Diskover 2.4.2 Release Notes

Overview

Diskover 2.4.2 represents a significant milestone in platform maturity, delivering critical security fixes, enhanced administrative capabilities, and expanded features. This release introduces native Elasticsearch Index Lifecycle Management capabilities, eliminating the need for external tools like Kibana for routine index maintenance.

Key highlights include critical security patches addressing index permission caching vulnerabilities and improvements to LDAP authentication and API access controls, a new Global Dashboard view for aggregated metrics across all indexed data, bug fixes for scanner timezone handling, file action permissions, alongside substantial enhancements to the admin configuration interface, and Diskover UI.

New Features

Native Elasticsearch Index Lifecycle Management (ILM)

[DEV-594]

Diskover now includes full Index Lifecycle Management capabilities directly within the platform interface, eliminating the dependency on Kibana for routine index maintenance tasks. This feature provides:

• Complete index lifecycle policy management (create, read, update, delete)
• Policy application and removal from indices
• Real-time monitoring of index ILM status and phase information
• Viewing and editing of existing ILM policies
• Direct integration with Elasticsearch ILM APIs

This enhancement significantly streamlines administrative workflows and reduces the technical overhead for customers managing large-scale deployments.

Global Dashboard View

[DEV-515]

A new dashboard view that aggregates metrics across all indexed data sources, providing business-wide visibility into storage utilization, file distribution, and cost metrics. The global view complements existing per-index dashboards and enables high-level analysis across the entire data landscape.

Space Info Page

[DEV-484]

New unified view displaying all top paths and available space information across the platform. This consolidated interface provides administrators with a comprehensive overview of storage allocation and capacity across all managed file systems.

Live View for S3 Buckets

[DEV-32]

Live View functionality has been extended to support S3 buckets, enabling real-time validation of cloud storage content without requiring a full re-index. This feature provides immediate visibility into S3 bucket contents and changes, supporting hybrid cloud storage architectures.

Configurable Currency Symbol

[DEV-491]

The platform now supports configurable currency symbols (£, €, $) for cost display throughout the interface, accommodating global deployments and regional currency preferences. This enhancement improves localization support for international customers.

LDAP API Group Configuration

[DEV-520]

New configuration option to specify dedicated LDAP groups for API users, providing more granular access control for programmatic access to Diskover APIs. This separation of API and interactive user authentication improves security posture for deployments leveraging LDAP for user authentication and management needs.

Enhancements

Scanner Improvements

Timezone Optimization
[DEV-519]

Removed the +00:00 timezone suffix from datetime fields in Elasticsearch indices, significantly reducing index size overhead. All timestamps are now stored in UTC format without explicit timezone notation, maintaining consistency while improving storage efficiency.

Auto Thread Depth CLI Option
[DEV-532]

Fixed the autothreaddepth command-line option to function as intended, automatically determining optimal threading depth based on directory structure for improved scanning performance.

Special Character Handling in Scan Paths
[DEV-546]

Improved handling of apostrophes and other special characters in scan path configurations, preventing configuration errors and scan failures when paths contain these characters.

Empty Files and Folders with Exclude Settings
[DEV-570]

Resolved a KeyError that occurred when scanning directories with specific exclude settings that resulted in empty files or folders. The scanner now properly handles edge cases in exclusion rule processing.

File Access Time Restoration
[DEV-521]

Moved the logic for restoring file access times atime to execute after all plugin processing is complete. This change ensures that plugin operations don't inadvertently modify access times before they can be restored, maintaining more accurate file access metadata.

Reduced Logging Verbosity
[DEV-600]

Changed per-file scan logging from warning level to debug level, significantly reducing log volume in production deployments while maintaining detailed logging capabilities for troubleshooting when needed.

Authentication and Access Control

LDAP Login Fixes
[DEV-598]

Resolved login failures that occurred with specific LDAP directory configurations, improving compatibility across diverse enterprise level LDAP implementations.

LDAP Filtering Improvements
[DEV-590]

Corrected Distinguished Name (DN) search logic and attribute retrieval in LDAP filtering operations, ensuring more reliable user and group queries against LDAP directories.

