SIEM, Log Management, Security, Compliance, Server Monitoring and Uptime Monitoring Software

Server Manager 2025 Release Notes

Continue To Download
Build Description Date
25.0.0.147 Added Recovery Rate to Templates 2024-12-17
  • The Template Failure Rate has been updated to include a Recovery Rate.
  • A new Template Group has been created called System Management. The Corner Bowl Service Monitor and Configuration File Backup Templates have been moved to this group. A new template to restart the service has also been added to this group.
  • Previously the Server Manager TCP/IP Server was not closing a connection in a timely fashion when the remote client opened and closed a socket to the server without sending any data, for example a DoS attack. By default the socket was closed on the server side using the idle timeout found in the tcpserver.json, which is set to 300 seconds by default. The connection is not immediately closed.
25.0.0.143 Enhanced the Host Import Feature. 2024-12-10
  • The Host Import feature has been updated to enable users to import hostnames, aliases, descriptions and automatically generate groups and assign hosts to groups all from a single CSV file.
  • Fixed a memory leak associated with error rate monitors, for example ping and cpu monitors.
  • A new Monitor Inventory Tab has been added to the Dashboard.
  • Previously some installations of the stand-alone Client Applications threw an error stating a DLL was missing. This bug has been fixed.
25.0.0.132 Updated the Security Group Management Report. 2024-12-03
  • Previously when running a Security Group Management Report, the target usernames were always resolved using remote WMI. The query has been updated to utilize the Agent when the domain controller is permanently connected to the Corner Bowl Management Server.
  • Previously when dragging and dropping a report to a host group and then selecting Move from the popup menu item, the report was linked rather than moved. This bug has been fixed.
  • The View Unassigned Templates menu item found under the Edit menu has been moved to a new Template Inventory Tab found withing the Dashboard. The new view includes all templates then flags templates that are not assigned. Each template in the new view now includes the number of assigned.
  • Previously when attempting to assign a Host, Template or Report to a Group, the Batch Assign Object to Groups view displayed without checking the target group. The view now auto-checks the group in the list of target objects. The modal dialog has also been replaced with an in-application document view.
  • Previously when configuring a Syslog Report, the Load Columns function was not loading the explicitly assigned log’s consolidation template columns. This bug has been fixed.
  • A new Sample Syslog Consolidation Template has been added for Barracuda CloudGen Firewall VPN log entries.
  • A new Sample Syslog Barracuda CloudGen Firewall Report has been added to track new VPN logins.
25.0.0.127 Added a new AD User Template. 2024-11-25
  • A new Template has been added that enables users to display a table of Active Directory user properties, filter values, then optionally email an alert to each triggered user (e.g. send an email alert to each user prior to their password expiring).
  • Previously if an email alert was applied to either a template or a report, no email addresses specified, and a backup email server configured the email action would attempt to send an email to both servers resulting in 2 errors. The action no longer attempts to send an email to the backup server if no emails are specified.
  • The Email Audit Log messages found in the CBS Audit Event Log now includes the email address or addresses in each audit log entry.
25.0.0.122 Fixed Linux Agent Auto-Update. 2024-11-19
  • When creating a single reusable Agent for both Windows and Linux, the Linux auto-update code was not included. Linux Agents will now update the next time a build is released after this build has already been applied.
  • A recent update caused the Memory Template Historical Chart Tab to no longer display the history. This bug has been fixed.
  • The Text Log Consolidation Monitor has been updated to read the last entry from the database after the state is reset. The monitor advances to the line after the entry. If the entry is not found in the current file, the entire file is read.
  • Previously when attempting to view a consolidated text log that was saved with a logical name, the viewer opened the file using the actual filename rather than the logical name. This caused the Set Flag feature to fail. The viewer now opens the file using the logical name resolving the Set Flag bug.
  • Previously when configuring a PowerShell Script Template to run on a remote agent, the agent was looking for the script on its local disk rather than using the script that was passed from the server. This bug has been fixed.
25.0.0.115 Added compression option to File Actions. 2024-11-18
  • The File Actions have been updated to optionally include the option to compress and encrypt the output file.
  • Previously when generating PDF reports, and the backup option was not backing up the old files. This bug has been fixed.
