Request Demo

Nagios Network Analyzer Changelog

2026R1.1 - March 3, 2026

Go To Section

Fixed

  • Fixed an issue where alerts for Suricata were not returning the correct value [GL:NAN#178] – CJD
  • Fixed an issue where dashboards would display a black screen when loading dashlets with inaccessible data [GL:NAN!293] – TL
  • Fixed an issue where dashboard JPG exports only captured content within the browser viewport instead of the full dashboard [GL:NAN!386] – SG
  • Fixed an issue where deleting an Nmap scheduled scan would result in the table’s toggle switches displaying incorrectly [GL:NAN!384] – TL
  • Fixed an issue where editing service hostnames in alerting would edit the wrong entry [GL:NAN!369] – SG
  • Fixed an issue where enabling and disabling Nmap scheduled scans resulted in the switch displaying incorrectly [GL:NAN!376] – TL
  • Fixed an issue where exported dashboards had improper formatting [GL:NAN!381] – GW
  • Fixed an issue where Nmap tables did not reset to the first page when selecting a new host or service [GL:NAN#166] – TL
  • Fixed an issue where reverse DNS and WHOIS queries ran for every row in the Suricata data tab on page load [GL:NAN#185] – CJD
  • Fixed an issue where Suricata alerts could not run custom commands after a check ran [GL:NAN#190] – CJD
  • Fixed an issue where Suricata rulesets requiring a secret code could be enabled without one configured [GL:NAN!364] – SG
  • Fixed an issue where the dashboard of a created report wasn’t editable [GL:NAN!380] – SG
  • Fixed an issue where the SID of Suricata rules could exceed the unsigned integer limit [GL:NAN!372] – CJD
  • Fixed an issue where the Summary Chart failed to render in logarithmic view when data contained zero-value points [GL:NAN#186] – SG

Added

  • Added a ‘Remember Me’ option on the login page to persist user sessions [GL:NAN!290] – TL
  • Added admin options to reset user passwords, email credentials, and force password resets [GL:NAN#174] – CJD [Video Overview]
  • Added authentication blocking for users on disabled AD/LDAP servers [GL:NAN#172] – CJD
  • Added InfluxDB to replace RRDTool for time series data storage [GL:NAN#118] – SG [Video Overview]
  • Added the ability to change a user’s authentication method [GL:NAN#60] – CJD [Video Overview]
  • Added the ability to create scheduled Nmap scans from previously run Nmap scans [GL:NAN#103] – TL
  • Added the ability to hide individual dashlet legends [GL:NAN#148] – CJD
  • Added the ability to toggle automatic Ndiffs for scheduled Nmap scans [GL:NAN#173] – TL [Video Overview]
  • Added the ability to view integration install instructions after they have been installed [GL:NAN#155] – TL [Video Overview]

Updated

  • Improved styling on various pages [GL:NAN!329,!374] – TL
  • Updated Nmap scans created from scheduled scans so their names no longer include timestamps [GL:NAN!373] – TL
  • Updated Suricata to 8.0.3 [GL:NAN#147] – CJD [Video Overview]

2026R1.0.1 - February 3, 2026

Go To Section

Fixed

  • Fixed login failure when the request host differed from APP_URL [GL:NAN#165] – TL
  • Fixed an issue where license activations would fail when using a FQDN [GL:NAN#167] – TL
  • Fixed various styling issues [GL:NAN!283,!299,!308,!310,!313,!314,!315,!317,!320] – SG, TL, CJD
  • Fixed an issue where the top 10 talkers tables for Wireshark would display incorrect byte values [GL:NAN!277] – TL
  • Fixed firewall permissions on changing ports for sources [GL:NAN!285] – SG
  • Fixed an issue where SNMP traps for Suricata and System checks didn't send [GL:NAN!330] – CJD
  • Fixed list option on manage firewall script and added more firewall options [GL:NAN#163,!322] – SG
  • Fixed an issue where the ServerName directive was not properly set in the Apache VirtualHost config file [GL:NAN#157] – TL
  • Fixed an issue where Nmap scans failed to stop on Debian 12 and 13 [GL:NAN!304] – TL
  • Fixed an issue where entering invalid AD/LDAP server credentials resulted in being logged out [GL:NAN!316] – TL
  • Fixed an issue where clicking source query results could result in invalid query errors [GL:NAN!301] – CJD
  • Fixed an issue where stopping a source could show incorrect source status [GL:NAN!302] – SG
  • Fixed password reset link redirecting to login page instead of reset password page [GL:NAN!341] – SG

