Evebox Versions Save

EveBox 0.5.0 now provides its own backend. This is to help make deployment easier, as well as work better with the CORS configuration in a default install of Elastic Search.

This is just a tag of the current work done on master since 0.3.0 as I'm about to flip in a bit of a rethinking into the master branch.

For this release, just download one of the source code packages below and serve up the "app" directory.

Depends on Elastic Search 1.3.0+.

• Use Groovy for Elastic Search scripting. Works with the default configuration now (no need to enable dynamic scripting).
• Use the new top hits aggregation in ES 1.3 to limit the number of trips to the ES to build an aggregate view.
• Display packet and payload data now available in Suricata eve logs (Only in Suricata git builds as of now).

• Aggregations.
• First step at viewing non alert events.