From 9d3744aa2567f6774cc5dd8d0328948dcfc03646 Mon Sep 17 00:00:00 2001
From: Josh Brower <josh@defensivedepth.com>
Date: Fri, 4 Aug 2023 16:05:28 -0400
Subject: [PATCH 1/8] Refactor to remove new line

---
 .../sbin_jinja/so-elastic-fleet-outputs-update     | 14 ++++++--------
 .../tools/sbin_jinja/so-elastic-fleet-urls-update  | 14 ++++++--------
 2 files changed, 12 insertions(+), 16 deletions(-)

diff --git a/salt/elasticfleet/tools/sbin_jinja/so-elastic-fleet-outputs-update b/salt/elasticfleet/tools/sbin_jinja/so-elastic-fleet-outputs-update
index 17c867c07..b88b564ed 100644
--- a/salt/elasticfleet/tools/sbin_jinja/so-elastic-fleet-outputs-update
+++ b/salt/elasticfleet/tools/sbin_jinja/so-elastic-fleet-outputs-update
@@ -43,14 +43,12 @@ fi
 
 # Query for FQDN entries & add them to the list
 {% if ELASTICFLEETMERGED.config.server.custom_fqdn | length > 0 %}
-CUSTOMFQDNLIST=({{ ELASTICFLEETMERGED.config.server.custom_fqdn | join(' ') }})
-if [ -n "$CUSTOMFQDNLIST" ]; then
-    readarray -t CUSTOMFQDN <<< $CUSTOMFQDNLIST
-    for CUSTOMNAME in "${CUSTOMFQDN[@]}"
-    do
-    NEW_LIST+=("https://$CUSTOMNAME:8220")
-    done
-fi
+CUSTOMFQDNLIST=('{{ ELASTICFLEETMERGED.config.server.custom_fqdn | join(' ') }}')
+readarray -t -d ' ' CUSTOMFQDN < <(printf '%s' "$CUSTOMFQDNLIST")
+for CUSTOMNAME in "${CUSTOMFQDN[@]}"
+do
+ NEW_LIST+=("$CUSTOMNAME:5055")
+done
 {% endif %}
 
 # Query for the current Grid Nodes that are running Logstash
diff --git a/salt/elasticfleet/tools/sbin_jinja/so-elastic-fleet-urls-update b/salt/elasticfleet/tools/sbin_jinja/so-elastic-fleet-urls-update
index 7d29fe080..31c7becca 100644
--- a/salt/elasticfleet/tools/sbin_jinja/so-elastic-fleet-urls-update
+++ b/salt/elasticfleet/tools/sbin_jinja/so-elastic-fleet-urls-update
@@ -43,14 +43,12 @@ fi
 
 # Query for FQDN entries & add them to the list
 {% if ELASTICFLEETMERGED.config.server.custom_fqdn | length > 0 %}
-CUSTOMFQDNLIST=({{ ELASTICFLEETMERGED.config.server.custom_fqdn | join(' ') }})
-if [ -n "$CUSTOMFQDNLIST" ]; then
-    readarray -t CUSTOMFQDN <<< $CUSTOMFQDNLIST
-    for CUSTOMNAME in "${CUSTOMFQDN[@]}"
-    do
-    NEW_LIST+=("https://$CUSTOMNAME:8220")
-    done
-fi
+CUSTOMFQDNLIST=('{{ ELASTICFLEETMERGED.config.server.custom_fqdn | join(' ') }}')
+readarray -t -d ' ' CUSTOMFQDN < <(printf '%s' "$CUSTOMFQDNLIST")
+for CUSTOMNAME in "${CUSTOMFQDN[@]}"
+do
+ NEW_LIST+=("https://$CUSTOMNAME:8220")
+done
 {% endif %}
 
 # Query for the current Grid Nodes that are running Logstash (which includes Fleet Nodes)

From ec81cbd70d8aa33986c5609d5dc92895784434f1 Mon Sep 17 00:00:00 2001
From: Doug Burks <doug.burks@securityonionsolutions.com>
Date: Sat, 5 Aug 2023 09:11:58 -0400
Subject: [PATCH 2/8] Revert yesterday's change to zeekcaptureloss.sh

---
 salt/telegraf/scripts/zeekcaptureloss.sh | 6 ------
 1 file changed, 6 deletions(-)

diff --git a/salt/telegraf/scripts/zeekcaptureloss.sh b/salt/telegraf/scripts/zeekcaptureloss.sh
index e254ada32..4389fd601 100644
--- a/salt/telegraf/scripts/zeekcaptureloss.sh
+++ b/salt/telegraf/scripts/zeekcaptureloss.sh
@@ -11,15 +11,9 @@
 # This script returns the average of all the workers average capture loss to telegraf / influxdb in influx format include nanosecond precision timestamp
 