Added

  • Added ability to click on some Wireshark graphs to narrow in on data [GL:NAN#104] – CJD
  • Added automatic Suricata rule reload after importing or updating rulesets [GL:NAN#140] – CJD
  • Added 10 second duration option for Wireshark captures [GL:NAN!277] – TL
  • Added automatic stopping of Suricata when license trial expires or maintenance period ends to prevent disk space issues [GL:NAN#156] – SG
  • Added local timestamp to alert notification emails [GL:NAN!324] – TL

Updated

  • Improved Suricata log processsing speeds [GL:NAN!309] – CJD
  • Renamed the Wireshark capture summary's 'Protocol Usage' pie chart to 'Top 10 Protocols' [GL:NAN!277] – TL
  • Updated scheduling system for reports and Nmap scans [GL:NAN#120] – GW, TL, SG

2026R1 - December 17, 2025

Go To Section

Added

  • Added support for RHEL 10, Oracle 10, CentOS 10, and Debian 13
  • Added Wireshark integration
  • Added Suricata integration
  • Added Nmap integration
  • Added user roles for RBAC
  • Added scheduled reporting
  • Added configurable dashboards

Updated

  • Improved customization of sources
  • Improved Backup and Restore scripts
  • Swapped backend framework to Laravel
  • Upgraded UI / UX app-wide

Removed

  • Removed support for RHEL 8, Oracle 8, Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, and Debian 11

2024R2.1 - March 26, 2025

Go To Section

Updated

  • Updated NFDump to version 1.7.5 [GL:NA#81] – SG

Added

  • Added additional validation checking for alert checks [GL:NA#88] – SG
  • Added https redirect when ssl is not configured in ssl.conf [GL:NA#69] – SG

Fixed

  • Fixed an issue in restore script where newer systems wouldn’t be properly restarted [GL:NA#89] – SG

2024R2.0.1 - January 21, 2025

Go To Section

Security

  • Fixed a security vulnerability while removing a AD/LDAP certificate (Thanks to Haoyu Li, Shiwu Zhao, rmb122, rry, Xingchen Chen, Ru Tan, and Qixu Liu for reporting this) [GL:NA#77] – SG
  • Fixed several broken access control vulnerabilities (Thanks to Harshal Tembhurne and Aakash Tayal for reporting these) [GL:NA!83] – SG
  • Fixed a replay attack vulnerability by storing session data in MySQL [GL:NA!82] – SG

Added

  • Added cron package installation to full install script [GL:NA#78] – SG

2024R2 - December 3, 2024

Go To Section

Updated

  • Improved clarity for LDAP errors if the LDAP server cannot connect [GL:NA#54] – SG

Deprecated

  • Removed support for Centos 7 and 8, Rhel 7, Oracle 7, and Debian 10 due to end of life [GL:NA#68]- SG

Added

  • Added support for Debian 12 [GL:NA#72] – SG
  • Added support for Ubuntu 24 [GL:NA#59] – SG

Fixed

  • Fixed an issue where adding a new NRDP server with a self-signed certificate would fail [GL:NA#37] – SG
  • Fixed an issue where bits/sec were being calculated incorrectly – [GL:NA#28] – SG
  • Fixed an issue with translations causing elements to not display correctly [GL:NA#73] – SG
  • Fixed an issue where the header wasn’t correctly reflecting the updated email after profile changes [GL:NA#75] – SG
  • Fixed issues with page navigation and validation in the “New Check” modal [GL:NA#50] – SG

