch * Less memory used to send configuration to Console and Satellites * Limit Satellite requests for the statID cache * Fix for database locking when cleaning up some SQLite-based databases * Changes to allow for larger report generation * Fix for database conversions (from SQLite to MS SQL, and vice-versa) * Fix so Satellite starting/stopping System Alerts come through * Optimization to use a little less memory * Fix so Dynamic Server List monitors can be renamed * Change to make adding new computers faster in large installations * Registry setting to compress configuration backup * Menu options for moving Groups and Computers * Fix to prevent accidental drag-drop and icon stickiness * Satellites forward data sooner when memory is tight * Recent Alerts acknowledge buttons at the top and bottom of the report section * Configuration backups use much less memory * Fix for file handle leak when syncing files to Satellites and Consoles * Logging thread will keep up under load better * Optimization to make HTTPS requests quicker * Closing SSL connections that are stuck sooner * Fix for File Sight database cleanup that didn't happen when no local monitors * HTTPS handling threads ramp down as need allows * Fix for some memory leaks in the central service * Fixes so jumping forward with Day Light Savings will NOT make a monitor count as being behind * Fixed Execute Script monitor which ignored alert suppression rules * Monitors derived from templates will not be shown for Bulk Config operations that will get overwritten by the template anyway * Added GroupPath property to Execute Script monitors (VBScript, Javascript and Powershell) * Added source IP address to File Sight's row variables * Optimized HTTP server's thread usage -- can handle larger loads and is more responsive * Not running Satellite reports if not requested * Tracking memory usage in OpenSSL, SQLite and zLib * Fixed memory leak in template propagation * Preventing a possible deadlock when setting servers in maintenance via Bulk Config * New CREATE_CHART External API function * Logging who does RunNow commands * Can indicate to add computers by IP in Network Scanner and Discovery dialog * Fix for Message Templates not being backed up to the backup.axml file * Protection against a type of corrupted database problem * Added ToLog to PowerShell Execute Script action and monitor * Better delete SQL for StatData tables - performs better in large installations * Ability to initiate database cleanup from the Console (in Reports - right-click on the report type) * Configurable Console "Operations" commands when right-clicking a server/device - see Console_Operations.ini * Fixed bug where row variables were not receiving OVERLIMIT_READ, OVERLIMIT_WRITE, or OVERLIMIT_DELETE in File Sight * Registry control of when cleanup happens for Error History table * Cleaned up some long standing language translation file problems * Enhanced diagnostic logging added * Custom icons will be shown in the navigation tree of the web view * Single dynamically resizing chart for generated reports (can be disabled via registry) * User Access Control dialog allows a simpler view of the user list * New User Access report * Fix for SQL Native Client not getting installed with Easy Deploy * Console will show maintenance/disabled on Servers/Device icon * PA Desktop Notifier can show the last 20 alerts it has received * Richer Error Audit report * Error Audit and Configuration Audit reports can query on Custom Properties * Can reply with ACKALL to alert email to ack all alerts from the current computer(s) * Logging failed CallURL POST data * Option to allow Satellites to handle server's Scheduled Maintenance, which means the Satellite's timezone would be used

* New Drive Sight monitor * Monitor Templates * Integration with PagerDuty * New Run Report Action * Desktop Notification Application * Dynamic Server Lists * Configurable Group Reports * Custom server/group icons * Added Message Template support for actions * Signing with SHA2 certificate as required by Microsoft * Satellite updates use 1/3 less bandwidth * Satellite installations can be prepared and imaged for use in multiple instances

* Fix for extremely large emails that block future alerts * Call URL Action can now post arbitrary text with configurable encoding (for Slack integration, among others) * CPU throttling is no longer a System Alert * Fix for intermittent report failures * Added PermLog for user logins for the application * GroupID can be used for Event Deduplication * Fix for Console showing a login page * Added DO_QUIET and END_QUIET to the external API * File Sight monitor can include and exclude files based on paths with wildcards (i.e. C:\Audit\*.pdf ) * Added a Duplicate option to Scheduled Reports * Fix for Customize option on Copy Monitors to Computer Bulk Config operation * Windows 2003/XP installs will create SSL certs with SHA1, and lower HTTPS security to compatible settings * Upgraded to SQLite 3.8.10.2 * Fixed "Hide OK" Error Audit check box * Reduced database access * Queued data is now correctly dropped when a monitor is disabled * Updated CEF (Chromium) to 3.2171.1979 * Change to configuration backup and restore to handle coming v6 features * Report won't auto-refresh if you have scrolled down a bit * Upgraded to OpenSSL 1.0.1p and disabled DHE ciphers to protect against LogJam * Added support for 2048 and 4096 bit Diffie-Helman key-exchange setup parameters * Shipping dh2048.pem and dh4096.pem files rather than take hours to generate them * Fixed variables used in Satellite up and down alerts * Upgraded to ExtJS build 4.2.3 * Fix for Corporate Ultra unlimited license not being recognized as unlimited * Fix for some grid columns not lining up under headers when using Chromium * Fix for Ack race condition for alerts coming from Satellites * Added GID and ALL options to external API request API_GET_SERVERLIST * Interpret Application behavior recognizes the pattern used by AutoCAD software * E-mail alert Acknowledgement will ignore auto-responder messages * Fix for event escalation that would run actions too often if it got behind * Fix for read only access to whole device tree when a PDF is generated * Updated to EVO PDF converter v6.2 * Acknowledging an alert can stop further alerts via Event Deduplication * HTTPS server will send configurable X-Frame-Options header to protect against click jacking * Fix for errors showing up in Recent Alerts with a blank description * Fix for bad tag in XML Configuration Audit report * Changes so initial license installation is smoother * First time SSL certificate creation via OpenSSL will use low priority processes * Event Deduplication will look at the monitor's true Event/State type, rather than the Actions setting * Acknowledge All Errors in Bulk Config gives the option to not fire acknowledgement actions * Configurable info box sizes for the All Servers and Group Summary reports * Group reports will indicate if a server's status is questionable because of a Satellite being offline

