Skip to main content
Release 637 (2023-06-08)
A
Written by Arick Disilva
Updated over 8 months ago

New Features

Monitoring/Behavior Rules/Behavior Alerts: Camera

We have introduced a set of new features to track camera/webcam usage (see the *Notes below):

1. Camera Usage Monitoring Settings

The Monitoring Settings > Monitoring Profile > Camera Usage option allows you to toggle the camera tracking on/off. You can also set a monitoring schedule from its settings panel:

2. Camera Usage Monitoring Report

The Monitoring > Camera Usage report allows you to view a detailed report on the camera usage such as: Employee, Computer, Duration, Time Started (when the camera was activated/started), Time Finished (when the camera was deactivated/stopped), Name (name of the camera/webcam) and Application (app where the camera was used):

*Notes: The Camera Usage monitoring doesn't capture the video/audio directly. It just provides a way for you to track when the camera is being used, by whom, and in what apps. You can, however, view the user's screen and listen to the audio on the Session Player if the Screen and Audio recording is turned on.

3. Camera Behavior Rule

You will also see a new Camera option under the Type of Activities when creating an Activity-based rule from the Rules Editor screen:

This Camera rule supports two criteria:

  • Camera name: can be used to detect only select camera(s). If no camera name is used, then all cameras will be tracked.

  • Camera application name: can be used to detect which app(s) are using the camera. If no app name is provided, then all apps using the camera will be tracked.

Please note that the Camera rule doesn't support the Block action. All other actions such as Warn, Notify, Lock Out User, etc. are supported.

4. Camera Behavior Rule Alerts

Finally, you will be able to track all the alerts generated by the Camera behavior rules on the BI Reports > Behavior Alerts or the Behavior > Alerts reports:

mceclip4.png

Behavior Rules: New Networking Rule Criterion to Detect Local IPs

A new rule criterion, Local IP is added to the Activity-based Networking rules. It will help you detect local IP addresses. You can use the Match condition to enter individual IP addresses or the Match list condition and use a Network-based Shared List with it.

Behavior Rules: Option to Change the Number of Alerts Per Rule

Teramind already has an option (Settings > Alerts > MAXIMUM DAILY ALERTS COUNT) that helps you limit the number of alerts logged by Teramind for all rules.

Now, you can apply alert limits to each rule individually with the Choose maximum number of saved alerts per day. You can access this option from a rule's Action > Advanced Mode tab:

Select/enter the number of alerts in the field. If more than the specified number of alerts are triggered for this rule in a single day, Teramind will not save further alerts and the alerts will not appear on the BI Reports > Behavior Alerts or the Behavior > Alerts reports.

If you leave the field empty or use an invalid value (entering a string, a negative number, etc.) then no daily limit will be applied.

Monitoring: Online Meetings Support for Zoom Web

Previously you could track online meetings on the Zoom app. Now you can track online meetings on Zoom Web too:

Both the app and web-based meetings will show up as Zoom under the Monitoring > Online Meetings (Applications column) but on the Employee > Activity Log report, you will see the difference. For the app-based meetings, you will see the application name, e.g., zoom.exe in the Process/URL column and for the web-based ones, you will see the URL, e.g., us05web.zoom.us:

Employees: Options to Disable Self-Session Report & Self-Edit of Profile Information

We have introduced two options on the Employees > Edit Info/New Employee and Employees > Bulk Edit screens that will enable you to better control what an employee can view/edit when they log into their own dashboard:

  • Disable self session report: will disable the Monitoring > Sessions and BI Reports > Login Sessions reports for the employee.

  • Disable self edit: will disable the ability for the employee to edit their profile information such as names, email address, and phone number.

Note that if the Disable self session report option is checked but the employee is given the View sessions report access right (from the Configure > Access Controls screen), they will be able to see the sessions report for others but they will not be able to see their own report. Their name might still show up on the list of employees filter but there will be no data about them.

Computers: Option to Change Offline Notification Threshold

Currently, there's an option to send a notification email when a computer is offline. The notification is sent as soon as the computer went offline. We have added an option COMPUTER OFFLINE THRESHOLD to change this notification threshold.

You can change the notification threshold for multiple computers by selecting the computers from the Computers screen and then selecting the Enable notify when offline option from the Action menu. Or, you can change the notification threshold for a single computer by clicking the EDIF INFO button on the Computer's > Computer details screen:

You can specify the settings in seconds. The minimum and also the default setting is 180 seconds (3 minutes).

Notifications/Computers/Audit Reports: Ability to Find and Override the Causes of Blocked Updates

When updating the Agent remotely from the dashboard (Computers > Computer's details screen or Computers > Select Computers > Action Menu), sometimes the update might be blocked by Windows because of a pending reboot.

