Security Onion Blog

Tuesday, April 21, 2020

Elastic 6.8.8 now available for Security Onion!

UPDATE 2020-04-22 7:00 Looks like there is an issue with domainstats in this release.  So if you're running domainstats, please do not update until we have resolved this issue.

UPDATE 2020-04-22 8:27 We've pushed a new domainstats image which should resolve this issue.

 The following updates are now available for Security Onion!

  • Elastic 6.8.8 Docker images
  • securityonion-elastic - 20190510-1ubuntu1securityonion93

These updates should resolve the following issues:

Elastic 6.8.8 #1746
https://github.com/Security-Onion-Solutions/security-onion/issues/1746

LOGSTASH_MINIMAL doesn't include Beat config #1751
https://github.com/Security-Onion-Solutions/security-onion/issues/1751

securityonion-elastic: improve elasticsearch ingest parsing for sysmon logs via Wazuh #1754
https://github.com/Security-Onion-Solutions/security-onion/issues/1754

securityonion-elastic: bro_files file_ip should be copied to source_ip #1742
https://github.com/Security-Onion-Solutions/security-onion/issues/1742

securityonion-elastic: remove [data][sysmon][targetfilename] from winlogbeat sysmon parsing #1752
https://github.com/Security-Onion-Solutions/security-onion/issues/1752

securityonion-elastic: so-elastic-reset does not remove closed indices #1759
https://github.com/Security-Onion-Solutions/security-onion/issues/1759

securityonion-elastic: so-elastic-reset needs to disable elastalert and then re-enable afterward #1735
https://github.com/Security-Onion-Solutions/security-onion/issues/1735

so-import-pcap-configure: running alone results in error #1740
https://github.com/Security-Onion-Solutions/security-onion/issues/1740

Unanchored regexes in 8001_postprocess_common_ip_augmentation.conf wrongly skip geoip #1244
https://github.com/Security-Onion-Solutions/security-onion/issues/1244

Thanks
Thanks to the Elastic team for Elastic 6.8.8!
Thanks to Wes Lambert and John Bernal for testing and QA!

Updating
Please see the following page for full update instructions:
https://securityonion.net/docs/Upgrade

Support
Need support?  Please see:
https://securityonion.net/docs/Support

Documentation
You can find our documentation here:
https://securityonion.net/docs

Also, we're now offering a printed copy of our official documentation with foreword by Richard Bejtlich and proceeds going to Rural Technology Fund:
https://securityonion.net/book

Training
Security Onion Solutions is the only official authorized training provider for Security Onion.  For more information about our training classes, please see:
https://securityonionsolutions.com

Appliances
We now offer hardware appliances!  For more information, please see:
https://securityonionsolutions.com

Thanks!

at
Labels: , , , , , , , ,

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)

Search This Blog

Featured Post

New Security Onion Online Training Class - Detection Engineering with Security Onion!

We've just added an exciting new course to our online Security Onion 2.4 training catalog! It's called "Detection Engineering w...

Popular Posts

Blog Archive