Skip to content

Malcolm v23.12.0
Compare
Choose a tag to compare
@mmguero mmguero released this 05 Dec 04:29
· 897 commits to main since this release
v23.12.0
c097f1c
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.

Malcolm v23.12.0 is a feature release with many improvements, updates and fixes

v23.10.0...v23.12.0

  • Features and enhancements
    • replace kbn_sankey_vis with vega or transform (idaholab#147)
    • address issues with NetBox database and Logstash's NetBox cache (idaholab#259)
    • integrate nsacyber/ELITEWOLF signatures into default rule set CISA (idaholab#275)
    • improve error messages for PCAP/artifact processing beyond just icons (idaholab#276)
    • option to auto-create "catch-all" NetBox IPAM prefixes for private IP space (idaholab#279)
    • use prefix.description instead of VRF for identifying subnets in NetBox (idaholab#280)
    • allow customizing Arkime's freeSpaceG setting (for PCAP deletion) in an environment variable (idaholab#285)
    • replace master/slave with client/server when parsing modbus logs (idaholab#291)
    • put netbox restore database functionality inside container (idaholab#294)
    • provide way to customize zeek Site::local_nets (idaholab#295)
    • allow configuration of docker's logging driver to prevent disk-exhaustion (idaholab#301)
    • allow user to include other suricata config YML files (idaholab#302)
    • allow user to be able to provide custom zeek config (idaholab#303)
    • allow tuning Suricata's max-pending-packets via environment variable (idaholab#304)
    • enable OpenSearch dashboards condensed header
  • Component version updates
  • Bug fixes
    • Malcolm Sensor Temperature dashboard issue (idaholab#265)
    • strip out broken Arkime and NetBox links from dashboards for Kibana import (idaholab#286)
    • have netbox-restore script restart necessary services or set necessary permissions (idaholab#287)
    • file type validation not working for upload from (some?) windows browsers (idaholab#292)
    • go through list of Qualys image scan results (idaholab#299)

Malcolm and Hedgehog Linux may be obtained by pulling or building the Docker images and/or building the ISO installer images as described in the documentation. Unofficial ISO installer images for Malcolm and Hedgehog Linux are not hosted on GitHub, but may be downloaded from https://malcolm.fyi/.

Assets 8
Loading