25.0.0.113 Resolved the Sqlite database is locked bug. 2024-11-17
  • The Sqlite database is locked bug has finally been resolved. Previously the timeout values assigned to the Sqlite library were in seconds rather than milliseconds causing database locked timeouts to trigger when under load.
  • The Syslog Consolidation Template now includes the option to specify an alternate Primary Log Database. This feature has been added because several users that are saving Fortiauth syslog messages have encountered performance limitations using a database. The Corner Bowl File System format is the fastest format for writing real-time log messages. The downside to using the flat-file system format is longer query times.
  • Previously when deleting a host, the associated agent connection was not terminated. The connection is now terminated when the host is deleted.
  • Previously the uninstaller did not remove the added firewall rules. When re-installed duplicate firewall rules were added. The uninstaller now removes the previously added firewall rules.
  • The PowerShell Template has been updated to enable users to filter date time values that are in the future, for example send an email alert when a password is to expire in less than 3 days.
  • Environment Variables can now be exported and imported.
25.0.0.105 Fixed a user interface bug. 2024-11-11
  • A recent update for the new Linux Management Console broke the Real-Time Agent Server Viewer. This bug has been fixed.
25.0.0.103 Fixed a log viewer bug. 2024-11-04
  • A previous update caused the message column to be truncated to 64 characters when real-time viewing various logs.
25.0.0.102 Fixed a critical FIM bug. 2024-10-30
  • In v25 the FIM has been duplicating permissions when configured to include permissions and monitoring multiple files causing the memory to balloon and permissions inaccurately listed. This bug has been fixed.
25.0.0.96 Added an Event Log Consolidation enhancement and fixed several minor bugs. 2024-10-26
  • A recent update for the new Linux Management Console caused the Filter Properties dialog to show empty filter criteria when changing a Simple Filter from one type to another, such as Event Log to Syslog.
  • Previously when using a strict filter for Event Log Consolidation, entries were often re-downloaded then later dropped per the filter. The entries are no longer re-downloade
  • Several memory optimizations have been made.
  • The Service Monitor Template Properties View now uses local WMI to get services when querying the localhost that is configured to use the agent.
  • The Explorer View no longer displays monitored directories when expanding a monitor tree node.
  • Fixed a recent host selection bug when configuring various templates.
  • A new Real-Time GPO Auditing Template has been added to the Sample Templates.
25.0.0.89 Fixed a Microsoft Graph email bug. 2024-10-21
  • A recent update to the Microsoft Graph API NuGet packages caused the .Net 4.7.2 compiled version to throw an exception when attempting to send email through Microsoft’s servers. This bug has been fixed.
  • The data grid views have been enhanced providing faster selections.
  • Previously when using the new command and control option with Event Log File Backup Templates configured to archive and clear the Event Logs when a maximum size threshold is breached with the Agent, the backups were only executing when the maximum size threshold was breached. This bug has been fixed.
  • Major version 25 was not processing templates for agent devices configured to disconnect once template execution was complete. This bug has been fixed.
  • Previously when monitoring SNMP Traps, the monitor was not being set to triggered and the Monitor Status View did not include trap detail in the history view. These bugs have been fixed.
25.0.0.81 Fixed several high-profile bugs. 2024-10-16
  • Previously the installer did not permit GMSA accounts to remote install the agent. The WIX installer has been forked and updated to now allow this functionality.
  • A recent update to the LogonUser API, so single air gapped installations did not have a STIG finding, has caused remote users, that are RDPing into the server to run the Management Console, which have not been granted the logon locally permission, to receive an access denied error. The LogonUser call has been updated to fallback to a network logon when a local logon fails.
  • A recent update to the Syslog Servers, for Syslog Aggregation for our Cloud SIEM solution, caused the verbose logging messages to no longer write to the server.log file. This bug has been fixed.
  • A previous update caused the Directory Watcher Template to no longer execute. This bug has been fixed.
  • The Log Monitor Rules Properties View has been updated to optionally display line items in a detailed tabular format. The modal dialog view has been removed.
  • A recent update caused some log reports to truncate the Message column to 64 characters. Reports are not automatically updated to display all of the characters in the message.
