Tuesday, October 15, 2013

Squert 1.1.5 package now available

Paul Halliday recently released Squert 1.1.5:
http://www.squertproject.org/
https://github.com/int13h/squert

He also recorded a walkthrough video of some of the new features recently added to Squert:
http://youtu.be/ZOsVw96XM8E

I've packaged Squert 1.1.5 and the package has been tested by the following (thanks!):
Pedro Simoes
JP Bourget
David Zawdie

Release Notes

  • Please note that /var/www/squert/.inc/config.php gets overwritten during the update process so if you had previously set sgUser and sgPass to enable transcripts and event classification, you'll need to re-apply those settings.
  • Please also note that you may need to Shift-Reload in your browser and/or empty browser cache to ensure you're running the latest Squert javascript.
  • Timestamps are displayed in UTC by default, but you can change this by clicking the arrows to the right of the timeline.  De-select UTC, then specify your local timezone offset.  Then click "Save" to save your preference into the database and click "Update" to refresh the page with the new timestamps.  See the "Time Selection" screenshot below.


Screenshots
Update Process

OSSEC events now render properly

Time Selection 

Country Mappings

Issues Resolved
Issue 387: Squert 1.1.5
https://code.google.com/p/security-onion/issues/detail?id=387

Feedback
If you have any questions or problems, please use our mailing list:
https://code.google.com/p/security-onion/wiki/MailingLists

Help Wanted
If you and/or your organization have found value in Security Onion, please consider giving back to the community by joining one of our teams:
https://code.google.com/p/security-onion/wiki/TeamMembers

We especially need help in answering support questions on the mailing list and IRC channel.  Thanks!

Training
Want to learn more about Log Management?  Join me for SANS SEC434 Log Management In-Depth in Memphis TN on October 16th and 17th!  This class is being held in conjunction with University of Memphis Center for Information Assurance Cyber Security Expo taking place October 18, 2013 at the FedEx Institute of Technology.  Your paid tuition for this SANS course includes registration for the Cyber Security Expo when you register with Discount Code "ISC-Memphis":
http://www.sans.org/community/event/sec434-memphis-16oct2013-doug-burks

Want to learn more about Security Onion?  Sign up for the upcoming 8-hour class in Augusta GA!  Be one of the first 10 students to sign up and you can register at the discounted Early Bird price!  For full details and to register, please see:
https://securityonion20131026.eventbrite.com/

No comments:

Search This Blog

Featured Post

Quick Malware Analysis: WORD MACRO --> SSLOAD --> COBALT STRIKE pcap from 2024-04-18

Thanks to Brad Duncan for sharing this pcap from 2024-04-18 on his malware traffic analysis site! Due to issues with Google flagging a warni...

Popular Posts

Blog Archive