2024R1.0.3 - May 15, 2024

Go To Section

Security

  • Fixed a privilege escalation in remove_source.sh (Thanks Sarang Tumne for reporting this issue) – SAW

2024R1.0.2 - February 27, 2024

Go To Section

Security

  • Fixed an issue where hostnames would fail to show in Source->Queries if hostname resolution was enabled [GL:NA#61] – SAW

Updated

  • Editing, canceling, and clicking the “New Check” button will no longer cause you to edit the previously selected check [GL:NA#45] – SAW
  • Removed support for Ubuntu 16, Ubuntu 18, and Debian 9 due to end of life – SAW

Fixed

  • Fixed the time offset of the Abnormal Behavior visualization so that all visible cells have valid data [GL:NA#13] – SAW

2024R1.0.1 - January 9, 2024

Go To Section

Security

  • Fixed an issue where deleting a view which was associated to some sources (but not all) from a source‘s View Management page would fail to delete the view [GL:NA#19] – SAW

Updated

  • Updated traceroute agent to use NCPA 3.0.0 – SAW
  • Improved speed of host reverse lookup – DA

Fixed

  • Fixed an issue in Route page where dragging the background would cause the route view to be offset [GL:NA#56] – SAW
  • Fixed an issue where bandwidth graphs would fail to update after server reboot [GL:NA#17] – SAW

2024R1 - November 28, 2023

Go To Section

Security

  • Fixed an XSS vulnerability in percentile calculator menu, thanks to Tisha Manandhar for finding it [GL:NA#40] – SG

Updated

  • Enable power tools on installation for cent8 and cent9 and add check to see if rrdtool is preinstall during installation. [GL:NA#1] -SG
  • Add dynamic search bar feature to header [GL:NA#5] – SG
  • Add support for Ubuntu 22 and Debian 11 [GL:NA#7, NA#8] – SG
  • Add API endpoint for Fusion NNA integration [GL:FSN#64] – AC
  • Add support for Centos 9 [GL:NA#6] -SNS
  • Updated the login page to match our other products [GL:NA#34] – SG
  • Improved user experience when changing password [GL:NA#27] – SG
  • Improved user experience when creating backups [GL:NA#24] – SG

Added

  • Added network path monitoring [GL:NA#39] -SAW
  • Added support for FreeIPA/nsContainer to LDAP/AD integration -SS

Fixed

  • Fixed several issues with the View/Edit Check form – SAW
  • Fixed a variety of issues with the Nagios Setup page [GL:NA#22,#23] – DA
  • Fixed an issue with init scripts and the nagiosna service not starting after reboot [GL:NA#3] – DA
  • Fixed an issue where adding a new check fails – [GL: NA#21] – SNS
  • Fixed an issue where abnormal behavior data pop up was being cut off on the left most timeframe [GL:NA#18] – SG
  • Fixed an issue where deleting views failed with associatoins [GL:NA#20] – SNS

2.4.3 - March 16, 2021

Go To Section

Security

  • Fixed SQL injection vulnerability on col option for sources read (CVE-2021-28925) (thanks Lucas Carmo from STOLabs) -JO
  • Fixed XSS vulnerability on Source > Query page (CVE-2021-28924) (thanks Lucas Carmo from STOLabs) -JO

Updated

  • Updated nfdump to patched version that fixes total bytes amount given [TPS#15440] -JO

Fixed

  • Fixed issue with reap_files.py script removing the last digit from the summary data -JO
  • Fixed Chord diagrams cutting off the IP addresses (can also hover over IP and wait for popup) [TPS#15438] -JO

2.4.2 - December 22, 2020

Go To Section

Security

  • Updated jQuery to version 3.5.1 to fix security vulnerabilities -JO

Updated

  • Updated install to work with CentOS/RHEL 8/Stream, Ubuntu 20.04 LTS, and Debian 9/10 -JO
  • Updated report PDF generation to make reports easier to read -JO
  • Updated backend to work with Python 3.x -JO
  • Updated RRDtool to version 1.7.2 -JO
  • Updated nfdump to version 1.6.22 -JO
  • Updated Highcharts to version 7.2.2 -JO

