Trellix: IOC Streaming Module 1.3.169 Now Available

IOC Streaming Module 1.3.169 is now available for download from our Dynamic Threat Intelligence (DTI) cloud.
 

New features and changes

• Configurations
  The IOC Streaming Module now enables the following configurations, which are available through API, on high activity Server hosts to alleviate excessive memory usage:
  • eps_throttling_rate
    This feature specifies a maximum limit for the rate of matched events that can be throttled on the system.
  • eps_calculation_interval
    This feature limits the matched events queue size to an acceptable level. 
• Resolved issues
  • ENDPT-113095: Resolved an issue where the IOC Streaming process consumed excessive memory on the Endpoint Security (HX) server in a Linux environment.
  • ENDPT-226050: Resolved an issue where the IOC Streaming plugin consumed excessive memory on the Endpoint Security (HX) server in a Windows environment.

For details on the fixes included in this release, as well as for information on how to upgrade, see the following documents:

• IOC Streaming Module 1.3.169 Release Notes
• IOC Streaming Module User Guide

Module availability

These modules are available on the FireEye Market under IOC Streaming.