Reference Number
|
Description
|
CSCsk41641
|
5 nasl scripts' references need to be removed from bigfiles
|
CSCsk37063
|
LLV Query Resume button does nothing
|
CSCsk28367
|
Datawork merge of 4.3.1 data into 5.3.1
|
CSCsk27325
|
KeywordQuerySrv crashed because of thread safety issue of posix regex
|
CSCsk25344
|
Migration: Data Import fails on machine upgraded to 5.3.1 from 5.2.7
|
CSCsk24427
|
query for raw message hangs when device name has charactor "@
|
CSCsk20580
|
After pnrestore Oracle gets fatal internal error
|
CSCsk12572
|
Datawork merge from 4.2.8 to BOOTES(4.3.1)
|
CSCsk12317
|
IPS signature status incorrect
|
CSCsk12130
|
Editing system rules before upgrading can cause LC/GC sync problems
|
CSCsk02952
|
High rate events/netflows with large topo can be dropped on an activate
|
CSCsj98279
|
IPS Autoupdate CCO URL
|
CSCsj97806
|
Need to assign a raw msg file ID to 4.x.x archives
|
CSCsj97614
|
pnimp on Cygnus failed to report date format error
|
CSCsj92134
|
Raw message retrieval from NFS thrown an exception
|
CSCsj87412
|
Synchronization doesnot happen between LC and GC (upgrade problem)
|
CSCsj86127
|
Merge issue with datawork in 4.3.1/5.3.1 branch
|
CSCsj83596
|
Restore and migration for GC failed, one extra data field needed.
|
CSCsj81545
|
Netflow processing has an unnecessary STL call that uses 20% CPU
|
CSCsj80689
|
error on the console in the beginning of pnrestore
|
CSCsj74575
|
Import Data command processes data before date specified
|
CSCsj74155
|
Cannot Retrive Raw Messages while sending PIX72,ASA72 and SNORT messages
|
CSCsj73189
|
IOS and IPS certificates aren't deleted when the device is deleted
|
CSCsj63436
|
IPS Signature Download From CCO failed
|
CSCsj58986
|
ORACLE not available error, when applying hostname after fresh image
|
CSCsj56231
|
Oracle raw message not retrieved
|
CSCsj55791
|
ACS device type not showing up
|
CSCsj55344
|
Pink box on the Batch query page
|
CSCsj54055
|
GUI doesn't prompt for different/new CSM SSL cert
|
CSCsj53807
|
Wrong results for event filter != 'ET group' in scheduled reports/LLV
|
CSCsj52468
|
Parsing not happening for Materialized events of Oracle 10g
|
CSCsj51496
|
Scheduled Report of Rpt Device Type Ranking generate empty result
|
CSCsj47615
|
Mars is unable to retrieve logs from CheckPoint NGX CLMs
|
CSCsj46242
|
System report "Spyware -Top Hosts" has wrong query
|
CSCsj46089
|
parsing error for pix/asa 302003 , 302004
|
CSCsj45065
|
linux events from syslog-ng are seen as generic event type on MARS
|
CSCsj44151
|
Need to remove replicated system data from the GC
|
CSCsj44134
|
jboss stopped after mode 3 pnrestore
|
CSCsj43393
|
Getting "Unknown character = (35|#)" as first line while exec cmd in pn
|
CSCsj42390
|
enh: trim leading/trailing spaces in reported user, wksn, domain names
|
CSCsj40715
|
Report results could be delayed in synchronizing between LC and GC
|
CSCsj37565
|
remove Linux OS info from 'show healthinfo' output
|
CSCsj34826
|
esti_time: some error messages appear
|
CSCsj33630
|
Sending zero length message causes process flooding system logs
|
CSCsj33016
|
Timeout feature is not working as expected.
|
CSCsj29432
|
need to purge inactivated report data
|
CSCsj29192
|
Dates lost in the duplicated report
|
CSCsj28384
|
After migration, Oracle may not be able to start
|
CSCsj23876
|
Configuration Import Fails to Run
|
CSCsj23003
|
Event Type Info contains invalid characters
|
CSCsj22950
|
Deleted Report should be removed from the available reports list
|
CSCsj22660
|
GC: Pink box when compose a batch query with filter
|
CSCsj20953
|
'printsb' prints wrong shared buffer "jump counts
|
CSCsj19220
|
Unable to download signature files when a proxy is configured
|
CSCsj18798
|
Trigger Packet not parsed correctly in ips 6.0 events
|
CSCsj18753
|
MARS not parsing source ip, dest ip from 6.0 ips event
|
CSCsj18388
|
Apostrophe character in IP Range/Network Name field causes MSIE to hang.
