DynamiteNSM is a free Network Security Monitor developed by Dynamite Analytics to enable network visibility and advanced cyber threat detection
dynamite
commands can now run as non-root users, provided that user is added to the dynamite
group.setup
command added to decouple environment preparation from individual service installation. Also provides the ability to fully uninstall NSM services.zeek reset
, suricata reset
, and filebeat reset
commands allows users to revert various configurations back to a default states.suricata config
dynamite
commandline.dynamite-remote
is now included by default with the dynamite-nsm
package.setcap
now runs before Zeek and Suricata processes are started, allowing them to capture traffic as non-root privileged users.dynamite_nsm.services.base.systemctl
module now provides a FallbackCtl
mode which currently allows agent processes to be managed inside a docker container.dynamite_nsm
package.BaseViews
0.4
dynamite remote
command has been replaced with dynamite auth
to avoid confusion.dynamite agent optimize
command no longer takes the parameter --inspection-interfaces
python sources
are available prior to install.service
files.*Manager
setup methods.components
module with cmd
module for building command-line utilities from services
classes.services
agent optimize
command to automatically adjust threading/pinning settings within Zeek/Suricatalogs
command to agent services for presenting relevant performance logs for Zeek and Suricata.config
commandsremote
command allowing a controller to remotely connect to this instanceelasticsearch config users
command for resetting the passwords of internal users.dynamite
with no arguments now returns a status menu of all installable services.lab
and daemon
services has been temporarily retired, and will be available in later a later release0.8 Release
log
wrapper classes for Zeek, Suricata, and FIlebeat, providing easy access to several logs needed for troubleshooting.
patch_modules
install method for Filebeat, allowing for ECS normalization of Zeek and Suricata logs.
LocalNetworkConfigManager
for Zeek, which allows access to the etc/network.cfg
, used to specify local networks to Zeek.suricata_log_output_file
now passed through to the SuricataConfigManager
/opt/dynamite/suricata/logs/
which avoids the mess created when lower runlevel ops try to write to /var/
before it is mounted./opt/dynamite/
suricata.yaml.backup
config instead of properly named filebeats.yml.backup
configelastic.ElasticConfigurator
now implements native yaml
library for parsing configskibana.KibanaConfigurator
now implements native yaml
library for parsing configslogstash.LogstashConfigurator
now implements native yaml
library for parsing configs0.6.3
configs