New Features
BI Reports: Ability to View Geolocations on a Map
We have added a new Map tab to the BI Reports > Geolocation report. This tab will help you visualize geolocation coordinates (latitude and longitude) on a Map:
You can also use the Geo Chart Widget to add a similar map to your own custom BI reports.
Please see the BI Reports > Geolocation section on the User Guide for more information.
Behavior Rules: New Browser Criterion Added to the Webpages Rule
We have added a new criterion, Browser to the Webpages-based Activity rules.
This criterion will let you detect web browsers. You can choose from the list of predefined browsers or enter the browser’s process name (for example, enter msedge.exe
for Microsoft Edge browser):
For more information, check out the Activity Rules: What Activities Can You Detect? > Webpages section on the Rules Guide.
Employees: Ability to View Unlicensed Users
From now on, you will be able to see which users/employees are unlicensed on the Employees report, under the Monitored column. You will also be able to filter the report by Unlicensed condition:
Note that an unlicensed user is a user who is being monitored but not licensed.
Employees/Monitoring: New Option to Control Employee Access to the Screen Snapshots Report
We have added a new option, Disable self snapshots report on the ACCOUNT INFO tab of the employee's profile (Employees > Employee's Details > EDIT INFO button):
This option will determine if the employee will be able to view their Monitoring > Screen Snapshots report.
Configure/Employees: New Role-Based Access Control (RBAC) Policy
We are introducing a new Role-Based Access Control (RBAC) policy.
This type of policy will allow you to assign special management permissions in addition to the view/edit permissions to a privileged user. For example, the ability to edit employee profiles, create behavior policies and rules, etc. With the Role policies, you can create some unique user roles. For example, turn a department manager into a ‘semi-admin’ who can manage employees like an admin but only employees in his/her department (unlike an admin who has access to all employees).
When you create a new Access Control Policy (Configure > Access Control > New policy), you will be able to choose from the List (regular) or Role access control policies:
Once you have created a Role policy, you will be able to assign it to a user from their profile (Employees > Employee's Details > EDIT INFO > RBAC tab):
For more information, check out the Configure > Access Control Policies section of the User Guide.
Monitoring Settings: Options to add Departments and Groups to the Monitoring Profiles
Previously, you could only add users and computers to a monitoring profile (Monitoring Settings > Monitoring Profile > EDIT OBJECTS TO TRACK).
Now, you will be able to add Departments and Active Directory Groups to the monitoring profiles as objects:
You will also see an Exclamation button near the top-right corner of the Monitoring Settings screen if there's a profile conflict. Clicking the button will show you the conflicts:
For more information, check out the Monitoring Settings > Creating a New Monitoring Profile section of the User Guide.
Monitoring Settings: New Options to Exclude Processes from the File and Network Drivers
We have added two new options, EXCLUDE PROCESSES FROM FILE DRIVER and EXCLUDE PROCESSES FROM NETWORK DRIVER to the Monitoring Settings > Monitoring Profile > Advanced panel:
These are extensions of the existing FILE DRIVER and NETWORK DRIVER features. While those options allowed you to completely disable the file and network drivers for all processes, with these new options you will be able to specify individual processes (e.g., “window.exe”, “slack.exe”, etc.) to exclude from file transfers and network monitoring.
These could be helpful for troubleshooting and performance tuning purposes. Also, with these options, you will be able to ignore information you don't want to capture for privacy and other reasons while keeping the file transfers and network monitoring active.
For more information, check out the Monitoring Settings > Advanced Monitoring Settings section of the User Guide.
Settings: New Password Expiry Time Option
We have added a new option, PASSWORD EXPIRY TIME (DAYS) to the Settings > Security screen. This option will let you specify how long the password will stay valid. After this period, the user will be asked to change their password:
The default value of 0
will disable the option.
[Mac] BI Reports: Support for Geolocation Monitoring
We are adding Mac support for the Geolocation monitoring. You can track users' geolocations from the BI Reports > Geolocation report. You can also plot the coordinates on a map for easy visualization of the locations:
You can toggle the Geolocation monitoring on/off or configure the monitoring schedule from the Monitoring Settings:
At the moment, the following options under the Monitoring Settings > are available:
TRACKING DAYS AND TIME
You will have to enable a macOS permission to activate the Geolocation feature. To learn how to do so:
To learn how Geolocation works and get answers to frequently asked questions, check out this article: What is Geolocation tracking and how to use it?
[Mac] Behavior Rules: Support for Files Activity Rules
We have added Mac support for Files-based Activity rules. With support for this type of rule, you will be able to detect file operations such as Access, Copy, Rename, etc., and take actions such as warn the user or block the activity. Here's an example:
You will be able to view the rule alerts on the BI Reports > Behavior Alerts or the Behavior > Alerts report:
Here are a few things to note:
The rule currently supports the following File Operation conditions: Access, Copy, Write, Rename, and Delete).
Program conditions: Contains and Equals.
File Path conditions: Contains and Equals.
Only the Block, Warn, and Lock Out User rule actions are supported at the moment. Note that the rule actions may behave slightly differently on Mac. Please see the Rules Guide > Defining Rule Actions to learn more.
Please see the Rules Guide >Activity Rules: What Activities Can You Detect? > Files section to learn more.
[Mac] Monitoring: Support for Monitoring Upload/Download Activities to/from OneDrive
We have added Mac support for the TRACK DOWNLOADS AND UPLOADS FROM THESE APPLICATIONS option on the Monitoring Settings > Monitoring Profile > File Transfers settings screen.
