Release Notes for Insights 25.1#

Release Overview#

These are the official release notes for:

  • Product: VOSS Insights

  • Release version: 24.2.1, 25.1

  • Release date: Mar 26, 2025

Release Details#

Supported Upgrade Paths#

  • Insights 24.2.x => 25.1

Download#

VOSS Insights 25.1 release, including Insights Arbitrator Hawaii 25.1, Insights Dashboard 25.1, and Insights DS9 Hawaii 25.1, is now available from the Downloads section of the VOSS Customer Portal:

  • Downloads > VOSS Insights > Insights Arbitrator Hawaii > 25.1

  • Downloads > VOSS Insights > Insights DS9 Hawaii > 25.1

  • Downloads > VOSS Insights > Insights Dashboard > 25.1

Customers that do not have access to the VOSS Customer Portal may contact the VOSS Customer Success Team.

Highlights#

Enhanced, User-focused Functionality#

Insights 25.1 ships with a number of small yet powerful updates to improve the overall experience:

  • Insights now alerts on expired Microsoft Teams tokens. Arbitrator’s Alert Analyzer displays and logs an alert when the Microsoft Teams client secret expires in Azure.

  • Support for GCCH Microsoft Graph endpoints means that Microsoft tenants using GCCH, DoD, and other environments requiring additional security can now modify their base URL (BaseURL) and specify the Login URL, if required.

  • A new API route has been added to support URL-based message posting, enabling external HTTP of alarms from outside systems to the Arbitrator.

New Probes and Reference Dashboards#

This release includes new probes and dashboards:

  • CISCO_SRST

  • WINDOWS_SNMP: A new SNMP probe and associated dashboards to enable SNMP monitoring of Windows-based devices. Entities monitored include available disk, system uptime, CPU, memory usage, Network IF Inbound/Outbound, active users, list of processes including process status, and process CPU consumption.

Security Updates#

This release includes a number of updates to improve the overall security of the Insights platform:

  • OpenSSH has been upgraded to version 9.9p2

  • The API login token expiration period has been reduced from one day to one hour

  • On logout, the JWT API token that authorizes access to the Insights APIs becomes invalid

  • All sshd overwrite configuration files will now be validated to detect deprecated ciphers when upgrading to Insights 25.1. For further details and a cautionary note for upgrades by customers using End-of Life (EoL) Cisco CUCMs, see the release notes for EKB-23213.

Features: Summary#

Insights Arbitrator Hawaii#

  • EKB-23944: Cisco SRST probe.

  • EKB-23589: OpenSSH upgrade.

  • EKB-23526: PostgreSQL upgrade.

  • EKB-23492: Invalidate JWT Token on UI logout.

  • EKB-23459: Reduce JWT API v2 token.

  • EKB-23447: Create an API to enable HTTP POST to Arbitrator.

  • EKB-23213: Upgrade script should test the validity of .override files. If they are invalid, then they should be reset back to empty files.

  • EKB-23014: Support GCCH Graph endpoints.

  • EKB-22783: Arbitrator Probe: Cisco Meeting Server.

  • EKB-22638: Increase control execution throughput.

Insights Dashboard#

  • EKB-19697: Deleting the Default Arbitrator Data Source breaks the data source selector drop down.

  • EKB-13559: Update JavaScript libraries - Highcharts.

Features: Detail#

Insights Arbitrator Hawaii#

  • EKB-23944: Cisco SRST probe. A new CISCO_SRST probe and associated dashboard has been added to Insights.

  • EKB-23589: OpenSSH upgrade. This enhancement upgrades OpenSSH to version 9.9p2 to update Insights security.

  • EKB-23526: PostgreSQL upgrade. This enhancement updates Insights to address CVE-2025-1094.

  • EKB-23492: Invalidate JWT Token on UI logout. Security update to invalidate JWT token upon logout.

  • EKB-23459: Reduce JWT API v2 token. This enhancement improves security by reducing the token expiration from one day to one hour.

  • EKB-23447: Create an API to enable HTTP POST to Arbitrator. This enhancement adds an API route to support URL-based message posting.

  • EKB-23213: Upgrade script should test the validity of .override files. If they are invalid, then they should be reset back to empty files. This enhancement introduces a validation process for all sshd overwrite configuration files on upgrade. If the configuration files contain deprecated ciphers, the upgrade automatically reverts the configuration files to a secure default configuration. However, customers utilizing End-of-Life (EOL) Cisco CUCMs should exercise caution, as these CUCMS still rely on the deprecated ciphers and may face compatibility issues if upgraded. It is therefore strongly advised that such customers refrain from upgrading to this release to avoid disruptions.

  • EKB-23014: Support GCCH Graph endpoints. This enhancement introduces basic support for alternative Microsoft cloud environments.

  • EKB-22783: Arbitrator Probe: Cisco Meeting Server. This enhancement adds a new probe to pull the status of Cisco Meeting Server.

  • EKB-22638: Increase control execution throughput. Parallel execution of control is added. This will improve throughput on busy systems, while also preventing a single controls timing and/or network issues from negatively impacting all other controls.

Insights Dashboard#

  • EKB-19697: Deleting the Default Arbitrator Data Source breaks the data source selector drop down. Stopped the ability to remove the Default Arbitrator as a data source , you can however still change the IP address of the default Arbitrator.

  • EKB-13559: Update JavaScript libraries - Highcharts. This security enhancement updates the Highcharts JavaScript library to the latest release.

Defects Fixed: Detail#

Insights Arbitrator Hawaii#

  • EKB-23746: Insights Audits to the Cloud not working. Fixes an issue so that the automatic upload of the license file is restored.

  • EKB-23730: Arbitrators - stopped processing alarms. Fixes an issue where message sending within the system was not automatically restored after encountering an error.

  • EKB-22689: Arbitrator/Dashboard- Fresh install - NDX screen 500 error. Fixes an issue where a network incompatibility causes the UI to not fetch results from the NDX screen.

  • EKB-22313: Insights: Export policy failure. Exporting CSV policies will include its rules Source Field: Alert Message, Asset Name, Raw log. The Source Field will be added to the columns at the end of each policy. When importing CSV policies via the UI with Source Field columns, it populates the Source Field according to its rule.

Insights Dashboard#

  • EKB-22951: Dashboard v24.2 theme management is broken, cannot modify or create new theme. Fixes an issue to now handle the error scenario where the theme configuration file is invalid, allowing the reporter to proceed with initialization.

  • EKB-21619: NetFlow protocol details not visible on Dashboard. Fixes the sflow enrichment task to properly tag the protocol information for sflow data.

Insights DS9 Hawaii#

  • EKB-22975: NetFlow data not showing up for couple of DS9 collectors. This fix implements an upgrade of Druid to the latest version so that NetFlow ingestion can continue to flow without intervention.