|
CSCsj16996
|
Arbitrary Log Size Feature Broken in Cygnus
|
CSCsj16584
|
GC: Notification user cannot be added
|
CSCsj16089
|
Event 103006 and 103007 of FWSM 3.1.5 not handled properly
|
CSCsj15714
|
Collect topology/configuration information in logs for debugging
|
CSCsj15236
|
Top Rule Fired report is missing in the Summary page.
|
CSCsj15204
|
Pink box when the deleted report is re-add
|
CSCsj14955
|
GEN-2:need to prevent cron job tmpwatch from removing MARS files in /tmp
|
CSCsj13655
|
Pnparser doesn't use the new SNMP trap port changed in janus.conf
|
CSCsj13115
|
redudant malloc per event rxd in pnparser
|
CSCsj11871
|
Mars OS recovery
|
CSCsj11768
|
Add Info level logging for debugging topo synchronization
|
CSCsj11759
|
Some reports do not generate email alerts
|
CSCsj11201
|
pnparser: avoid flooding log when errors occur in parsing SNMP traps
|
CSCsj09479
|
superV should cause processes to dump a backtrace before restarting them
|
CSCsj07565
|
Increase shared buffer stall thresholds from 2 mins to 5 mins
|
CSCsj07526
|
The maximum size for an internal netflow queue is too large
|
CSCsj07275
|
Incorrect mapping of an attempted ftp login event
|
CSCsj06461
|
Web server log events do not update the received event count
|
CSCsj02168
|
Problem upgrading from 5.2.4 to 5.3.1
|
CSCsj02153
|
cannot add nm-cids module to ios router
|
CSCsj00904
|
Cannot change versions on IPS devices
|
CSCsi99075
|
pnrestore exited after getting an error from restoring es files
|
CSCsi99053
|
pnarchive, corresponsing es, rm, ix files have different time stamp
|
CSCsi98818
|
pn_agent.agent_subtype not getting set for IPS 5.x modules of ASA
|
CSCsi98607
|
if AAA server is not reachable, user accounts never lock up
|
CSCsi98592
|
Print netflow capacity drop event information in janus_log as well
|
CSCsi95375
|
MARS 210: event parser process memory limit
|
CSCsi95117
|
changes needed in areas for introduce of report status=64
|
CSCsi95086
|
report deletion design changes
|
CSCsi95047
|
Upgrade script related to Auto Update needs to be included in Cygnus
|
CSCsi94282
|
reports can have the same names with diffs on extra blank spaces
|
CSCsi94146
|
error restoring rr files
|
CSCsi92088
|
csips process stops running
|
CSCsi90577
|
"scripts" directory doesn't exist on cygnus
|
CSCsi89028
|
Support for FWSM 3.1.5
|
CSCsi86975
|
Version modified after import
|
CSCsi86351
|
superV falsely restarted pnparser when timestamp file got removed
|
CSCsi84817
|
MARS 4.2.5 - not categorising Windows Security event ID 672 properly
|
CSCsi82960
|
Add Oracle RDA tool into system image
|
CSCsi82387
|
System Error after deleting NetG referenced by a Rule
|
CSCsi81458
|
Estimated time to import is different from Reported time during Import
|
CSCsi80781
|
Priority field incorrectly updated for an existing event type
|
CSCsi80780
|
swap partition is not fully used
|
CSCsi79506
|
Oracle generates large 1.3G listener.trc file
|
CSCsi79438
|
Percentages in Summary page often add to 99%, not 100%
|
CSCsi77753
|
Improper grammer in error message
|
CSCsi77558
|
ET exists without DET
|
CSCsi77501
|
Audit Log transactions for NetG change failing at LC
|
CSCsi75622
|
Enh: LC dramatic perf improvement for false pos if many devices
|
CSCsi74233
|
Cygnus builds missing encrypted gdb debug?