We have added new notifications on the Notifications screen that will display the reason(s) for the blocked updates:

At the same time, you will also see a button, UPDATE IS BLOCKED on the Computers > Computer's details screen for the computer where the update is blocked. Clicking the UPDATE IS BLOCKED button will show you a message explaining the reasons(s) for the block and ask you if you want to ignore them. If you press the CONFIRM button, the update operation will ignore the reasons and try to do the update:

You will also be able to see these events on the BI Reports > Audit and System > System Log reports:

Configure: Ability to Create Custom Productivity Categories

We are introducing a new feature that will allow you to create custom productivity categories and apply them to classify apps/websites.

You can create new categories and manage existing categories from the Configure > Productivity categories screen:

Once you have created the categories, you can use them to create productivity classification rules and add them to a productivity profile from the Configure > Productivity profiles screen:

The categories will show up under the Classification column on the relevant BI reports such as the BI Reports > Applications & Websites report. You will also be able to use the categories/classifications on the filters, classify apps/websites directly from the report, use them in a widget, etc. - the same way you would use the built-in categories:

System: Option to Delete Exported Videos

We have added a Delete option to the System > Video export screen that will allow you to delete an exported video or remove ongoing exports from the queue:

Monitoring Settings: Ability to Record Audio Only in Select Applications

We are introducing a new feature, that will let you capture audio only when the microphone is used by select applications. You can control this from the MONITOR WHEN THESE APPLICATIONS USE MICROPHONE field on the Monitoring Settings > Monitoring Profile > Audio window:

mceclip2.png

You can use the following in the field:

  1. Empty/No Value: audio will be recorded continuously, in all applications even if the input/output (I/O) device is not actually in use.

  2. All: will record the audio in all applications, but only if the I/O device is currently in use.

  3. Executable File Names/Apps: will record the audio in the specified applications and only if the I/O device is currently in use.

  4. Text List/Regexp List: similar to the third option except that it will match the applications in the shared list.

Settings: Ability to Import Custom Configurations for Active Directory Synchronization (On-Premise)

We have added support for importing custom configurations to the Active Directory (AD) integration.

Once activated, a field named IMPORT CONFIG will be displayed on the Settings > Active Directory tab. You can add the configuration text directly in the field or click the UPLOAD CONFIG button to upload a JSON file. You can press the DOWNLOAD CONFIG button to download the existing configuration:

Once the configuration is loaded and verified, you will be able to start the import process as usual.

A new Docker image as well as detailed instructions will be provided that will allow you to activate this feature.

Settings: Option to Disable the Authentication Confirmation for Dashboard Changes

Currently, a admin/privileged user is required to confirm changes to some settings on the Teramind Dashboard. The authentication method to confirm the changes can be set from the CONFIRMATION METHOD FOR DASHBOARD CHANGES setting under the Dashboard authentication section on the Settings > Security tab.

We have introduced a new option, Disable to the list of available authentication methods:

If you choose this option, the Dashboard will no longer ask to confirm any changes.

Integrations: New SIEM Event for Tracking Custom Business Processes

Teramind can implement customized Business Process Optimization features such as in-app field parsing, scriptable rule logic and custom reporting as part of our Professional Services offering.

We have added a new event, BUSINESS PROCESS that will help you capture any custom Business Process Optimization (BPO) related activities. You can access it when creating a SIEM integration from the Settings > Integrations screen:

As an example, here's a BPO implementation demo that shows how a financial services customer might track the client management workflow on their specialized financial software:

Teramind is then used to monitor user activities on the portal to detect fraudulent account activities such as an abnormal number of searches for a particular client, unauthorized editing of sensitive fields, too much time spent completing a workflow, etc. The data is then captured and sent to a Splunk integration:

mceclip2.png

To learn more about our BPO offering and professional services, please contact [email protected].

UI: Notification About the Availability of New Agent Versions (On-Premise)

If you update your On-Premise server with a new Teramind Update package (TMU) and the TMU includes a new version of the Teramind Agent, you will see a notification on your Teramind Dashboard:

This way, you will be able to easily tell when a new Agent is available without having to check the Self-Hosted Portal or release notes.

Revealed Agent: New App Launch Parameters

From Windows Agent 13.0, we have added support for a few new command line parameters to the Revealed/Visible Agent that can be used when launching the Agent to automatically log in a user and start a predefined task. This might be useful in situations where you want to run the Agent from another application or script. For example, if you already use a time-tracking application and still want to use Teramind for tracking detailed user activities and recording the screen.

Here is the list of the new launch parameters:

Launch Parameter

Description

--run

Runs the Agent without the tsvchst service.

--router <address>

<address> is the domain name or IP address of your Teramind instance.

--username <username>

<username> is the username/login ID of the user.

--password <password>

<password> is the user's password.

--task-id <id>

<id> is the task ID.

--hide-ui

Hides the Agent window/UI and any messages that the Agent might display.

