Manager
Fixed
- Prevented Azure Log Analytics bookmarks from being overwritten across similar configurations. (#33046)
- Fixed discrepancy in the API certificate files. (#33330)
- Made analysisd ruleset reload endpoints fully asynchronous to avoid blocking the API event loop. (#33589)
- Improved analysisd ruleset hot reload performance. (#33580)
- Avoided using
systemctlin restart scripts when systemd is not running as PID 1. (#33602)
Agent
Added
- Added detection of the
-a never,taskAudit rule in FIM whodata for Linux. (#33313)
Fixed
- Fixed Windows agent remote upgrade (WPK) when installed in a custom directory. (#33171)
- Fixed a package issue causing upgrades to fail when the
shareddirectory contained subdirectories. (#33182) - Fixed FIM issue preventing whodata from working on systems with
/varand/etcmounted on different volumes. (#33270) - Optimized user and group inventory performance in Syscollector on Windows Domain Controllers. (#33322)
- Fixed an agent bug that prevented directories from being received in the remote configuration. (#33227)
- Silenced agent log message about failing to connect to Active Response when it is disabled. (#33343)
Ruleset
Added
- Added SCA Policy for Microsoft Windows Server 2025. (#32856)
Changed
- Fixed bug in multiple macOS SCA checks. (#33202)
Fixed
- Fixed indentation issue in the SCA policy for Windows 10 Enterprise that prevented its execution. (#33361)
Other
Changed
- Upgraded the
starlettedependency to 0.49.1. (#33069)