Skip to content

0.8.0
Compare
Choose a tag to compare
@jasonish jasonish released this 30 Jun 21:06
· 1214 commits to main since this release
0.8.0
This tag was signed with the committer’s verified signature.
jasonish Jason Ish
GPG key ID: 97F04794137036B3
Learn about vigilant mode.
270451f

0.8.0 - 2017-06-30

Added

  • The agent, and the server when reading logs can now add the rule to
    the event by providing the locatin of the rule files in the
    configuration.
  • Add option to esimport to add rule to event.
  • If an event has a "rule" object it will now be displayed in the
    event details.
  • Initial support for PostgreSQL. Like SQLite this does not yet
    support reporting.
  • Event history recording. A timestamp and username will be recorded
    when an alert is archived, escalated or de-escalated.
  • Support for commenting on events (Elastic Search only)
    (#36).
  • Specific support for displaying the HTTP response body if available
    in Eve entries. Requires Suricata 4.0.0-rc1 or newer
    (#40)

Fixed

  • Fix an issue where alerts may not be archived if their @timestamp
    and timestamp fields were out of sync -
    #48.
  • A usability issue where the alert view would be reset to 100 items
    after arching event, if previously set to "all" -
    #49.
  • Elastic Search mapping errors on flow and netflow reports -
    #39

Full Changelog

Assets 2
Loading