Showing posts with label sostat. Show all posts
Showing posts with label sostat. Show all posts

New securityonion-sostat package

Jon Schipp submitted some patches for soup (thanks Jon!) and I updated sostat to resolve a few issues.  The new package is securityonion-sostat - 20120722-0ubuntu0securityonion21 and it has been tested by Matt Gregory and David Zawdie (thanks!).

Issues Resolved
Issue 481: soup: Add skip interactive option
https://code.google.com/p/security-onion/issues/detail?id=481

Issue 494: sostat should display ELSA v_indexes
https://code.google.com/p/security-onion/issues/detail?id=494

Issue 497: sostat should ignore "Cannot set NIC flags!" in netsniff-ng.log
https://code.google.com/p/security-onion/issues/detail?id=497

Issue 508: sostat should include full process output but exclude usernames
https://code.google.com/p/security-onion/issues/detail?id=508

Screenshots
sostat now includes ELSA Index Date Range

soup now has options

sostat now includes expanded process output but excludes usernames

Updating
The new package is now available in our stable repo.  Please see the following page for full update instructions:
https://code.google.com/p/security-onion/wiki/Upgrade

Feedback
If you have any questions or problems, please use our mailing list:
https://code.google.com/p/security-onion/wiki/MailingLists

Training
Want to learn more about Security Onion?  Sign up for the new expanded 2-day class in Houston TX!  For full details and to register, please see:
https://securityonion20140508.eventbrite.com

Help Wanted
If you and/or your organization have found value in Security Onion, please consider giving back to the community by joining one of our teams:
https://code.google.com/p/security-onion/wiki/TeamMembers

We especially need help in answering support questions on the mailing list:
http://groups.google.com/group/security-onion

We also need help testing new packages:
http://groups.google.com/group/security-onion-testing

Thanks!

Selengkapnya
Labels: , 0 comments

New securityonion-sostat package provides more data for monitoring ELSA

I've updated the securityonion-sostat package to redact IPv6/MAC addresses and also increase verbosity for monitoring ELSA.  The updated package version is securityonion-sostat - 20120722-0ubuntu0securityonion20 and it has been tested by the following (thanks!):
Matt Gregory
David Zawdie

Issue 471: sostat-redacted should redact IPv6 and MAC addresses
https://code.google.com/p/security-onion/issues/detail?id=471
(thanks to Steve Fennell and BBCan177 for the patches!)

Issue 476: sostat: add verbosity for troubleshooting ELSA
https://code.google.com/p/security-onion/issues/detail?id=476

Screenshots
sostat-redacted now redacts IPv4, IPv6, and MAC addresses

Additional ELSA info from a master server

Additional ELSA info from a sensor

Updating
The new package is now available in our stable repo.  Please see the following page for full update instructions:
https://code.google.com/p/security-onion/wiki/Upgrade

Feedback
If you have any questions or problems, please use our mailing list:
https://code.google.com/p/security-onion/wiki/MailingLists

Help Wanted
If you and/or your organization have found value in Security Onion, please consider giving back to the community by joining one of our teams:
https://code.google.com/p/security-onion/wiki/TeamMembers

We especially need help in answering support questions on the mailing list and IRC channel.  Thanks!

Selengkapnya
Labels: , 0 comments

New securityonion-sostat package available

I've packaged a new version of sostat that resolves the following issue:

Issue 461: sostat: improve pf_ring output
https://code.google.com/p/security-onion/issues/detail?id=461

The version number of the new package is securityonion-sostat - 20120722-0ubuntu0securityonion13 and it has been tested by the following (thanks!):
David Zawdie

Updating
The new package is now available in our stable repo.  Please see the following page for full update instructions:
https://code.google.com/p/security-onion/wiki/Upgrade

Screenshot
PF_RING section of sostat output

Feedback
If you have any questions or problems, please use our mailing list:
https://code.google.com/p/security-onion/wiki/MailingLists

Help Wanted
If you and/or your organization have found value in Security Onion, please consider giving back to the community by joining one of our teams:
https://code.google.com/p/security-onion/wiki/TeamMembers

We especially need help in answering support questions on the mailing list and IRC channel.  Thanks!

