http://www.squertproject.org/
https://github.com/int13h/squert
He also recorded a couple of videos showcasing some of the new features recently added to Squert:
Changes v1.1.6: http://www.youtube.com/watch?v=_eheJv0MJDY
Changes v1.1.9: http://www.youtube.com/watch?v=QkgrigopfQA
I've packaged Squert 1.2.0 as securityonion-squert - 20140216-0ubuntu0securityonion2 and the package has been tested by the following (thanks!):
Heine Lysemose
David Zawdie
Matt Gregory
Issues Resolved
Issue 448: When changing time zone in Squert, it needs to revert to UTC when requesting transcripts
https://code.google.com/p/security-onion/issues/detail?id=448
Release Notes
- When you update the package, it will copy new files into place and then display "Updating database". Please do not cancel or interrupt this process.
- You no longer have to hardcode your Sguil credentials in config.php.
- You may need to Shift-Reload in your browser and/or empty browser cache to ensure you're running the latest Squert javascript.
- Timestamps are displayed in UTC by default, but you can change this by clicking the arrows to the right of the timeline. De-select UTC, then specify your local timezone offset. Then click the "save TZ" button to save your preference into the database and click "Update" to refresh the page with the new timestamps.
Screenshots
Do not cancel or interrupt the database update |
Events tab |
GeoIP mapping |
Pivoting on an event and requesting a TCP transcript with the TX button |
Summary tab |
Views tab |
Updating
The new package is now available in our stable repo. Please see the following page for full update instructions:
https://code.google.com/p/security-onion/wiki/Upgrade
Feedback
If you have any questions or problems, please use our mailing list:
https://code.google.com/p/security-onion/wiki/MailingLists
Help Wanted
If you and/or your organization have found value in Security Onion, please consider giving back to the community by joining one of our teams:
https://code.google.com/p/security-onion/wiki/TeamMembers
We especially need help in answering support questions on the mailing list:
http://groups.google.com/group/security-onion
We also need help testing new packages:
http://groups.google.com/group/security-onion-testing
Thanks!
No comments:
Post a Comment