diff --git a/DOWNLOAD_AND_VERIFY_ISO.md b/DOWNLOAD_AND_VERIFY_ISO.md index c1594b954..b9b3da297 100644 --- a/DOWNLOAD_AND_VERIFY_ISO.md +++ b/DOWNLOAD_AND_VERIFY_ISO.md @@ -1,18 +1,18 @@ -### 2.4.4-20230728 ISO image built on 2023/07/28 +### 2.4.5-20230807 ISO image released on 2023/08/07 ### Download and Verify -2.4.4-20230728 ISO image: -https://download.securityonion.net/file/securityonion/securityonion-2.4.4-20230728.iso - -MD5: F63E76245F3E745B5BDE9E6E647A7CB6 -SHA1: 6CE4E4A3399CD282D4F8592FB19D510388AB3EEA -SHA256: BF8FEB91B1D94B67C3D4A79D209B068F4A46FEC7C15EEF65B0FCE9851D7E6C9F +2.4.5-20230807 ISO image: +https://download.securityonion.net/file/securityonion/securityonion-2.4.5-20230807.iso + +MD5: F83FD635025A3A65B380EAFCEB61A92E +SHA1: 5864D4CD520617E3328A3D956CAFCC378A8D2D08 +SHA256: D333BAE0DD198DFD80DF59375456D228A4E18A24EDCDB15852CD4CA3F92B69A7 Signature for ISO image: -https://github.com/Security-Onion-Solutions/securityonion/raw/2.4/main/sigs/securityonion-2.4.4-20230728.iso.sig +https://github.com/Security-Onion-Solutions/securityonion/raw/2.4/main/sigs/securityonion-2.4.5-20230807.iso.sig Signing key: https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/2.4/main/KEYS @@ -26,22 +26,22 @@ wget https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/2. Download the signature file for the ISO: ``` -wget https://github.com/Security-Onion-Solutions/securityonion/raw/2.4/main/sigs/securityonion-2.4.4-20230728.iso.sig +wget https://github.com/Security-Onion-Solutions/securityonion/raw/2.4/main/sigs/securityonion-2.4.5-20230807.iso.sig ``` Download the ISO image: ``` -wget https://download.securityonion.net/file/securityonion/securityonion-2.4.4-20230728.iso +wget https://download.securityonion.net/file/securityonion/securityonion-2.4.5-20230807.iso ``` Verify the downloaded ISO image using the signature file: ``` -gpg --verify securityonion-2.4.4-20230728.iso.sig securityonion-2.4.4-20230728.iso +gpg --verify securityonion-2.4.5-20230807.iso.sig securityonion-2.4.5-20230807.iso ``` The output should show "Good signature" and the Primary key fingerprint should match what's shown below: ``` -gpg: Signature made Tue 11 Jul 2023 06:23:37 PM EDT using RSA key ID FE507013 +gpg: Signature made Sat 05 Aug 2023 10:12:46 AM EDT using RSA key ID FE507013 gpg: Good signature from "Security Onion Solutions, LLC " gpg: WARNING: This key is not certified with a trusted signature! gpg: There is no indication that the signature belongs to the owner. diff --git a/README.md b/README.md index aa3aa6ddf..19a560419 100644 --- a/README.md +++ b/README.md @@ -1,6 +1,6 @@ -## Security Onion 2.4 Release Candidate 2 (RC2) +## Security Onion 2.4 -Security Onion 2.4 Release Candidate 2 (RC2) is here! +Security Onion 2.4 is here! ## Screenshots diff --git a/VERSION b/VERSION index 59aa62c1f..b0f6bf0cd 100644 --- a/VERSION +++ b/VERSION @@ -1 +1 @@ -2.4.5 +2.4.10 diff --git a/salt/elasticfleet/tools/sbin_jinja/so-elastic-fleet-outputs-update b/salt/elasticfleet/tools/sbin_jinja/so-elastic-fleet-outputs-update index 17c867c07..b88b564ed 100644 --- a/salt/elasticfleet/tools/sbin_jinja/so-elastic-fleet-outputs-update +++ b/salt/elasticfleet/tools/sbin_jinja/so-elastic-fleet-outputs-update @@ -43,14 +43,12 @@ fi # Query for FQDN entries & add them to the list {% if ELASTICFLEETMERGED.config.server.custom_fqdn | length > 0 %} -CUSTOMFQDNLIST=({{ ELASTICFLEETMERGED.config.server.custom_fqdn | join(' ') }}) -if [ -n "$CUSTOMFQDNLIST" ]; then - readarray -t CUSTOMFQDN <<< $CUSTOMFQDNLIST - for CUSTOMNAME in "${CUSTOMFQDN[@]}" - do - NEW_LIST+=("https://$CUSTOMNAME:8220") - done -fi +CUSTOMFQDNLIST=('{{ ELASTICFLEETMERGED.config.server.custom_fqdn | join(' ') }}') +readarray -t -d ' ' CUSTOMFQDN < <(printf '%s' "$CUSTOMFQDNLIST") +for CUSTOMNAME in "${CUSTOMFQDN[@]}" +do + NEW_LIST+=("$CUSTOMNAME:5055") +done {% endif %} # Query for the current Grid Nodes that are running Logstash diff --git a/salt/elasticfleet/tools/sbin_jinja/so-elastic-fleet-urls-update b/salt/elasticfleet/tools/sbin_jinja/so-elastic-fleet-urls-update index 7d29fe080..31c7becca 100644 --- a/salt/elasticfleet/tools/sbin_jinja/so-elastic-fleet-urls-update +++ b/salt/elasticfleet/tools/sbin_jinja/so-elastic-fleet-urls-update @@ -43,14 +43,12 @@ fi # Query for FQDN entries & add them to the list {% if ELASTICFLEETMERGED.config.server.custom_fqdn | length > 0 %} -CUSTOMFQDNLIST=({{ ELASTICFLEETMERGED.config.server.custom_fqdn | join(' ') }}) -if [ -n "$CUSTOMFQDNLIST" ]; then - readarray -t CUSTOMFQDN <<< $CUSTOMFQDNLIST - for CUSTOMNAME in "${CUSTOMFQDN[@]}" - do - NEW_LIST+=("https://$CUSTOMNAME:8220") - done -fi +CUSTOMFQDNLIST=('{{ ELASTICFLEETMERGED.config.server.custom_fqdn | join(' ') }}') +readarray -t -d ' ' CUSTOMFQDN < <(printf '%s' "$CUSTOMFQDNLIST") +for CUSTOMNAME in "${CUSTOMFQDN[@]}" +do + NEW_LIST+=("https://$CUSTOMNAME:8220") +done {% endif %} # Query for the current Grid Nodes that are running Logstash (which includes Fleet Nodes) diff --git a/salt/telegraf/scripts/zeekcaptureloss.sh b/salt/telegraf/scripts/zeekcaptureloss.sh index f2c3fcd2d..6e1785237 100644 --- a/salt/telegraf/scripts/zeekcaptureloss.sh +++ b/salt/telegraf/scripts/zeekcaptureloss.sh @@ -8,15 +8,10 @@ # This script returns the average of all the workers average capture loss to telegraf / influxdb in influx format include nanosecond precision timestamp # if this script isn't already running -{%- from 'zeek/config.map.jinja' import ZEEKMERGED %} if [[ ! "`pidof -x $(basename $0) -o %PPID`" ]]; then if [ -d "/host/nsm/zeek/spool/logger" ]; then -{%- if ZEEKMERGED.config.node.pins %} - WORKERS={{ ZEEKMERGED.config.node.pins | length }} -{%- else %} - WORKERS={{ ZEEKMERGED.config.node.lb_procs }} -{%- endif %} + WORKERS={{ salt['pillar.get']('sensor:zeek_lbprocs', salt['pillar.get']('sensor:zeek_pins') | length) }} ZEEKLOG=/host/nsm/zeek/spool/logger/capture_loss.log elif [ -d "/host/nsm/zeek/spool/zeeksa" ]; then WORKERS=1 diff --git a/sigs b/sigs deleted file mode 100644 index 75a14e1a1..000000000 Binary files a/sigs and /dev/null differ diff --git a/sigs/securityonion-2.4.5-20230807.iso.sig b/sigs/securityonion-2.4.5-20230807.iso.sig new file mode 100644 index 000000000..fdf914164 Binary files /dev/null and b/sigs/securityonion-2.4.5-20230807.iso.sig differ