Security-Onion-Solutions/securityonion 2.4.30-20231113

Security Onion 2.4.30-20231113

on GitHub

Download the ISO

https://download.securityonion.net/file/securityonion/securityonion-2.4.30-20231113.iso

What's Changed

• accept icmp on input chain by @m0duspwnens in #11496
• Update VERSION by @TOoSmOotH in #11497
• Minechanges by @m0duspwnens in #11503
• 2.4/main by @TOoSmOotH in #11533
• Update HOTFIX by @TOoSmOotH in #11534
• avoid rebooting when testing deb installs by @jertel in #11535
• only add heavynodes to remoteHostUrls by @jertel in #11552
• Zeek 6 upgrade by @reyesj2 in #11554
• Minechanges by @m0duspwnens in #11555
• mark suricata 7 log line as fp fo so-log-check by @m0duspwnens in #11558
• Elastic 8.10.4 by @weslambert in #11560
• Minechanges by @m0duspwnens in #11563
• Add note regarding DNS resolver by @weslambert in #11567
• Add back plugin-tds/ plugin-profinet. Using patched versions for Zeek 6 by @reyesj2 in #11568
• Minechanges by @m0duspwnens in #11572
• remove extra space by @m0duspwnens in #11573
• Additional integrations by @weslambert in #11570
• handle a minion not being in the mine data return by @m0duspwnens in #11582
• Minechanges by @m0duspwnens in #11592
• FIX: Add -watch to soctopus saltstate for file SOCtopus.conf. Makes contai… by @reyesj2 in #11594
• Parse pkt_src for Suricata logs by @weslambert in #11600
• Enable http2 for Suricata by @TOoSmOotH in #11606
• Upgrade/salt3006.3 by @m0duspwnens in #11612
• fix issue/11610 by @m0duspwnens in #11613
• Revert "Upgrade/salt3006.3" by @m0duspwnens in #11619
• Add kibana curl config by @defensivedepth in #11609
• oidc by @jertel in #11631
• UPGRADE: Influxdb 2.7.1 & telegraf 1.28.2 by @reyesj2 in #11633
• 2.4/kibanauser by @defensivedepth in #11637
• Warm Node UI Changes by @TOoSmOotH in #11623
• oidc by @jertel in #11643
• UPGRADE: influxdb 2.7.1 & telegraf 1.28.2 by @reyesj2 in #11644
• Upgrade/salt3006.3v2 by @m0duspwnens in #11647
• Remove ILM policies for Cases and OSQuery manager indices by @weslambert in #11648
• ensure networkminer is latest version by @m0duspwnens in #11659
• Add roles for eval mode by @weslambert in #11661
• Add import roles by @weslambert in #11664
• ignore specific Suricata errors by @jertel in #11665
• Remove unused scripts and functions by @TOoSmOotH in #11666
• Fix/soupagrepo by @m0duspwnens in #11670
• Remove legacy pillar info by @TOoSmOotH in #11671
• Foxtrot by @m0duspwnens in #11674
• Sublime Platform Integration by @weslambert in #11676
• Allow 16GB of memory by @TOoSmOotH in #11677
• adjust log filter to include all hosts by @jertel in #11687
• Add eval and import roles by @weslambert in #11688
• more log bypass by @jertel in #11689
• fix UPGRADECOMMAND used for distrib salt upgrade. remove unneeded vars by @m0duspwnens in #11690
• more log bypass by @jertel in #11691
• Add Elastic Fleet reset script by @defensivedepth in #11678
• Jertel/auto by @jertel in #11695
• Don't source so-elastic-fleet-common if not there by @weslambert in #11701
• ignore connectivity problems to docker containers during startup by @jertel in #11702
• Checkpoint and VSphere Integrations by @weslambert in #11704
• Dont overwrite metadata by @defensivedepth in #11708
• ignore malformed open canary log lines by @jertel in #11709
• exit 0 by @defensivedepth in #11710
• Update soc_elasticsearch.yaml by @TOoSmOotH in #11712
• Upgrade Elastic Agent by @defensivedepth in #11713
• apply es and soc states to manager if new search or hn are added by @m0duspwnens in #11714
• disregard false positives by @jertel in #11718
• Set execute permissions by @defensivedepth in #11722
• improve verbosity of setup logs by @jertel in #11726
• Change pipeline to 1.8.0 by @weslambert in #11732
• Change pipeline to 1.13.1 by @weslambert in #11735
• Improve error handling and add retry logic by @weslambert in #11734
• Remove template files by @weslambert in #11740
• remove comments from BPFs by @m0duspwnens in #11741
• add yaml helper script; refactor python testing by @jertel in #11742
• Additional fixes for index template check by @weslambert in #11743
• re-add source pkgs from accidental commit by @jertel in #11745
• remove state file by @defensivedepth in #11747
• Upgrade Defend Integration policy by @defensivedepth in #11750
• Remove unneeded datastreams by @defensivedepth in #11751
• Add Elastic Agent package and upgrade packages when elasticfleet.packages list changes by @weslambert in #11760
• Update soup by @TOoSmOotH in #11769
• 2.4.30 by @TOoSmOotH in #11776
• 2.4.30 by @TOoSmOotH in #11777

Full Changelog: 2.4.20-20231012...2.4.30-20231113