Wednesday, January 22, 2025

Coming soon to Security Onion: Local IP Lookups!

Our upcoming Security Onion 2.4.120 release includes a new local IP lookup feature! This allows you to define local descriptions for important IP addresses in your environment. This is useful for IP addresses that don't have a reverse DNS entry or for when you want to override the reverse DNS entry with a custom value. 


When you are viewing IP addresses in Security Onion Console (SOC) with reverse lookups enabled, SOC will check the local mappings first. If it doesn’t find a match, then it will attempt a reverse DNS lookup. The lookup will be displayed to the right of the IP address. For example:


Security Onion 2.4.120 is coming soon!

No comments:

Search This Blog

Featured Post

Upcoming Change to Elasticsearch Index Management for Multi-Node Deployments

Elasticsearch indices are managed by both the so-elasticsearch-indices-delete utility and Index Lifecycle Management (ILM). so-elasticsearch...

Popular Posts

Blog Archive