 # if this script isn't already running
-{%- from 'zeek/config.map.jinja' import ZEEKMERGED %}
 if [[ ! "`pidof -x $(basename $0) -o %PPID`" ]]; then
 
     if [ -d "/host/nsm/zeek/spool/logger" ]; then
-{%- if ZEEKMERGED.config.node.pins %}
-      WORKERS={{ ZEEKMERGED.config.node.pins | length }}
-{%- else %}
-      WORKERS={{ ZEEKMERGED.config.node.lb_procs }}
-{%- endif %}
       ZEEKLOG=/host/nsm/zeek/spool/logger/capture_loss.log
     elif [ -d "/host/nsm/zeek/spool/zeeksa" ]; then
       WORKERS=1

From 90102b1148047a445ba900d524d562ae6b75227b Mon Sep 17 00:00:00 2001
From: Doug Burks <doug.burks@securityonionsolutions.com>
Date: Sat, 5 Aug 2023 09:23:27 -0400
Subject: [PATCH 3/8] Finish reverting yesterday's change to zeekcaptureloss.sh

---
 salt/telegraf/scripts/zeekcaptureloss.sh | 1 +
 1 file changed, 1 insertion(+)

diff --git a/salt/telegraf/scripts/zeekcaptureloss.sh b/salt/telegraf/scripts/zeekcaptureloss.sh
index 4389fd601..e0c8758f2 100644
--- a/salt/telegraf/scripts/zeekcaptureloss.sh
+++ b/salt/telegraf/scripts/zeekcaptureloss.sh
@@ -14,6 +14,7 @@
 if [[ ! "`pidof -x $(basename $0) -o %PPID`" ]]; then
 
     if [ -d "/host/nsm/zeek/spool/logger" ]; then
+      WORKERS={{ salt['pillar.get']('sensor:zeek_lbprocs', salt['pillar.get']('sensor:zeek_pins') | length) }}
       ZEEKLOG=/host/nsm/zeek/spool/logger/capture_loss.log
     elif [ -d "/host/nsm/zeek/spool/zeeksa" ]; then
       WORKERS=1

From 3c5cd941c78b123835c3a473cc5ae9970b73e690 Mon Sep 17 00:00:00 2001
From: Doug Burks <doug.burks@securityonionsolutions.com>
Date: Mon, 7 Aug 2023 08:45:30 -0400
Subject: [PATCH 4/8] Update DOWNLOAD_AND_VERIFY_ISO.md for 2.4.5

---
 DOWNLOAD_AND_VERIFY_ISO.md | 24 ++++++++++++------------
 1 file changed, 12 insertions(+), 12 deletions(-)

diff --git a/DOWNLOAD_AND_VERIFY_ISO.md b/DOWNLOAD_AND_VERIFY_ISO.md
index c1594b954..0ea6db8ed 100644
--- a/DOWNLOAD_AND_VERIFY_ISO.md
+++ b/DOWNLOAD_AND_VERIFY_ISO.md
@@ -1,18 +1,18 @@
-### 2.4.4-20230728 ISO image built on 2023/07/28
+### 2.4.5-20230807 ISO image released on 2023/08/07
 
 
 
 ### Download and Verify
 
-2.4.4-20230728 ISO image:  
-https://download.securityonion.net/file/securityonion/securityonion-2.4.4-20230728.iso
-
-MD5: F63E76245F3E745B5BDE9E6E647A7CB6  
-SHA1: 6CE4E4A3399CD282D4F8592FB19D510388AB3EEA  
-SHA256: BF8FEB91B1D94B67C3D4A79D209B068F4A46FEC7C15EEF65B0FCE9851D7E6C9F 
+2.4.5-20230807 ISO image:  
+https://download.securityonion.net/file/securityonion/securityonion-2.4.5-20230807.iso
+ 
+MD5: F83FD635025A3A65B380EAFCEB61A92E
+SHA1: 5864D4CD520617E3328A3D956CAFCC378A8D2D08
+SHA256: D333BAE0DD198DFD80DF59375456D228A4E18A24EDCDB15852CD4CA3F92B69A7
 
 Signature for ISO image:  
-https://github.com/Security-Onion-Solutions/securityonion/raw/2.4/main/sigs/securityonion-2.4.4-20230728.iso.sig
+https://github.com/Security-Onion-Solutions/securityonion/raw/2.4/main/sigs/securityonion-2.4.5-20230807.iso.sig
 
 Signing key:  
 https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/2.4/main/KEYS  
@@ -26,22 +26,22 @@ wget https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/2.
 