|
CSCsi74080
|
correct the debug log levels for certain syslog relay related messages
|
CSCsi73935
|
Last Updated time updates every time
|
CSCsi72733
|
pnparser dies if too much traffic is sent
|
CSCsi72346
|
discover process dies when doing scheduled discovery
|
CSCsi71703
|
csips restarts on Cygnus mars
|
CSCsi71511
|
http status 500 appears while clicking the incident on the summary page
|
CSCsi71456
|
Test Connectivity fails when MARS times out
|
CSCsi71176
|
When AAA is enabled, users can not change pnadmin email address
|
CSCsi70352
|
Sync LC will cause the GC IPs pushed back to the GC
|
CSCsi68698
|
Reported User GUI notification for GC rule is broken
|
CSCsi68051
|
GUI FTP upgrade fails due to incorrectly calling the CLI pnupgrade cmd
|
CSCsi65736
|
Getting error when clicked on Resume button
|
CSCsi65719
|
Able to see networks which are not part of valid network
|
CSCsi64918
|
Oracle 10g support
|
CSCsi64913
|
Snort 2.6 Support
|
CSCsi64679
|
Bootes: PIX7.2 8 syslogs have parsing error or unknown event
|
CSCsi64605
|
pnparser restarts frequently with sessionization turned on (default)
|
CSCsi64138
|
Upgrade/installation script needs to call post_cleanup.sql
|
CSCsi64090
|
parsing set wrong dest ports for some CheckPoint Generic Events
|
CSCsi60690
|
mars leaves open ips subscription after removing ips from gui
|
CSCsi60547
|
Long LC/GC disconnect leads to report sync problem
|
CSCsi60506
|
deletion of host/ip addr/iprange/network/network grp will affect report
|
CSCsi60491
|
delete devices will affect report if the report includes these devices
|
CSCsi60217
|
Sending report records and firing events from LC to GC is slow.
|
CSCsi60206
|
Should set protocol = tcp, dest port = 443 in GUI login event msg
|
CSCsi59191
|
too much IDS log flooding when doing performance testing
|
CSCsi57369
|
schema from_to scripts incorrect for autoupdate process
|
CSCsi57271
|
able to browse GUI without loading license file
|
CSCsi57229
|
Upgrade doesn't set log level on autoupdate after upgrade
|
CSCsi56045
|
missing one db script inside the installation package
|
CSCsi54570
|
tzdata update for Turkey, Mongolia, Cuba, Resolute, Nunavut
|
CSCsi54173
|
Signature package name is missing when download is failed
|
CSCsi52687
|
pnrestore does not restore event/session/incident
|
CSCsi52622
|
postfire lags behind due to doing large amount of NetBios name updating
|
CSCsi52495
|
Always Prompt for SSL cert, Test Conn removes IPS' Monitored Nets
|
CSCsi52293
|
pnadmin cannot login to CLI/GUI after changing its email address
|
CSCsi52093
|
"confirmation" field in the shared secret field for RADIUS
|
CSCsi52086
|
the syslog for "pnadmin" login should show "Local authentication
|
CSCsi51994
|
One system rule has wrong description
|
CSCsi49997
|
Attack Diagram - Large Graph issue
|
CSCsi48883
|
Cygnus sanity test: createdb.log errors and permissions
|
CSCsi48259
|
GC allows to suspend a LC in "Not Responding " state
|
CSCsi47531
|
IPS's "Test connectivity" doesn't discover the "Monitoring networks
|
CSCsi45619
|
Pink box when run NAC report on firing events
|
CSCsi42780
|
GUI timeout feature is not working for the real time queries.
