Version 7.1.1

Bugfixes

• Agent (Windows) [I1086]: fixed recurring agent restart when ESA is enabled in a configuration without a valid ESA license.
• Agent (Windows) [I1087]: current configuration is logged twice when the agent is restarted.
• Agent (Windows) [I1088]: service stops when adding a license file with only a UXM license while agent is running.
• Central config file management (macOS) [I1094]: fixed rare exception while searching for config archive.
• Central config file management (Windows) [I1091]: more detailed logging when the contents of a config archive is invalid.
• Dashboards [I1096]: fixed the calculation of total number of occurrences for failed tests on the Security Score dashboard.
• DNS monitoring [I1084]: removed leading semicolons for the fields DnsReqest, DnsResponse, and DnsResponsetype of sourcetype uberAgentESA:Process:DnsQuery.

Known issues

• Browsers/IE add-on (Windows): metrics are not collected on page reload.
• Browsers/IE add-on (Windows): metrics are collected incompletely for the configured start page.
• Browsers/IE add-on (Windows): monitoring does not work if IE is published from Citrix Virtual Apps. It does work from Citrix Virtual Desktops, however.
• Browsers/Firefox add-on: if the option privacy.resistFingerprinting is set to true, browser metrics are not available due to invalid data being sent from Firefox.
• Citrix ADC: in very rare cases, the content of the Virtual Server Performance field vServerName contains spaces in wrong places.
• Citrix site monitoring (Windows): data collection issue if the Citrix Remote Powershell SDK (required for Citrix Cloud monitoring) is installed on a CVAD controller.
• Citrix Virtual Apps and Desktops Machines (Windows): when running the Citrix VDA on a Citrix Delivery Controller, some per-machine information is missing.
• Experience Score [I377]: scheduled searches generate three warnings in Splunk’s _internal index every 30 minutes. The messages look like the following: DateParserVerbose - Failed to parse timestamp in first MAX_TIMESTAMP_LOOKAHEAD (128) characters of event.. However, there is no impact on uberAgent’s functionality.
• GPU (Windows) [I33]: values for the fields ComputeUsagePercentAllEngines, ComputeUsagePercentEngine0 and similar can be higher than 100 with Intel Iris GPUs on Windows Server 2016 1607.
• Kafka [I291]: in rare cases sending data to Kafka results in a SEC_E_BUFFER_TOO_SMALL error message in the logfile. This should have no effect; the transmission is repeated and succeeds on the second try.
• Network monitoring (Windows) [I998]: in rare cases the determination of NetUtilizationPercent can lead to higher CPU load on Windows 7 x64.
• Single boot [I1052]: on Windows 11, no information can be retrieved if there is no active session within the data collection period.
• Update inventory (Windows): not all installed Windows updates may be reported due to API limitations.
• User input delay (Windows) [I983]: determining this metric may trigger a handle leak in uberAgent caused by Windows. This was fixed by Microsoft in most OS versions, but still happens on Windows Server 2022 22H2.
• Volume inventory (macOS): the encryption status of mounted read-only APFS snapshots may not be reported due to API limitations. This includes the root directory volume in a default installation of macOS.