At the moment, this will let you track file uploads and downloads to/from the OneDrive app. In the future we will add support for other apps such as Google Drive, Dropbox, etc.:
The activities can be viewed on reports such as BI Reports > File Events, Monitoring > File Transfers, etc.:
[Mac] Agent: Network Extension Parameter to Resolve DNS Name
Usually, if the networking monitoring is enabled, then all network connections are redirected to the Agent by their corresponding IP addresses. However, sometimes, if a proxy server is present, the Agent might receive DNS names instead of IP addresses for some of the connections. In some rare situations, this might affect the Agent's network monitoring functionality. Or, you might just want to view the IP addresses instead of the DNS names.
We have added the ability to resolve DNS names to IP addresses. A new parameter, dns-resolve-extension
can be added to the Teramind Agent Configuration file (located in: /usr/local/teramind/agent/etc/agent.conf) to toggle this feature:
dns-resolve-extension=1/0
Where, 0
will turn the DNS name resolving feature off and 1
will turn it on. Note that for all new Agent installations, the dns-resolve-extension=1
will be added to the configuration file automatically, but you can edit it later.
Once the feature is enabled, you should be able to verify that DNS resolving is working as expected from the browser's console log. Visit any site, and you should see a message from com.teramind.networkextension
process that reads something like <FlowCopier.Writer> resolving dns_name to ip_address
. For example:
Improvements
BI Reports: Easy Way to Identify Reports Scheduled for Auto-Export
Previously, there was no easy way to tell if a cloned BI Report was scheduled for auto-export (EXPORT > Schedule export).
Now, you will see a calendar icon next to a cloned report that has the schedule export option enabled:
BI Reports: Streamlined Behavior Alerts Report for Email Rules
Previously, the Description and the Matched Triggers columns on the Grid widget of the BI Reports > Behavior Alerts would show the whole email body from an email-based rule alert.
Now, the columns will only show the relevant text(s) that match the rule's condition(s). This will make the report more streamlined and cleaner:
Note that you will still be able to view the full email by right clicking an alert and choosing the Show details option.
Employees: Faster Activity Log
Previously, the Employees > Employee's Details > Activity Log report would be slower sometimes if there were too many activities, especially when any filters were applied.
We made some changes to the report so that it will now use the BI engine to process the data resulting in faster processing time.
However, since BI reports are processed in batches, real-time data will no longer be available on this report. To allow you to still view the real-time data, a Click here for real-time data link will be shown when you choose the current date or the "Today" option from the date selector:
Hovering over the link will show you when the report was last synced, similar to a BI report. Clicking the link will take you to the Monitoring > Web pages & applications report where you will be able to view the real-time data.
Monitoring Settings: Better Geolocation Updates
Previously, if no value was set in the TIME THRESHOLD (S) field on Monitoring Settings > Monitoring Profile > Geolocation window, the Agent would update geolocation every 30 seconds even if the user didn't change their location:
We made improvements so that if no value is set in the TIME THRESHOLD (S) field, it will default to 0. This means, the Agent will only update the geolocation when the user changes their location (unless you specify a time threshold).
Settings/Security: Enable Support Agent Login Even when IP Restriction is Active
Usually, an authorized Teramind Support Agent should be able to log into a customer's Dashboard (with permission from the customer) to help with any troubleshooting or other assistance.
However, due to a bug, they couldn't log into the Dashboard if the customer had IP addresses set in the Settings > Security > ALLOWED IP TO LOGIN field. The Agent would see an error, "Login attempt is blocked by ip address":
The bug is fixed now so that a Teramind Support Agent should be able to log into the Dashboard even if their IP isn't on the allowed IP list.
Settings/UI: New UI Versioning Scheme (On-Premise)
Previously, the Dashboard (Settings > About screen) would show the web UI version in this format: YYYYMMDD-BUILDNO. For example, 20231121-23673.
We are now adopting a new versioning scheme. The new version will be displayed in this format: YY.WW.PATCHNO.BUILDNO. For example, 23.45.0.23673:
This new versioning scheme will help both you and us identify the release easily.
Settings/UI: Displaying the Agent Version Included in the Server (On-Premise)
Previously, it was not easy to find out what versions of the Agent were available on your On-Premise server - unless you hovered over the download links and checked the destination URLs. For the Mac Agent, even that option wouldn't work.
Now, we have made it easy for you to find out that information. The Settings > About screen will now display the Agent versions along with the server, schema and UI versions:
Settings/UI: Warning About Custom Deployments (On-Premise)
We have added a warning message to the Settings > About screen that will be displayed if you have a custom deployment (e.g., custom features/scripts/integrations/syncs/etc.).
The warning is added because upgrading these types of deployments with the wrong TMU image might break something or cause other unexcepted behaviors.
The warning contains an email link to consult the Teramind Support Team. If an admin still tries to upload a TMU file, they will see another confirmation dialogue to continue or cancel the deployment:
Settings/UI: Email Validation on License Alerts Screen
Previously, you could enable the SEND LICENSE OVERUTILIZATION REPORT DAILY option while keeping the NOTIFICATION EMAILS field empty. The Dashboard would let you save the changes.
Now, if you enable it, you will have to enter at least one email address in the field. Otherwise, you will see an error message, "Can't enable license notifications without recipient emails" and the setting won't be saved:
UI: Better Notification Messages
Previously, if a notification message such as the update notification was shown, it would sometimes make it hard to click any buttons under the notification bar unless you closed it first:
We made changes so that the user will be able to scroll down to see the buttons even if the notification bar is present.
