Malcolm v5.2.11 is a minor release with a few user experience improvements and component version updates (some of which resolve potential security issues).
-
Addressing security vulnerabilities
-
Version bumps
-
Improvements
- Resolve performance degredation when we went to OpenSearch 1.3 by using the G1GC garbage collector - idaholab#91
- improve workflow for configuring Malcolm to run behind another reverse proxy (Caddy, Traefik, etc.) - idaholab#92
- assign and display both event.provider and event.dataset in Arkime - idaholab#89
- only show the controls for PCAP download from session details if there is actually a PCAP backing the session document #90 - idaholab#90
- increase timeouts related to filebeat (see https://www.elastic.co/guide/en/beats/filebeat/current/filebeat-input-log.html) to be a little more forgiving for log files that take a long time to process - mmguero-dev/Malcolm@04b6084
- strip build status badges from deployed copy of README.md
- The
install.pyscript will make use of the pythondialog module for user interaction (on Linux) if it is available - added link to Dashboards in the footer of Arkime's interface
Malcolm and Hedgehog Linux may be obtained by pulling or building the Docker images and/or building the ISO installer images as described in the documentation. Unofficial ISO installer images for Malcolm and Hedgehog Linux are not hosted on GitHub, but may be downloaded from https://malcolm.fyi/download/.