|
CSCsi42488
|
CF be archived daily regardless archiving is turned on or not
|
CSCsi41173
|
If error occurs sending config change to LC, no other config sent
|
CSCsi39264
|
Cannot Configure an IDSM Module to PULL IPS logs
|
CSCsi35209
|
Cannot Add IPS 5.x/6.x as a ASA module
|
CSCsi32777
|
Configuring many events in drop rule can cause pink box error
|
CSCsi31569
|
csips process restarts very frequently
|
CSCsi31277
|
autoupdate process stopped on GC
|
CSCsi30271
|
system rule needs updating for new internal events due to syslog relay
|
CSCsi30168
|
BOOTES: Add AAA support on MARS
|
CSCsi30110
|
Exception happened when clicking details ... button
|
CSCsi29946
|
Merge changes from Bootes branch to Cygnus branch
|
CSCsi29930
|
GUI: remove feedback in the GUI bottom
|
CSCsi29451
|
Different Version of LC-GC should be compatible
|
CSCsi28286
|
GC-LC upgrade to 4.2.4 resulted in Standalone display on LC
|
CSCsi27957
|
LC generats Software versions syslog even when GC-LC have same version
|
CSCsi27939
|
Post-Bootes Upgrade script error reporting
|
CSCsi27891
|
'hostname' command should update workstation in mars reported users
|
CSCsi26753
|
"Path/Mitigation" should be "N/A" for internal syslog msg
|
CSCsi24098
|
AAA auth user account locked message is inconsistent
|
CSCsi24077
|
Event "password remains default" is generated with wrong event type
|
CSCsi24013
|
ADMIN > Custom Setup > User Defined ... does not set subtab
|
CSCsi22877
|
wrong message is generated while doing non admin user unlock from GUI
|
CSCsi22689
|
wrong message is generated while CS_MARS failed to connect to AAA server
|
CSCsi22662
|
wrong message is generated while unlocking admin user from CLI
|
CSCsi21278
|
GC/LC does not time out with 15 minutes and 30 minutes setting
|
CSCsi19423
|
Bootes: Change Version doesn't work for ASA7.0/7.2
|
CSCsi19227
|
Some reports/rules/queries match events outside specified IP ranges
|
CSCsi17782
|
Some OS/application setting not archived.
|
CSCsi17607
|
GC - Zone Model for Auriga 210 showing as 200
|
CSCsi15237
|
Taking the MARS IP address 127.0.0.1 and 10.1.1.255 as collector IP add
|
CSCsi14586
|
Mars generated syslogs with mars as source IP do not trigger incidents
|
CSCsi12240
|
Pink box on Summary page of GC when cases are active
|
CSCsi11225
|
pn_report_group2report is not included in cf archive (and should be)
|
CSCsi10795
|
MARS didn't pull syslog from generic window
|
CSCsi10692
|
FWSM2.3: protocol is missing for FWSM-6-106025
|
CSCsi08151
|
Incidents should not be pushed to GC when LC/GC has incompatible version
|
CSCsi08144
|
No syslog generated when network cable is unpluged from GC
|
CSCsi07641
|
Allow cloning of reports to allow more rapid report creation
|
CSCsi07175
|
Erroneous install/deployment gets wrong error messages
|
CSCsi07165
|
Login failure window has misleading link name
|
CSCsi06130
|
GUI timed out too quickly in query page
|
CSCsi05642
|
Admin Tab : Raw message retrieval process is very Slow.
|
CSCsi04404
|
auto-update required during data import process
|
CSCsi04306
|
need to add CPU check for csips, csiosips, and cswin
|
CSCsi03807
|
Make DB Changes for IPS Signature Autoupdate
|
CSCsi03686
|
CS-MARS - HTML/XML tags are not escaped when displaying packet context
|
CSCsi02718
|
Checkpoint module removal triggered AAA
|
CSCsi02638
|
Need to implement deleteCmd in DBAPI class DbEventType2App.java
|
CSCsi00493
|
Implement IPS Dynamic signature support
|
CSCsh99201
|
MARS-Scheduled ranking report with ACTION filter produces empty results
|
CSCsh95942
|
data migration from Gen1 to Gen2
|
CSCsh95924
|
PIX/ASA 7.2 support in MARS
|
CSCsh95836
|
Add utility SQL scripts to installation for customer support
|
CSCsh93759
|
Rules/reports with large queries not working
|
CSCsh93364
|
Creating a Case gets (harmless) ClassNotFoundException in JBOSS log
|
CSCsh93354
|
BOOTES: compiler optimization for pix 7.2 parser used up memory, stopped
|
CSCsh89885
|
Mitigation command not display properly in 4.2.4
|
CSCsh88897
|
race condition in pnparser triage handling caused syslog processing stop
|
CSCsh88639
|
Add DB utility methods (log, long running query stats...)
|
CSCsh83470
|
DB function to convert unix time to readable string for convenience
|
CSCsh83184
|
Device added as an Enterasys Dragon 6 does not show in Full Topology map
|
CSCsh83068
|
Report and query return no results under device type ANY
|
CSCsh82764
|
GC: Device-related Interface data left in DB after LC deleted
|
CSCsh81718
|
Raidstatus output: missing rebuild status for one drive.
