uberAgent 4.2: Splunk 7.0, Simplified Operations, Elasticsearch Improvements
We are happy to announce the newest version of our user experience and application performance monitoring product. uberAgent 4.2 brings new features and improvements for any kind of device.
For a full list of all improvements and bugfixes please consult the change log. As always, upgrading is highly recommended (instructions).
Splunk 7.0
uberAgent 4.2 adds full support for the latest version 7.0 of Splunk Enterprise and Splunk Cloud.
Central License File Management
Before uberAgent 4.2 license files had to be distributed along with the agent installation package. That was easy in environments with a single master image file, like Citrix PVS. Customers with tens of thousands of laptops, however, found it a lot harder to roll out new licenses to their endpoints.
uberAgent 4.2 greatly simplifies license file management. All you have to do is set up a file share with read permissions for computer accounts, drop your uberAgent license there and configure the share path in uberAgent’s new configuration option LicenseFilePath. Endpoints will periodically check LicenseFilePath for new licenses. If any are found that are not yet cached locally, the new license files are copied to the local license cache directory.
There is no need for the configured license file path to be available all of the time. Endpoints always use the local license cache for license validation. Of course, there is no requirement to set up a central license file path, either. If deploying the license file along with the agent installation package works for you: great, you are all set.
Elasticsearch Improvements
uberAgent 4.2 comes with important improvements for our Elasticsearch customers.
Security
uberAgent now supports X-Pack authentication. This ensures that only validated endpoints can send data to the backend.
Ingest Pipelines
The ability to modify and enrich data before the indexing stage adds a great deal of flexibility to the Elasticsearch platform. Customers can new reference their ingest pipelines from uberAgent so that uberAgent data traverses the pipeline before being indexed.
More Improvements
Custom Scripts
uberAgent’s custom script execution engine, capable of running user-supplied scripts in machine or user context, now supports Elasticsearch as well as Splunk HTTP Event Collector (HEC) backends.
Monitor Inventory
uberAgent’s hardware inventory now collects information about the physical monitors attached to the machine along with their respective resolutions.
About uberAgent
The uberAgent product family offers innovative digital employee experience monitoring and endpoint security analytics for Windows and macOS.
uberAgent UXM highlights include detailed information about boot and logon duration, application unresponsiveness detection, network reliability drill-downs, process startup duration, application usage metering, browser performance, web app metrics, and Citrix insights. All these varied aspects of system performance and reliability are smartly brought together in the Experience Score dashboard.
uberAgent ESA excels with a sophisticated Threat Detection Engine, endpoint security & compliance rating, the uAQL query language, detection of risky activity, DNS query monitoring, hash calculation, registry monitoring, and Authenticode signature verification. uberAgent ESA comes with Sysmon and Sigma rule converters, a graphical rule editor, and uses a simple yet powerful query language instead of XML.
About vast limits
vast limits GmbH is the company behind uberAgent, the innovative digital employee experience monitoring and endpoint security analytics product. vast limits’ customer list includes organizations from industries like finance, healthcare, professional services, and education, ranging from medium-sized businesses to global enterprises. vast limits’ network of qualified solution partners ensures best-in-class service and support anywhere in the world.
