Wednesday, May 8, 2019

Security Onion Hybrid Hunter 1.0.8 Tech Preview Available for Testing!

We recently announced Security Onion Hybrid Hunter:
https://blog.securityonion.net/2018/11/security-onion-hybrid-hunter-101-tech.html

We're excited to announce that Hybrid Hunter 1.0.8 is now available for testing!
https://github.com/Security-Onion-Solutions/securityonion-saltstack/blob/master/README.md

Major highlights of this release:

  • Suricata 4.1.4
  • Eval and Master installs now ask which components you would like to install
  • Fleet (osquery) now has it's own additional setup script (please see the docs)
  • Fleet setup script now generates auto install packages for Windows, CentOS, and Ubuntu
  • When Fleet setup is completed, all SO nodes will auto install the appropriate auto install package
  • We now have a progress bar during install!
  • The setup script will now tell you if it was successful

Thanks to Josh Brower for his additional work on the osquery integration!

Screenshots

Installation

Main Web Page with link to OSquery

Osquery Page with prebuilt binaries

Fleet showing endpoints

osquery dashboard in Kibana

No comments:

Search This Blog

Featured Post

Security Onion Documentation printed book now updated for Security Onion 2.4.110!

We've been offering our Security Onion documentation in book form on Amazon for a few years and it's now been updated for the recent...

Popular Posts

Blog Archive