jdw 🍁<p>Oh <a href="https://cosocial.ca/tags/OpenSearch" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>OpenSearch</span></a>…why are you so weird and incomplete?</p>
Recent searches
No recent searches
Search options
Only available when logged in.
helvede.net is one of the many independent Mastodon servers you can use to participate in the fediverse.
Velkommen til Helvede, fediversets hotteste instance! Vi er en queerfeministisk server, der shitposter i den 9. cirkel.
Welcome to Hell, We’re a DK-based queerfeminist server.
Read our server rules!
Administered by:
Server stats:
167active users
helvede.net: About · Profiles directory · Privacy policy
Mastodon: About · Get the app · Keyboard shortcuts · View source code · v4.3.7
#opensearch
0 posts · 0 participants · 0 posts today
Seth Grover<p><u>This has been a busy month for Malcolm! I pushed hard to get <a href="https://github.com/cisagov/Malcolm/releases/tag/v25.03.0" rel="nofollow noopener noreferrer" target="_blank">v25.03.0</a> out earlier this month, as it contained pretty much just the Keycloak integration one of our partners (and major funding sources) was waiting for. Rather than wait until April for the other stuff that would have gone into the regular end-of-the-month release, I decided to pull those items into this smaller release just a week and a half after the last one.</u></p><p><a href="https://github.com/cisagov/Malcolm/releases/tag/v25.03.0" rel="nofollow noopener noreferrer" target="_blank">Malcolm v25.03.1</a> contains a few enhancements, bug fixes, and several component version updates, including one that addresses a CVE that may affect Hedgehog Linux Kiosk mode and Malcolm's API container.</p><p><strong>NOTE:</strong> If you have not already upgraded to v25.03.0, read the notes for <a href="https://github.com/cisagov/Malcolm/releases/tag/v25.02.0" rel="nofollow noopener noreferrer" target="_blank">v25.02.0</a> and <a href="https://github.com/cisagov/Malcolm/releases/tag/v25.03.0" rel="nofollow noopener noreferrer" target="_blank">v25.03.0</a> and follow the <strong>Read Before Upgrading</strong> instructions on those releases.</p><p><a href="https://github.com/cisagov/Malcolm/compare/v25.03.0...v25.03.1" rel="nofollow noopener noreferrer" target="_blank">Changes in this release</a></p><ul><li>✨ Features and enhancements<ul><li>Incorporate new S7comm device identification log, <code>s7comm_known_devices.log</code> (<a href="https://github.com/cisagov/malcolm/issues/622" rel="nofollow noopener noreferrer" target="_blank">#622</a>)</li><li>Display current PCAP, Zeek, and Suricata capture results in Hedgehog Linux <a href="https://malcolm.fyi/docs/hedgehog-boot.html#HedgehogKioskMode" rel="nofollow noopener noreferrer" target="_blank">Kiosk mode</a> (<a href="https://github.com/cisagov/malcolm/issues/566" rel="nofollow noopener noreferrer" target="_blank">#566</a>)</li><li>Keycloak authentication: configurable group or role membership restrictions for login (<a href="https://github.com/cisagov/malcolm/issues/633" rel="nofollow noopener noreferrer" target="_blank">#633</a>) (see <a href="https://malcolm.fyi/docs/authsetup.html#AuthKeycloakGroupsAndRoles" rel="nofollow noopener noreferrer" target="_blank"><strong>Requiring user groups and realm roles</strong></a>)</li><li>Mark newly-discovered and uninventoried devices in logs during NetBox enrichment (<a href="https://github.com/cisagov/malcolm/issues/573" rel="nofollow noopener noreferrer" target="_blank">#573</a>)</li><li>Added "Apply recommended system tweaks automatically without asking for confirmation?" question to <code>install.py</code> to allow the user to accept changes to <code>sysctl.conf</code>, grub kernel parameters, etc., without having to answer "yes" to each one.</li></ul></li><li>✅ Component version updates<ul><li>Arkime to <a href="https://github.com/arkime/arkime/blob/8c014b0e4e5c9a4dca05780b172def120a50bf30/CHANGELOG#L37-L52" rel="nofollow noopener noreferrer" target="_blank">v5.6.2</a></li><li>evtx to <a href="https://github.com/omerbenamram/evtx/releases/tag/v0.9.0" rel="nofollow noopener noreferrer" target="_blank">v0.9.0</a></li><li>Fluent Bit to <a href="https://github.com/fluent/fluent-bit/releases/tag/v3.2.10" rel="nofollow noopener noreferrer" target="_blank">v3.2.10</a></li><li>gunicorn to <a href="https://github.com/benoitc/gunicorn/releases/tag/23.0.0" rel="nofollow noopener noreferrer" target="_blank">v23.0.0</a> to address <a href="https://github.com/advisories/GHSA-hc5x-x2vx-497g" rel="nofollow noopener noreferrer" target="_blank">CVE-2024-6827</a>, "Gunicorn HTTP Request/Response Smuggling vulnerability"</li><li>Zeek to <a href="https://github.com/zeek/zeek/releases/tag/v7.1.1" rel="nofollow noopener noreferrer" target="_blank">v7.1.1</a></li></ul></li><li>🐛 Bug fixes<ul><li>Fix <code>install.py</code> error when answering yes to "Pull