--hide-reconnecting

Hides only the reconnect messages.

For more information about these parameters and how to use them, please check out this how-to article.

Server: New Function to Remove User Data to Meet GDPR Compliance (On-Premise)

We have added a new function, remove_user_data_ex to the Teramind standard Perl script, tm.pl that comes with the On-Premise deployment package. This function will help you easily remove users’ data to meet GDPR compliance such as Right to erasure / Right to be forgotten (i.e., Article 17 and 19).

For more information on how to use this function, please check out this how-to article.

[Mac] Support for Network Monitoring Settings

In Mac Agent 1.233, we introduced support for Networking monitoring on Mac. But the Agent didn't support changing the monitoring settings of the Network.

Now, you can configure the following from Monitoring Settings > Monitoring profile:

mceclip1.png

Here are a few things to note about the Network settings:

  1. If you turn off the entire NETWORK monitoring - no certificate will be injected, no network tracking will take place, and Network-based behavior rules will not work.

  2. If you turn off the SSL option, but leave the TRACK NETWORK CONNECTIONS option on, then packets will be intercepted back and forth, Teramind proxy certificate will not be injected.

  3. If you turn off the TRACK NETWORK CONNECTIONS option, no network activities will be tracked. However, the Teramind proxy certificate will be injected. Websites and other network-based interceptions will work. Network-based behavior rules will work too.

[Mac] Support for Offline Recording

We are adding support for the offline recording feature on Mac Hidden/Stealth Agent. This can be enabled/disabled from Monitoring Settings > Monitoring profile > Offline Recording:

Note that currently only the OFFLINE RECORDING BUFFER LENGTH (HRS) option is supported on the Offline Recording settings panel. It allows you to specify how long the Teramind Agent will continue to record user actions while the user is disconnected from the internet or Teramind server. The default value is 24 hours.

[Mac] Support for Dashboard-Based Remote Uninstallation of the Hidden/Stealth Agent

You can now uninstall the Hidden/Stealth Agent remotely from the Dashboard. You can do it from the Computers or the Computer's Details screen:

To do it from the Computers screen:

  1. Select one or more computers by clicking the Check Marks in front of their names.

  2. Click the Computer Action Menu (where it says Select action) on top and select the Uninstall Agent from PC option.

To do it from the Computer's Details screen:

  1. First, click the name of a computer from the Computers screen. Then, press the UNINSTALL AGENT FROM PC button.

If the Mac is online, it will be removed shortly. If it's offline, it will be removed when it comes online.

[Mac] Support for Shared Lists

We have added support for Shared Lists in Behavior Rules and Monitoring Settings.

You can create a Shared List by clicking the Create list button on the Configure > Shared Lists screen:

Using Shared Lists in Behavior Rules

Once a list is created, you can use it with any rule criteria that accepts a List condition (e.g., the Equals list condition of the Application Name criteria in the example below):

Using Shared Lists in Applications Monitoring Settings

Once the lists are created, you can use them in the Monitoring Settings > Monitoring Profile > Applications settings panel:

mceclip3.png

Shared lists are supported in the following settings:

  • MONITOR ONLY THESE APPLICATIONS - if you add shared list(s) here, the Agent will monitor only the apps listed in the shared list(s), plus any other apps specified in the field.

  • SUSPEND MONITORING WHEN THESE APPLICATIONS ARE USED - - if you add shared list(s) here, the Agent will suspend the monitoring of any apps listed in the shared list(s), plus any other apps specified in the field. Suspend also means, it will not capture any keystrokes for the apps and it will blackout the app windows in the video recordings or during the live view mode (see the Dynamic Blackout section on the User Guide for more information).

  • SUSPEND KEYSTROKE MONITORING WHEN THESE APPLICATIONS ARE USED - if you add shared list(s) here, the Agent will not capture any keystrokes from any apps listed in the shared list(s), plus any other apps specified in the field.

[Mac] Revealed Agent: New App Launch Parameters

From Mac Agent 1.239, we have added support for a few new command line parameters to the Revealed/Visible Agent that can be used when launching the Agent to automatically log in a user and start a predefined task. This might be useful in situations where you want to run the Agent from another application or script. For example, if you already use a time-tracking application and still want to use Teramind for tracking detailed user activities and recording the screen.

Here is the list of the new launch parameters:

Launch Parameter

Description

--router <address>

<address> is the domain name or IP address of your Teramind instance.

--username <username>

<username> is the username/login ID of the user.

--password <password>

<password> is the user's password.

--task-id <id>

<id> is the task ID.

--hide-ui

Hides the Agent window/UI and any messages that the Agent might display.

For more information about these parameters and how to use them, please check out this how-to article.

Improvements

BI Reports: Hiding Deleted Users from the BI Report Filters

We made some changes to the BI reports so that deleted users will no longer show up on the BI Reports > Filter > Employees filter.