25.0.0.73 Fixed a bug in the new Database Action. 2024-09-29
  • The Database Action was not processing Event IDs and Event Log, Syslog and Text Log Message columns. This bug has been fixed.
25.0.0.71 Updated sample report groups. 2024-09-24
  • Several of the Sample Report Groups and members have been updated to better group like items.
  • A bug had been recently introduced that caused text log monitors that were monitoring dated filenames which the files were not found to leak a node in the Explorer View. This bug has been fixed.
25.0.0.69 Added the offline agent installer to the full installer. 2024-09-19
  • The full installer has been updated to include the offline agent installer.
  • Previously when attempting to hide PowerShell results from the Detail View found in the Monitor Status View, the filtered rows, either informational or triggered, were not being removed. This bug has been fixed. To retain informational values in the Detail View but hide informational values in Actions, use the Hide informational data table rows found on the Actions Tab.
  • Previously when logging into the Management Console locally, a network logon was executed. On STIGed machines this is a finding. The code has been updated to logon interactively when connecting locally.
25.0.0.64 Fixed a new text log retention bug. 2024-09-17
  • A recent update to the Text Log Consolidation Monitor caused some files to stop deleting entries no longer needed. This bug has been fixed.
  • The keep-alive flag is now automatically set when a new host is added to the system. This flag is ignored when not using the Agent.
  • Previously the Audit Policy Monitor Template Properties View was erroneously returning the localhost’s audit policy rather than using the Agent to pull remote policies. This bug has been fixed.
  • A new real-time audit policy monitor template called, Real-Time Audit Policy Changed, has been added to the Sample Templates.
  • The JSIG EVTX File backup template has been updated to save log files for 5 years.
25.0.0.55 Added a new Linux Management Console and added a new text log monitor feature. 2024-09-11
  • A new Linux Management Console is now available for download. The new interface is under heavy development and not production ready.
  • 3 new Red Hat RPMs have been authored enabling easier installation of the Linux Agent, Server and new Linux Management Console (LMC).
  • The Text Log Monitors have been updated to support using the {ALIAS} variable in the logical filename as well as the _ALIAS_ key in the column definitions to include a column in the output database table that specifies each host’s alias.
  • A new installer is now available that includes .Net 8 Desktop Runtime embedded in the package.
  • Previously when viewing consolidated log entries, then grouping by a user column defined as an Enum Type, the group by header was showing the actual value, an integer, rather than the string representation of the value. This bug has been fixed.
25.0.0.53 Added several new Syslog Reports. 2024-09-10
  • Two new sample reports are now included that parse FortiGate and SonicWall syslog messages.
  • Syslog Reports have been updated to support Enum Definitions, for example you can now translate numbers to string representations such as category IDs to category strings.
  • Previously the Directory Size Monitor Template was logging each file it scanned. The message is now only logged when the -logdebug flag has been set as a startup parameter.
25.0.0.50 Added back the Database Action previously available in Server Manager 2012-1018. 2024-09-04
  • The Database Action that was previously available in Server Manager 2012-2018 has been added back in. The addition of this action enables users to write report output to a database table then consume the data in other applications such as Microsoft Power BI.
25.0.0.47 Added Text Log Monitor entry compression to Agent. 2024-08-28
  • Previously when monitoring text log files via the Agent, text log entries were always uploaded uncompressed. The upload function now acts exactly like the Event Log monitors. If less than 500 entries are read, the entries are uploaded uncompressed, otherwise the entries are compressed locally the uploaded to the server.
  • A recent bug was introduced into the Management Console which broke the Group By feature found in the Running Monitors and Running Reports views. This bug has been fixed.
  • A recent bug was introduced that caused the Auto-Clear-Trigger message to no longer display in the History View. This bug has been fixed.
  • Previously after clearing a real-time log monitor trigger, the running icon was lost in the Explorer View. This bug has been fixed.
  • A waiting spinner has been added to the Batch Assignment View.
  • Previously when running the local management service with an account, the c:\windows\systemtemp directory was not scanned. This limitation has been resolved.
  • The overridden Corner Bowl temporary files directory is now included in the delete temporary files template for both the agent and the service systems.
