http://blog.securityonion.net/2014/03/new-securityonion-elsa-extras-and.html
The updated package version is as follows:
securityonion-web-page - 20120722-0ubuntu0securityonion21
This new package has been tested by the following (thanks!):
Eddy Simons
David Zawdie
Issues Resolved
Issue 506: securityonion-web-page: add FTP command query
https://code.google.com/p/security-onion/issues/detail?id=506
Issue 507: securityonion-web-page: add queries for BRO_INTEL
https://code.google.com/p/security-onion/issues/detail?id=507
Screenshots
FTP: Top Commands - group all FTP logs by FTP command |
Drilling into FTP STOR command to look for data exfil |
Intel: Top SRC IPs - group all Intel logs by source IP address |
Intel: Top DST IPs - group all Intel logs by destination IP address |
Intel: Top DST Ports - group all Intel logs by destination port |
Intel: Top Indicators - group all Intel logs by indicator |
Intel: Top Indicator Types - group all Intel logs by indicator type |
Intel: Top Sources - group all Intel logs by source |
Updating
The new package is now available in our stable repo. Please see the following page for full update instructions:
https://code.google.com/p/security-onion/wiki/Upgrade
Feedback
If you have any questions or problems, please use our mailing list:
https://code.google.com/p/security-onion/wiki/MailingLists
Training
Want to learn more about Security Onion? Sign up for the new expanded 2-day class in Houston TX! For full details and to register, please see:
https://securityonion20140508.eventbrite.com
Help Wanted
If you and/or your organization have found value in Security Onion, please consider giving back to the community by joining one of our teams:
https://code.google.com/p/security-onion/wiki/TeamMembers
We especially need help in answering support questions on the mailing list:
http://groups.google.com/group/security-onion
We also need help testing new packages:
http://groups.google.com/group/security-onion-testing
Thanks!
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.