Skip to content

Release Notes

Known Issues

For all known issues, please see https://github.com/Security-Onion-Solutions/securityonion/issues.

Release History

3.0.0 [20260331] Changes

  • FEATURE: Configurable Elasticsearch vm.max_map_count setting
  • FEATURE: Dynamically load Zeek plugins on zeek startup #15546
  • FEATURE: Enable JA4+ License Acceptance #15560
  • FEATURE: Parsing for Zeek websockets logs #15657
  • FEATURE: Refresh login page with updated look
  • FEATURE: Refresh SOC UI with updated look
  • FEATURE: Support additional alt names in web cert
  • FEATURE: Support docker ulimit customization #15581
  • FEATURE: Suricata PCAP replacing Stenographer
  • FIX: API 401 errors will no longer redirect #15611
  • FIX: Cleanup file.absent and cron.absent
  • FIX: Detections - Intermittent "error closing scroll" #14216
  • FIX: Duplicated user roles when refreshing frontend at Administration > Users #15688
  • FIX: Enabled / Disabled Buttons for SOC Grid Configuration Options #15649
  • FIX: Fix rule validators in SOC #15533
  • FIX: Global override configs should not apply to certain indices #15601
  • FIX: Network Transport for suricata alerts should be lowercase #15668
  • FIX: Sensors are not checking in while processing long jobs #15650
  • FIX: so-suricata-testrule script #15396
  • FIX: STIG V1R3
  • FIX: Suricata address-groups vars allow negation #15664
  • FIX: Unable to create detections via Connect API #15673
  • UPGRADE: All frontend 3rd party deps
  • UPGRADE: ATTACK Navigator to 5.3.0 #15680
  • UPGRADE: CyberChef to 10.22.1 #15681
  • UPGRADE: ElastAlert2 to 2.28.0 #15685
  • UPGRADE: Golang 3rd party deps #15647
  • UPGRADE: Golang to 1.26.1 #15580
  • UPGRADE: Hydra to 25.4.0 #15678
  • UPGRADE: Kafka to 3.9.2 #15684
  • UPGRADE: Kratos to 25.4.0 #15677
  • UPGRADE: Nginx to 1.29.6 #15686
  • UPGRADE: OpenCanary to 0.9.7 #15679
  • UPGRADE: Redis to 7.2.13 #15682
  • UPGRADE: Suricata to 8.0.4 #15625
  • UPGRADE: Telegraf to 1.38.0 #15683
  • UPGRADE: Update Docker base images