LDAP API Search Results
[DEV-547]

Fixed query matching issues in LDAP-based API user searches, improving the reliability of programmatic user lookups and authentication.

LDAP Space Info Access
[DEV-586]

Corrected access control logic for the Space Info endpoint when using LDAP authentication, ensuring consistent permission enforcement across the platform.

Admin Interface

Delete Alternative Configurations
[DEV-527]

Added the ability to delete alternative configurations directly from the admin interface with proper confirmation dialogs. This enhancement streamlines configuration management and cleanup workflows.

Configuration UX Improvements
[DEV-548]

Improved user experience when working with alternative configurations, including dynamic URL updates when switching between configurations and proper handling of configuration deletion operations.

Worker OS Reporting
[DEV-560]

Workers now automatically detect and report their operating system, CIFS/NFS mount capabilities, and mounted volumes to the admin interface. This enhancement provides better visibility into worker node capabilities and facilitates more informed task assignment decisions.

Improved Log Rotation
[DEV-529]

Enhanced log rotation logic to better handle timestamped log files, preventing the accumulation of stale log data and improving log management efficiency.

Plugin Improvements

Cache Management Optimization
[DEV-492]

Implemented toppath hash-based cache directory organization to prevent SQLite database lock contention when multiple scan workers access shared cache resources. This optimization significantly improves scan performance in multi-worker environments.

Script Path Updates
[PLAT-147]

Corrected nested path references for post-index plugins, ensuring scripts are properly located and executed during post-indexing operations.

Web Interface

Heatmap Path Duplication Fix
[DEV-539]

Resolved an issue where duplicate path segments appeared in heatmaps when comparing indices with identical root paths. Heatmap visualizations now correctly display unique path hierarchies.

SMTP Configuration Consistency
[DEV-543]

Resolved inconsistencies in SMTP configuration handling across admin interface, worker configurations, and scheduled task settings, ensuring reliable email notification delivery.

Metrics API Query Parameter
[DEV-589]

Fixed a bug where the query parameter in the Metrics API endpoint was being ignored, which was affecting data retrieval for the AI Assistant feature. The API now properly respects query filters.

CSV Download Functionality for Smart Searches
[DEV-597]

Added CSV export capabilities to enable bulk data downloads for offline analysis and reporting.

Bug Fixes

Security Fixes

Index Settings Caching Vulnerability
[DEV-587]

Fixed a security vulnerability in the index settings caching mechanism that under specific conditions could allow users to access indices they did not have permissions for. The caching logic now properly validates user permissions before serving cached index settings, preventing unauthorized cross-user access.

File Action Permission Enforcement
[DEV-554]

Corrected a bug in file action permission checking that was not properly enforcing admin-only restrictions. File actions marked as admin-only are now correctly restricted to administrative users only.

System Bug Fixes

License Cipher Suite Compatibility
[DEV-512]

Updated license validation cipher suite from SHA-1 to SHA-256 to ensure compatibility with RHEL 9 and other modern Linux distributions that have deprecated SHA-1. The implementation maintains backward compatibility with existing licenses while supporting secure modern cryptographic standards.

Platform and Infrastructure

License Edition Realignment

[DEV-531]

Restructured product editions into a simplified three-tier model:

• Professional Edition - Advanced analytics and reporting
• Enterprise Edition - Full feature set with enhanced security and compliance
• Multistream Edition - High-performance parallel indexing

This realignment consolidates previous industry-specific editions (Media Edition, Life Sciences Edition) into a more streamlined offering that better aligns with customer needs and deployment patterns.

Technical Notes

Compatibility

• RHEL 9+ now fully supported with updated license cipher suite
• Improved LDAP directory compatibility across implementations
• Enhanced S3 cloud storage integration

Performance

• Reduced Elasticsearch index storage overhead through timezone optimization
• Improved multi-worker scanning stability with cache management enhancements
• Optimized logging reduces I/O overhead in production environments

Upgrade Considerations

• Existing licenses remain compatible; new licenses will use SHA-256 cipher suite
• No index rebuild required for timezone optimization; applies to new scans
• ILM policies can be managed entirely within Diskover; Kibana no longer required for index maintenance

For detailed information on any feature or fix, please refer to the individual JIRA tickets or contact Diskover support.