New in SELKS 1.0 (Oct 17, 2014)
- SELKS 1.0 comes with 10 pre-installed Kibana IDS/NSM dashboards. They cover analysis of the Suricata alerts and events with per-protocol dashboards (Alerts, HTTP, Flow, SSH, TLS,DNS …). Some dashboards are also dedicated to more specific tasks – like the PRIVACY dashboard.
- It shows privacy related information such as which page are leading to well know personal data providers such as Facebook, Twitter or Google.
- SELKS provides Scirius – a rules management interface for Suricata. Scirius has been developed by Stamus Networks to provide interaction with Kibana and Elasticsearch. It displays for example statistics on rules and links to existing Kibana dashboards.
- Scirius provides up-to-date signatures via EmergingThreats Open (or PRO ) ruleset and SSL abuse.ch signatures.
- Scirius can be upgraded via standard Debian method (apt-get upgrade). Stamus Networks is also determined to provide the latest stable Debian kernel release for SELKS. Upgrade to the latest stable kernel is easy via the package system. For example, it is possible for the user running the installed version to upgrade the kernel to the latest 3.14 version.