Malcolm images?" with podman (<a href="https://github.com/cisagov/malcolm/issues/604" rel="nofollow noopener noreferrer" target="_blank">#604</a>)</li><li>Order of user-provided tags from PCAP upload interface not preserved (<a href="https://github.com/cisagov/malcolm/issues/624" rel="nofollow noopener noreferrer" target="_blank">#624</a>)</li></ul></li><li>📄 Configuration changes (in <a href="https://malcolm.fyi/docs/malcolm-config.html#MalcolmConfigEnvVars" rel="nofollow noopener noreferrer" target="_blank">environment variables</a> in <a href="https://github.com/cisagov/Malcolm/blob/main/config" rel="nofollow noopener noreferrer" target="_blank"><code>./config/</code></a>) for Malcolm and in <a href="https://github.com/cisagov/Malcolm/blob/main/hedgehog-iso/interface/sensor_ctl/control_vars.conf" rel="nofollow noopener noreferrer" target="_blank"><code>control_vars.conf</code></a> for Hedgehog Linux<ul><li>added <code>NGINX_REQUIRE_GROUP</code> and <code>NGINX_REQUIRE_ROLE</code> to <a href="https://github.com/cisagov/Malcolm/blob/main/config/auth-common.env.example" rel="nofollow noopener noreferrer" target="_blank"><code>auth-common.env</code></a> to support <a href="https://malcolm.fyi/docs/authsetup.html#AuthKeycloakGroupsAndRoles" rel="nofollow noopener noreferrer" target="_blank"><strong>Requiring user groups and realm roles</strong></a> for Keycloak authentication</li></ul></li><li>🧹 Code and project maintenance<ul><li>Ensure Malcolm's NetBox configuration Python scripts are baked into the image in addition to bind-mounting them in <code>docker-compose.yml</code> at runtime.</li></ul></li></ul><p><a href="https://malcolm.fyi/" rel="nofollow noopener noreferrer" target="_blank">Malcolm</a> is a powerful, easily deployable network 🖧 traffic analysis tool suite for network security monitoring 🕵🏻♀️.</p><p>Malcolm operates as a cluster of containers 📦, isolated sandboxes which each serve a dedicated function of the system. This makes Malcolm deployable with frameworks like Docker 🐋, <a href="https://malcolm.fyi/docs/quickstart.html#DockerVPodman" rel="nofollow noopener noreferrer" target="_blank">Podman</a> 🦭, and <a href="https://malcolm.fyi/docs/kubernetes.html#Kubernetes" rel="nofollow noopener noreferrer" target="_blank">Kubernetes</a> ⎈. Check out the <a href="https://malcolm.fyi/docs/quickstart.html" rel="nofollow noopener noreferrer" target="_blank">Quick Start</a> guide for examples on how to get up and running.</p><p>Alternatively, dedicated official <a href="https://malcolm.fyi/docs/malcolm-hedgehog-e2e-iso-install.html#InstallationExample" rel="nofollow noopener noreferrer" target="_blank">ISO installer images</a> 💿 for Malcolm and Hedgehog Linux 🦔 can be downloaded from Malcolm's <a href="https://github.com/cisagov/Malcolm/releases" rel="nofollow noopener noreferrer" target="_blank">releases page</a> on GitHub. Due to limits on individual files in GitHub releases, these ISO files have been split 🪓 into 2GB chunks and can be reassembled with scripts provided for both Bash 🐧 (<a href="https://github.com/cisagov/Malcolm/blob/main/scripts/release_cleaver.sh" rel="nofollow noopener noreferrer" target="_blank"><code>release_cleaver.sh</code></a>) and PowerShell 🪟 (<a href="https://github.com/cisagov/Malcolm/blob/main/scripts/release_cleaver.ps1" rel="nofollow noopener noreferrer" target="_blank"><code>release_cleaver.ps1</code></a>). See <a href="https://malcolm.fyi/docs/download.html#DownloadISOs" rel="nofollow noopener noreferrer" target="_blank"><strong>Downloading Malcolm - Installer ISOs</strong></a> for instructions.</p><p>As always, join us on the <a href="https://github.com/cisagov/Malcolm/discussions" rel="nofollow noopener noreferrer" target="_blank">Malcolm discussions board</a> 💬 to engage with the community, or pop some corn 🍿 and <a href="https://www.youtube.com/@malcolmnetworktrafficanalysis/playlists" rel="nofollow noopener noreferrer" target="_blank">watch a video</a> 📼.</p><p><a href="https://infosec.exchange/tags/Malcolm" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Malcolm</span></a> <a href="https://infosec.exchange/tags/HedgehogLinux" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>HedgehogLinux</span></a> <a href="https://infosec.exchange/tags/Zeek" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Zeek</span></a> <a href="https://infosec.exchange/tags/Arkime" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Arkime</span></a> <a href="https://infosec.exchange/tags/NetBox" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>NetBox</span></a> <a href="https://infosec.exchange/tags/OpenSearch" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>OpenSearch</span></a> <a href="https://infosec.exchange/tags/Elasticsearch" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Elasticsearch</span></a> <a