UI: Auto-Hide Camera Icons to Users without the Right Privilege
Previously, a user who didn't have the view screen recordings privileges (e.g., Play live screen stream, Play historic screen streams, Allow self history playback, etc.) could still see the Camera icon on various reports/widgets. Clicking the icon would launch the Session Player even though the user couldn't view the video.
We made improvements so that the Camera icon will not be displayed at all to a user without the right privilege:
Server/Monitoring: Improved Processing of Online Meetings
Previously, the queries for processing online meetings would take longer time and cause high CPU usage and I/O load. We have implemented some changes such as in-memory caching to improve the processing of these events.
Agent: Suppress Rebooting During Agent Installation/Update
We have improved the Agent installation script to avoid Windows forced rebooting during the Agent installation/updating process, for a better experience.
Agent/Behavior Rules: Auto Disable Windows Log Event Monitoring by Default
We recently introduced a preview version of a new rule type, Windows Log Event that continuously checks the Windows event log for any events matching the rule condition.
However, this may impact the system performance especially if there are multiple users on a computer (e.g., on a VDI/RDP setup) or the Windows event log becomes too large for other reasons.
To mitigate that, the feature will be automatically disabled if no rules are using this rule type and enabled if there is any active rule(s) using this rule type.
Agent/Notifications: Handling Network Driver Issues with the Sophos Antivirus
Despite the whitelisting and AV exclusions, some versions of Sophos antivirus might still cause issues, including BSOD (Blue Screen of Death) events with the Teramind Network Driver (tm_filter).
We expect this to be resolved once Sophos releases a fix.
In the meantime, we have introduced a few workarounds.
The Agent will now detect if Sophos is installed on a user's computer and disable the Network monitoring to avoid any conflicts with the AV.
Additionally, a notification, Network monitoring is disabled due to interference with "Sophos Antivirus" will be shown on the Notifications report for the affected computer. A pop-up message will also be shown at the bottom of the screen, Network monitoring is disabled for some computers due to interference with "Sophos Antivirus". Please contact [email protected] to solve:
If contacted, our support team will provide you with instructions on how to install a special version of Sophos.
Other: Better OCR Error Logging
We have made improvements to the OCR errors and exceptions tracking so that we will now be able to diagnose and solve any issues more efficiently.
[Mac] Behavior Rules: Improved Text Detection in Keystrokes Rules
Currently, if you have a Keystrokes rule like the one below, which detects certain text/words with a regular expression (RegEx), will not trigger if the user misspells the word and then corrects it:
For example, if the user first types "vap e" and then later presses the Backspace key to delete the space and correct the text to "vape", the rule will not trigger.
We improved the detection mechanism (including support for regular expressions) so that corrected text/words like the above will be detected by the rule.
[Mac] Agent: Prevent the Installation of Different Types of Agent on the Same Computer
Previously, it was possible to install both the Revealed Agent and the Hidden Agent on the same computer. This could lead to unexpected behavior and also make it difficult to uninstall the Agent(s).
To prevent this from happening and to make the installation behavior similar to the Windows Agent, the Mac installer will now refuse to install the Agent and show a "The installation failed" message if it detects another type of Agent is already installed on the system:
It will, however, let you reinstall the same Agent type. For example, if you already have a Revealed Agent installed you will be able to reinstall it. But you cannot install a Hidden Agent over a Revealed Agent or vice versa before uninstalling the existing Agent.
[Mac] Agent: Automatically Disable the QUICK Protocol on Google Chrome
Google Chrome browser has an experimental QUICK protocol, which isn't currently supported by the Agent. Enabling the protocol might cause monitoring issues:
From now on, the Agent will automatically disable this protocol whenever the browser is launched/relaunched.
[Mac] Agent: Enhanced Agent Log Management
Previously, the Mac Agent had a single log file which could be specified using the "log-settings" parameter in the Agent configuration file.
However, this single-log file system isn't efficient. It can grow indefinitely over time. A huge log also makes it difficult to locate information or troubleshoot any issues.
Now, we have implemented a better log rotation mechanism that will create separate log files by date and time. We are also adding a few new Agent Configuration parameters to help you manage the log size.
The new parameters are:
Parameter | Example |
log-file-size |
|
log-file-count |
|
log-total-size |
|
You can specify the parameters in the agent.conf file.
For more information about Agent logging, check out this article: How to collect the Teramind Agent logs > macOS Logging.
Bug Fixes
BI Reports: Scheduled Export would Fail for Some Cloned Reports
Due to a bug, scheduled export (EXPORT > Schedule export) of some older, cloned BI Reports would fail as can be seen on the System > Report Export screen:
The bug is fixed now.
BI Reports: Error when Cancelling the Scheduled Export Window
Due to a bug, if you pressed the CANCEL button or clicked outside the Export schedule window (EXPORT > Schedule export), you would see an error message, "Error occurred":
The bug is fixed now.
BI Reports: Error when Expanding a Row Group on the All Events Report
Due to a bug, a “Something went wrong” error message would appear when expanding a row group on the BI Reports > All Events report. On the browser's console log, error 504 (Gateway Time-out) could be seen:
The bug is fixed now.
BI Reports: Global Filters not Applied to Widget Filters
Due to a bug, if you applied a Global filter, it would be ignored by the Widget filters:
We fixed the bug so that the Global filters will propagate to all Widget filters merging them together.
BI Reports: Filter Copy Link not Working
The Copy Link option on a Grid widget's context menu allows you to copy a link for the selected item. The link will open the All Events report with the right item automatically filtered.
However, due to a bug, when you tried to open the link, you would get an error message, "Something went wrong". The browser console would show a 500 error status (Internal Server Error):
The bug is fixed now.