Selengkapnya
Labels: , 0 comments

New securityonion-sostat package available

I've packaged a new version of sostat that resolves a few issues:

Issue 437: sostat: more detailed interface stats via ip(8)
https://code.google.com/p/security-onion/issues/detail?id=437

Issue 457: sostat: add /proc/net/pf_ring/info
https://code.google.com/p/security-onion/issues/detail?id=457

Issue 458: sostat: include pf_ring Slots
https://code.google.com/p/security-onion/issues/detail?id=458

Issue 459: sostat: netsniff-ng loss output incorrect when running BPF
https://code.google.com/p/security-onion/issues/detail?id=459

The version number of the new package is securityonion-sostat - 20120722-0ubuntu0securityonion12 and it has been tested by the following (thanks!):
David Zawdie

Updating
The new package is now available in our stable repo.  Please see the following page for full update instructions:
https://code.google.com/p/security-onion/wiki/Upgrade

Feedback
If you have any questions or problems, please use our mailing list:
https://code.google.com/p/security-onion/wiki/MailingLists

Help Wanted
If you and/or your organization have found value in Security Onion, please consider giving back to the community by joining one of our teams:
https://code.google.com/p/security-onion/wiki/TeamMembers

We especially need help in answering support questions on the mailing list and IRC channel.  Thanks!

Selengkapnya
Labels: , 0 comments

New sostat package available

I found and fixed a couple of bugs in the recent sostat package.  The updated package version is:
securityonion-sostat - 20120722-0ubuntu0securityonion11

Issues Resolved
Issue 423: Bugs in broctl netstats percentage calculation

Updating
The new package is now available in our stable repo.  Please see the following page for full update instructions:

Feedback
If you have any questions or problems, please use our mailing list:

Help Wanted
If you and/or your organization have found value in Security Onion, please consider giving back to the community by joining one of our teams:

We especially need help in answering support questions on the mailing list and IRC channel.  Thanks!

Selengkapnya
Labels: , 0 comments

New securityonion packages

New versions of the following packages are now available!
securityonion-nsmnow-admin-scripts
securityonion-sguild-add-user
securityonion-sostat
These new packages resolve the following issues:

Issue 370: soup: a script to handle Ubuntu/SO updates properly (mysql-server and pfring)
You can now run a single command to update your system without having to worry about mysql/pfring updates:
sudo soup
Issue 323: Create sguild-passwd-user script
You can now reset a user's Sguil/Squert/ELSA password using the following:
sudo nsm_server_user-passwd
Issue 363: netsniff-ng: log and print statistics
At the next daily restart, netsniff-ng will begin using the --verbose option to log statistics.  sostat has been updated to report on those statistics:
sudo sostat
Thanks
Thanks to Jon Schipp for submitting the netsniff-ng patches for the NSM and sostat scripts!
Thanks to JP Bourget for submitting the sguild-passwd-user patches!
Thanks to the following for testing the new packages!
David Zawdie
Matt Gregory
JP Bourget

Upgrading
The new packages are now available in our stable repo.  Please see our Upgrade page for full upgrade instructions:
https://code.google.com/p/security-onion/wiki/Upgrade

Feedback
If you have any questions or problems, please use our mailing list:
https://code.google.com/p/security-onion/wiki/MailingLists

Help Wanted
If you and/or your organization have found value in Security Onion, please consider giving back to the community by joining one of our teams:
https://code.google.com/p/security-onion/wiki/TeamMembers

We especially need help in answering support questions on the mailing list and IRC channel.  Thanks!

Selengkapnya
Labels: , , , , , 0 comments
Subscribe to: Posts (Atom)
 

AbheLink Black or White ? Copyright © 2011-2012 | Powered by Blogger