We recently released Security Onion 2.4.10 (2.4 GA):
https://blog.securityonion.net/2023/08/security-onion-24-has-reached-general.html
Today, we are releasing a hotfix which resolves a few issues:
https://docs.securityonion.net/en/2.4/release-notes.html
New Installations
If you want to perform a new installation, please review the documentation and then you can find instructions here:
https://docs.securityonion.net/en/2.4/download.html
Existing 2.4 Installations
If you have an existing installation of 2.4, then you should update to this hotfix. If your 2.4 installation is RC or GA (not Beta), then you can run soup to update.
If you are upgrading an Import node and have already imported a pcap or evtx file, then you may need to delete the import data stream for all imports to work correctly. You can either run the following command:
sudo so-elasticsearch-query _data_stream/logs-import-so -XDELETE
OR you can clear Elastic altogether with the following command:
sudo so-elastic-clear -d -y
In many cases, Import nodes are only temporary anyway, so you may just want to perform a fresh installation.
For more information about the update process, please see:
https://docs.securityonion.net/en/2.4/soup.html
Known Issues
Here are some known issues that should be resolved in later releases:
- You cannot do an in-place upgrade from 2.3 to 2.4. We are still investigating data migration.
- Security Onion Desktop is still considered experimental. It should work when installing from our ISO image but will not work for network installations currently.
- so-ip-update, while not an officially supported tool to begin with, has not been given any attention for 2.4 and may not work at all.
- SOC Grid is unable to display EPS production values for sensors.
- ISO install does not remove NOPASSWD option from sudo configuration.
Questions, Problems, and Feedback
If you have any questions or problems relating to Security Onion 2.4, please use the new 2.4 category at our Discussions site:
https://github.com/Security-Onion-Solutions/securityonion/discussions/categories/2-4
Conference
Our 10th Annual Security Onion Conference is coming up soon! You don't want to miss great speakers like:
- Dave Kennedy
- Wes Lambert
- Josh Kamdjou
- Scott Hall
- Pete Di Giorgio
- Josh Brower
- David Bianco
- Doug Burks
Reserve your seat today! Last day to register is September 29!
https://socaugusta2023.eventbrite.com/
Training
Do you want to deploy the new Security Onion 2.4 to your enterprise but need training?
Our first 4-day public training class on Security Onion 2.4 will be in beautiful Augusta GA as part of Augusta Cyber Week!
The class is at a very special price AND you get a free ticket to BOTH Security Onion Conference AND BSidesAugusta!
For more information, please see:
https://blog.securityonion.net/2023/07/registration-now-open-for-augusta-cyber.html
Security Onion Solutions Hardware Appliances
We know Security Onion's hardware needs, and our appliances are the perfect match for the platform. Leave the hardware research, testing, and support to us, so you can focus on what's important for your organization. Not only will you have confidence that your Security Onion deployment is running on the best-suited hardware, you will also be supporting future development and maintenance of the Security Onion project!
No comments:
Post a Comment