Tuesday, July 9, 2013

New NSM and Setup packages allow for changing the default 90% disk usage threshold

New versions of our securityonion-nsmnow-admin-scripts and securityonion-setup packages are now available that allow you to change our default 90% disk usage threshold.  When you run Setup, it will still default to purging old logs when disk usage hits 90%.  Choosing "Advanced Setup" will prompt you to specify your own disk usage threshold:
Advanced Setup prompts for disk usage threshold
This setting is then written into /etc/nsm/securityonion.conf as CRIT_DISK_USAGE, where it is sourced by /usr/sbin/nsm_sensor_clean when the hourly cronjob runs.

If you've already run Setup and want to change the default 90% disk usage threshold, you can simply set the value in /etc/nsm/securityonion.conf.

These updates resolve the following issues:
Issue 315: Update NSM scripts so that WARN_DISK_USAGE and CRIT_DISK_USAGE are configurable by user
Issue 358: Update Setup so that Advanced Setup asks about CRIT_DISK_USAGE

Thanks
Thanks to Karolis Cepulis for the nsm_sensor_clean patch!
Thanks to David Zawdie for testing the new package!

Upgrading
The new package is now available in our stable repo.  Please see our Upgrade page for full upgrade instructions:
https://code.google.com/p/security-onion/wiki/Upgrade

Feedback
If you have any questions or problems, please use our mailing list:
https://code.google.com/p/security-onion/wiki/MailingLists

Help Wanted
If you and/or your organization have found value in Security Onion, please consider giving back to the community by joining one of our teams:
https://code.google.com/p/security-onion/wiki/TeamMembers

We especially need help in answering support questions on the mailing list and IRC channel.  Thanks!

Training
Want to learn more about Security Onion?  Sign up for the upcoming 8-hour class in Augusta GA!

No comments:

Search This Blog

Featured Post

Security Onion 2.4.50 now available including some new features and lots of bug fixes!

Security Onion 2.4.50 is now available! It includes some new features for our fellow defenders and lots of bug fixes! https://docs.securityo...

Popular Posts

Blog Archive