And new version of SuricataLog is out:
https://github.com/josevnz/SuricataLog/releases/tag/0.1.0
https://pypi.org/project/SuricataLog/
Important bug-fixes and code cleanup.
#suricata #suricatalog #textualize #python #eve
Busy working on important refactoring and bug-fixes for SuricataLog. It's been a while and the project needs some love.
So far changes looking good.
#python #pypi #suricata #suricatalog
So cool, first person to report a serious bug on SuriCataLog!. Reproduced the bug, fixed it and uploaded to Pypi:
SecurityOnline: Suricata 7.0 releases: network IDS, IPS and NSM engine https://securityonline.info/suricata/ #Suricata #Defense
I actually missed the #suricata versions after 6.0.10. I was almost sure that prior to the stable switch to 7, there were no more updates to 6.
I was wrong. Now current stable is 6.0.13, and 7.0.0 is on rc2. Thanks to the suricata team.
#OpenSource #IDS
Two meerkats skirting a wall, one of them looking intently at the camera.
«Suricata suricatta»
📷 © Tony🆎 #Photography
#BlackAndWhitePhotography #BlackAndWhitePhoto #BlackAndWhite #photo #nonochrome #PhotographyLovers #PhotographyIsArt #fotografía #meerkat #suricata
#photography #blackandwhitephotography #blackandwhitephoto #blackandwhite #photo #nonochrome #photographylovers #photographyisart #fotografia #meerkat #suricata
"Analyze your #Suricata logs in real-time using #syslog_ng" is still one of my favorite blogs after five years. We have now a new #Elasticsearch destination, but for the rest is shows, that syslog-ng not just stores logs, but also processes them in many ways.
#suricata #syslog_ng #elasticsearch
Malcolm v23.03.0 is a release with enhancements, component version updates and bug fixes.
Malcolm is a powerful, easily deployable (via Docker) network traffic analysis tool suite for full packet capture artifacts (PCAP files), Zeek logs and Suricata alerts.
Enhancements
start
and restart
scripts once Malcolm has started properly (cisagov/Malcolm#240 and cisagov/Malcolm#241, thanks @Njinx)./scripts/install.py --configure
in full screen. May look at starting this automatically on first boot in the future. (Malcolm)install.py --configure
(enable offline-capable file scanners by default)netbox-restore
is runreset_and_auto_populate.sh
script (used mostly for demos and presentations)Component version updates
Fixes
scripts
directory, symlink netbox-backup
and netbox-restore
to control.py
pcap_watcher.py
in pcap-monitor
container#Malcolm #OpenSearch #Zeek #Arkime #Suricata #PCAP #NetworkTrafficAnalysis #CyberSecurity #Cyber #Infosec #GitHub #INL #DHS #CISA #CISAgov
#netbox #arkime #malcolm #opensearch #zeek #suricata #pcap #networktrafficanalysis #cybersecurity #cyber #infosec #github #inl #dhs #cisa #CISAgov
One IP address keeps hammering me with CVE-2021-35394 every 4 hours... fortunately being dropped by #Suricata, but still WTF
Exciting news! We've launched a Discord server.
Join us and be part of the vibrant community we're building. Talk about Zeek, Suricata, SecOps, and
detection engineering.
https://vast.io/discord
#opensource #foss #cybersecurity #zeek #suricata #secops #secdataops
#opensource #foss #cybersecurity #zeek #suricata #secops #secdataops
#SecurityOnion 2.3.210 now available including #Elastic 8.6.1, #Suricata 6.0.10, #Zeek 5.0.6, and more!
https://blog.securityonion.net/2023/02/security-onion-23210-now-available.html
#securityonion #elastic #suricata #zeek
Unfortunately, #suricata 7 does not compile on #debian 11 bullseye due to an older #rust version.
But since debian 12 bookworm is on its way, I hope to be able to compile it by the summer this year.
#suricata #debian #rust #opensource #networksecuritymonitoring #ids
Yesterday, #suricata 6.0.10 (stable) was released. Version 7 has a first release candidate:
#suricata #opensource #NetworkMonitoring #ids
#Suricata 6.0.10 is out:
https://forum.suricata.io/t/suricata-6-0-10-released/
https://github.com/OISF/suricata/releases/tag/suricata-6.0.10
Our latest blog post is on VAST's new REST API plugin. Learn how VAST's architecture makes it easy to build and scale. Check out the examples for running a query or simply getting the status of your VAST node.
https://vast.io/blog/the-new-rest-api
#secops #dataengineering #zeek #suricata