CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-07 01:32:47 +01:00
Code Issues Packages Projects Releases Wiki Activity

Readme - Add some things I missed

Browse Source
This commit is contained in:
Mike Reeves
2019-09-30 06:56:17 -04:00
parent f12401e436
commit 67509aad7c
1 changed files with 8 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

14
README.md
View File

@@ -3,18 +3,20 @@
### Changes: ### Changes:
- Alpha 2 is here!! Check out the [Hybrid Hunter Quick Start Guide](https://github.com/Security-Onion-Solutions/securityonion-saltstack/wiki/Hybrid-Hunter-Quick-Start-Guide). - Alpha 2 is here!! Check out the [Hybrid Hunter Quick Start Guide](https://github.com/Security-Onion-Solutions/securityonion-saltstack/wiki/Hybrid-Hunter-Quick-Start-Guide).
- Suricata 4.1.5 - Suricata 4.1.5.
- Bro/Zeek 2.6.4 - Bro/Zeek 2.6.4.
- TheHive 3.4.0 (ES to 6.8.3) - TheHive 3.4.0 (ES to 6.8.3).
- NIDS and HIDS dashboard updates - Fixed Bro/Zeek packet loss calculation for Grafana.
- Updated to latest Sensoroni for websockets to enable job status updates without refreshing.
- NIDS and HIDS dashboard updates.
- Playbook and ATT&CK Navigator features are now included. - Playbook and ATT&CK Navigator features are now included.
- Filebeat now logs to a file, instead of stdout. - Filebeat now logs to a file, instead of stdout.
- Elastalert has been updated to use Python 3 and allow for use of custom alerters. - Elastalert has been updated to use Python 3 and allow for use of custom alerters.
- Elasticsearch Ingest is now used to consume Zeek logs and Suricata alerts (instead of the traditional Logstash pipeline). - Elasticsearch Ingest is now used to consume Zeek logs and Suricata alerts (instead of the traditional Logstash pipeline).
This reduces the memory footprint of Logstash dramatically! This reduces the memory footprint of Logstash dramatically!
- Several changes to the setup script have been made to improve stability of the setup process: - Several changes to the setup script have been made to improve stability of the setup process:
- Setup now modifies your hosts file so that the install works better in environments without DNS - Setup now modifies your hosts file so that the install works better in environments without DNS.
- You are now prompted for setting a password for the socore user - You are now prompted for setting a password for the socore user.
- The install now forces a reboot at the end of the install. This fixes an issue with some of the Docker containers being in the wrong state from a manual reboot. Manual reboots are fine after the initial reboot. - The install now forces a reboot at the end of the install. This fixes an issue with some of the Docker containers being in the wrong state from a manual reboot. Manual reboots are fine after the initial reboot.