Fixed

  • Fixed issue with rrdtool import cache being written to system tmp instead of nagiosna tmp [TPS#14830] -JO
  • Fixed Expiration Date displayed for LDAP/AD certificates in the LDAP/AD management page [TPS#15407] -JO
  • Fixed mod_ssl not installed by default on CentOS/RHEL systems [TPS#15130] -JO
  • Fixed change_timezone.sh script to accommodate newer systems when setting php timezone value [TPS#15268] -JO

2.4.1 - November 21, 2019

Go To Section

Security

  • Updated SourceGuardian loaders to now support PHP versions up to 7.3 -JO
  • Updated jQuery to a patched version 1.12.4 to fix CVE-2019-11358 -JO

Fixed

  • Fixed typo in Bandwidth graph on Summary page showing Bytes/Sec instead of Bits/Sec -JO
  • Fixed wording for encryption STARTTLS in LDAP/AD Integration -JO
  • Fixed issue with LDAP naming context on certain types of LDAP servers -JO
  • Fixed abnormal behavior check showing in alert creation modal when it can not be selected -SAW
  • Fixed issue with LDAP/AD certificate management when binary data is in the certificate [TPS#14690] -JO

2.4.0 - February 14, 2019

Go To Section

Security

  • Fixed display port on sources page [TPS#8136] -SW

Added

  • Added ability to create active checks for abnormal behavior [TPS#1019] -SAW
  • Added ability to manage certificates for AD/LDAP from web interface [TPS#5987] -SAW

Fixed

  • Fixed issue with different OS installations -SW
  • Fixed issue with newer Debian 9 os-release not passing as a valid OS for install -JO

2.3.1 - January 3, 2018

Go To Section

Fixed

  • Fixed entering key when trial expires -JO
  • Fixed language files with improper languages in them -JO

2.3.0 - August 29, 2017

Go To Section

Security

  • Added updating the firewall to remove port when source is removed on default system firewall configurations [TPS#10268] -JO
  • Fixed removing a source from a source group when none are selected [TPS#11502] -JO

Added

  • Added a few different LDAP account types to import from [TPS#12080] -JO
  • Added state information into email alerting -JO
  • Updated encrypted files to support PHP 7.0 and 7.1 -JO
  • Updated RRDTool to version 1.7.0 -JO
  • Updated nfdump to version 1.6.15 -JO
  • Updated check output to not have backticks in it for easier use in scripts [TPS#12196] -JO
  • Updated Report and Query backend to be ~10% faster and not use exceptions -JO

Fixed

  • Fixed a bug where swap and memory statistics were displaying wrong values on CentOS 7 [TPS#9965] -LG
  • Fixed importing from AD/LDAP using slashes -JO
  • Fixed custom reports not updating graphs due to CSRF token failure [TPS#11982] -JO
  • Fixed wording of netflow data to show proper “Bits/Sec” field and updated interface to show Gi and Mi [TPS#10814] -JO
  • Fixed hostname needing to be unique when adding host/service alert for Nagios via NRDP [TPS#12388] -JO

2.2.3 - August 15, 2016

Go To Section

Fixed

  • Fixed form authorization error on admin LDAP/AD add/edit server pages -JO

2.2.1 - June 3, 2016

Go To Section

Security

  • Fixed multiple security vulnerabilities -JO,LG

Fixed

  • Fixed epel-release install problem -JO

2.2.0 - January 4, 2016

Go To Section

Security

  • Updated sourceguardian loaders supporting up to php 5.6 -SW
  • Fixed source names to allow dashes in names -JO
  • Fixed bug causing edited sources to revert to Netflow even if they were sFlow sources [TPS#7117] -SW

Added

  • Added -enable-nsel to nfdump to provide support for Cisco ASAs -JO
  • Added nfdump upgrade/recompile on upgrade -JO
  • Added character-based language support in PDFs -JO
  • Added backup and restore scripts and a Backup section in Admin for backup management [TPS#5116] -LG

Fixed

  • Fixed PDF generation on servers forcing https -SW
  • Fixed the deleting of AD/LDAP servers -SW
  • Fixed raw data warning on timeframe > raw data lifetime -JO
  • Fixed multiple bugs when exporting graphs by updating highcharts to v4.1.9 [TPS#5440] -LG

2R1.0 - March 4, 2015

Go To Section

Security

  • Added ability to download reports/queries/percentile pages as PDFs -JO
  • Added a new “percentile calculator” that allows you to calculate 95th (or more) percentiles on sources, views, and sourcegroups -JO
  • Added popup on source groups page when there are more than 5 sources listed to reduce clutter and created the ‘show more’ link -JO
  • Added setting to sources to disable abnormal behavior checking -JO
  • Added advanced setting to sources to specify location of raw flow data upon source creation -JO
  • Removed the ip address requirement for sources since they aren’t necessary (multiple ips have always been able to send to one source’s port) -JO
  • Fixed bug where source listings throughout network analyzer did not list sources alphabetically by name -JO

Updated

  • Updated styles in admin panel -JO
  • Updated printing CSS styles to make pages right-click printable -JO
  • Updated the styles on the dashboard and summary pages to have less open space -JO
  • Updated Highcharts to v4.1.1 for better graph performance -JO
  • Updated RRDTool to 1.4.9 -JO
  • Updated parts of the report/query pie graph and chord diagrams -JO
  • Updated summary page top talkers section to tell user when they are looking beyond the raw flow data -JO
  • Checks tab on the “Alerting” page now shows the type of check and where it is sending (if anywhere) -JO

Added

  • Added AD/LDAP user authentication -JO
  • Added AD/LDAP import user functionality -JO
  • Added global value to try and resolve hostnames for IP addresses on summary, reports, and queries pages and graphs (if it can resolve via DNS) -JO
  • Added hostname caching for the resolve DNS ability so that reports/queries don’t take as long to generate with resolve DNS turned on -JO
  • Added ability to change timezones from the web UI -JO
  • Added warning text on queries/reports when the begin date is longer than the raw data lifetime -JO
  • Added script to reset nagiosadmin password from the command line -JO
  • Added user-based dashlet options to dashboard page -JO
  • Added new graph popups on report/query pages -JO
  • Added the ability to execute a local script (and pass arguments) on an alert -JO
  • Added support for CentOS/RHEL 7 -JO
  • Added tooltip when hovering over % bytes in summary top talkers section that shows data amount sent -JO
  • Added daily log rotation for backend.log and 7 days to be kept -JO
  • Added a ‘Check for Updates’ section in admin panel -JO
  • Added ability for updates to be applied from the web UI in the ‘Check for Updates’ section -JO

Fixed

  • Fixed bug with views not automatically expiring raw data at the set raw data lifetime value -JO
  • Fixed bug on summary page where top talkers would srcip instead of each individual target if upgraded to a specific version -JO
  • Fixed license check for some RHEL versions -JO
  • Fixed bug where apikey would get reset when editing user accounts -SW
  • Fixed bug where nfcapd processes wouldn’t start on server restart -BD
  • Fixed bug that caused some characters (like ? and ‘) to give invalid report/query name errors -JO
  • Fixed bug where alerts aren’t sorted alphabetically -JO
  • Fixed bug in reports where highlighting on saved reports always defaults to the select box instead of the toporder in the report -JO
  • Fixed bug where deselecting all associated alerting methods would not actually unassociate any of them -JO
  • Fixed bug when creating a chord diagram with 4000+ unique ip addresses that caused the python generation script to error -JO

2014R1.9 - June 17, 2014

Go To Section

Security

  • Updated CI to 2.2.0 for security fixes -JO

Fixed

  • Fixed bug with database migration not working correctly when upgrading from 1.7 -JO