 Download the signature file for the ISO:  
 ```
-wget https://github.com/Security-Onion-Solutions/securityonion/raw/2.4/main/sigs/securityonion-2.4.4-20230728.iso.sig
+wget https://github.com/Security-Onion-Solutions/securityonion/raw/2.4/main/sigs/securityonion-2.4.5-20230807.iso.sig
 ```
 
 Download the ISO image:  
 ```
-wget https://download.securityonion.net/file/securityonion/securityonion-2.4.4-20230728.iso
+wget https://download.securityonion.net/file/securityonion/securityonion-2.4.5-20230807.iso
 ```
 
 Verify the downloaded ISO image using the signature file:  
 ```
-gpg --verify securityonion-2.4.4-20230728.iso.sig securityonion-2.4.4-20230728.iso
+gpg --verify securityonion-2.4.5-20230807.iso.sig securityonion-2.4.5-20230807.iso
 ```
 
 The output should show "Good signature" and the Primary key fingerprint should match what's shown below:
 ```
-gpg: Signature made Tue 11 Jul 2023 06:23:37 PM EDT using RSA key ID FE507013
+gpg: Signature made Sat 05 Aug 2023 10:12:46 AM EDT using RSA key ID FE507013
 gpg: Good signature from "Security Onion Solutions, LLC <info@securityonionsolutions.com>"
 gpg: WARNING: This key is not certified with a trusted signature!
 gpg:          There is no indication that the signature belongs to the owner.

From 6e8f31e08373177b4b82b9d16f02664aaa916dbb Mon Sep 17 00:00:00 2001
From: Doug Burks <doug.burks@securityonionsolutions.com>
Date: Mon, 7 Aug 2023 08:59:24 -0400
Subject: [PATCH 5/8] Delete sigs

---
 sigs | Bin 566 -> 0 bytes
 1 file changed, 0 insertions(+), 0 deletions(-)
 delete mode 100644 sigs

diff --git a/sigs b/sigs
deleted file mode 100644
index 75a14e1a124888e706fa4e8a2cb8c950e0df7217..0000000000000000000000000000000000000000
GIT binary patch
literal 0
HcmV?d00001

literal 566
zcmV-60?GY}0y6{v0SEvc79j-41gSkXz6^6dp_W8^5Ma0dP;e6k0%XJRr~nEH5PT3|
zxBgIY6IR&||9=cs@>p+W<o;3MY+fIDyxnf%7vm6E<R;-CnMy?C?F<8IO^~?Ie@_n@
zu5jE^4Y;lQ1@o!&yFUmP56r&mhGLOteg9%x{8tKnJkyZx>KyMXEHkdmM<l{z8&q!W
zRu&|dgT2^FL^saxqt43b*<O<va(zJuUz*DD?m<{W0-lZ7`3DTsR1{G>9<Ubr2Owzw
zG?Mr6|Dq*}_G%&-?>dKN0A_e16|Moe1B^c6!o-~gn=Kj$D8!zb`EjAq^qcU?a}o%Y
zDg9=2aqmC*5q>UkyS%K!=yB%liislB5j5FN*Cpo}eO0mrT4n|YgLgq+bx%~B&xTUb
ztNgVOS17l{E;!>9=IsB*%qV5K>b~dg>q`zAKq?LL>fdWJEYKH`Lh40-3ZSL1y(Has
zLx)b4*VPCx;QTRT9YqP)L}1+sLSnsKZNkRsM0d-(lrnP?{6T8)n5B_CUG=Fx&}umS
zr%NsOIn^)hUDLNq+P0kSbQ-W--|qGoc5@cZ;3Z89-8lHAc>pT3v2x8v_e_6vs!o4d
zwD5%VtV5fj5`ddN&NgtSJI;;(QyqtKsuJU~M809}yP6#5E0=~sT|HDCt~1K7gPLf?
z@C7|#7tJ91EY55yD`(Q8;N7@pBl0O?XV=j|qyCHbM#Jj5bTOQNtyAg9srzf(VL^Z*
EkfHt+T>t<8


From 9ae32e2bd66168ac37fd924d5fe042a11fd1091d Mon Sep 17 00:00:00 2001
From: Doug Burks <doug.burks@securityonionsolutions.com>
Date: Mon, 7 Aug 2023 09:02:52 -0400
Subject: [PATCH 6/8] create sigs directory and add sig for 2.4.5

---
 sigs/securityonion-2.4.5-20230807.iso.sig | Bin 0 -> 566 bytes
 1 file changed, 0 insertions(+), 0 deletions(-)
