Tech Docs: New Traps 3.3.1 Documentation Available

Charissa Fleischer


Supporting documentation for the Traps 3.3.1 release is now available on the Technical Documentation portal! Read on for details on how we’re enhancing Advanced Endpoint Protection.

NEW FEATURES

Real-Time Performance Counters—To track communication between the agent, ESM Server, and WildFire, you can now view real-time performance counters from the Windows Performance console (perfmon) and output that data to a file. The new counters enable you to view the number of communication requests that succeed or fail.

Enhanced Logging Infrastructure—The following enhancements to the logging infrastructure provide increased usability of the logs in Traps 3.3.1 and later releases:

  • Log file names: Each log file now appends the machine name to the file name (for example, <logname>_<machinename>). This enables you to better identify and search for log files associated with specific endpoints or servers.
  • Delimiters: To provide compatibility with third-party log viewers and enable better parsing, each log now uses a tab delimiter to separate data.
  • Categories: New categories based on module or other criteria—such as General, WildFire, Forensic, and Policy—enable you to parse the logs for specific types of log data.
  • Configuration management: You can now change the logging configuration without restarting the service.
  • UTF-8 encoding support: The logs now support all unicode characters.

Expanded Examples for Wildcard and Variable Usage—These examples show how to use supported wildcard characters and multiple variables when configuring restriction rules.

restrictions

READ MORE

Visit the following resources to learn more about Traps 3.3.1.

Got something to say?

Get updates: Unit 42

Sign up to receive the latest news, cyber threat intelligence and research from Unit42


SUBSCRIBE TO RSS