Skip to content

Version 1 Release
Compare
Choose a tag to compare
@ethack ethack released this 17 Apr 16:30
· 267 commits to master since this release
v1.0.0
7df8a29
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.

Changelog

Improved Functionality

  • Better error reporting
  • Better support for parsing bro logs as they are normally created
    • Now, logs in the ImportDirectory will be placed in DBRoot
    • Logs in subdirectories of the ImportDirectory will be placed in "<DBRoot>-<subdir>"

New Functionality

  • New data size metrics for beaconing
  • Better blacklist support through rita-bl
    • Support for custom blacklists
  • Support TLS and Authentication for MongoDB

Removed Functionality

  • Removed UseDates / log splitting

Configuration Updates

  • Removed several configuration values for MongoDB collections (table.yaml)
  • Removed the DirectoryMap in the Bro config section
  • Configuration now lies in /etc/rita
  • Runtime files now lie in /var/lib/rita

Installer Updates

  • New installer which should handle various edge cases
    • Install to /etc/rita, /var/lib/rita, and /usr/local/bin/rita
  • Support installation on CentOS 7

Documentation

  • Added a documentation folder for living documentation
Assets 6