- any gzipped server responses are automatically unzipped
- transcripts are rendered for not only tcp but also udp traffic
This update resolves the following issue:
Issue 347: New Sguil client transcript option to run through tcpudpflow.bro
Thanks
Thanks to Scott Runnels for his work on the Bro script and changes to the sguil packages!
Thanks to the following for testing the new packages!
Matt Gregory
David Zawdie
Upgrading
The new packages are now available in our stable repo. Please see our Upgrade page for full upgrade instructions:
https://code.google.com/p/security-onion/wiki/Upgrade
After installing the new packages, you'll need to restart sguild:
sudo nsm_server_ps-restart
Screenshots
Upgrade Process |
Restarting sguild |
Existing Transcript option |
Existing Transcript option doesn't handle gzip encoded server responses |
New Bro option |
New Bro option unzips any gzip encoded server responses |
Feedback
If you have any questions or problems, please use our mailing list:
https://code.google.com/p/security-onion/wiki/MailingLists
Help Wanted
If you and/or your organization have found value in Security Onion, please consider giving back to the community by joining one of our teams:
https://code.google.com/p/security-onion/wiki/TeamMembers
We especially need help in answering support questions on the mailing list and IRC channel. Thanks!
Training
Want to learn more about Security Onion? Sign up for the upcoming 8-hour class in Augusta GA!
http://securityonion.eventbrite.com/
No comments:
Post a Comment