Over 1,000 git commits...
Over 12 months of integration work...
3 Technology Preview releases, 1 Alpha Release, 3 Beta releases, 4 Release Candidates...
Today we're excited to announce that our Elastic Stack integration has now reached General Availability (GA)! This includes a new 14.04.5.11 ISO image that contains these GA components and all the latest Ubuntu and Security Onion updates as of March 28, 2018!
We'd like to say thanks to the following for their contributions to our Elastic Stack integration!
- Elastic.co
- Justin Henderson
- Mark Baggett
- Our entire Security Onion community for testing and feedback
GA Highlights
Issues Resolved
Issue 1225: 14.04.5.11 ISO image
https://github.com/Security-Onion-Solutions/security-onion/issues/1225
This new ISO image has been tested by Wes Lambert. Thanks, Wes!
Known Issues
For known issues, please see the todo list for our next Elastic release:
https://github.com/Security-Onion-Solutions/security-onion/issues/1221
Release Notes
For more information about this release, please see:
https://securityonion.net/wiki/14.04.5.11
https://securityonion.net/wiki/elastic
New Installations
We've updated the Verify_ISO page for the new ISO image:
https://github.com/Security-Onion-Solutions/security-onion/blob/master/Verify_ISO.md
Please remember to verify the signature of the downloaded ISO image using the instructions on that page.
Please note the following minimum hardware requirements for the Elastic stack:
For more information, please see the Hardware Requirements page on our Wiki:
https://securityonion.net/wiki/Hardware
Existing Deployments
If you have existing Elastic installations (Technology Preview, Alpha, Beta, or Release Candidate), we don't officially support upgrading to this GA release, but you can try the steps listed here:
https://securityonion.net/wiki/elastic-rc4
For best results, please perform a fresh installation using this new ISO image.
ELSA EOL
Please note that ELSA will reach End Of Life on October 9, 2018. After that date, we will not provide any updates or any support for ELSA. Please plan to migrate from ELSA to Elastic at your earliest convenience. For best results, please perform a fresh Elastic installation on new hardware designed to meet Elastic hardware requirements.
Training
We offer both onsite and online training! For more information, please see:
https://securityonionsolutions.com
Support
Need support? Please see:
https://securityonion.net/wiki/Support
Previous Releases
To see our progress over the last few months, please see the previous announcements:
https://blog.securityonion.net/2017/03/towards-elk-on-security-onion.html
https://blog.securityonion.net/2017/06/towards-elastic-on-security-onion.html
https://blog.securityonion.net/2017/07/towards-elastic-on-security-onion.html
https://blog.securityonion.net/2017/09/elastic-stack-alpha-release-and.html
https://blog.securityonion.net/2017/11/elastic-stack-beta-release-and-security.html
https://blog.securityonion.net/2017/11/elastic-stack-beta-2-release-and.html
https://blog.securityonion.net/2017/12/security-onion-elastic-stack-beta-3.html
https://blog.securityonion.net/2018/01/security-onion-elastic-stack-release.html
https://blog.securityonion.net/2018/02/security-onion-elastic-stack-release.html
https://blog.securityonion.net/2018/03/security-onion-elastic-stack-release.html
https://blog.securityonion.net/2018/03/security-onion-elastic-stack-release_28.html
Screenshot Tour
|
Security Onion 14.04.5.11 0328 |
|
Welcome to Setup |
|
Network Configuration |
|
Service Configuration |
|
Evaluation Mode or Production Mode |
|
Sniffing Interface Selection |
|
Creating User Account |
|
Setting Password |
|
Confirming Password |
|
Confirming Options |
|
Setup Complete |
|
Lots of new control scripts with naming convention of so-COMPONENT-VERB |
|
Apache Single Sign On (SSO) for Squert, CapMe, and Kibana |
|
Squert |
|
CapMe |
|
Kibana |
|
Help |
|
Bro Notices |
|
ElastAlert |
|
OSSEC Alerts |
|
NIDS Alerts |
|
Connections |
|
DCE/RPC |
|
DHCP |
|
DNP3 |
|
DNS |
|
Files |
|
FTP |
|
HTTP |
|
Intel |
|
IRC |
|
Kerberos |
|
Modbus |
|
MySQL |
|
NTLM |
|
PE |
|
RADIUS |
|
RDP |
|
RFB |
|
SIP |
|
SMB |
|
SMTP |
|
SNMP |
|
Software |
|
SSH |
|
SSL |
|
Syslog |
|
Tunnels |
|
Weird |
|
X.509 |
|
Autoruns |
|
Beats |
|
OSSEC |
|
Sysmon |
|
Baby Domains |
|
Firewall |
|
Frequency Analysis |
|
Stats |
|
Syslog |
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.