Security Onion Blog

Wednesday, January 9, 2019

Bro 2.6.1, Elastic 6.5.4, JA3, and HASSH now available for Security Onion!

The following are now available for Security Onion:
Docker images for Elastic 6.5.4
securityonion-elastic - 20180130-1ubuntu1securityonion153
securityonion-bro - 2.6.1-1ubuntu1securityonion4
securityonion-bro-afpacket - 1.3.0-1ubuntu1securityonion10
securityonion-bro-scripts - 20121004-0ubuntu0securityonion69

This should resolve the following issues:

Bro 2.6.1 #1388
https://github.com/Security-Onion-Solutions/security-onion/issues/1388

securityonion-bro-afpacket: create package for Bro af_packet plugin #1411
https://github.com/Security-Onion-Solutions/security-onion/issues/1411

securityonion-bro-scripts: support securityonion-bro-afpacket #1412
https://github.com/Security-Onion-Solutions/security-onion/issues/1412

securityonion-bro-scripts: add JA3 #1115
https://github.com/Security-Onion-Solutions/security-onion/issues/1115

securityonion-bro-scripts: add HASSH #1338
https://github.com/Security-Onion-Solutions/security-onion/issues/1338

securityonion-elastic: Update for Bro 2.6.1 #1409
https://github.com/Security-Onion-Solutions/security-onion/issues/1409

securityonion-elastic: Improve so-elastalert scripts #1403
https://github.com/Security-Onion-Solutions/security-onion/issues/1403

Elastic 6.5.4 #1404
https://github.com/Security-Onion-Solutions/security-onion/issues/1404

securityonion-elastic: store Kibana dashboard color preference in securityonion.conf #1405
https://github.com/Security-Onion-Solutions/security-onion/issues/1405

securityonion-elastic: preserve custom config #1401
https://github.com/Security-Onion-Solutions/security-onion/issues/1401

Screenshots
Elastic 6.5.4
JA3

HASSH

Thanks
Thanks to the Bro team for Bro 2.6.1!
Thanks to the Elastic team for Elastic 6.5.4!
Thanks to the Salesforce team for JA3 and HASSH!
Thanks to Wes Lambert for testing!

Updating
Please see the following page for full update instructions:
https://securityonion.net/wiki/Upgrade

Training
We have 4-day Security Onion training classes coming up in San Antonio TX, Atlanta GA, and Columbia MD!  If you can't make it to one of these onsite classes, we have a new online training platform!  For more information and other training options, please see:
https://securityonionsolutions.com

Appliances
We now offer hardware appliances!  For more information, please see:
https://blog.securityonion.net/2018/10/introducing-security-onion-solutions.html

Support
Need support?  Please see:
https://securityonion.net/wiki/Support

Thanks!

at
Labels: , , , , ,

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)

Search This Blog

Featured Post

New Security Onion Online Training Class - Detection Engineering with Security Onion!

We've just added an exciting new course to our online Security Onion 2.4 training catalog! It's called "Detection Engineering w...

Popular Posts

Blog Archive