From 38d0d5285e97d2e027452a2b08f73595e6ef9713 Mon Sep 17 00:00:00 2001
From: m0duspwnens <josh.patterson@securityonionsolutions.com>
Date: Thu, 16 Apr 2020 00:19:16 -0400
Subject: [PATCH 1/2] add missing ,

---
 salt/common/grafana/grafana_dashboards/eval/eval.json | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/salt/common/grafana/grafana_dashboards/eval/eval.json b/salt/common/grafana/grafana_dashboards/eval/eval.json
index 706d979d8..0c7fdc769 100644
--- a/salt/common/grafana/grafana_dashboards/eval/eval.json
+++ b/salt/common/grafana/grafana_dashboards/eval/eval.json
@@ -2795,7 +2795,7 @@
         "timeShift": null,
         "title": "{{ SERVERNAME }} - System Uptime",
         "type": "stat"
-      }
+      },
       {
         "cacheTimeout": null,
         "datasource": "InfluxDB",
@@ -4272,4 +4272,4 @@
     "title": "Evaluation Mode - {{ SERVERNAME }} Overview",
     "uid": "{{ UID }}",
     "version": 1
-  }
\ No newline at end of file
+  }

From 616baaf4be4f424cca53aff97c11a07fd8b63383 Mon Sep 17 00:00:00 2001
From: Mike Reeves <mike.reeves@securityonionsolutions.com>
Date: Thu, 16 Apr 2020 10:53:35 -0400
Subject: [PATCH 2/2] Update JOSN for release

---
 salt/soc/files/soc/changes.json | 44 +++++++++++++++++++--------------
 1 file changed, 25 insertions(+), 19 deletions(-)

diff --git a/salt/soc/files/soc/changes.json b/salt/soc/files/soc/changes.json
index 10502dfb6..a8ccfac58 100644
--- a/salt/soc/files/soc/changes.json
+++ b/salt/soc/files/soc/changes.json
@@ -1,23 +1,29 @@
 {
-  "title": "Introducing Hybrid Hunter 1.2.1 Beta",
+  "title": "Introducing Hybrid Hunter 1.2.1 Beta 1",
   "changes": [
-    { "summary": "New authentication framework" },
-    { "summary": "New Logstash pipeline setup. Now uses multiple pipelines." },
-    { "summary": "New Master + Search node type and well as a Heavy Node type in the install." },
-    { "summary": "Change all nodes to point to the docker registry on the Master. This cuts down on the calls to dockerhub." },
-    { "summary": "Upgraded to Zeek 3.0" },
-    { "summary": "Upgraded to Elastic 7.6" },
-    { "summary": "New SO Start | Stop | Restart scripts for all components (eg. `so-playbook-restart`)." },
-    { "summary": "BPF support for Suricata (NIDS), Steno (PCAP) & Zeek (<a target='new' href='https://github.com/Security-Onion-Solutions/securityonion-saltstack/wiki/BPF'>More Info</a>)." },
-    { "summary": "Updated Domain Stats & Frequency Server containers to Python3 & created new Salt states for them." },
-    { "summary": "Added so-status script which gives an easy to read look at container status." },
-    { "summary": "Manage threshold.conf for Suricata using the thresholding pillar." },
-    { "summary": "The ISO now includes all the docker containers for faster install speeds." },
-    { "summary": "You now set the password for the onion account during the iso install. This account is temporary and will be removed after so-setup." },
-    { "summary": "Updated Helix parsers for better compatibility." },
-    { "summary": "Updated telegraf docker to include curl and jq." },
-    { "summary": "CVE-2020-0601 Zeek Detection Script." },
-    { "summary": "ISO Install now prompts you to create a password for the onion user during imaging. This account gets disabled during setup." },
-    { "summary": "Check out the Hybrid Hunter Quick Start Guide." }
+    { "summary": "Introduction of the Security Onion Console. Once logged in you are directly taken to the SOC." },
+    { "summary": "New authentication using Kratos." },
+    { "summary": "During install you must specify how you would like to access the SOC ui. This is for strict cookie security." },
+    { "summary": "Ability to list and delete web users from the SOC ui." },
+    { "summary": "The soremote account is now used to add nodes to the grid vs using socore." }, 
+    { "summary": "Community ID support for Zeek, osquery, and Suricata. You can now tie host events to connection logs!" },
+    { "summary": "Elastic 7.6.1 with ECS support." },
+    { "summary": "New set of Kibana dashboards that align with ECS." },
+    { "summary": "Eval mode no longer uses Logstash for parsing (Filebeat -> ES Ingest)" },
+    { "summary": "Ingest node parsing for osquery-shipped logs (osquery, WEL, Sysmon)." },
+    { "summary": "Fleet standalone mode with improved Web UI & API access control." },
+    { "summary": "Improved Fleet integration support." },
+    { "summary": "Playbook now has full Windows Sigma community ruleset builtin." },
+    { "summary": "Automatic Sigma community rule updates." },
+    { "summary": "Playbook stability enhancements." },
+    { "summary": "Zeek health check. Zeek will now auto restart if a worker crashes." },
+    { "summary": "zeekctl is now managed by salt." },
+    { "summary": "Grafana dashboard improvements and cleanup." },
+    { "summary": "Moved logstash configs to pillars." },
+    { "summary": "Salt logs moved to /opt/so/log/salt." },
+    { "summary": "Strelka integrated for file-oriented detection/analysis at scale" },
+    { "summary": "KNOWN ISSUE: Updating users via the SOC ui is known to fail. To change a user, delete the user and re-add them." }, 
+    { "summary": "KNOWN ISSUE: Due to the move to ECS, the current Playbook plays may not alert correctly at this time." },
+    { "summary": "KNOWN ISSUE: The osquery MacOS package does not install correctly." }
   ]
 }