BI Reports: Outgoing Messages on Microsoft Teams would be Shown as Incoming
Due to a bug, both incoming and outgoing messages on Microsoft Teams would be shown as incoming on the BI Reports > Instant Messages report:
The bug is fixed now.
Monitoring/BI Reports: Webpage Title and Domain wouldn't Match on the Activity Reports Sometimes
Due to a bug, the webpage title and domain/URL might not match on the activity reports such as BI Reports > Applications & Websites, Monitoring > Web Pages & Applications, etc.
This could happen if a user entered a URL in the browser's address bar while visiting another site. In such a case, you might see an activity with a mismatching URL and webpage. The activity would usually have a short duration (i.e., a few seconds - the time it took to load the new page).
In the example below, the user entered "bbc.com" in the address bar while on the "wikipedia.org" site. On the Monitoring Report, you can see that, just before the browser loaded the "bbc.com" site, the Agent recorded an activity that shows the URL as "bbc.com" but the page title is "Wikipedia - Google Chrome":
The bug is fixed now so that the page title will be shown as blank for this type of website activity:
Monitoring/BI Reports: Duplicate Entries on Emails Reports When Mails Sent From Outlook Web
Due to a bug, any email sent from the Outlook Web would generate duplicate entries on the BI Reports > Emails, Monitoring > Emailing, etc.:
However, the attachment column would only be shown for the first entry.
The bug is fixed now.
Behavior/BI Reports: Match Trigger/Description Column would Expose Email Body even when Permissions not Granted
Due to a bug, a privileged user without the right access control permissions (View email body, View email attachments) would still be able to view the email body in the Matched Trigger column on the BI Reports > Behavior Alerts report or the Description column of the Behavior > Alerts report (SHOW TRIGGERS option active). The bug is fixed now so that the email body texts will be hidden from the user if they don't have the right privileges:
Monitoring/BI Reports: Teramind Instances Would Crash When Handling Large Groups on WhatsApp Web
Due to a bug in the Agent's IM parser module, sometimes it would cause the server to crash if a user engaged in conversations with a large group (e.g., about 50 or more participants) on WhatsApp Web. As a result, the Agent wouldn't be able to connect to the server and the group conversation wouldn't show up on the Monitoring > Instant Messaging report.
The bug is fixed now.
Monitoring Reports: Microsoft Teams Meetings not Captured for Personal Accounts
Due to a bug, MS Teams meetings and calls wouldn't get captured for both the Web and Desktop versions when a personal account was used. Business/corporate accounts weren't affected.
The bug seemed to affect Agent version 23.31.x but other versions might be affected too.
The bug is fixed now so that meetings/calls using a personal account will be captured and reported on the Monitoring > Online Meetings report:
Monitoring Reports: Online Meetings on WebEx Desktop Not Captured
Due to some recent changes introduced by WebEx, the Agent had been unable to capture online meeting activities on the WebEx Desktop client. As a result, no incoming or outgoing meetings on WebEx Desktop would be displayed on the Monitoring > Online Meetings report.
The bug is fixed now.
Monitoring Reports: Online Meetings on WebEx Web Not Captured
Due to some recent changes introduced by WebEx, the Agent had been unable to capture online meeting activities on WebEx Web. As a result, no incoming or outgoing meetings on WebEx Web would be displayed on the Monitoring > Online Meetings report.
The bug is fixed now.
Monitoring Reports: Zoom Meetings would be Logged After They had Ended
Due to a bug, Zoom meetings would only be shown on the Dashboard (e.g., on the Monitoring > Online Meetings) after the meeting had ended.
We fixed the bug so that any Zoom meeting will be shown on the Dashboard as soon as it's started and continue to update the Dashboard while the meeting progresses:
Behavior Rules: Missing Policy Name when Creating a New Rule
Due to a bug, the policy name wouldn't be shown when creating a new rule:
The bug is fixed now.
Behavior Rules: Files Content Rule Would Ignore the File Operation Condition
Due to a bug, Files Content Rules would ignore the File operation condition causing the rules to get triggered for any file operation. For example, the rule below would incorrectly block all file operations such as Copy, Access, Write, Upload, Rename, Delete, etc. instead of just blocking the Copy operation:
The bug is fixed now.
Behavior Rules: Except Conditions in Behavior Rules wouldn't Work Sometimes
Due to a bug, the EXCEPT conditions in a behavior rule might get ignored entirely in some situations.
This could happen if you had more than one type of condition in the EXCEPT field (Equals, Contains, Match, etc.), the whole EXCEPT condition might get ignored.
For example, if you used the rule below, the entire EXCEPT field would be ignored if an email didn't match the first hotmail.com
condition even if it equaled any item from the gmail
Shared List, or matched any item in the outlook
Shared List:
The bug is fixed now.
Behavior Rules: IM Activity Rules with an Exclude Condition not Working Sometimes
Due to a bug, sometimes an IM Activity rule like the one below might not trigger if 1) you left the CONDITION field empty and 2) have any values in the EXCLUDE field:
The bug is fixed now.
Behavior Rules: IM Activity Rules with Messaging App and Message Body Criteria not Working Sometimes
Due to a bug, an IM Activity rule like the one below might not trigger if it contained the Message Body and Messaging App criteria with values in both the CONDITION and EXCLUDE fields:
Behavior Rules: Clipboard Rules not Working Properly
Due to a bug in how the Agent works with Windows Clipboard history, a rule like the one below wouldn't work or would produce unexpected results:
In the above example, if the Clipboard history was disabled and you attempted to paste any number that looked like a credit card number into the Calculator app, it would be blocked. No warning message would be displayed, even though no Block action was specified in the rule. However, if Clipboard history was enabled, it would be impossible to paste the sensitive data into any application. There would be other unexpected behaviors like these.
