Security-Onion-Solutions/securityonion 2.4.80-20240624

on GitHub

Download the ISO

https://download.securityonion.net/file/securityonion/securityonion-2.4.80-20240624.iso

What's Changed

• Remove references to kafkanode by @reyesj2 in #12792
• Update VERSION by @TOoSmOotH in #13093
• Separate Suricata alerts into a specific data stream by @weslambert in #13101
• Salt3006.8 by @m0duspwnens in #13103
• Added TemplateDetections To Detection ClientParams by @coreyogburn in #13107
• Add templates for .items and .lists indices by @weslambert in #13117
• salt 3006.6 by @m0duspwnens in #13129
• so-tcpreplay now runs if manager is offline by @m0duspwnens in #13134
• move so-tcpreplay from common state to sensor state by @m0duspwnens in #13141
• add ability to retrieve yaml values via so-yaml.py; improve so-minion id matching by @jertel in #13150
• Update soc_suricata.yaml by @TOoSmOotH in #13156
• SOC Proxy Setting by @coreyogburn in #13154
• AdditionalCA and InsecureSkipVerify by @coreyogburn in #13164
• Update defaults.yaml by @TOoSmOotH in #13165
• fix elastic templates not loading due to global_override phases by @m0duspwnens in #13162
• gracefully handle missing parent key by @jertel in #13170
• correct placement of error check override by @jertel in #13171
• upgrade docker by @m0duspwnens in #13182
• Add new bind - suricata all.rules by @defensivedepth in #13179
• remove this \n by @m0duspwnens in #13189
• Fix unnecessary escaping by @coreyogburn in #13183
• Update DOWNLOAD_AND_VERIFY_ISO.md by @dougburks in #13197
• Initial Kafka support by @reyesj2 in #13190
• Fixes for Kafka nodeid assignment and ssl cert generation by @reyesj2 in #13200
• Only comment out so-kafka from so-status when it exists & only run en… by @reyesj2 in #13204
• Initial support for custom suricata urls and local rulesets by @defensivedepth in #13205
• Update rule templates by @defensivedepth in #13208
• Standalone logstash error by @reyesj2 in #13207
• Fix errors on new installs by @reyesj2 in #13209
• FEATURE: Add more links and descriptions to SOC MOTD #13216 by @dougburks in #13217
• suppress fleet policy update in soup by @reyesj2 in #13221
• Update defaults by @defensivedepth in #13223
• update profile by @reyesj2 in #13222
• FEATURE: Add new Process actions #13226 by @dougburks in #13227
• update kafka output policy only on eligible grid types by @reyesj2 in #13231
• fix ca mine_function by @m0duspwnens in #13233
• update receiver node allowed states by @reyesj2 in #13234
• Added license presets to defaults.yaml file by @mc-wright in #13236
• Update defaults.yaml to put Process actions in logical order by @dougburks in #13239
• update kafka annotations by @reyesj2 in #13242
• Update soc_manager.yaml by @TOoSmOotH in #13244
• Add option for detections without a license by @weslambert in #13246
• Fix soup for proxy servers by @TOoSmOotH in #13245
• FIX: update firewall defaults by @reyesj2 in #13251
• Remove unused sbin_jinja for kafka by @reyesj2 in #13253
• 2.4.80 by @TOoSmOotH in #13254
• Fix git by @TOoSmOotH in #13256
• Update .gitleaks.toml by @TOoSmOotH in #13259
• 2.4.80 by @TOoSmOotH in #13255

New Contributors

• @mc-wright made their first contribution in #13236

Full Changelog: 2.4.70-20240529...2.4.80-20240625