25.0.0.45 Added a SCAP Vulnerability Scanner Template and three other scanning Templates. 2024-08-25
  • A new SCAP Vulnerability Scanner Template has been added, accessible through a paid add-on which can be purchased online, that implements SCAP vulnerability scanning and DISA STIG Viewer checklist file generation.
  • A new System Security Monitor Template has been added that enables users to monitor Security Policy and User Rights Assignments found in the built-in Windows secedit.exe program. This Template was created to implement required functionality in our new SCAP Vulnerability Scanner Template.
  • A new File Permissions Monitor Template has been added that enables users trigger alerts when permissions match user defined filter criteria. This Template was created to implement required functionality in our new SCAP Vulnerability Scanner Template.
  • A new WMI Query Template has been added that enables users to generate their own WMI queries, then trigger alerts based on results. This Template was created to implement required functionality in our new SCAP Vulnerability Scanner Template.
  • The PowerShell Template has been updated to include must have filters.
25.0.0.44 Added temp directory option to agents. 2024-08-20
  • Per a customer request, the agents have been updated to include an option to override the temporary file directory.
25.0.0.43 Added auto-re-installer for re-initialized air gapped VMs. 2024-08-13
  • The internal Agent Installer Service has been updated to attempt to re-install when a host does not connect within the agent connection schedule or, if longer, the host connection schedule. This feature enables the agent installer service to re-install the agent on VMs that have previously connected but have since been re-initialized and the agent is no longer installed, a common scenario in air gapped environments.
  • The Start a Process Action has been updated for Text Log Monitors. When triggered and the arguments includes the {ITEM_MESSAGE} variable, a process is spawned once for each entry.
25.0.0.41 Fixed several legacy agent installer bugs. 2024-08-10
  • Previously when using the agent on Server 2008 and Windows 10 machines and internet access available, the v23 .Net 472 version of the agent installer was being downloaded rather than the .25 .Net 472 version. This bug has been fixed.
  • Previously the .Net 472 version of the agent installer was incorrectly checking for windows version 602 rather than 601 breaking support for Server 2008 and Windows 7. This bug has been fixed.
  • The legacy agent installer has been updated to download the .Net 472 agent when Server 2012 non-R2 is detected.
  • The AI Anomaly Detection (Template Triggers) Report now includes the same anomaly detection minimum count filter seen in the log-based anomaly detection reports.
  • A recent refactor change caused some of the report titles and descriptions to no longer display when viewed within the console. This bug has been fixed.
25.0.0.40 Fixed an agent-based rolling text log consolidation bug. 2024-08-08
  • Previously when using the agent’s new command and control feature to consolidate rolling text log files, such as files named with the current date, data duplicated. This bug has been fixed.
  • A recent update caused collection triggers to show OK items as errant. This bug has been fixed.
25.0.0.33 Overhauled the Registry Monitor Template. 2024-07-31
  • The Registry Monitor Template has been updated to support monitoring an array of registry key values.
25.0.0.27 Added several user requested features. 2024-07-29
  • The Text Log Consolidation Monitor has been updated to enable users utilizing the Logical Filename option to include a {HOST} tag. Once included, the database table name will include the hostname within the table name.
  • The Database Log Consolidation Template (SharePoint) has been updated to include an initial number of days to download.
  • The Dashboard has been updated to include a History Summary view.
25.0.0.26 First Release Build 2024-07-26
  • We are excited to release Corner Bowl Server Manager 2025. Please note LTS support for v23 ends July 1st 2025. Until that time, any critical bugs discovered in v23 will be addressed. Version 25 is complied against .Net 8 which has LTS until November 11th 2026. The most visible update in v25 is a new Tray Icon. The Tray Icon now enables you to select between different Server Manager connections, enabling users to more easily identify desktop triggers when connected to multiple installations of Corner Bowl Server Manager. Another major update is to the internal memory management which now more explicitly removes objects from memory rather than relying on .Net to clean up at its’ leisure, significantly reducing the footprint of all processes. We are currently developing a Linux Management Console so stand-alone air gapped installations can be locally configured. We plan to release the Linux Management Console with minimal functionality by end of Q3. Please let us know if you are interested in early testing of the Linux Management Console and we will add you to our list of beta users. As always, we are continually adding new user driven feature requests so please let us know what you would like to see.
Continue To Download