All these bugs are fixed now.
Behavior Rules: Clipboard Rules would Cause Issues with the Calculator App
We have identified a bug that could cause issues with the Windows Calculator app when using a Clipboard-based Content Sharing rule.
If you had a Clipboard rule with a Block action like the one below, the Calculator app would crash as soon as the user pasted something that triggered the rule:
If you had a rule with any other action (e.g., Warn, Notify, etc.), and tried to paste something that triggered the rule, the text will be pasted for the first time but then subsequent paste operations would fail:
The bug is fixed so both of the issues are eliminated now.
Behavior Rules: Credit Card Detection Mode on Content Sharing Rules not Working as Expected
Due to a bug, the CREDIT CARD DETECTION MODE feature on the Content Sharing rule wouldn't work as expected. As an example, if you had two similar Clipboard rules but one using the Loose condition while the other using a Strict condition, both would get triggered if you copy/pasted something like, "6 5 183 194 94.33":
In the above example, only the first rule (with the Loose condition) should have been triggered.
The bug is fixed now.
Behavior Rules: Websites Behavior Rules would Trigger without User Actions
Due to a bug, a Websites-based rule containing a Request Type: Webpage Visited condition would get triggered even when the user wasn't visiting the website(s) mentioned in the rule.
In the example below, if a user previously visited careerbeacon.com
and immediately minimized the browser window or switched to another tab, the rule would continue to trigger for the careerbeacon.com
page and multiple alerts would show up on reports like the BI Reports > Behavior Alerts, Behavior > Alerts, etc.:
The bug is fixed now so that the Request Type: Webpage Visited condition will only trigger the rule when the user visits the website. It will not trigger the rule if the browser tab/window is inactive or in the background.
Behavior Rules: A Webpages Rule with Certain Conditions and Block Action would Close the Browser
Due to a bug, a Websites-based Activity rule with an Except condition for the Webpage Url criterion and a Block action like the one below would close the browser even if the user opened an empty tab/window:
As the user would be unable to enter any URL on the address bar, this would prevent them from browsing any sites without taking special steps (e.g., Continue where you left off option).
The bug is fixed now.
Session Player/System: Video Export Email not Delivered (Cloud)
Due to a bug, emails from video exports (Session Player > Download Video
) wouldn't get delivered:
The bug is fixed now.
Session Player: Seek Issue/Error on Console
Due to a bug, the Session Player (Live Mode) might have problems with the play/seek head and an error message, "TypeError: Cannot set properties of undefined (setting 'seek')" would be shown on the browser's console:
The bug is fixed now.
Employees: Unable to Delete Admins Users
Due to a bug, an admin wouldn't be able to delete another admin user from the Employees (from the Action menu) or the Employees > Employee's Details screen (by clicking the Trash Can icon). An error message, "Cannot delete Admin" would be displayed:
The bug is fixed now so that an admin will be able to remove another admin.
Employees: The Time Worked Page would Fail to Load
Due to a bug, the Employees > Employee's Details > Time Worked tab would fail to load. An error message, "There was an error while fetching data. Please try again later." would be displayed instead. The browser's console would show an error status 500 (Internal Server Error):
The bug is fixed now.
Employees: Missing Settings from the Advanced Window
Due to a bug, the EXCLUDE PROCESSES FROM FILE DRIVER and the EXCLUDE PROCESSES FROM NETWORK DRIVER options wouldn't be present on a user's monitoring profile (Employees > Employee's Details > EDIT INFO > MONITORING OPTIONS > ADVANCED).
The bug is fixed now so these options will be available:
Employees: Wrong Confirmation Password Error (On-Premise)
Due to a bug, you might see a "Wring confirmation password" error when trying to set a new password for a user (Employees > Employee's Details > EDIT INFO > ACCOUNT INFO > SET NEW PASSWORD) even after entering the correct password:
The bug is fixed now.
Computers: Client Version Column not Sorted Correctly
Due to a bug, the Client Version column on the Computers report wouldn't be sorted correctly. The bug is fixed now:
Monitoring Settings: Unable to Add Users to the Monitoring Profiles Sometimes
Due to a bug, sometimes if you tried to add users to a monitoring profile from the Monitoring Settings > Monitoring Profile screen, you would see this message, "Error occurred" and the changes wouldn't get applied:
This could happen if the MAXIMUM FRAMES PER SECOND field on the Monitoring Settings > Monitoring Profile > Screen window had an invalid value set. The bug is fixed now so that the MAXIMUM FRAMES PER SECOND value will be clamped at 1-4 preventing future issues.
Monitoring Settings: Some Websites Monitoring Settings Wouldn't Work for Some URLs
Due to a bug, websites monitoring settings (Monitoring Settings > Monitoring Profile > Websites) that accept a URL (for example, MONITOR ONLY THESE WEBSITES, DON'T MONITOR WEB TRAFFIC FOR THESE WEBSITES, SUSPEND MONITORING WHEN THESE WEBSITES ARE VISITED, etc.) wouldn't work for some websites/URLs that contained special characters (for example, #
).
The bug is fixed now so that website addresses/URLs with special characters will be detected properly and the monitoring settings will work as expected.
