The XDR Collectors major release for Windows 1.5.2.2326 and Linux 1.5.2.2173 was released as part of the following releases of Cortex XSIAM:
- 3.4 on January 28, 2026
The following table describes the changes integrated for this release:
ISSUE |
DESCRIPTION |
|---|---|
CPATR-32437, CPATR-32546, CPATR-32547 |
Upgraded the SQLite package to version (3.50.4) for both Linux and Windows XDR Collectors. This update addresses known vulnerabilities on previous SQLite versions. |
CPATR-33046 |
Resolved an issue where XDR Collectors failed to start at initialization due to a third-party package. |
CPATR-33166 |
Updated the "No incoming data" warning string to specify the associated application, for example, "winlogbeat: No incoming data for more than 7 days". This improves visibility by clarifying whether the alert refers to Winlogbeat or Filebeat data streams. |
CPATR-33262 |
Fixed a validation logic error where XDR Collectors incorrectly displayed an "Error" status when only Filebeat or Winlogbeat was configured. The collector now accurately reflects a "Connected" status based on the active YAML configuration, eliminating false error indications while data ingestion is functioning properly. |
CPATR-34604 |
Resolved an issue where XDR Collectors failed to retrieve MAC addresses or hardware IDs, causing redundant re-registrations. This fix ensures stable device identification and prevents duplicate collector entries in the console. |