Security Onion Blog

Thursday, September 15, 2011

Security Onion 20110914 now available!

Security Onion 20110914 is now available!  This will update the Setup script to use the new config file format and install a daily script to purge old alerts from the database.


PLEASE NOTE!
sguil-db-purge is scheduled to run every day at 5:01 AM. It will do the following:
  • stop sguild
  • purge old events from the database
  • repair the remaining MySQL tables
  • start sguild
The default retention policy for the purge is 365 days. If you would like to change this value, please change the DAYSTOKEEP variable in /etc/nsm/securityonion.conf.

The daily cron job logs its output to /var/log/nsm/sguil-db-purge.log.


Since the purge script will be making changes to the database, it is recommended to backup your MySQL database and/or test the purge script on a non-production system before deploying to production.


In-place Upgrade
Existing Security Onion users can perform an in-place upgrade using the following command (if you're behind a proxy, remember to set your proxy variables as described in the FAQ):
sudo -i "curl -L http://sourceforge.net/projects/security-onion/files/security-onion-upgrade.sh > ~/security-onion-upgrade.sh && bash ~/security-onion-upgrade.sh"
Screenshots
Upgrade process


Purge script
at
Labels:

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)

Search This Blog

Featured Post

Did You Know Security Onion Scales to the Enterprise?

Did you know Security Onion scales to the enterprise? Security Onion is designed to scale from simple standalone deployments all the way up ...

Popular Posts

Blog Archive