github arkime/arkime v5.4.0
on GitHub

one month ago

Installation Instructions | 4.x -> 5.x Upgrade Instructions | FAQ | CHANGELOG | JA4+ Install

A db.pl upgrade is required when upgrading from 5.1.2 or earlier

✨ What's new ✨

Release

All

  • #2892 backoff recurring health requests if they fail
  • #2898 support using env vars for many config settings (thanks @Jc2k)

Capture

  • #2866 for s3/sqs scheme support standard AWS credentials methods including env vars, --profile ~/.aws/credentials or config, and meta data service
  • #2869 scheme mode for local files support monitor mode
  • #2870 log error with pcap_dispatch (thanks @vpiserchia)
  • #2873 New --command-socket option to enable a unix domain control port for controlling capture
  • #2875 New --command-wait option to use when no offline files on command line
  • #2877 command-socket add-dir now has options to override command line
  • #2891 fix JA4 when num extensions or ciphers is > 99
  • #2893 support deleting pcaps when ignoreErrors set (thanks @vpiserchia)
  • #2894 support --op/--delete with scheme commands

Cont3xt

  • #2879 Added skipChildren query string parameter
  • #2880 Only focus on search if no search parameter
  • #2890 Date formatting in link groups
  • #2903 Added Quad9 tidbits on domains and ips
  • #2904 Added Email Reputation integration

Multies

  • #2865 form or oidc require usersElasticsearch to be set for multiES

Viewer

  • #2884 Improve hunt parallelization, run 2 sessions per node at once
  • #2886 Expire logging improvements and multiES disable
  • #2896 added protocols/tags to default info column fields
  • #2899 fixed viewer not loading writer-s3 files since Arkime 5.3.0
  • #2900 Support hunts on multiviewer, still need a normal viewer to run hunts

⬇️ Download Info ⬇️

We offer downloads for different Linux distributions and versions because of provided library differences. For example, use the el8 download for Centos 8 or RHEL 8 not RHEL 9. If you have a libssl version error, it is most likely that the wrong download was used for your Linux distribution and version, please double check. The moloch builds have the old filesystem layouts, we will stop providing the moloch builds in 2024.

Check out latest releases or
releases around arkime/arkime v5.4.0

Don't miss a new arkime release

NewReleases is sending notifications on new releases.

Get notifications