Docker images for Elastic 6.7.2
securityonion-elastic - 20190510-1ubuntu1securityonion3
Elastic 6.7.2 |
Issues Resolved
Elastic 6.7.2 #1426
https://github.com/Security-Onion-Solutions/security-onion/issues/1426
securityonion-elastic: enable Java Execution Engine in Logstash #1436
https://github.com/Security-Onion-Solutions/security-onion/issues/1436
securityonion-elastic: update "Syslog - Source IP Address" visualization on Syslog dashboard #1498
https://github.com/Security-Onion-Solutions/security-onion/issues/1498
securityonion-elastic: add bro_conn service data table #1496
https://github.com/Security-Onion-Solutions/security-onion/issues/1496
securityonion-elastic: rename bro x509 id to fuid #1499
https://github.com/Security-Onion-Solutions/security-onion/issues/1499
securityonion-elastic: rename bro pe id to fuid #1493
https://github.com/Security-Onion-Solutions/security-onion/issues/1493
securityonion-elastic: update so-elastalert-create-whiptail to use new parameters in so-elastalert-test #1487
https://github.com/Security-Onion-Solutions/security-onion/issues/1487
securityonion-elastic: add more options to so-elastalert-test #1486
https://github.com/Security-Onion-Solutions/security-onion/issues/1486
securityonion-elastic: so-elastalert-test errors if no input provided #1470
https://github.com/Security-Onion-Solutions/security-onion/issues/1470
securityonion-elastic: correct separator in 1122_preprocess_bro_socks.conf #1485
https://github.com/Security-Onion-Solutions/security-onion/issues/1485
securityonion-elastic: update Logstash config to support Wazuh 3.8 agent #1469
https://github.com/Security-Onion-Solutions/security-onion/issues/1469
securityonion-elastic: avoid writing firewall logs to logstash-syslog index #1481
https://github.com/Security-Onion-Solutions/security-onion/issues/1481
securityonion-elastic: remove Wazuh's alerts.json from syslog-ng config #1467
https://github.com/Security-Onion-Solutions/security-onion/issues/1467
securityonion-elastic: update PFSense Logstash config for IPv6 options #1461
https://github.com/Security-Onion-Solutions/security-onion/issues/1461
securityonion-elastic: add so-elastic-document-stats #1459
https://github.com/Security-Onion-Solutions/security-onion/issues/1459
securityonion-elastic: minor fixes to bro logstash filters #1460
https://github.com/Security-Onion-Solutions/security-onion/issues/1460
securityonion-elastic: change wiki to docs #1452
https://github.com/Security-Onion-Solutions/security-onion/issues/1452
securityonion-elastic: if Standalone with 8GB RAM, set ES heap to 1GB #1425
https://github.com/Security-Onion-Solutions/security-onion/issues/1425
securityonion-elastic: move parsing from logstash to elasticsearch ingest for so-import-pcap #1497
https://github.com/Security-Onion-Solutions/security-onion/issues/1497
securityonion-elastic: so-import-pcap should run snort and suricata with checksums disabled #1478
https://github.com/Security-Onion-Solutions/security-onion/issues/1478
securityonion-elastic: minor fixes to so-import-pcap #1458
https://github.com/Security-Onion-Solutions/security-onion/issues/1458
securityonion-elastic: so-import-pcap should create a sguil sensor named HOSTNAME-import #1472
https://github.com/Security-Onion-Solutions/security-onion/issues/1472
so-import-pcap: run Setup if necessary #1480
https://github.com/Security-Onion-Solutions/security-onion/issues/1480
so-import-pcap: avoid merging errors #1430
https://github.com/Security-Onion-Solutions/security-onion/issues/1430
so-import-pcap - improve single pcap use case #1239
https://github.com/Security-Onion-Solutions/security-onion/issues/1239
securityonion-elastic: add translations route to Apache proxy config #1495
https://github.com/Security-Onion-Solutions/security-onion/issues/1495
securityonion-elastic: add built_assets route to Apache proxy config #1494
https://github.com/Security-Onion-Solutions/security-onion/issues/1494
securityonion-elastic: add dlls route to Apache proxy config #1435
https://github.com/Security-Onion-Solutions/security-onion/issues/1435
securityonion-elastic: add socket.io route to Apache proxy config #1437
https://github.com/Security-Onion-Solutions/security-onion/issues/1437
securityonion-elastic: add s route to Apache proxy config #1438
https://github.com/Security-Onion-Solutions/security-onion/issues/1438
securityonion-elastic: ensure update/refresh button is consistent across all Kibana dashboards #1429
https://github.com/Security-Onion-Solutions/security-onion/issues/1429
Kibana: HIDS Alerts Dashboard - Replace syslog-host_from with agent.name #1442
https://github.com/Security-Onion-Solutions/security-onion/issues/1442
securityonion-elastic: DHCP dashboard has different darkTheme behavior than others #1516
https://github.com/Security-Onion-Solutions/security-onion/issues/1516
securityonion-elastic: modify fields for Bro socks log #1517
https://github.com/Security-Onion-Solutions/security-onion/issues/1517
securityonion-elastic: fix so-elasticsearch-template-create #1518
https://github.com/Security-Onion-Solutions/security-onion/issues/1518
Thanks
Thanks to the Elastic team for Elastic 6.7.2!
Thanks to Wes Lambert and Dustin Lee for testing!
Updating
Please see the following page for full update instructions:
https://securityonion.net/docs/Upgrade
Conference
Please mark your calendar! Security Onion Conference 2019 will be on Friday, October 4, 2019 and registration will open July 18! CFP is open now and we want to hear from you!
https://blog.securityonion.net/2019/04/security-onion-conference-2019-cfp.html
Training
We have 4-day Security Onion Training classes coming up in Costa Mesa CA and Columbia MD! Use promotional code earlybird for 10% off the Columbia MD classes for a limited time. If you can't make it to an onsite class, we have a new online training platform. For more information and other training options, please see:
https://securityonionsolutions.com
Appliances
We now offer hardware appliances! For more information, please see:
https://blog.securityonion.net/2018/10/introducing-security-onion-solutions.html
Documentation
We've got a brand new documentation site! Please let us know if anything needs to be updated:
https://securityonion.net/docs
Support
Need support? Please see:
https://securityonion.net/docs/Support
Thanks!
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.