Sguil 0.6.1 Released

Just in time for RSA, Bamm Visscher has released Sguil 0.6.1. You can read the release announcement. Most of the improvements have happened on the client side, especially with regard to using UNION queries. The client will also look slightly different due to using the tablelist widget.

If you're at RSA, I speak today from 1735 to 1825. The subject is Traffic-Centric Incident Response and Forensics. I will sign books on Wednesday, 15 February 2006 from 1200 to 1230.

Comments

Anonymous said…
Great talk at RSA. -howie
John Ward said…
Argh... this is exactly why I havn't upgraded... you guys do this just to tourture me don't you? You and Bamm site there, and your like "Hey, I heard John just upgraded Sguil... let release a new version to fix something that annoyed the hell out of him and laugh while he gripes about the frequency of upgrades".

You two are evil, evil men ;)
Anonymous said…
Where can one find your LATEST guide for installing sguil on freebsd?
Hi Joe,

I am no longer creating guides, but I do provide the script I use to build a sensor. I recommend downloading the script, reading it, and retrieving the patches referenced in the script. Modify the script and patches to suit your needs, or just build the system using my script and patches for reference.

I've created a sym link to the latest version of the script at sguil_install_latest.sh.

Popular posts from this blog

Zeek in Action Videos

New Book! The Best of TaoSecurity Blog, Volume 4

MITRE ATT&CK Tactics Are Not Tactics