@dcode dcode released this May 10, 2017 · 2 commits to master since this release

Assets 3


  • Cleans up inconsistencies with with_* handlers (namely fixes with elasticsearch)
  • Adds broctl wrapper script to help with permission issues. If a user now tries sudo broctl it will execute /usr/bin/broctl which will run the actual broctl as the bro user
  • Disables default CentOS repos when rock_online_install is False and will re-enable them if True
  • Other formatting changes


  • One user reported an issue trying to boot the image via USB thumbdrive on an EFI system. I haven't been able to reproduce this yet, so if this happens to you, please file an issue with details how to make it happen. As a workaround, booting from a DVD solved this problem.

filename: rocknsm-2.0.5-1705.iso
sha256: 4fcecfec5cd3bac414cb81c6ac7e7557b60406d457eee28fca94544e30753fd2

@dcode dcode released this May 9, 2017 · 8 commits to master since this release

Assets 3

Fixes an issue that would cause Ansible to fail during the deploy. We also cut a new ISO

Filename: rocknsm-2.0.4-1705.iso
SHA256: 244b18fa73b547fabb8f6938b37ea6fad52eebd9d56a1838d080f3dcac70079f

@dcode dcode released this Mar 17, 2017 · 11 commits to master since this release

Assets 2

This fixes the name of the rock-scripts branch in the default vars file.

@dcode dcode released this Mar 17, 2017 · 13 commits to master since this release

Assets 2

Fixes the following:

  • Enables SMB analyzer by default (#126)
  • Re-works how Stenographer is configured to make it easier to use (#125)
  • Fixes some functionality with FSF and documentation
  • Updates logo with correct wording
  • Cleans up service management to make more idempotent with respect to config
Mar 5, 2017
Merge pull request #123 from rocknsm/hotfix/2.0.1
Fixes edge case where Bro will not start

@dcode dcode released this Mar 2, 2017 · 37 commits to master since this release

Assets 3

We are proud to finally release ROCK 2.0! We've put a lot into this release, focusing on a more streamlined process.

Some highlights of changes are:

  • Elastic stack 5.x
  • Bro 2.5
  • Suricata by default (Snort is available as alternate)
  • Kafka 10
  • ISO image installer (woot!)
  • Ansible as deployment mechanism

From a usability perspective, we squashed lots of bugs and put a significant amount of effort into enabling better analysis. Kibana can be hard to use with Bro data to make the pivots. So we've re-worked that model to make it easier to find related log files.

For more detailed information, head on over to our documentation.

Filename SHA256
rocknsm-2.0-1703.iso bf07226ac35cc8af644121b1c185c47bc02523e5a3885cf51219213869a1f744

@dcode dcode released this Feb 20, 2017 · 248 commits to devel since this release

Assets 3

Marching on towards the ROCK 2.0 master release.

See Getting Started documentation on how to get going.

In this release, we've squashed a ton of bugs and added the File Scanning Framework by Emerson! This is a great feature, but for the time being we're disabling it by default.

Things not yet in this release:

  • Sufficient documentation. This is coming along, but we know we need more (also need help!)
  • We're working on better health monitoring, but it still needs a bit of polish to cover the important things
  • FSF does not yet have a proper mapping in Elasticsearch which causes issues with Kibana rendering during certain samples
  • Snort needs a little more love to be up to par as a Suricata alternative
  • Lastly, need to create a proper package for our deployment scripts

Do you think something is missing from the above list? Please file an issue, or even better, a pull request!

On to the release!

Filename File Size SHA1SUM
rocknsm-2-BETA2-2017-02-20T0523.iso 1231.00 MB 6819aaa2f03cab79c93516dc30486aff52f7a3ce
Jan 8, 2017
Last snapshot for Beta 1 release

@jeffgeiger jeffgeiger released this Mar 1, 2017 · 208 commits to master since this release

Assets 2

This is the closeout release/tag for 1.0, before we jump to the 2.0 release.