I've merged several pull requests:
https://github.com/Security-Onion-Solutions/securityonion-elsa-extras/pull/10
https://github.com/Security-Onion-Solutions/securityonion-elsa-extras/pull/15
https://github.com/Security-Onion-Solutions/securityonion-elsa-extras/pull/17
https://github.com/Security-Onion-Solutions/securityonion-elsa-extras/pull/18
https://github.com/Security-Onion-Solutions/securityonion-web-page/pull/5
Martin Holste merged several pull requests in his ELSA repo:
https://github.com/mcholste/elsa/pull/16
https://github.com/mcholste/elsa/pull/40
https://github.com/mcholste/elsa/pull/39
https://github.com/mcholste/elsa/pull/37
I've built new packages including all of these changes and the new
package versions are as follows:
securityonion-elsa - 1205chartsjsd3-1ubuntu1securityonion9
securityonion-elsa-extras - 20151011-1ubuntu1securityonion35
securityonion-web-page - 20141015-0ubuntu0securityonion67
These new packages should resolve the following issues:
Issue 950: ELSA: change Help link to point to ELSA Github
https://github.com/Security-Onion-Solutions/security-onion/issues/950
Issue 827: securityonion-elsa-extras: merge additional patterns including DNP3 and Modbus
https://github.com/Security-Onion-Solutions/security-onion/issues/827
Issue 970: securityonion-web-page: add queries for autoruns, dnp3, and modbus
https://github.com/Security-Onion-Solutions/security-onion/issues/970
Issue 973: securityonion-web-page: Apache ServerName localhost
https://github.com/Security-Onion-Solutions/security-onion/issues/973
Issue 964: securityonion-web-page: add "bottom" queries for long tail analysis
https://github.com/Security-Onion-Solutions/security-onion/issues/964
Issue 976: securityonion-web-page: additional protections in securityonion.conf
https://github.com/Security-Onion-Solutions/security-onion/issues/976
These packages have been tested by the following (thanks!):
Phil Plantamura
Josh Brower
Wes Lambert
James Taylor
Screenshots
![](https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEguboIvrpZXUWD6pnGo1ZESHPHREk5zuyDvkwkl0ed0ZxB2Va1Z8N_9F9LtXqnNq2jQy_M63jwymbNO3E7Izn-GW9oKUMDOepiihPaih0hg0d695ckiyewGbYVGMcSGyXaN4JW5AfP_emy2/s640/Screen+Shot+2016-08-08+at+10.15.38+AM.png) |
DNP3 - Top SRC IPs |
![](https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjzhEWoIenVFXFmwCvl7E_21DSIILn1cfwhEAVZBg93cbb60xJ-bYhazgRZUe-DjRb6gHF90bAplt-uohRion6CQmkvtNGEYYE71TaTOVYyL7yVDLmgSqyCRe9dY3WkNMfpEqLb5fiNzU66/s640/Screen+Shot+2016-08-08+at+10.15.57+AM.png) |
DNP3 - Top DST IPs |
![](https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj9mSiFt7DCLBlfzqwoOo_oplasDux7RqfJPWFbN9HrfmGY_3n3XNi0uQV5GFsL6l1sJCQwbW1VpXF46Mw6VVCIBsIYg2HN65Uz_jYIt7TI9YVWoEoyRUvpxzg0Jv0xfF-qtQgvNqBrP0Hm/s640/Screen+Shot+2016-08-08+at+10.16.10+AM.png) |
DNP3 - Top DST Ports |
![](https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhDNoUhkGf_YOSwDJijRHo0DcT2ovdDdTuFED3PRKKNt73gwqSQd4lcQg-zS8pvzs7Rtr8CIyRxM-ckxeeTHjSENTM5OTNixmRIVh8fxqICUSksSI-5yuRb7oj4SlTiPhvmuW0XMbfOUxHF/s640/Screen+Shot+2016-08-08+at+10.16.22+AM.png) |
