SELKS 3.0 Has Released, Bring Suricata 3.1.1 packaged

Saturday, August 13, 2022

SELKS 3.0 Has Released, Bring Suricata 3.1.1 packaged

in by on 8:32:00 AM

SELKS 3.0 Has Released, comes with Scirius Community Edition 1.1.10 that has support for advanced Suricata feature like xbits

SELKS (Suricata Elasticsearch Logstash Kibana Scirius) is a freely distributed and open source computer operating system derived from the award winning Debiand GNU/Linux distribution and built around the well known Suricata network monitoring and IPS/IDS system. It is described by its developers as a live and installable Network Security Management.

Distributed as a 64-bit Live DVD
The operating system is distributed as a Live DVD ISO image that has approximately 900 MB in size and contains software packages optimized only for 64-bit (x86_64) instruction set architectures. This means that you will need a 64-bit computer in order to use the SELKS distro.

What’s new in SELKS 3.0






    

  • Suricata IDS/IPS/NSM - Suricata 3.1.1 packaged.
    • 

  • Elasticsearch 2.3.5 - latest available ES edition featuring speed, scalability, security improvements and more.
    • 

  • Logstash 2.3.4 - performance improvement ES 2.3 compatability, dynamically reload pipelines on the fly and more
    • 

  • Kibana 4.5.4 - taking advantage of the latest features and performance improvement of ES
    • 

  • Scirius 1.1.10 - support for xbits, hostbits, thresholding, suppression, backup and more
    • 

  • Evebox - alert management/viewer/report interface for Suricata/ES allowing easy export of payload/packets into pcaps
    • 

  • 4.4.x longterm kernel - SELKS 3.0 comes by default with 4.4.16 kernel.
    • 

  • Dashboards - reworked dashboards with flow and rule correlation capability.
    •


Suricata 3.1.1

SELKS 3.0 comes with latest Suricata namely 3.1.1 bringing a big performance boost as well as some new IDS and NSM capabilities.

Elasticsearch 2.x and Kibana 4

But the main change in SELKS 3.0 is the switch to the latest generation of the Elastic stack. On user side this means Kibana 3 has been replaced by Kibana 4. And this really means a lot. Kibana 4 is a complete rewrite of Kibana 3 being non backward compatible on data side. So, our team had to redo from scratch all dashboards and visualizations. The result is a new set of 11 ready-to-use dashboards and a lots of visualizations that you can use to build your own dashboards.

Read more about releases announce

Download 

banner
Latest
Next Post
Ubuntu Maniac

0 comments: