This update resolves the following issue:
Issue 375: Update CapMe so that the user can choose between tcpflow and Bro for transcript rendering
Thanks to the following for testing the new packages!
The new packages are now available in our stable repo. Please see our Upgrade page for full upgrade instructions:
After installing the new packages, you'll need to restart sguild:
|New "Transcript" option defaults to "tcpflow"|
|"tcpflow -cr" doesn't decode gzip decoding, so click the "close" button to go back|
|Select "bro" and click "submit"|
|Bro decodes gzip encoding|
If you have any questions or problems, please use our mailing list:
If you and/or your organization have found value in Security Onion, please consider giving back to the community by joining one of our teams:
We especially need help in answering support questions on the mailing list and IRC channel. Thanks!