href="https://infosec.exchange/tags/Suricata" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Suricata</span></a> <a href="https://infosec.exchange/tags/SSO" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>SSO</span></a> <a href="https://infosec.exchange/tags/OIDC" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>OIDC</span></a> <a href="https://infosec.exchange/tags/Keycloak" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Keycloak</span></a> <a href="https://infosec.exchange/tags/PCAP" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>PCAP</span></a> <a href="https://infosec.exchange/tags/NetworkTrafficAnalysis" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>NetworkTrafficAnalysis</span></a> <a href="https://infosec.exchange/tags/networksecuritymonitoring" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>networksecuritymonitoring</span></a> <a href="https://infosec.exchange/tags/OT" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>OT</span></a> <a href="https://infosec.exchange/tags/ICS" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>ICS</span></a> <a href="https://infosec.exchange/tags/icssecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>icssecurity</span></a> <a href="https://infosec.exchange/tags/CyberSecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>CyberSecurity</span></a> <a href="https://infosec.exchange/tags/Cyber" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Cyber</span></a> <a href="https://infosec.exchange/tags/Infosec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Infosec</span></a> <a href="https://infosec.exchange/tags/INL" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>INL</span></a> <a href="https://infosec.exchange/tags/DHS" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>DHS</span></a> <a href="https://infosec.exchange/tags/CISA" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>CISA</span></a> <a href="https://infosec.exchange/tags/CISAgov" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>CISAgov</span></a></p>
Seth Grover<p><a href="https://github.com/cisagov/Malcolm/releases/tag/v25.03.0" rel="nofollow noopener noreferrer" target="_blank">Malcolm v25.03.0</a> adds 🔐 <a href="https://malcolm.fyi/docs/authsetup.html#AuthKeycloak" rel="nofollow noopener noreferrer" target="_blank">authentication via Keycloak</a> and all that entails: single sign-on (SSO), identity providers, federation of LDAP/Kerberos servers, and more! Malcolm can connect to an <a href="https://malcolm.fyi/docs/authsetup.html#AuthKeycloakRemote" rel="nofollow noopener noreferrer" target="_blank">existing Keycloak server</a> or it can use its own <a href="https://malcolm.fyi/docs/authsetup.html#AuthKeycloakEmbedded" rel="nofollow noopener noreferrer" target="_blank">embedded Keycloak instance</a>. This release also includes a few component version updates.</p><p>Please read the <a href="https://github.com/cisagov/Malcolm/releases" rel="nofollow noopener noreferrer" target="_blank">release notes</a> from this release <strong>and</strong> from v25.02.0 for some things to check prior to updating.</p><p><a href="https://malcolm.fyi/" rel="nofollow noopener noreferrer" target="_blank">Malcolm</a> is a powerful, easily deployable network 🖧 traffic analysis tool suite for network security monitoring 🕵🏻♀️. Check out the <a href="https://malcolm.fyi/docs/quickstart.html" rel="nofollow noopener noreferrer" target="_blank">Quick Start</a> guide for examples on how to get up and running.</p><p>As always, join us on the <a href="https://github.com/cisagov/Malcolm/discussions" rel="nofollow noopener noreferrer" target="_blank">Malcolm discussions board</a> 💬 to engage with the community, or pop some corn 🍿 and <a href="https://www.youtube.com/@malcolmnetworktrafficanalysis/playlists" rel="nofollow noopener noreferrer" target="_blank">watch a video</a> 📼.</p><p><a href="https://infosec.exchange/tags/Malcolm" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Malcolm</span></a> <a href="https://infosec.exchange/tags/HedgehogLinux" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>HedgehogLinux</span></a> <a href="https://infosec.exchange/tags/Zeek" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Zeek</span></a> <a href="https://infosec.exchange/tags/Arkime" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Arkime</span></a> <a href="https://infosec.exchange/tags/NetBox" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>NetBox</span></a> <a href="https://infosec.exchange/tags/OpenSearch" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>OpenSearch</span></a> <a href="https://infosec.exchange/tags/Elasticsearch" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Elasticsearch</span></a> <a href="https://infosec.exchange/tags/Suricata" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Suricata</span></a> <a href="https://infosec.exchange/tags/SSO" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>SSO</span></a> <a