|
CSCsh80210
|
Generate locking and unlocking events.
|
CSCsh78668
|
Extra ';' following '>' in keyword query result
|
CSCsh78039
|
Keyword search returned results without highlight
|
CSCsh77146
|
Do not delete LC certificate from the GC when the zone is deleted
|
CSCsh75216
|
InLine multiColumn query case attachment Fails
|
CSCsh72929
|
OutOfMemoryError/Bad performance in RULES/QUERY- large configuration
|
CSCsh71637
|
re-add a deleted CSA console may cause the submit page hang
|
CSCsh69765
|
CLI date/time/ntp commands should reboot if time change exceeds 30 mins
|
CSCsh68717
|
GUI Should change: Cisco ACS --> Cisco Secure ACS
|
CSCsh68503
|
ISS SNMP trap: need to parse another format for ICMP type/code fields
|
CSCsh67287
|
t_semaphore class not thread safe
|
CSCsh60413
|
LC pulls data very slow when encountering DbException
|
CSCsh60184
|
4.3.1 and 5.3.1 should include the update /usr/bin/tzselect script
|
CSCsh58561
|
ADMIN > System Parameters pages have easy-to-fix heading problems
|
CSCsh58518
|
Many ADMIN sub-windows have easy-to-fix vertical alignment issue
|
CSCsh57236
|
Unknown Reporting Device was missing on GC's DB pn_device table
|
CSCsh57087
|
keyword search returned empty result for long raw messages
|
CSCsh56931
|
Rule engine fires only once if only SAME is present in any column
|
CSCsh56499
|
Mars should learn FWSM dynamic nat from syslog for sessionization
|
CSCsh56259
|
pnarchive - CF production blocked, failing silently
|
CSCsh55172
|
GC: Networks changed while LC deleted not correct after LC re-added
|
CSCsh54239
|
GC/LC pull and push servlets call CheckBoxInfo to check license every 30
|
CSCsh52614
|
Scheduler process creates extra audit log records for login
|
CSCsh52443
|
Invalid syslog message generated while upgrading through GUI
|
CSCsh51271
|
GC is unable to update LC's device name under admin/LC management
|
CSCsh50446
|
parsing error for PIX-6-113015
|
CSCsh49009
|
Duplicated GC and LC networks not displayed in fixed order on the LC
|
CSCsh48988
|
IP groups not displayed in order
|
CSCsh47461
|
'Details' button does not return
|
CSCsh46958
|
pnparser does not clean up Oracle device map when it receives db Change
|
CSCsh46448
|
Agent list of a device not displayed in order
|
CSCsh46428
|
Available hosts list not display in order when adding agents to CSA
|
CSCsh46424
|
User group list not displayed in order
|
CSCsh46417
|
User list not displayed in order on LC
|
CSCsh46401
|
Service groups not displayed in order
|
CSCsh46387
|
Device Event IDs not displayed in order
|
CSCsh46183
|
GC - Should put up error when select details for "Non Responding" LC
|
CSCsh45922
|
archive/restore - ranged restore fails to fully preserve identity
|
CSCsh45564
|
PIX/ASA 7.2 messages 415001 to 415020 needs rewriting for parsing code
|
CSCsh44548
|
GC does not appear to update LC status
|
CSCsh44179
|
Connection Errors cause inability to select zone in incident/rule edit
|
CSCsh43998
|
system ctx for PIX/ASA 7.0 discovered as vesion 7.2
|
CSCsh43845
|
IP management GUI: User can add VA Service to a host
|
CSCsh42151
|
GUI Summary pg shows #events < #sessions & negative data reduction rate
|
CSCsh41594
|
LC is not moved from the GC after it is deleted
|
CSCsh40743
|
pink box when doing real time query and click access rule icon
|
CSCsh40698
|
VPN GroupName and Username disappeared from its raw event message
|
CSCsh40475
|
Custom GC Error display when comm to LC fails - DISA requested feature
|
CSCsh39200
|
MARS charts only display the data for few days
|
CSCsh38818
|
GC-LC upgrade 4.2.2->4.2.3 results in inverted online-offline status
