- no changes when running interactively from a shell (sudo rule-update)
- no changes for sensor-only installations that have salt enabled as they don't use rule-update anyway
- when running from a cron job:
- if running on a master server, rule-update will sleep for a random number of minutes (up to 50) to avoid overwhelming rule update sites
- if running on a sensor with salt disabled, rule-update will sleep for 60 minutes to allow the master server time to download the rules so that the sensor can then scp them
Here are the updated packages:
securityonion-rule-update - 20120726-0ubuntu0securityonion29
securityonion-setup - 20120912-0ubuntu0securityonion156
These new packages resolve the following issues:
Issue 724: /etc/cron.d/rule-update should avoid overwhelming rule sites
https://github.com/Security-Onion-Solutions/security-onion/issues/724
Issue 791: sosetup: change rule-update verbiage
https://github.com/Security-Onion-Solutions/security-onion/issues/791
These new packages have been tested by Jeff Tehovnik (thanks!).
Updating
These new packages are now available in our stable repo. Please see the following page for full update instructions:
https://github.com/Security-Onion-Solutions/security-onion/wiki/Upgrade
Feedback
If you have any questions or problems, please use our security-onion mailing list:
https://github.com/Security-Onion-Solutions/security-onion/wiki/MailingLists
Training
Need training? Please see:
http://securityonionsolutions.com
Commercial Support
Need commercial support? Please see:
http://securityonionsolutions.com
Help Wanted
If you and/or your organization have found value in Security Onion, please consider giving back to the community by joining one of our teams:
https://github.com/Security-Onion-Solutions/security-onion/wiki/TeamMembers
Thanks!
No comments:
Post a Comment