Skip to content

Version 2.4.6
Compare
Choose a tag to compare
@basepi basepi released this 27 Sep 18:50
· 2049 commits to develop since this release
v2.4.6
This tag was signed with the committer’s verified signature.
basepi Colton Myers
GPG key ID: 6EC5C787D71F663F
Learn about vigilant mode.
832fa0a
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.

Features

  • Deprecate old cve scanners. vulners_scanner.py is the only officially supported cve scanner at this time.
  • Masking support for nebula data. This way you can collect environment variables and similar, but use regex to mask known secret formats to prevent secrets from getting into splunk/logstash.
  • New sphinx-built docs
  • Support for docker-built windows packages
  • Change the timestamp in hubble logs in splunk to epoch time
  • Add hubble version to grains
  • Refactor vulners scanner to use vulners library
  • Add min_splay support to scheduler
  • Add ability to modify console logger options

Fixes

  • Fix regression in nova (hubble.py) imports that prevented audits from being run
  • Stop hubble when package is uninstalled
  • Dockerfile-based packaging fixes for Windows
  • Removed hangtime wrapper from windows, as we can't use signals there.
  • Fix hubble --version when the hubble daemon is running
  • Disable potentially-problematic queries in osquery containing ATTACH or CURL
  • Write the pidfile once per minute for the running daemon in an attempt to prevent it from being lost (should improve restart success rate)
Assets 18
Loading