Malcolm v24.09.0 #336
Merged
Malcolm v24.09.0 #336
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
…into install_back
… specifying container runtime (docker vs. podman) for idaholab#407
… bind volume mounts manually (idaholab#533), work in progress
Signed-off-by: Matt Eaton <[email protected]>
… OS_HOST is not an IP address already
…bled yet)" (decided to wait until the next release) This reverts commit ba4a7e9.
…for other database modes
…for other database modes
…rting to integrate hartip parsers idaholab#561
…d GeoIP database files
…d GeoIP database files
…into v24.09.0_merge_cisagov
…into v24.09.0_merge_cisagov
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Malcolm v24.09.0 contains minor improvements, some component version updates, and bug fixes.
idaholab/Malcolm@v24.08.0...v24.09.0
opensearch-remoteandelasticsearch-remotedatabase modes (allow total index size-based pruning for opensearch-remote and elasticsearch-remote database modes idaholab/Malcolm#446)install.pyfor Linux performance tweaks (improvements to documentation and install.py for Linux performance tweaks idaholab/Malcolm#495)install.pyinstallation and configuration script (No option to go backwards in Malcolm install tool idaholab/Malcolm#487)ARKIME_NODE_HOSTincorrectly (Hedgehog with OOB/VPN connection sets ARKIME_NODE_HOST incorrectly idaholab/Malcolm#560 and Set ARKIME_NODE_HOST from OS_HOST interface rather than default route idaholab/Malcolm#559, thanks @divinehawk)suricataDocker container does not initializesuricata.ymlconfig file (offline suricata Docker container does not initialize suricata config file idaholab/Malcolm#564)./config/) for Malcolm and incontrol_vars.conffor Hedgehog LinuxMALCOLM_NETWORK_INDEX_SUFFIXandMALCOLM_OTHER_INDEX_SUFFIXvariables in./config/opensearch.envnow also support expanding dot-delimited field names in{{ }}(e.g.,{{event.provider}}%{%y%m%d}).MALCOLM_CONTAINER_RUNTIMEhas been added to./config/process.envto indicatedocker,podman, orkubernetes. This value only currently used in the install, configuration, and control scripts, not inside the containers themselves.ZEEK_DISABLE_ICS_HART_IPhas been added to./config/zeek.envand can be set totrueto disable the new HART-IP protocol parser.ZEEK_DISABLE_ICS_HART_IPhas been added tocontrol_vars.confand can be set totrueto disable the new HART-IP protocol parser.