2014R1.8 - June 3, 2014

Go To Section

Security

  • Fixed issue where old NNA servers wouldn’t migrate to the new “All Sources” -JO

Fixed

  • Fixed bug causing NNA not to continue if it can’t connect to XI (aka NRDP checks can now be sent to core) -JO

2014R1.7 - April 15, 2014

Go To Section

Security

  • Fixed bug that wouldn’t allow deleting sourcegroups from the summary page -JO
  • Added a new source group called “All Sources” that all sources will be added into -JO

Added

  • Added api calls for product information (version, release number, etc) -JO
  • Added a new button on Queries/Reports page that shows how to run them using the API via HTTP request -JO

2014R1.6 - March 14, 2014

Go To Section

Security

  • Fixed additional bug causing problems starting sources on 32bit versions of Network Analyzer -SW

Fixed

  • Fixed print preview/print view -JO
  • Fixed email validation to allow internal email addresses too (such as user@hostname) -JO
  • Fixed a bug where queries were not using custom date time properly -JO

Added

  • Added some needed changes to the API for more Nagios product integration -JO
  • Added the ability to change the max amount of relations shown on the chord diagrams in global settings -JO

2014R1.5 - February 28, 2014

Go To Section

Security

  • Updated Sourceguardian files to support PHP 5.4.23+ -SW
  • Fixed bug causing problems starting sources on 32bit versions of Network Analyzer -NS

Updated

  • Updated API for new Nagios XI components and wizards -JO

2014R1.4 - February 6, 2014

Go To Section

Updated

  • Improved API support allowing token to be passed to the API -JO
  • Updated to language file for better internationalization support -SW,JO
  • Bug fixes to the API for better integration with Nagios XI Config Wizard -JO

Fixed

  • Fixed report dropdown to properly have destination_port instead of 2 Destination IP listings -JO

2014R1.3 - December 12, 2013

Go To Section

Security

  • Removed self testing IPs from the source code. -NS

Updated

  • Made some fixes to the login and help pages that caused them to not translate -JO

Fixed

  • Fixed issues with languages not being selectable when language files for that language are created -JO
  • Fixed issue where languages would only persist through the current session -JO
  • Fixed logout translation of error message bug -JO

Added

  • Added languages (all the ones in XI) including Japanese -JO
  • Added a global settings admin menu item -JO
  • Added a default language setting in global settings, this language is what all users will default to if set to default -JO

2014R1.2 - November 5, 2013

Go To Section

Fixed

  • Fixed some bugs when sending passive checks to Nagios XI -JO
  • Fixed bug with integration in NagiosXI using NagiosNA component creating host/services -JO

2014R1.1 - October 24, 2013

Go To Section

Security

  • Added a pinned sources dashboard to main dashboard -JO
  • Fixed Source/Sourcegroup/View deletion error with checks associated -JO
  • Updated the netflow check to fail gracefully if there is no netflow data being sent for that source -NS
  • Sources are sorted alphabetically in the sources tab -JO

Updated

  • Checks are now set to PENDING when created and haven’t yet been ran -JO
  • Bandwidth graphs now have updated colors and only Bytes are selected by default (can add others by clicking on legend) -JO
  • Changed interpretation of 0, ”, and null in checks to make better comparisons -NS
  • Resolved issues with easy_install on CentOS5 -NS
  • Resolved an issue with older sudo version -NS
  • Changed ‘configure’ to ‘administration’ -JO
  • Adjusted 30m summary graph title and colors -JO
  • Renamed ‘aberrant’ to ‘abnormal’ behavior -JO
  • Updated the way alerting and abnormal behavior is displayed in the main dashboard -JO
  • Moved the system dashboard to administration -JO
  • Reduced the base font size -JO

Removed

  • Removed python modules from install script -NS

Fixed

  • Fixed bug where name field would be disabled when creating a new check immediately after editing a check -JO

Added

  • Added a “view problem” link to abnormal behavior -JO

2014R1.0 - September 26, 2013

Go To Section

Updated

  • initial release