Monitoring Settings: Applications Suspended from Monitoring Still Being Tracked
Due to a bug, sometimes an application might not get excluded from monitoring even if you specified it in the SUSPEND MONITORING WHEN THESE APPLICATIONS ARE USED field on the Monitoring Settings > Monitoring Profile > Applications window. As a result, it would show up on the activity reports, such as BI Reports > Applications & Websites, Monitoring > Web Pages & Applications, etc.:
This seemed to happen only when the user was online.
The bug is fixed now.
Monitoring Settings: Websites Suspended from Monitoring Still Being Tracked
Due to a bug, sometimes a website might not get excluded from monitoring even if you specified it in the SUSPEND MONITORING WHEN THESE WEBSITES ARE VISITED field on the Monitoring Settings > Monitoring Profile > Websites window. As a result, it would show up on the activity reports, such as BI Reports > Applications & Websites, Monitoring > Web Pages & Applications, etc.:
This seemed to happen only when the user was offline.
The bug is fixed now.
Monitoring Settings: Disabling Password Field Monitoring Wouldn't Work Sometimes
Due to a bug, the MONITOR KEYSTROKES FOR PASSWORD FIELDS option (Monitoring Settings > Monitoring Profile > Websites) might get ignored when certain applications (e.g., MS Access, inora.exe, Data Maintenance.exe, etc.) were opened. As a result, even if you turned off the MONITOR KEYSTROKES FOR PASSWORD FIELDS option, password fields on websites might get captured. Additionally, other, unusual behavior might occur in those apps (e.g., cells getting duplicated).
The bug is fixed now.
Monitoring Settings: Option to Disable Password Managers not Working for the Opera Browser
Due to some recent changes introduced by Opera, the DISABLE BUILT-IN PASSWORD MANAGER OF KNOWN BROWSERS on the Advanced settings window (Monitoring Settings > Monitoring Profile > ADVANCED button) would no longer work for the Opera browser. The user would get prompted to save their password:
The bug is fixed now.
Monitoring Settings: Missing OCR Settings (Cloud)
Due to a bug, the OCR settings would be missing from the Cloud instances. The user would be unable to choose a language setting for the OCR and as a result, the Monitoring > OCR reports wouldn't show any data.
The bug is fixed now so the OCR settings will now be available under the Monitoring Settings > Monitoring Profile:
Settings: Agent LDAP Attributes wouldn't Stay Set
Due to a bug, the AGENT ATTRIBUTES TO USE FOR NOTIFICATIONS field on the Settings > Alerts screen wouldn't stay saved when the page was refreshed.
The bug is fixed now so that the option will stay persistent:
Settings: LDAP Password Confirmation wouldn't Work if the Accept Valid Certificate Option was Used
Due to a bug, if you used the Accept valid option on the Settings > Active Directory > LDAP CERTIFICATE VERIFICATION TYPE setting, and then used the LDAP password option for the CONFIRMATION METHOD FOR DASHBOARD CHANGES on the Settings > Security screen- the password validation wouldn't work even though a valid certificate was used:
The bug is fixed now.
User Menu: Email Instruction not Working (Cloud)
Due to a bug, clicking the E-MAIL INSTRUCTIONS TO ME link on the User Menu > Download Teramind Agent link wouldn't send the email. Instead, an error message, "Error occurred" would be displayed:
The bug is fixed now.
Agent/Monitoring: Revealed Agent Would Capture IMs When Not Active
Due to a bug in the network interception mechanism, the Revealed Agent would continue to capture IM activities even when the user stopped the Agent (by pressing the "Stop" button) and there were active tasks.
The bug seems to affect Agent versions 5.0 and 4.1 but other versions might be affected too.
The bug is fixed now so that the Revealed Agent will not monitor any IM conversations if it's stopped.
Agent/Monitoring: User Activities and Screen not Captured (Cloud)
Due to a bug, in rare situations, the Agent wouldn't be able to capture the screen or app/web activities even though the user would be shown online and the session time was tracked:
This could happen if the monitoring profile got deleted somehow (e.g., antivirus interference).
The bug is fixed now.
Agent/Monitoring: Meetings on RingCentral Not Captured
Due to some recent changes introduced by RingCentral, the Agent had been unable to capture online meeting activities on RingCentral. As a result, no incoming or outgoing meetings on RingCentral would be displayed on the Monitoring > Online Meetings report.
The bug seems to affect Agent version 6.1 but other versions might be affected too.
The bug is fixed now.
Agent/Behavior Rules: Email Addresses Condition on Content Sharing Rules would Cause the Agent to Crash
Due to a bug, if you used the EMail addresses condition on a Content Sharing rule, it would cause the Agent to crash when the rule was triggered:
The bug is fixed now.
Agent/Monitoring Settings: Invalid Values in the Network Monitoring Settings would Cause the Agent to Disconnect/Reconnect Continuously
Due to a bug, invalid values in the DO NOT TRACK THESE PORTS field on the Monitoring Settings > Monitoring Profile > Network window would cause the Agent to continuously disconnect and reconnect:
We fixed the bug so that from now on, invalid values in the field will be ignored and an "invalid port" error will be logged into the agent.log file:
Agent/Server: The Server would Crash when Agents Tried to Connect (On-Premise)
Due to a bug, the server would crash when the Agent was trying to connect to the server. The server log would show a trace error, "Missing kv_store value for key: log_every_audio_frame" and the Agent connectivity log would show an exception error, "No connection could be made because the target machine actively refused it":
The bug is fixed now.
Agent: Agent not Updating when Pressing the Update Button
Due to a bug, the Agent(s) wouldn't update when you pressed the UPDATE AVAILABLE! CLICK TO APPLY NOW button on the Settings > Autoupdate screen. It would change to the "AUTOMATIC UPDATE IS SET FOR VERSION XX.XX.XXXX" but then nothing else would happen and the Agent(s) wouldn't get updated:
The bug is fixed now.
