Skip to content

Malcolm v2.6.1
Compare
Choose a tag to compare
@mmguero mmguero released this 05 Feb 19:52
v2.6.1
8d5e416
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.

Malcolm v2.6.1 contains the following changes:

v2.6.0...v2.6.1

  • Added TFTP Zeek parser and corresponding Logstash parsing, Arkime WISE support and Kibana dashboards
  • Provide browser-based access to zeek/extracted-files directory (idaholab#34)
  • Fix LDAP analyzer not parsing all events (idaholab#35)
  • Provide more fine-tuned controls for Zeek's node.cfg in Hedgehog sensor (idaholab#36, /pull/158)
  • set zeek.uid to conn_uids for files.log entries (idaholab#33)
  • Modify Zeek build chain to use default GCC compilers instead of LLVM/clang,which reduces build dependencies
  • Use Firefox instead of Chromium for browser in ISO-installed versions of Malcolm and in Hedgehog Linux
  • Updated copyright notices in text from "2020" to "2021" (which is the bulk of the changed files in this commit)
  • Version bumps
    • Yara to 4.0.4
Assets 7
Loading