Monitoring: IPv6 Support for MS Teams and Zoom

We are introducing IPv6 support for Zoom and MS Teams. This will include capturing app/web activities, online meetings and instant messaging monitoring of both the app and web versions of Zoom and MS Teams.

Monitoring Settings: Ability to Detect Special Password Fields

We have updated the MONITOR KEYSTROKES FOR PASSWORD FIELDS option (found on the Monitoring Settings > monitoring profile > Websites window) so that it can now detect form fields in a webpage with the webkit-text-security CSS property.

mceclip1.png

This non-standard CSS property is used in some sites or web applications to mask password inputs or other sensitive text in HTML form fields such as <input> or <textarea> by replacing them with a shape (e.g., circle, square, disc, etc.). Note that this property isn't supported on Firefox.

Websites monitoring will now be able to detect these fields and let you track the webpage or suspend its monitoring.

Computers: Delete Recordings Option Removed from the Cloud Instances (Cloud)

The OVERRIDE: DELETE RECORDINGS OLDER THAN (DAYS, 0 MEANS USE USER'S PROFILE) option on the Computers > Edit settings window wouldn't work on Cloud instances:

mceclip0.png

The option was originally implemented for On-Premise deployments only. We removed this option from the Cloud instances to avoid confusion.

Configure: Removal of the Storage Report from the Access Control Screen

We have removed the Storage Report previously available under the Access Widgets section on the Access controls screen. It was never intended to be displayed as a widget.

You can still access it from https://<your instance>/#/reports/storage. For example, https://acme.teramind.co/#/reports/storage.

System Log: Improved Logging of Computer Actions

Before this improvement, computer actions (e.g., delete, disable monitoring, restore, etc.) were logged inconsistently on the System > System Log report for the same action but executed on different screens (e.g., Computers > Action menu vs. Computers > Computer's details). Furthermore, additional details were missing from the activity log.

Here's how the System Log report looked like when capturing actions from the Computers > Action menu:

Here's how the System Log report looked like when capturing actions from the Computers > Computer's details screen:

After the improvements, the System Log report will now show similar information for the same computer actions whether taken on the Computers screen or the Computer's details screen. It will also display additional relevant details such as which computer was affected, etc.:

UI: Notification About OCR Availability

Currently, if your instance doesn't have the OCR feature enabled, an icon is displayed in the menu and showing in a tooltip that you need to contact support in order to enable OCR.

We made improvements to this notification so that, the OCR menu item is now clickable, and when it opens, the UI will let you:

  • contact support to enable the OCR feature

  • provide you a way to upgrade to Teramind UAM or Teramind DLP (which have the OCR feature) if you are currently using Teramind Starter

UI: Updates to Main Menu on Teramind Starter

Currently, on Teramind Starter, some main menu items show a special arrow icon when a feature isn't available. However, in some cases, only a sub-menu item/feature might not be available. Yet, the icon makes it look like the entire main menu is unavailable.

We made changes so that if only some of the sub-menu items aren't available under a main menu item, the main menu item will still be accessible. Only the unavailable sub-menu items will be highlighted with the arrow icon:

mceclip2.png

Bug Fixes

Time Tracking/Access Control: Employee with the Right Privilege Unable to Edit/Delete Time Entries

A privileged employee with the right access control policy (e.g., View Time card report and Edit work hours) should be able to add/edit/remove time entries of target users they are assigned to. However, due to a bug, when such a privileged employee tried to edit the time from the Time Tracking > Time Cards screen, they would receive the Forbidden error message:

blobid0.png

The bug is fixed now.

Dashboards: The User Icon would Change when Webpage is Refreshed

You might have noticed that sometimes the user icons on the Dashboards (e.g., on the ONLINE EMPLOYEES widget) would change when your refresh the webpage:

The correct display should be:

  • show an image avatar if a profile image exists for the user

  • show abbreviation if First Name/Last Name exists for the user

  • show the default avatar icon if there is no profile image, First Name or Last Name for the user.

The bug is fixed now so that the icons are displayed properly.

Dashboards: Date Selector would Show Incorrect Dates on Page Refresh

You might have noticed that sometimes, the Date Selector/Calendar on top of a report shows incorrect start/end dates when the page is refreshed:

mceclip4.png

The bug is fixed now so that the dates should display correctly when the page is refreshed.

Dashboards: Extra Elements on Printed Documents

Due to a bug, when you tried to print (i.e., using the CTRL+P / CMD+P command on the browser) any screen from the Dashboard, the document would have extra elements such as the report title, info icon, chat button, etc.:

The bug is fixed now so that these extra elements will no longer show up on the printed document.

BI Reports: Employees Using the Web Tracker not Listed on the BI Reports Filter

Due to a bug, employees who are using only the web-based time tracker (Time Tracking > Tracker) aren't shown on the list of employees on the BI Reports > Filters > Employee filter. Only employees using the Teramind Agent are listed. The bug is fixed now.