|
CSCsh38491
|
Duplicate entries in 5-bigFile.txt
|
CSCsh36021
|
Need to distinguish between CSA versions on GUI
|
CSCsh35130
|
Cancel edit removes Enterasys/NS IDP Server and sensors from device list
|
CSCsh34170
|
Change/Modify report needs to purge existing reports
|
CSCsh32558
|
custom column query: for acs event log, reported user is missing
|
CSCsh27882
|
Database Client: Debug Logging leads to incomplete scheduled discovery
|
CSCsh27853
|
Report results for a 10 minute window is dropped on an 'activate
|
CSCsh23983
|
DbExportFile not working
|
CSCsh20677
|
Qualys: Discovery failed syslog from C++ backend needs to be suppressed
|
CSCsh20219
|
Confirmed user false positive query error java.lang.NullPointerException
|
CSCsh19644
|
Get browser error when select to add a new host
|
CSCsh18265
|
null drop rule causes parse error in the GUI
|
CSCsh14075
|
scheduler-service.xml.contrib present in deploy directory
|
CSCsh14070
|
CS-Mars - Microsoft Misspelled in VA section
|
CSCsh13261
|
syslog related to upgrade through GUI sends invalid syslog messg
|
CSCsh13253
|
syslog related to upgrade server missing
|
CSCsh11012
|
Security issue with devices and logging
|
CSCsh06027
|
CS-MARS - DataBase file retrieval hyperlink uses wrong timestamp
|
CSCsh02908
|
The order of backend processes change randomly when setting log level
|
CSCsh02885
|
Cannot set GUI logging level to Trace
|
CSCsh02501
|
Query page text boxes should truncate input
|
CSCsh01636
|
JDBC update to ojdbc14.jar
|
CSCsh00199
|
Cannot add service/application to a host's vulnerability accessment info
|
CSCsg99611
|
CS-MARS - Radio buttons are confusing on Retrieve Raw Messages page
|
CSCsg98622
|
Incidents ready to fire are discarded on clicking 'Activate
|
CSCsg94880
|
GC Pink box when doing keyword search on GC
|
CSCsg93306
|
Hosts List on MARS not consistent with discovered Qualys device list
|
CSCsg93242
|
Allow customization to 15-minute session timeout setting
|
CSCsg93235
|
zone_id of Unknown Reporting Device on GC is not correct
|
CSCsg92417
|
keyword query returns incorrect number of events
|
CSCsg88644
|
recent connection in ui report is much higher than snmpwalk value
|
CSCsg87864
|
Recent average percentage for memory just is only half of actual value
|
CSCsg86481
|
CS-MARS parsing error for ASA7.0 msg 302018
|
CSCsg86370
|
FR: MARS should support CSA 5.x
|
CSCsg83055
|
parsing error for FWSM-n-302003 and FWSM-n-302004
|
CSCsg80661
|
memory percentage is over 100% in UI report
|
CSCsg77577
|
incorrect resource utilization for concurrent conn
|
CSCsg73843
|
GC - Unable to change configuration information (email IP) from GUI
|
CSCsg68371
|
cannot not use < > & to do keyword correctly
|
CSCsg66801
|
Activity: All Events and NetFlow report chart is missing on summary page
|
CSCsg64986
|
Custom column query - got pink box if chose a rule as a filter
|
CSCsg64951
|
Certain ASA 7.0 syslogs do not get parsed by MARS
|
CSCsg64704
|
DNS wasn't configured correctly,Pausing event processing for 40 seconds
|
CSCsg64243
|
GC - Path Link to inactive LC in incident displays error
|
CSCsg60114
|
System error when generating NAC report
|
CSCsg59538
|
GC and LC Summary Pages - Data Reduction shows negative percentage
|
CSCsg53084
|
MARS - WebVPN ACL Parse error event fires on incorrect syslog
|
CSCsg49567
|
Admin/Retrieve Rawmsgs: some events appear twice
|
CSCsg44725
|
need to downgrade log level of CSA snmp trap errors in backend log
|
CSCsg44578
|
need to add CheckPoint NGX R61 support in MARS BOOTES release
|
CSCsg41549
|
MARS discovery issues with Loopback IP on IP Unnumbered interfaces.
