PCE Platform
Agent background service CRITICAL alerts in PCE Health page (E-100083)
Execution of background jobs could cause the PCE Health page to continually display alerts that the agent background service was in a critical state. This was caused by orphan records in database tables that caused background job queries to take longer or fail. The workaround was to schedule downtime and manually remove the orphan database entries. This issue is resolved. Orphan records are now automatically removed when detected. Manual intervention is no longer necessary.
Misconfigured PCE could cause sensitive information to be disclosed in log files (E-96079)
If the PCE was misconfigured, such as when pce_fqdn was unreachable and/or resolving to the wrong IP address, passwords could be written to logs in plaintext. This security issue is resolved.
Created By field in CEF events didn't work (E-91151) The created by field for certain events wasn't properly translated to
"duid"when exported using the CEF format. Theduiddidn't work for events created by container clusters or Illumio Service Accounts because they do not expose integer IDs; therefore, they did not populate theduidin CEF events. This issue is resolved. If an entity has a UUID, it will be returned for the CEFduid.Consul messages not sent to internal syslog (E-90286)
This PCE Platform issue applies to Illumio Core On-Premises customers only. It does not apply to Illumio Core Cloud customers. Messages from the PCE consul service are no longer sent to the internal syslog. Messages do not appear in consul.log. Instead, they appear in /var/log/messages and
/var/log/illumio-pce/consul.