* Can require Console remote login to use same version as Central Service * New Connected Sessions report * New SSL certificates will use SHA-256 instead of SHA-1 * New installs will NOT support SSLv3 by default - existing users can go to Settings -> HTTP Server Settings * New installs will use the strong cipher list by default * Upgraded to EvoPDF 5.11 * Recently Acknowledged Alerts report part added to Server Status Reports * 10% reduction in data exchanged between Central server and Consoles and Satellites * Protection against 'connection storms' for sites with hundreds of Satellites * Server Status Report charts can be disabled * TLS 1.0 and 1.1 can be disabled via registry (SSLv2 and SSLv3 can already be disabled) * Additional protection against cross-linked groups * Overlapping custom properties are correctly overridden going down the device tree * Indication will show why an IP address might be missing * Error History updates should post before actions fire * Significant performance boost in core functions * Bulk Config copy config to computers is handled asynchronously * ActionType variable available in Execute Script actions * Satellite down notifications were not replacing replacement variables * Race condition in Write to Log File actions fixed * Random deduplication field added to disable deduplication on individual monitors * Prevent crash when simultaneous requests for File Sight's Live View are processed * Better output for the HTML Configuration Audit report * Less internal locking -- can support even more monitors * Helper log file is log rotated * Can disable image in outgoing report emails via registry setting HTMLEmail_NoImage = 1 * Fix for not being able to end immediate maintenance at the top level * Fix for crash in report when access is denied for server * Fixed incorrect MIME type when a report redirect happens * Fix to CallURL action that was stuck using GET command * Improved resolving of SIDs to usernames * More flexible "Console needs to match service version" settings * Suppressing error messages in reports that limited accounts (probably end customers) see * Better memory management for large installations * Fix for Fail Over file sync that sometimes fails * Update Manager will only show automatically once per version update * File sync to Fail Over will compress files before sending * Digitally Signing all executables, including 3rd party where needed * Throttling Console config download if needed to reduce memory usage * Compressing XML sent between Central Service and Consoles and Satellites * Fix for $act.TimeInErrorStr not being correctly set in the Execute Script * Added <generatePublisherEvidence enabled="false"/> to .config files so .NET apps won't authenticate their digital signature * Less database locking during cleanup operations * Fixed a few dialogs where the time unit could set incorrectly if using not using English * Added SetComputerPropertyByID to Execute Script * Sub-groups with no access to parent can correctly still read inherited report settings * Scheduled reports not shown to users who shouldn't have access * Fix for extremely large reports displaying internal scripts * Bug fixes * Registry controllable PALowPriorityHelper drop-dead timer and thread levels * Server order in the Group Summary and Group Overview reports can be configured * Restricted user accounts can put servers/monitors into maintenance if they have that right * Fix so unlicensed servers can be disabled * Can set Max CPU throttle setting on Satellites via Bulk Config * Fix for putting deep groups of servers into maintenance * Sending LastRun as UTC to account for time zone differences in Satellite deployments * Improved hand off from one PALowPriorityHelper to another * Fix for resolving IPv6 client addresses

* Updated to OpenSSL 1.0.1j (to protect against POODLE vulnerability) * Server Status report charts shown in user's local time zone * Find dialog works via Ctrl-F in more areas of the Console * User can control Sent Email, Service Start/Stop and Monitor Change permanent logs * Fixed problem where some .CSV files couldn't get saved from a Scheduled Report * Fixed Execute Script (PowerShell) StoreValue method * Satellite up/down notification template can be left empty, in which case the email template will be used * Log rotation puts files into an Archive folder * Fix for busy Satellites sending error events too slowly when under load * Logging and fix for generating SSL certificates * Users on Satellite servers will get their username added to the central server * Performance increase * Alerts will specify "File:" or "Directory:" when reporting changes * New PermLog for servers entering and leaving maintenance * Fix for importing configurations, and for new installations * Console will give a hint if the HTTP server didn't start because of SSL certificate issues * Standardized Permanent Log output, made easier to use in Excel, etc. * SendMail function in VBScript will send as HTML if it sees a <!DOCTYPE in the body * Smart Config can set server alias on new servers * Fixed rare crash when network connection is dropped while SSL negotiation is taking place * Fixed date in Permanent Logs