Agent: Agent Update wouldn't Update the Network Driver
Due to a bug, updating the Agent wouldn't update the Teramind Network Driver (tm_filter.sys). Since the driver is responsible for most of the network services, any new features and bug fixes related to network monitoring wouldn't be available. It might also cause other unexpected issues.
The bug is fixed now so that the network driver will be updated as expected:
Notes
Hidden Agent:
On the Hidden Agent, tm_filter.sys is located in:
C:\ProgramData\{4CEC2908-5CE4-48F0-A717-8FC833D8017A}\<agent_version_number>\{5C18A32F-D3EA-47C1-BF9B-5C57A74BA535}\driver
Here, the <agent_version_number> is the Agent version number such as 23.39.1181
. So, an example would be:
C:\ProgramData\{4CEC2908-5CE4-48F0-A717-8FC833D8017A}\23.39.1181\{5C18A32F-D3EA-47C1-BF9B-5C57A74BA535}\driver
Revealed Agent:
On, the Revealed Agent, the tm_filter.sys is located in:
C:\ProgramData\Teramind Agent\23.37.1175\{CB18EB96-6327-4899-8994-B57A728A54AE}\driver\tm_filter\<OS>\<OS-bit>
Here, <OS> is the operating system. For example, windows8
, windows10
, etc. <OS-bit> can be either x64
or x86
. So, an example would be:
C:\ProgramData\Teramind Agent\23.37.1175\{CB18EB96-6327-4899-8994-B57A728A54AE}\driver\tm_filter\windows10\x64>
Agent: Installing the Hidden Agent After Removing a Previous Version Would Cause a Reboot
Due to a bug with the Teramind Agent Remover tool (teramind-remover.exe), if you removed a Hidden Agent and then tried to install the Agent again, it would cause a forced reboot by Windows.
This would happen because the remover tool wouldn't remove the tmfsdrv2_* folders from the driver store folder. For example:
\Windows\system32\DRVSTORE\tmfsdrv2_5CD96066DF37A3A17EE9312CA2B8190E7B0FDE9B
\Windows\system32\DRVSTORE\tmfsdrv2_5CD96066DF37A3A17EE9312CA2B8190E7B0FDE9B
...
The bug is fixed now so that the tmfsdrv2_* folders will be removed by the Teramind Agent Remover tool.
Agent: Auto-Update of the Agent Would Cause a Reboot
Due to a bug, during the auto-update process of a Stealth Agent or a Revealed Agent would cause a forced reboot by Windows.
The bug is fixed now.
Agent: High CPU Usage when Network Monitoring was Enabled
Due to a bug, both the Hidden and Revealed Agents would show high CPU usage especially when connecting to HTTPS sites or uploading/downloading large files.
The bug seemed to affect version 23.x but other versions might be affected too.
The bug is fixed now.
Agent: Performance and Crash Issues on Remote Desktop Hosts
Due to a bug, the Agent would crash, hang up apps, or cause other performance issues (e.g., high CPU usage) on RDS/VDI Servers (e.g., Windows Terminal Server, Citrix, etc.):
The bug is fixed now.
Agent: In Rare Situations, the Revealed Agent would Crash when Using Any Application
Due to a bug, in some rare situations, the Revealed Agent would crash after the user logged in and started any application. The bug seemed to affect version 23.37.x but other versions might be affected too.
The bug is fixed now.
Agent: The Hidden Agent would Sometimes Stop Monitoring the User
Due to a bug, the Hidden Agent could stop monitoring a user when they logged in after a shutdown/restart/logout event. As a result, the user might show offline on the Dashboard.
This could happen if the shutdown, restart, or log-out process didn't finish properly causing the Agent to become unstable.
This could especially happen on a virtual desktop (e.g., a Windows Hyper-V VM) but it could also happen on a host if any process/service got hung up.
The bug seemed to affect Agent version 23.37.x but other versions might be affected too.
The bug is fixed now.
Agent: Clipboard Monitoring Service not Stopped when Hidden Agent was Stopped
Due to a bug, the Clipboard Monitoring Service (clm.exe) of the Hidden Agent wouldn't stop when the Agent itself was stopped or exited.
The bug is fixed now.
Agent: The Agent Service would Fail to Start on Some Windows Versions
Due to a bug, the Agent Service (tsvchst) would fail to start on Windows 8.1 and Windows Server 2016 after the Agent installation. As a result, the computer/user wouldn't be monitored.
If you tried to check the service, with the command sc query tsvchst,
you would see an error message, "Service 'Service Host' (tsvchst) failed to start. Verify that you have sufficient privileges to start system services.":
The bug is fixed now.
Agent: The Revealed Agent would Crash Sometimes when Creating and Starting a New Sub Task
Due to a bug, the Revealed Agent would crash in some specific situations:
Start any task in the Revealed Agent
Archive current task branch from the Dashboard
Archive any other branch from the Dashboard
Create new task/subtask in archived branch from the Agent UI
Create new task subtask in any available branch from the Agent UI
The Agent would crash
The bug is fixed now.
Agent: Updating the Hidden Agent with TMENCRYPTION Option wouldn't Enable E2EE
Due to a bug, if you updated the Hidden Agent with the TMENCRYPTION=1
option, it wouldn't get saved to the Agent Configuration file (config.cfg). As a result, End-to-End Encryption (E2EE) wouldn't get enabled even though the Agent got updated.
The bug is fixed now.
