This update resolves the following issue:
Issue 375: Update CapMe so that the user can choose between tcpflow and Bro for transcript rendering
Thanks
Thanks to the following for testing the new packages!
Matt Gregory
David Zawdie
Upgrading
The new packages are now available in our stable repo. Please see our Upgrade page for full upgrade instructions:
https://code.google.com/p/security-onion/wiki/Upgrade
After installing the new packages, you'll need to restart sguild:
sudo nsm_server_ps-restart
Screenshots
New "Transcript" option defaults to "tcpflow" |
"tcpflow -cr" doesn't decode gzip decoding, so click the "close" button to go back |
Select "bro" and click "submit" |
Bro decodes gzip encoding |
If you have any questions or problems, please use our mailing list:
https://code.google.com/p/security-onion/wiki/MailingLists
Help Wanted
If you and/or your organization have found value in Security Onion, please consider giving back to the community by joining one of our teams:
https://code.google.com/p/security-onion/wiki/TeamMembers
We especially need help in answering support questions on the mailing list and IRC channel. Thanks!
No comments:
Post a Comment