 create mode 100644 sigs/securityonion-2.4.5-20230807.iso.sig

diff --git a/sigs/securityonion-2.4.5-20230807.iso.sig b/sigs/securityonion-2.4.5-20230807.iso.sig
new file mode 100644
index 0000000000000000000000000000000000000000..fdf914164d39f45c413fd96952298f9733355d32
GIT binary patch
literal 566
zcmV-60?GY}0y6{v0SEvc79j-41gSkXz6^6dp_W8^5Ma0dP;e6k0%Xou-T(>-5PT3|
zxBgIY6W3V}|7ARLdu8Uk&<hlx_JXkm?%*zEt!@N+bOm}mtjQ*7-P|4DIKT!GsYZym
zu1ax~TAsQP`5GEZBZv+a1%l}xdl8Or4hNnHIA}w5Pfobq8%<OxPu?u6`-E9?6os)K
zQmxFGy;g}%2<zg?;GujPKlWNLQBWlg3Qr#<WhcjoWTe(846O&xtN}{`H(49vL(seJ
z$5vGxku3>=%aLd1eaANXl51uCg=jVr4eayW<Dq=i{QxrJZXD@)Qj0hrqxdHV)Mq}q
zhbxC>Wo!3JlNr+(j+XW?8qFP5X6QaP5#PecYT1>OAuzC7>i4Rj@v&4=B(BpnOQWIA
z2A@7#vZgCT;V|o&PF;@JY9=^AaOW{>4#zzg?c1Zas>6>-wS%Mmh$GYnudPa^Jr9zu
zs(~Aip0%%-0^LpOJjMtMdyS2Z*t-J$)8Dg4?{H`YsPy}t9_h%qJa*UX0ZD)~OY#uM
zBz!Z96O4cz441jxvb>Y-PM$%U<jzfhe}aMQdY)dRqsey=`%H&<KS~CxCzA2SRW<@%
z7q(7ZP8PR?W%jN6YLI|-fA9jg3fM$3j3B_g&jx7+dzlw>n^Jl}ZJr_=mC~HS*YP7m
zj}Z+_UTFqr6zSgYq7P~*1tW6Z)u7wkCF`;At%WU!r;6W6J?9EmiFg9>T`P=#eZmIC
EYdvxXlK=n!

literal 0
HcmV?d00001


From 37b98ba1889fcda67d030f40ee888f282954f1ff Mon Sep 17 00:00:00 2001
From: Doug Burks <doug.burks@securityonionsolutions.com>
Date: Mon, 7 Aug 2023 09:29:34 -0400
Subject: [PATCH 7/8] add spaces for proper rendering
 DOWNLOAD_AND_VERIFY_ISO.md

---
 DOWNLOAD_AND_VERIFY_ISO.md | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/DOWNLOAD_AND_VERIFY_ISO.md b/DOWNLOAD_AND_VERIFY_ISO.md
index 0ea6db8ed..b9b3da297 100644
--- a/DOWNLOAD_AND_VERIFY_ISO.md
+++ b/DOWNLOAD_AND_VERIFY_ISO.md
@@ -7,9 +7,9 @@
 2.4.5-20230807 ISO image:  
 https://download.securityonion.net/file/securityonion/securityonion-2.4.5-20230807.iso
  
-MD5: F83FD635025A3A65B380EAFCEB61A92E
-SHA1: 5864D4CD520617E3328A3D956CAFCC378A8D2D08
-SHA256: D333BAE0DD198DFD80DF59375456D228A4E18A24EDCDB15852CD4CA3F92B69A7
+MD5: F83FD635025A3A65B380EAFCEB61A92E  
+SHA1: 5864D4CD520617E3328A3D956CAFCC378A8D2D08  
+SHA256: D333BAE0DD198DFD80DF59375456D228A4E18A24EDCDB15852CD4CA3F92B69A7  
 
 Signature for ISO image:  
 https://github.com/Security-Onion-Solutions/securityonion/raw/2.4/main/sigs/securityonion-2.4.5-20230807.iso.sig

From b9d0d032238cd926961348087ab773632bf754a4 Mon Sep 17 00:00:00 2001
From: Jason Ertel <jason.ertel@securityonionsolutions.com>
Date: Mon, 7 Aug 2023 16:35:05 -0400
Subject: [PATCH 8/8] update version

---
 README.md | 4 ++--
 VERSION   | 2 +-
 2 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/README.md b/README.md
index aa3aa6ddf..19a560419 100644
--- a/README.md
+++ b/README.md
@@ -1,6 +1,6 @@
-## Security Onion 2.4 Release Candidate 2 (RC2)
+## Security Onion 2.4
 
-Security Onion 2.4 Release Candidate 2 (RC2) is here!
+Security Onion 2.4 is here!
 
 ## Screenshots
 
diff --git a/VERSION b/VERSION
index 59aa62c1f..b0f6bf0cd 100644
--- a/VERSION
+++ b/VERSION
@@ -1 +1 @@
-2.4.5
+2.4.10