BI Reports: Web File Events not Showing Any Data

In some rare circumstances, the BI Reports > Web File Events would show an empty report. The bug is fixed now.

BI Reports: LDAP Group Filter not Applied to Exported Reports

Due to a bug, LDAP Group filters applied to a BI Report might not be applied to the scheduled reports (Export > Schedule report). For example, in the screenshots below, you can see that two LDAP Groups are applied to the report. As expected, the report on the dashboard shows information for two employees. However, the exported report shows all employees:

mceclip0.png

The bug is fixed now.

BI Reports: Reset Columns would Remove All Columns from the Grid Widget

Due to a bug, if you reset the columns (hover over a column, click the Sandwich menu > Reset Columns) on a Grid widget, it would remove all the columns or add some random columns and remove all the data except for a single row:

The bug is fixed now.

BI Reports: Filter Reset would Throw an Error on the Browser Console (Cloud)

Due to a bug on some versions of the Cloud instances would throw an error, "Unrecognized data set: brush_store" on the browser's console when you pressed the RESET button on a BI report's Filter panel:

The bug is fixed now.

BI Reports/Monitoring: Thai Characters not Rendered Properly in PDF Reports

Due to how texts are rendered in PDF reports, Thai characters wouldn't render properly when a BI report is exported as PDF:

The bug is fixed now.

Behavior Rules: Content not Detected Properly for Some Rules

Due to a bug in how certain contents (e.g., phone numbers) are detected by the Agent, a rule like the one below wouldn't work properly, i.e., it would trigger randomly, generate false alerts, miss some contents, etc.:

The bug is fixed so that this type of content will be detected properly and the rule will trigger as expected.

Behavior Rules: Idle Criteria not Working

Due to a bug, Agent Schedule rules containing the Idle criteria like the one below wouldn't get triggered:

This seems to affect 7.0 or newer versions of the Agent.

The bug is fixed now.

Behavior Rules: Extra Condition Automatically Added to the Agent Schedule Rules

Due to a bug, in some circumstances, extra conditions would be added to an Agent Schedule rule containing an Idle condition like the one below:

The bug is fixed now.

Behavior Rules: Some Rules wouldn't Trigger

Due to a bug, a simple rule like the one below wouldn't get triggered on some computers:

The bug is fixed now.

Behavior Rules: Rule Tags Shown with the Policy

Rule tags are only shown with a policy when the policy is collapsed.

When a policy is expanded, rule tags should be shown with the corresponding rules only:

However, due to a bug, all rule tags were shown with the policy and not with the rules, even when the policy is expanded:

The bug is fixed now so that rule tags will be shown at their correct position.

Behavior Rules: Notify Action's Emails Delayed

Due to a bug, notification emails from the Notify rule action would get delayed, sometimes by several hours:

The bug is fixed so that notification emails should arrive within a few minutes of the rule violation.

Behavior Rules/BI Reports: Some Content Rules Missing Alert Description and Notification Email

Due to a bug, some rules wouldn't generate an alert description and the email notification email wouldn't be sent (if used with a Notify action). As a result, the Description column on the BI Reports > Behavior Alerts or the Behavior > Alerts reports would be empty:

Behavior Rules/BI Reports: Some Content Rules Missing Alert Description and Notification Email

Due to a bug, some rules wouldn't generate an alert description and the email notification email wouldn't be sent (if used with a Notify action). As a result, the Description column on the BI Reports > Behavior Alerts or the Behavior > Alerts reports would be empty:

The bug is fixed now so that the alert description will be shown properly on all reports and notification emails sent.

Monitoring/Behavior Rules: Email Addresses in Outlook Distribution Lists not Detected

Due to a bug, email sent to a distribution list (contact list) wouldn't detect the email addresses in that distribution list:

This might also cause behavior rules using the distribution list or emails from that distribution list to generate false positives or other unpredictable behavior.

The bug was reported in Outlook 2016 but other Outlook versions might be affected too.

The bug is fixed now so that email distribution lists will be properly detected.

Monitoring/Behavior Rules: Email Sent from an Outlook Shared POP Account wouldn't Get Captured Properly

Due to a bug, emails sent from a POP account from the Outlook 365 desktop app wouldn't capture the email address. It would just capture the Display Name/Label of the email account. For example, if you had an account with the display name Investor Relations and the email address for the account was [email protected] Teramind would just capture Investor Relations instead of Investor Relations <[email protected]>:

mceclip3.png

As a result, any behavior rules relying on that email address wouldn't get triggered, generate false positives or other unpredictable behavior.

The bug is fixed now.

Monitoring: IM Activities on LinkedIn not Captured

LinkedIn recently changed the data format for messages in the LinkedIn Messenger. As a result, some customers were unable to capture any of the LinkedIn activities on the Monitoring > IM report.

The bug is fixed now.

Monitoring: Agent wouldn't Capture Cyrillic Text from Google Chat

Due to a bug, Cyrillic alphabets such as those used in Russia, Bulgaria, Ukraine, etc. wouldn't get captured by the Agent from Google Chat conversations:

The bug seems to affect Windows Agent 6.1 but other versions might be affected too.

The bug is fixed now so that Cyrillic alphabets are captured properly.

Monitoring Settings: Password Still Captured when Password Field Monitoring is Turned Off

In some specific situations, password fields on a website would get captured even though the MONITOR KEYSTROKES FOR PASSWORD FIELDS option is disabled on the Monitoring Settings > Websites.

This could happen if you entered a wrong password, reloaded the webpage, and then entered the password again.

The bug is fixed now.

Monitoring Settings/Session Player: Suspend Monitoring Feature not Working for Edge Browser Widgets

Due to a bug, SUSPEND MONITORING WHEN THESE WEBSITES ARE VISITED option on the Monitoring Settings > Select Monitoring Profile > Websites: Edit settings screen wouldn't work for sidebar widgets on the Microsoft Edge browser. As a result, the widget wouldn't get blacked out on the screen recordings or live view on the Session Player. In the example below, the Outlook sidebar should be blacked out on the Session Player but it's still shown:

The bug is fixed now.

Session Player: Username not Displayed Sometimes

Due to a bug, the username sometimes wouldn't display on the Session Player, when it's loading. Instead, the "No name" text would be displayed in the username field:

The bug is fixed now.

Session Player: Video not Loading when Rewinding

Due to a bug, in some rare situations, the Session Player would show an error. "Can't load video" when the Rewind button is pressed:

The problem was first encountered on AWS deployments, but On-Premise and Cloud deployments might be affected too.

The bug is fixed now.

Productivity: Productivity Overview Report would Show an Error when Time Zone is Changed

The Productivity > Productivity Overview report would show the error message, Cannot set properties of undefined (setting '6') or Internal Server Error if the user changed their time zone:

The bug is fixed now so the productivity report would work as expected.

Productivity: Productivity Overview Report would Show an Error when LDAP Filter is Applied

The Productivity > Productivity Overview report would show the error message, Internal Server Error when the LDAP Attribute filter is applied:

The bug is fixed now so the productivity report would work as expected.

Employees: Resend Invitation Button not Available

Due to a bug, the RESEND INVITATION button on the employee's profile wouldn't be displayed. The bug is fixed now so that the button is displayed as expected:

Employees: Profile Image/User Avatar wouldn't Get Saved

Due to a bug, sometimes uploading an image to the employee's profile wouldn't save the image resulting in a missing user avatar. The bug is fixed now.

Employees: Distorted Avatars when Profile Image Updated

In some situations, the avatar might get distorted (e.g., stretched/skewed) when an image is uploaded from the Employee's profile (Employees > Select an employee > EDIT INFO):

The bug is fixed now.

Employees: Invalid File Type Error on Edit Profile Window

If for some reason, the user avatar failed to load, an error message, "Invalid file type" would be displayed on the Employees > Select an employee > EDIT INFO window:

The bug is fixed now.

Computers: Offline Notification Setting wouldn't Get Saved

Due to a bug, changing the NOTIFY WHEN OFFLINE option (available under the Computers or the Computer's Details screen), wouldn't get saved. After clicking the Save button, it would show the "Changes saved" message but you would notice a "400 Bad Request" error on the browser's network log:

The bug is fixed now.

Configure: Department Manager Unable to See Department Members

Due to a bug, a user with the Department Manager role might be unable to view the list of employees under his/her department (Configure > Departments > Department page screen) even though the List of departments screen shows the there are employees in the department:

The bug is fixed now.

Configure: Schedule Template not Saved for Positions

Due to a bug, if you created a schedule template from the Configure > Schedules > Templates screen and then tried to assign it to a new position from the Configure > Schedules > Positions screen, the ASSIGNED SCHEDULE TEMPLATE dropdown list wouldn't show the template.

The bug is fixed now.

Configure: Unable to Add Productivity Profile Rules (Cloud)

Due to a bug, you might be unable to add productivity profile rules from the Configure > Productivity Profile screen. When you tried to create a rule by clicking ADD NEW RULE button, the Set value list would get stuck on the "Searching..." message and nothing else would happen:

The bug is fixed now.

Configure/Settings: Access Control not Working for some AD Groups

Due to a bug, when assigning an access control policy to an Active Directory Group from the Configure > Access control screen, the policy might not work as expected. This could happen if the AD group had any indirect children.

The bug is fixed now.

