Version 2.0.0 BETA4
- Many bug fixes
- Migrated background enrichment and alarm scripts to new modular setup
- Added support for Cobalt Strike 4.2 and 4.3
- Added sample data ingestor when running in dev mode
- Made sure Kibana searches Red Team Operations and Redirector Traffic are presented on top of list
- Included an ES password import for Jupyter notebooks
- Maximized the logging of docker logs
- Migrated to official Neo4j container instead of old BloodHound container
- Updated the RedELK Kibana app to include management of IP lists inside Kibana
What's new?
- Updates release notes for v2 beta4 @MarcOverIP (#168)
- Fix es fields @fastlorenzo (#169)
- Fixed rsync @fastlorenzo (#166)
- Fix logging @fastlorenzo (#165)
- Revert neo4j changes @fastlorenzo (#164)
- Updated neo4j container + added behind Nginx @fastlorenzo (#162)
- Nginx full config optional (via installer) @fastlorenzo (#152)
- Revert "Moved to neo4j official docker to fix #159" @MarcOverIP (#161)
- Moved to neo4j official docker to fix #159 @fastlorenzo (#160)
- Added possibility to set remote base path to get logs from @fastlorenzo (#154)
- Fixed Kibana dashboard links @fastlorenzo (#156)
- Added option to set docker max log size @fastlorenzo (#157)
- Fixed date parsing for HAProxy @fastlorenzo (#147)
- Migrate enrich.py to modular system @fastlorenzo (#117)
- yolo script for resetting index to RW @xychix (#145)
- Fix certbot-nginx-ssl issues and improved installer script @MarcOverIP (#128)
- Update filebeat_cobaltstrike.yml @ceramic-skate0 (#136)
- Update getremotelogs.sh to accept custom a SSH port @yamakadi (#135)
- Issue #41 item 4 added an alarm, patched a few others @xychix (#118)
- Refreshed index patterns @fastlorenzo (#121)
- Updated templates for bluecheck, email and credentials @MarcOverIP (#123)
- logstash email index fields renaming @MarcOverIP (#122)
- Fixed missing logger initialisation @fastlorenzo (#120)
- Added localhost as valid hostname @fastlorenzo (#119)
- Updated helper script @fastlorenzo (#116)
- Template updates regarding CS4.2 and other tuning @MarcOverIP (#115)
- Randomize Neo4j password at install @fastlorenzo (#99)
- Added dry-run mode @fastlorenzo (#100)
- [dev] Add sample data ingestor @fastlorenzo (#82)
- Upgrade to Elastic 7.10 @fastlorenzo (#112)
- Fix search with free text @fastlorenzo (#113)
- Fix for dev and non-existent domain @fastlorenzo (#111)
- Added TLS support for nginx @fastlorenzo (#79)
- Cobalt Strike 4.2 support @MarcOverIP (#110)
- BUGFIX: installer bash syntax error @xychix (#107)