Releases: pfelk/pfelk
Releases · pfelk/pfelk
23.08
What's Changed
- pfelk_rule_generator.sh | remove extra content after rule name by @nuggie in #473
- fix use of host.name by @nuggie in #492
- Update pfelk-kibana-saved-objects.sh by @nuggie in #493
- fix usage of source.geo by @nuggie in #494
- Updates by @a3ilson in #497
- Updates by @a3ilson in #498
New Contributors
Full Changelog: 23.03...v23.08
Contributors
nuggie and a3ilson
Assets 2
23.03
22.04
22.01
20.10
20.3a: Update pfelk-installer.sh
Fixed a number of minor happy to glad changes and revised paths from master to main
20.3
Various updates and tweaks. This release was to capture the past several months of revisions. Additionally, the file structure was amended to allow for a more seamless install (docker/host). The pipelines.yml file points to the new conf file location (/etc/pfelk/conf.d) and those wishing to add multiple pipelines (e.g. Wazuh etc..) can now amend the pipelines.yml for additionally pipelines while utilizing the default conf.d folder (doesn't conflict with pfelk).
v6.0
v6.0 2020/10/18
-LOGSTASH
- conf files - Removed host filtering (mitigate issues with logs traversing via routers/containers)
- Added observer fields for enhanced filtering for multiple firewall setups - grok pattern - Updated to conform to Elastic Common Schema (ECS) and aligned with pfsense Raw Filter Format
-ELASTICSEARCH
- templates - Added index settings and mappings
- Templates are dependent upon underlying templates
-KIBANA - Visualizations - Updated and aligned with templates
- Dashboards - Custom index pattern ID for each major template
v5.5.5: Rename index templates/PFELK to etc/logstash/conf.d/templates/pfelk.json
Updated with latest configuration files.
- Refined configuration files
- Merged Suricata, Snort and Squid within 10-apps.conf
- Added haproxy.json and pfelk.json tempaltes