Server: The Server would Crash due to UTF-16 Character in Camera Names
Due to a bug, if a webcam contained UTF-16 characters in its name, it would cause the server to crash on some instances.
The bug is fixed now.
Server: The Server would Crash due to MS Teams
Due to a bug, the server for a few customers would crash with a "QUERY FAILED: insert into voip_event" message due to the incorrect time reporting from MS Teams.
The bug was fixed with a hotfix.
UI: Date Selector would Change Date Ranges Unexpectedly
Due to a bug, if you clicked the "This Week" or "This Month" option on the Date Selector several times, it would change the date range automatically each time:
The bug is fixed now.
UI: Displaced Tooltips
Due to a bug, tooltips would be displayed in incorrect positions instead of showing it adjacent to the help icon:
The bug is fixed now.
UI: Displaced Bar Graph on the Time Cards Report
Due to a bug, the bar graphs on the Time Tracking > Time Cards report would be shifted by 2 hours forward compared to the actual session time:
The bug is fixed now.
UI/Session Player: Missing Page Explainer Icon
Due to a bug, the Explain this page icon would be missing from the Session Player:
The bug is fixed now.
[Mac] Monitoring/BI Reports: Some File Activities would be Captured & Reported Incorrectly
Due to a bug, some file operations wouldn't be captured properly by the Agent. For example, the full destination path wouldn't be captured for the Rename operation. Because of this, folder names would be shown as file names and, usually, an empty extension would be displayed on reports like BI Reports > File Events, Monitoring > File Transfers, etc.:
The bug is fixed now so the correct file names and extensions will be reported:
[Mac] Monitoring/BI Reports: No Websites Activity Report for the Opera Browser
Due to a bug in the URL parser, no activity report for the Opera browser would be displayed on reports like BI Reports > Applications & Websites, Monitoring > Web Pages & Applications, Employees > Employee's Details > Activity Log, etc.
The bug is fixed now so that the website activities on Opera will be displayed as expected:
[Mac] Agent/Monitoring Reports: Files Removal via the Bin not Captured
Due to a bug, sometimes the Agent would fail to track if you removed a file/folder via the bin (e.g., drag the file in the Bin or press the Command+Delete key, and then empty the Bin). As a result, the activity would be missing from reports like Monitoring > File Transfers or BI Reports > File Events.
This could happen if you had any shared files or folders on your Mac.
The bug is fixed now so that the removal operation will be captured and displayed on the File Transfers reports:
[Mac] Agent: Follow-on Links from a Web Page to Other Web Pages not Captured by the Network Extension
Due to a bug, the Network Extension (NetApp) wouldn't capture visits to any links from one webpage to other page(s). Teramind proxy certificate wouldn't be injected into the follow-on webpage(s). For example, if you visited https://bbc.com
and then clicked a news link that took you to https://bbc.com/news/world-australia-67340901
, the page would display the original certificate (e.g., from GlobalSign nv-sa) instead of the Teramind proxy certificate (Internet Widgits Pty Ltd):
Because of this issue, a Webpages-rule with the Webpage Url criterion like the one below might not work as expected:
The rule would get triggered when the user first visits the home page, https://bbc.com
. However, subsequent visits to follow-on links (e.g., https://bbc.com/news/world-australia-67340901
) wouldn't be triggered.
The bug is fixed now.
[Mac] Agent: Notifications wouldn't be Shown if the Agent was Running
Due to a bug, no system/app notifications would be shown if the Agent was running.
The bug seemed to affect both the Hidden and Revealed Agents on Agent version 226 and newer.
The bug is fixed now so that all notifications will be shown:
[Mac] Agent/Session Player: Artifacts in Offline Screen Recordings from the Hidden Agent
Due to a bug, offline screen recordings from the Hidden Agent would show artifacts such as black areas when played on the Session Player:
The bug seemed to affect Agent version 237 but other versions might be affected too.
The bug is fixed now.
[Mac] Agent: Network Extension Damage would Prevent Agent Uninstallation
Due to a bug, sometimes the Network Extension (NetApp) would become corrupted. The user would see some error messages pop up when trying to uninstall the Agent:
The Agent could only be deleted manually by restarting the Mac.
The bug is fixed now.
[Mac] Agent: Revealed Agent wouldn't Stop Tracking when the Switch User/Login Screen Opened
In some rare situations, the Revealed Agent on macOS 12 (Monterey) wouldn't stop tracking a user when the Switch User/Login screen was opened. The last logged-in user would remain active on the Dashboard when another user’s login screen was opened:
The bug is fixed now.
[Mac] Agent: the Agent would Crash After Resuming from a Locked Session
Due to a bug, sometimes the Agent would crash after resuming from a locked session. The log would show an EXC_BAD_ACCESS (SIGSEGV)
exception error.
The bug is fixed now.
[Mac] Agent: Some Applications wouldn't Work if Network Extension was Enabled
Due to a bug, some applications wouldn't work if the Network Extension was enabled. For example, the Opera browser's installer (stuck at the "Preparing" screen), Google Drive app (couldn't upload or download files), etc.
This could happen if the application had a conflict with the Agent's proxy certificate.
We made some changes so that these types of apps will be excluded from the proxy interception so that they will work as expected.
[Mac] Agent: Slow Internet Speed when Resolving DNS via a Zscaler Proxy
In some rare circumstances, the Agent might be unable to resolve the DNS via its own proxy. In such a situation, it had to rely on an external proxy server such as dns.google.com
to get the IP address. This would affect the internet speed.
This could happen if the remote DNS server was behind a Zscaler proxy but other proxies might cause this too.
The bug is fixed now.