DNP3 - Top Requests |
![](https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjWHgsb_xGuXQhPBWdncbe6QFEuVpfFO5MsS1DUercI-FUiVZF0s4FVburoi1ckQrmEjL1jr3-fWZH-b8MutqS6t9UJTZVw9R8ioseo7uFV9Svi2ic_FJAFIQx0-KPkethv-Chn3ocJmmqe/s640/Screen+Shot+2016-08-08+at+10.16.34+AM.png) |
DNP3 - Top Replies |
![](https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiHA6LZZJT1kiCN-My_IioQo1efxhT1wjCa5RiWLeF7vjgNCOaXf16m7mMpsDHEJecHgnS7P8VVveLicNChXiC4dhxvoS1smMwAC_73tGnJNjiT68rDKxtvrMXNws8Hracb2quH1NcPIeZL/s640/Screen+Shot+2016-08-08+at+10.17.10+AM.png) |
Modbus - Top SRC IPs |
![](https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgpjCLlbOCq4x9diwmZ7Xh72cKSHBbQN9uqk6GSPcmsIIdS4gpSBedTNl5IVb0KY9mJwau994OgLAGE83NMhDWSBfFHlV5oifA_MORwhs-h-0D_zg47S2d26-ZnMYd1ngDL18DwuTuwMRpN/s640/Screen+Shot+2016-08-08+at+10.17.22+AM.png) |
Modbus - Top DST IPs |
![](https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEibRVnsunGtgR5AXiY8311B8Qmlh8UphzGczSzX5Btq_NAGjXnP0K_yB0keTGiWlP-Y-ALjMqz1cST6ekpv_sIULCpM2GQHm7Obolm1Lx8cXnt3dUHGEbwMIdgfQXzpSaZa5kjb_pdyzEnZ/s640/Screen+Shot+2016-08-08+at+10.17.32+AM.png) |
Modbus - Top DST Ports |
![](https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgl2ErJmyTNqFqr9eAUD17y_hkefVr2VH3pBDSdRq4BsLg_g80HrYrEVzeGgrKa7KMAZzSnxn7Z61kX9-vFfR2mbImgQY0lzVr2ozgpWWXJcV9RW6fyV3xkZi1A73blIvUoSQrplvk-si1S/s640/Screen+Shot+2016-08-08+at+10.17.42+AM.png) |
Modbus - Top Functions |
![](https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEipoqpMQ5dD1AtP5WHBBU85QPZnqMQfymhchkVeBaHyVePVJLo91DCMHvVX3EGe8BcjSwBNlgOWOeusFyaTIuz8y6ljnutL9D4LTye32gCPwyNPhjz9smtlxbVxblRktN_7n2j07dq-kHVr/s640/Screen+Shot+2016-08-08+at+10.17.51+AM.png) |
Modbus - Top Exceptions |
![](https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjLBgpT60gTHSNMeH1554RIb5sCJXVeDwz4UFsx0vTnxjmBmpfHFTflrus7OhOayYgMN3TtE6qxFFH2BQREmBCaKHalxt7vp8jUMCayW8O-Vf1w6gr63yxYTYH9JxAEuayYdyQp6B5OLcQS/s1600/Screen+Shot+2016-08-08+at+10.19.09+AM.png) |
Autoruns Queries |
![](https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhI00hUz5VK7jxXRaFEKubWM_zq0IhdP5Gdf-AvY2HL2Zde29akMgwA8SPYBiiZ_e-fNrXQGlgSsc2CppEPJacSJ9kfOyQelNuD95AigKmnqrTwGx3ygO1XbN5tKf0kmalRfakzVxrPrUL0/s640/Screen+Shot+2016-08-08+at+10.23.28+AM.png) |
DNS - Bottom Requests (Long Tail Analysis) |
Updating
These packages are now available in our stable repo. Please see the following page for full update instructions:
https://github.com/Security-Onion-Solutions/security-onion/wiki/Upgrade
Want to show your support for Security Onion?
Security Onion t-shirts are available in our CafePress store!
http://www.cafepress.com/securityonion/11820053
Conference
Security Onion Conference will be on Friday September 9 and registration is open!
https://securityonion.net/conference
Training
Need training? Please see:
https://securityonionsolutions.com
Support
Need support? Please see:
https://github.com/Security-Onion-Solutions/security-onion/wiki/Support
Thanks!