Monitoring Settings: Option to Exclude Processes from DLP Tracking not Working Properly

The DON'T TRACK DLP FOR PROCESSES field on the Monitoring Settings > monitoring profile > Advanced window allows you to whitelist (exclude) processes from being monitored by the Agent. However, due to a bug, it was inserting additional characters, \??\ at the beginning of each process path causing the option to not work properly (this can be seen on the Agent log file):

Agent log file:

<...>
[2023-Jan-13 09:17:22.653617] [driver_events 6] [debug] [FileDriverLogMessages]  ComplexLogMessage: [2023-01-13 09:17:22.652] [Common::SESSION/SessionItem::SetConfig/96] [3632/14312] white_list_processes[4]: \??\svchost.exe

The bug is fixed now so the option should be working as expected.

System/BI Reports: Report Export would Fail in Rare Situations

Report exports from the BI Reports would fail in some rare situations. This could happen especially if you had a slow network or busy server causing a timeout. If this happened, the Status column on the System > Report export screen would show a "Failed" message:

mceclip1.png

The bug is fixed now.

System/Session Player: Video Export would Fail in Rare Situations

Video exports from the Session Player would fail in some rare situations. This could happen especially if you were exporting a long video (e.g., 10 hours or more). If this happened, the Status column on the System > Video export screen would show a "Failed" message:

The bug is fixed now.

System/Session Player: Video Export Links in Emails wouldn't Download the Video

When you export a video from the Session Player player, you can specify an email address to receive the download link. However, due to a bug, the download link wouldn't let you download the file. Instead, it would just take you to the System > Video export screen:

The bug is fixed now.

System/Settings: Active Directory Settings Changes not Captured on the System Logs

Due to a bug, details of any changes made to the Settings > Active Directory tab weren't captured on the System > System log report. When you clicked the Click here to view details link, it would show an empty window:

The bug is fixed now so the result should look something like this:

Settings: New Employee Monitored even when the New Agent Monitoring Option is Disabled

Due to a bug, new employees would still get enrolled in monitoring even when the ENABLE MONITORING FOR NEW AGENTS BY DEFAULT option under the Settings > Agent defaults screen is disabled:

The bug is fixed now.

Settings: Wrong Time Displayed for Mexico City Time Zone

Due to a bug, when you selected America/Mexico_City from the TIMEZONE list on the Settings > Localization screen, the wrong time would be displayed (e.g., instead of UTC-6 hours it would display UTC-5 hours) causing incorrect time calculations on various reports:

The cause behind this bug is the recent changes to Mexico's Daylight Saving Time (DST) policy.

To fix the bug efficiently and in a timely manner, we made changes so that you will no longer see the America/Mexico_City on the TIMEZONE list. Existing customers in this location will be automatically converted to America/Managua. New customers can choose the same city or any other location that matches Mexico City's time zone.

Hidden Agent: The Agent would Start Monitoring Users Before They Log Into Windows

If you had the RECORD LOCKED SESSIONS enabled under Monitoring Settings > Select a monitoring profile > Screen, the Agent would sometime start monitoring a user even before they log into Windows.

The bug is fixed now so that the user will only be monitored after they log into Windows.

Agent: Agent would Crash Randomly with a Fatal Error

Due to an internal bug, the Agent would crash sometimes. It would show the following error code in the crash dump log:

Fatal Error: EXCEPTION_ACCESS_VIOLATION_READ / 0xc

The bug is fixed now.

Agent: Update would Fail for Older Versions of the Protected Agent

Due to a bug, updating a Protected Agent would fail. This would include the auto-update (Settings > Auto Update) and remote update from the Dashboard (Computers > action menu > Update Agents):

This seems to affect 6.1 or older versions of the Hidden/Silent Agent.

The bug is fixed now.

Agent: Incompatibility with Palo Alto Networks Products would Affect Network Speed

It was discovered that Teramind Agent has some compatibility issues with Palo Alto Networks' PANGP filter driver component, which is a part of some Palo Alto Networks products such as GlobalProtect.

Due to this incapability, when the Agent is running, the network performance would degrade, especially the internet download speed.

The bug is fixed now so that Teramind Agent will no longer slow down the network when used with any Palo Alto Networks software.

Agent: Custom DNS Name Parameter not Injected Properly

Due to a bug, the TMDNSNAME installer parameter (dns-name parameter in the Agent configuration file) wasn't being inserted into the web pages. The bug is fixed now so it's working as expected:

For more information about this parameter and others, please check out:

Agent/Behavior Rules: Agent would Crashes due to Content Sharing Rules

Due to a bug in the multilingual module, the Agent might crash in a few rare cases when a Content Sharing rule is active. The bug is fixed now.

Agent/Monitoring: Audio and/or Network Lags when Using the Revealed Agent

You might have noticed periodic network and/or audio lags when using an online meetings application such as Zoom, Skype, Softphone, etc. when the Revealed Agent is running. This could happen even when the Audio or Screen monitoring options are turned off.