|
CSCsg39552
|
Certain FWSM 2.3 syslogs give parsing errors/unknown event type in 4.2.2
|
CSCsg35110
|
Entering a zone name with a / gives errors when importing the ssl cert
|
CSCsg33636
|
PIX/ASA version above 7.0 need to be treated the same way
|
CSCsg30013
|
windows pull watchdog sometimes restarts all MARS proc
|
CSCsg26225
|
Graphs/Images do not show up in case related report emails
|
CSCsg25306
|
CS-MARS should support EMBLEM format of syslog
|
CSCsg23483
|
device_monitor does not load device utilization history on startup
|
CSCsg20514
|
Mars backend processes need to save backtraces on a crash for debugging
|
CSCsg16843
|
MARS reporting misleading licensing problem while trying to add a LC.
|
CSCsg10787
|
CatOS telnet discovery failing.
|
CSCsg05143
|
Button functions on zone config page should be restricted
|
CSCsg04079
|
Lotus Notes client gets JavaScript error with emailed MARS report
|
CSCsg03167
|
8 unknown event type CatOS events
|
CSCsf30116
|
Event Rate on the Top Destination Port graph is not correct
|
CSCsf27617
|
pnparser enhancement - custom parser to expand three more user fields
|
CSCsf18192
|
Slow rendering of the GC/LC Summary page
|
CSCsf11055
|
CC: GUI and CLI allow different password lengths - should be same
|
CSCsf06819
|
vulnerabilities not updated for hosts reported by deleted eEye console
|
CSCsf02072
|
GC-LC communication abnormal after running long time
|
CSCse88764
|
can't access a ftp server with a user ID/password including @
|
CSCse84962
|
eEye: MARS does not remove resolved vulnerabilities from host info
|
CSCse84945
|
eEye: imported vulnerabilities that are unknown should be flagged
|
CSCse73788
|
MARS rediscovers Juniper Netscreen firewalls with wrong OS
|
CSCse68056
|
Can't chage the GUI logging Level to trace
|
CSCse66656
|
create utility to change an LC to standalone mode
|
CSCse60240
|
CS-Mars - report for old events include real-time events
|
CSCse57955
|
CS-Mars showing unknown parsing error for Netscreen 5.0 events
|
CSCse56430
|
Enhancement: Save release binaries with debug symbols for debuggability
|
CSCse53856
|
Got "Error on page" when displaying packet data from IDS device
|
CSCse52782
|
Can't change run-time to day in "Resource Issues: Server - Top Reporting
|
CSCse49863
|
the default user is not pnadmin when deleting a case owner
|
CSCse47519
|
Traffic Event is not parsing for Netscreen FW4.0 & 5.0
|
CSCse47244
|
cpu utilization value greater then 100% on a single CPU ios router
|
CSCse46299
|
Entercept Events will be unknown device event type when host OS=solaris
|
CSCse45018
|
MARS is unable to parse NetScreen 5.x syslogs
|
CSCse44601
|
java.lang.NumberFormatException : User Management screen
|
CSCse44345
|
readWebLogThread in pnparser spins if servlet socket disconnects
|
CSCse40904
|
Save As report button not enabled.
|
CSCse39426
|
frequent superV & pnparser restarts cause log processing to fail
|
CSCse35420
|
Interface error rate should be separate from discards and unknown protos
|
CSCse34216
|
CPU utilization report numbers on UI doesn't match the SNMP query
|
CSCse32591
|
dealing with duplicate hostnames in VA import
|
CSCse26964
|
CatOS Syslog %SYS-4-P2_WARN not parsed correctly by MARS
|
CSCse24391
|
parsing error for PIX, ASA: PIX-6-607001
|
CSCse23191
|
Disable 'No Pager' cmd sent by MARS to PIX, ASA, FWSM firewalls
|
CSCse23176
|
MARS Global Controller not producing alerts when losing LC communication
|
CSCse23051
|
viewing report of query type of MAC addresses report got pink box
|
CSCse22838
|
can't find priority for CSA NT-Event-Log events
|
CSCse22824
|
CS-Mars - device_monitor: change resource not found log level to debug
|
CSCse21626
|
Clicking activate is not taking effect
|
CSCse20684
|
CSM: Test connectivity View Error message "Not Found
|
CSCse19198
|
Device Cnf: Changes in Mail Gateway IP doesn't reflect Report/ Notif
|
CSCse12512
|
Missing CSM policy query icon for events with destIP 255.255.255.255
|
CSCse11258
|
After group is deleted, items under "All" group not shown
