Monday, November 12, 2018

Elastic 6.4.2 and updated securityonion-elastic package now available for Security Onion 16.04!

UPDATE 2018/11/14: Some folks are experiencing an issue with this update.  If you haven't already installed it, you may want to wait for the next release which is in testing now.  For more information, please see:

UPDATE 2018/11/19: We've released an update which should the resolve the issue described below:

The following are now available for Security Onion 16.04:
securityonion-elastic - 20180130-1ubuntu1securityonion141
Docker images for Elastic 6.4.2

Elastic 6.4.2

This should resolve the following issues:

Issue 1356: Elastic 6.4.2

Issue 1340: securityonion-elastic: curator won't delete closed indices

Issue 1350: securityonion-elastic: so-elastic-reset should run so-bro-restart

Issue 1343: securityonion-elastic: avoid overwriting logstash.yml

Issue 1359: securityonion-elastic: avoid duplicating logs into multiple indices

Thanks to the Elastic team for Elastic 6.4.2!
Thanks to Wes Lambert for his work on these updates!
Thanks to David Szili for testing these updates!

Please see the following page for full update instructions:

We have a 4-day Security Onion training class coming up in San Antonio, Texas!  If you can't make it to this onsite class, we have a new online training platform!  For more information and other training options, please see:

We now offer hardware appliances!  For more information, please see:

Need support?  Please see:


No comments:

Search This Blog

Featured Post

Security Onion 2.4 Feature o' the Day - Configure Packet Capture

Security Onion 2.4 includes lots of new features! SOC's new Configuration interface allows you to configure packet capture: You can read...

Popular Posts

Blog Archive