Release 4.0.1 

June 5, 2024

Support for Monitoring Symlinks

With this release, FIM now supports Saymlink or symbolic links within the specified directories on Linux assets.

Symlinks provide flexibility and convenience by serving as a pointer or reference to another file or directory. They provide easy access, simplified data management, and reduced redundancy.

Prerequisites

Cloud Agent for Linux 6.3 is required

To enable monitoring Symlinks, select Symlink as the Rule Type for the Symlink directory path and events to be monitored in the FIM monitoring profile for Linux operating system.

Symlink in Linux type profile

CIPS Support for FIM Data

File Integrity Monitoring (FIM) now supports the Cloud Integration Platform Service (CIPS). CIPS retrieves data from FIM and pushes it to multiple cloud interfaces.

In FIM, CIPS retrieves data only for Events.

Increased Event Count in an Incident

With this release, we have increased the number of manual incidents and bulk ignoring of the events to 500 thousand. Earlier, the limit was 100 thousand.

New Value for Profile Rule Type Token

With this release, we added a new value symlink to the token profile rule type to search Symlink events. You can find this token value in the Events tab.

Example: profile.rule.type: symlink

API Changes

We have added validation and removed support for a few fields for the existing FIM APIs.

To learn more about the API enhancements, refer to API Release Notes.

Enhancements

We have enhanced the FIM Online help explaining when you can update the incident filter. For details, refer to FIM Online help.