* Server Status report has new Full History links below Recent Alerts to see alerts from 1, 5, 15, 30 and 60 days back * Recent Alerts can not only hide ack'd alerts, but now hide them when the monitor is OK * For monitor copy/paste, copy now copies to TEXT and UNICODETEXT parts of clipboard * Rotating and compressing log files * Registry configurable custom chart sizes for Scheduled Reports (for use in your own pages/apps) * Configuration Audit report has option to show or not show item IDs * Can right-click an Action and select Duplicate * User Access gives the option of granting non-admins ability to put servers/monitors/groups into maintenance * Event Escalation for Satellite Down notifications * Fix to a specifically ignored file not matching in a rename * HTTP Server Settings option to choose stronger SSL/TLS settings * Fix for Support & Maintenance expired reminders that come out too often * Configuration Audit report shows Event Escalation * New long term log file of email sent, and service start/stop times * Removed odd character at the end of emailed SMS alerts * Upgraded to OpenSSL 1.0.1h to fix the ChangeCipherSpec vulnerability * Discovery scanner will check with Active Directory for list of server names * Added Bulk Config option to set monitor Deduplication Field IDs * Added SET_SERVER_PROP and GET_SERVER_PROP external APIs * Added row Description value to Execute Script action * Sending simultaneous reports with PDFs works better * Improved the Group Overview report * Fixed sorting of server names in All Errors report * Exporting as a template gives an option to export Actions * Updated to CEF 3.1750.1738 * Fix for security bug that could allow users to see servers outside their group

* Removed the RecommendUs dialog based on customer feedback

* Email addresses can be marked as admin, and only admin will receive Broadcast messages (System Alerts) * Passwords in Userlist.txt are encrypted when next used or service is started * Added /norestart to vcredist during install * Can set embedded Chromium proxy server via user-specific registry setting * Report folders use IDs instead of names -- handles non-ASCII computer and group names better

* Configuration Audit report can be output in text, HTML or XML * Deduplication state is persisted across restarts* Configuration Audit report can show Custom Properties* Updated Monitor Status report with more information* Changes to try and get diagnostic dumps in a few extreme circumstances* Email alert subject and body can be overridden via script * Upgraded to SQLite 3.8.3.1* Fix for Alert Reminder emails that get the subject prepend or {id:} appended multiple times* The application can remind you about Support & Maintenance expiring* Two new fields added to the SNMP Trap action* Loading PDFs, CSVs in the Console works now* Fix for ErrorHistory2 table creation* Recent Alerts will show up for new installations* Fixed broken this month/last month uptime calculator for inventory* Fix for rare crash* Can reset immediate maintenance period while already in maintenance on servers and monitors* Added subdirectory support for the Log File monitor* Inventory Collector monitor filters on computer type* Differentiating better between same-named Groups in expressions* Inventory Collector is prevented from firing alerts* Protection against divide by zero when sizing Javascript grids* External API can start and end maintenance on individual monitors* Upgraded to OpenSSL 1.0.1g to protect against the heartbleed vulnerability* Upgraded Chromium embedded browser* Fix Console delay for limited-scope users

* Updated to latest stable build of all 3rd party components * Increased and made configurable mail connection timeout * Won't fire a global error message when a new version is out * Fix for broken reports based on bad date range parsing * Fix for Acknowledge notifications that were not being sent * Execute Scripts won't send email when Quiet! is enabled * Alert Reminder defaults to 7 days if no time frame is given * Add Actions Bulk Config operates on Acknowledge Actions now * Event Deduplication (in Advanced Services in the Console) * Monitors can be put into maintenance mode individually * Fix for backup SMTP server not being used when needed * Additional memory buffer checks * Slightly less CPU usage * Fix for driver exception for very long file names * Database connection string handles the Failover Partner parameter * Error Audit report, and Alert Reminders, now have Recorded Monitor Status and Current Monitor Status fields * Alerts without a defined From address can get sent * Settings get synchronized to Satellites more regularly * Scheduled Reports with archived CSV and PDF can control overwriting * Configuration setting to skip troubleshooting hint on a per-monitor-type basis * Sending event Acks to Satellites in batches instead of individually * Configurable Recent Alerts columns * Time parser can handle 'Current time - 0 hours' * Added EXPORT_SERVER to the External API