Thursday, May 6, 2021

Security Onion 2.3.50 Hotfix available!

Security Onion Solutions recently announced the release of Security Onion 2.3.50 which brings a ton of great fixes and features to the community. There have been many occasions where we have wanted to deploy small updates to Security Onion 2 but due to how the platform is built this was difficult to do… until now! Today we are announcing the introduction of hotfixes in Security Onion 2. This hotfix (GRIDFIX) addresses the following issues: 

  • Mixed or capital cased grid members will show up properly in the Grid view.
  • SOC will need to be restarted to remove the duplicate entries - so-soc-restart.
  • Raid status for Security Onion Solutions appliances should now properly update.

For those of you who have grids with capabilities to connect to the Internet for updates you can simply run “soup” on the manager and it will automatically apply the latest hotfix. Hotfixes will typically include updates to the salt code and small configuration changes that we want to get out to you without having to do a full release update. Any changes to docker containers will follow our normal release process and the version number will change. You will notice that the version numbers after a hotfix has been applied stays the same. The application of the hotfix is tracked on the manager in the /etc/sohotfix file. For more information, please see our soup documentation:

If you are an airgap user we want you to know we have not forgotten about you. You too will be able to apply hotfixes starting in Security Onion 2.3.60. Users will see a couple of new commands for applying hotfixes. The first command so-airgap-hotfixdownload will be run from a computer with Internet access. This will download the hotfix and drop it into a tarball that you will then need to sneakernet over to your airgapped manager. Once you have copied that sohotfix.tar to a location on the manager you will run so-airgap-hotfixapply /path/to/sohotfix.tar and it will apply the hotfix. For more information, please see our airgap documentation:

We hope you are as excited as we are for this new functionality and look forward to continuing to bring cool and innovative features to the Security Onion Platform.


You can find our documentation here:

Documentation is always a work in progress and some documentation may be missing or incorrect. Please let us know if you notice any issues.

Known Issues

Please review the Known Issues list:

New Installations

If you want to perform a new installation, please review the 2.3 documentation and then you can find instructions here:

Existing 2.3 Installations

If you have an existing Security Onion 2.3 installation, please see:

AWS Marketplace

For new Security Onion 2 installations, version 2.3.50 is now also available on AWS Marketplace via the official Security Onion 2 AMI:

AMI Documentation:

Existing Security Onion 2 AMI users should use the "soup" command to upgrade:

Security Onion 16.04 EOL

As a reminder, Security Onion 16.04 has reached End Of Life (EOL):

If you're still running Security Onion 16.04, please see the following for upgrade options:

Questions or Problems

If you have questions or problems, please see our community support forum guidelines:

You can then find the community support forum at:


Need training? Start with our free Security Onion Essentials training and then take a look at some of our other official Security Onion training, including our new Detection Playbook class!

Hardware Appliances

We know Security Onion's hardware needs, and our appliances are the perfect match for the platform. Leave the hardware research, testing, and support to us, so you can focus on what's important for your organization. Not only will you have confidence that your Security Onion deployment is running on the best-suited hardware, you will also be supporting future development and maintenance of the Security Onion project!

No comments:

Search This Blog

Featured Post

New Security Onion Online Training Class - Detection Engineering with Security Onion!

We've just added an exciting new course to our online Security Onion 2.4 training catalog! It's called "Detection Engineering w...

Popular Posts

Blog Archive