|
CSCse07425
|
JVM is using up to 1.5 GB on a GC or LC
|
CSCse03134
|
More control is needed over retrieve raw messages and cleanup
|
CSCse01877
|
It takes more than 2 minutes to open ip management (network) page
|
CSCse00417
|
Incorrect name for system report 'Attacks: All - Top Rules Fired
|
CSCsd95535
|
Sentence for suggested migitation cmd is incorrect (extreme)
|
CSCsd94152
|
It takes more than 5 minutes to open the schedule discover page
|
CSCsd92922
|
deleteing item in sources available list got pink box
|
CSCsd92285
|
Security Dev Edit page does not check for existing IP address conflict
|
CSCsd88284
|
optimizing incident inserts in DbIncidentLoaderSrv
|
CSCsd84094
|
using rules in query/report definitions
|
CSCsd74283
|
changing report-result retention limit
|
CSCsd73486
|
Mars: Not able to recognize the event type for ISAKMP and IPSec messages
|
CSCsd69137
|
Default Group in Scheduler need to be made to Run On Demand
|
CSCsd69063
|
Reported User with single-quote (') causes oracle error
|
CSCsd53173
|
Retrieve raw messages doesn't properly update the progress percentage
|
CSCsd48097
|
Event processing may stop if pnparser creates shared buffers first
|
CSCsd45441
|
unknown reporting IP: 127.0.0.1 from checkpoint
|
CSCsd37005
|
user must be able to change own password
|
CSCsd28382
|
error in data work for event type 6000512 : "Virus - Possible pif Worm
|
CSCsd22832
|
Attempt to remove IP subnet from IP Management fails, with error
|
CSCsd20196
|
User and System Scheduled Reports fail to display data
|
CSCsc73832
|
Drop rule inactive for events received by netflow in CS-MARS
|
CSCsc70982
|
change the button string on the false/positive column to "Tune
|
CSCsc70832
|
SNMP Device Discovery should identify ASA device
|
CSCsc66267
|
Oracle User name in the reported user field of MARS
|
CSCsc58485
|
5 tuple information missing from downloaded raw log file
|
CSCsc32363
|
Documentation request GC LC communication troubleshooting
|
CSCsc30107
|
Cs-Mars - Queries with != in service column don't work
|
CSCsc26340
|
'occured' misspelled in MARS e-mail alerts
|
CSCsc24955
|
ISS Site Protector central server log's are not supported by MARS
|
CSCsc10453
|
Show resolved host name in report if device was not found in system
|
CSCsc07377
|
Dynamic Info page on mitigation shows ip addess as -1.-1.-1.-1
|
CSCsc02847
|
Rule disappears from its group after edited in its Inactive status
|
CSCsc01793
|
GUI logging levels is not changed correctly
|
CSCsb60747
|
Ciscoization - GC zone models aren't Cisco-ized
|
CSCsb57624
|
Unknown report device in Checkpoint log
|
CSCsb55704
|
LC Certificate Mis-placed in GC after a new LC added
|
CSCsb44374
|
FWSM's access was not displayed on the security info page
|
CSCsb43627
|
Source IP address is not correct for a VPN3K event
|
CSCsb39208
|
Unrecognized Traps from McAfee EPO
|
CSCpn03077
|
GC, sys error when adding a LC which was added to GC already
|
CSCpn03053
|
GUI log level setting is not working as expected
|
CSCpn03005
|
Loading Resource Util report as On-Demand query produces a system error
|
CSCpn02930
|
Error message when adding non-existent LC to GC is incorrect
|
CSCpn02892
|
Licensing: Inputting valid LC license onto GC allows the user to run
|
CSCpn02693
|
6MB mem leak in process_event_srv after each activate
|
CSCpn02590
|
In summary page, data reduction shows 100% when it should be 0%
|
CSCpn01934
|
Back button is missing in logging level/log/audit trail pages
|
CSCpn01465
|
Reports: have "View", "Add" etc. buttons at top of page
|
CSCpn01317
|
More data expected when populating pn_application table
|
CSCpn01293
|
Host OS listing needs cleaning
|
CSCpn00887
|
Summary: Inconsistent title bar naming convention for the Summary Pa
|
CSCpn00845
|
Editing service to become ICMP w/o ICMP code -> no change
|
Feedback
We sometimes update the printed and electronic documentation after original publication. Therefore, you should also review the documentation on Cisco.com for any updates.
