Tuesday, July 20, 2021

Security Onion 2.3.60 Curator Auth Hotfix

We recently released Security Onion 2.3.60:
https://blog.securityonion.net/2021/07/security-onion-2360-now-available.html

and a few hotfixes:
https://blog.securityonion.net/2021/07/security-onion-2360-heavy-node-hotfix.html
https://blog.securityonion.net/2021/07/security-onion-2360-filebeat-pipeline.html

Today, we are releasing a Curator auth hotfix to resolve the issue described in the following discussion:
https://github.com/Security-Onion-Solutions/securityonion/discussions/4752

This hotfix is especially important if you are using Elastic authentication. If you have a new 2.3.60 installation, then Elastic authentication was enabled by default and you should install this hotfix. If you had an older installation that you updated to 2.3.60 and then manually enabled Elastic authentication using so-elastic-auth, then you should install this hotfix.

If you haven't updated recently, then you should review the blog posts linked above so that you are aware of all recent changes.

After updating, you can check the curator log at /opt/so/log/curator/curator.log to make sure that Curator is operating correctly.

Internet-Connected Deployments

If your Security Onion deployment has Internet access, simply run "sudo soup" as described here:
https://docs.securityonion.net/en/2.3/soup.html

Airgap Deployments

If you have an airgap deployment, download the new 2.3.60-CURATORAUTH ISO image from the usual location:
https://securityonion.net/download

Then follow the steps here:
https://docs.securityonion.net/en/2.3/airgap.html#security-onion-version-updates

Questions or Problems

If you have questions or problems, please see our community support forum guidelines:
https://docs.securityonion.net/en/2.3/community-support.html

You can then find the community support forum at:

https://securityonion.net/discuss


No comments:

Post a Comment

Note: Only a member of this blog may post a comment.