Security Onion Blog

Wednesday, May 8, 2019

Security Onion Hybrid Hunter 1.0.8 Tech Preview Available for Testing!

We recently announced Security Onion Hybrid Hunter:
https://blog.securityonion.net/2018/11/security-onion-hybrid-hunter-101-tech.html

We're excited to announce that Hybrid Hunter 1.0.8 is now available for testing!
https://github.com/Security-Onion-Solutions/securityonion-saltstack/blob/master/README.md

Major highlights of this release:

  • Suricata 4.1.4
  • Eval and Master installs now ask which components you would like to install
  • Fleet (osquery) now has it's own additional setup script (please see the docs)
  • Fleet setup script now generates auto install packages for Windows, CentOS, and Ubuntu
  • When Fleet setup is completed, all SO nodes will auto install the appropriate auto install package
  • We now have a progress bar during install!
  • The setup script will now tell you if it was successful

Thanks to Josh Brower for his additional work on the osquery integration!

Screenshots

Installation

Main Web Page with link to OSquery

Osquery Page with prebuilt binaries

Fleet showing endpoints

osquery dashboard in Kibana

at
Labels: , , , , ,

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)

Search This Blog

Featured Post

New Security Onion Online Training Class - Detection Engineering with Security Onion!

We've just added an exciting new course to our online Security Onion 2.4 training catalog! It's called "Detection Engineering w...

Popular Posts

Blog Archive