The bug is fixed now.

API: Incorrect Response when Deleting Agent Without an ID

When you send a DELETE request with a 0 or null value as the agent ID, the server returns a 500 Internal Server Error response:

mceclip1.png

The bug is fixed now so the correct response, 404 Not Found will be returned:

API: PUT and PATCH would Fail Sometimes

Due to a bug, PUT and PATCH methods for /agent/:id would fail with HTTP 500 error:

The bug is fixed now.

API: Error when Sort Parameter is Used in Search

When you executed the search API request with a sort parameter like the one below, it would return an error, "error": search_phase_execution_exception: all shards failed.

curl --location --request POST 'https://acme.teramind.co/tm-api/mining-data/search' \
...
... {
"query": {"term": {"app": "notepad.exe"}},
"sort" : [{ "timestamp" : {"order" : "desc"}}],"size": 100
}

The bug is fixed now.

Other: Password Reset Link not Working for Some Users

Due to a bug, when a user clicked the Forgot your password? option on the login page, it wouldn't send the password recovery email to the user. This would usually happen to users who had been using an older version of the Agent.

The bug is fixed now.

Other: Unable to Log In when Some Special Characters are Used in Redis Password

In a multi-node deployment, configuring the Redis password might make it impossible to log in to the Dashboard either with a local or AD-synced account.

This may happen if some special characters are used in the password. The bug is fixed now.

[Mac] URL not Captured on Safari Fullscreen Mode

Due to a bug, the Agent would fail to capture the Full URL of a website when Safari is in Fullscreen mode. As a result, on reports like the Employee's Activity Report, the Process / URL column would just show the system name of the application (e.g., com.apple.safari) instead of displaying the main URL/website (e.g., www.abc.com). Additionally, the App/Webpage column would just show the name of the application (e.g., Safari) instead of the webpage title (e.g., ABC News - Breaking News, Latest News and Videos):

The bug is fixed now.

[Mac] Artifacts in Grayscale Screen Recordings

Due to a bug, if you turned on the GRAYSCALE option on Monitoring Settings > Monitoring Profile > Screen: Edit Settings window, thin black vertical stripes would appear and vanish on the video as screen contents change:

The bug is fixed now so that no artifacts are visible on grayscale screen recordings.

[Mac] The Agent would Capture Keystrokes in Applications when it shouldn't

Due to a bug, the Agent would capture keystrokes when it's not supposed to. For example:

  • When Applications monitoring is completely turned off

  • When certain applications monitoring is suspended/turned off

  • Continue to capture keystrokes beyond the monitoring schedule, etc.

The bug is fixed now.

[Mac] The Agent would Make Wrong Auto-Update Requests

The auto-update of the Agent might fail due to an incorrectly formatted URL. The bug is fixed now.

[Mac] The Hidden Agent would Incorrectly Record Sessions when Switching Users on M1 Mac

Due to a bug, the Hidden/Stealth Agent would continue to calculate the session for an inactive user when the user switches to another account on an M1 Mac. Here's the scenario:

  1. Suppose you have two user accounts, A and B. For account A, monitoring is enabled and for B monitoring is disabled.

  2. Login to account A then switch to account B without logging out from account A.

  3. On the Teramind Dashboard, you will notice that account A is still shown as active even though the screen recording is frozen.

The bug is fixed now so that the session calculation should stop as soon as the user switches to account B and resume when they switch back to account A.

[Mac] The Revealed Agent would Crash when Stopped from Reconnecting

Due to a bug in the offline screen recording feature, the Revealed/Visible Agent would crash when the user presses the Stop button while the Agent is trying to reconnect (e.g. when the network connection is lost). The crash would usually happen when the user changed the application focus. An error, "Teramind Agent quit unexpectedly" would be displayed when this happened:

quit.png

The bug is fixed now.

[Mac] Revealed Agent would Crash when Connecting from Multiple Computers

Usually, when a user logs in from two computers simultaneously, they will be logged out automatically from the first computer and a message, "You were signed out by server" will be displayed on the first computer's screen. However, due to a bug, the Agent would crash just after displaying the auto sign-out message (as soon as the user changed focus from the application window).

An error, "Teramind Agent quit unexpectedly" would be displayed when this happened:

quit.png

The bug is fixed now.

[Mac] Time Tracking Issues with the Revealed Agent when the Mac is Locked/Unlocked

If a user locks their Mac (e.g., Apple Menu > Lock Screen) when a task is running on the Revealed Agent, it should stop the task but continue to track time (as a locked session). When the user unlocks the Mac, the Agent should connect to the server and restart the previously running task.

However, due to a bug, this expected behavior wouldn't happen. Instead, the Agent would stop tracking the time as soon as the user locks the screen and it wouldn't let the user start any task after they log back in.

The bug is fixed now.

Did this answer your question?