href="https://infosec.exchange/tags/OIDC" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>OIDC</span></a> <a href="https://infosec.exchange/tags/Keycloak" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Keycloak</span></a> <a href="https://infosec.exchange/tags/PCAP" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>PCAP</span></a> <a href="https://infosec.exchange/tags/NetworkTrafficAnalysis" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>NetworkTrafficAnalysis</span></a> <a href="https://infosec.exchange/tags/networksecuritymonitoring" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>networksecuritymonitoring</span></a> <a href="https://infosec.exchange/tags/OT" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>OT</span></a> <a href="https://infosec.exchange/tags/ICS" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>ICS</span></a> <a href="https://infosec.exchange/tags/icssecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>icssecurity</span></a> <a href="https://infosec.exchange/tags/CyberSecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>CyberSecurity</span></a> <a href="https://infosec.exchange/tags/Cyber" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Cyber</span></a> <a href="https://infosec.exchange/tags/Infosec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Infosec</span></a> <a href="https://infosec.exchange/tags/INL" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>INL</span></a> <a href="https://infosec.exchange/tags/DHS" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>DHS</span></a> <a href="https://infosec.exchange/tags/CISA" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>CISA</span></a> <a href="https://infosec.exchange/tags/CISAgov" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>CISAgov</span></a></p>
Seth Grover<p><a href="https://infosec.exchange/tags/DHS" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>DHS</span></a> <a href="https://infosec.exchange/tags/CISA" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>CISA</span></a> is big on the building community aspect of <a href="https://infosec.exchange/tags/Malcolm" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Malcolm</span></a> right now, so as part of that we'll be having our first "Malcolm Office Hours" this Thursday. The plan is to have this monthly, every third Thursday, at 12pm Eastern time for 30 minutes. Details for the office hours can be found <a href="https://github.com/cisagov/Malcolm/discussions/615" rel="nofollow noopener noreferrer" target="_blank">here</a>. We'll be figuring out what works with this as we go and adjusting the format as needed. We hope to see any of you who might be interested there!</p><p>Malcolm is a powerful, easily deployable network traffic analysis tool suite for network security monitoring.</p><p><a href="https://infosec.exchange/tags/HedgehogLinux" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>HedgehogLinux</span></a> <a href="https://infosec.exchange/tags/Zeek" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Zeek</span></a> <a href="https://infosec.exchange/tags/Arkime" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Arkime</span></a> <a href="https://infosec.exchange/tags/NetBox" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>NetBox</span></a> <a href="https://infosec.exchange/tags/OpenSearch" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>OpenSearch</span></a> <a href="https://infosec.exchange/tags/Elasticsearch" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Elasticsearch</span></a> <a href="https://infosec.exchange/tags/Suricata" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Suricata</span></a> <a href="https://infosec.exchange/tags/PCAP" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>PCAP</span></a> <a href="https://infosec.exchange/tags/NetworkTrafficAnalysis" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>NetworkTrafficAnalysis</span></a> <a href="https://infosec.exchange/tags/networksecuritymonitoring" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>networksecuritymonitoring</span></a> <a href="https://infosec.exchange/tags/OT" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>OT</span></a> <a href="https://infosec.exchange/tags/ICS" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>ICS</span></a> <a href="https://infosec.exchange/tags/icssecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>icssecurity</span></a> <a href="https://infosec.exchange/tags/CyberSecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>CyberSecurity</span></a> <a href="https://infosec.exchange/tags/Cyber" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Cyber</span></a> <a href="https://infosec.exchange/tags/Infosec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Infosec</span></a> <a href="https://infosec.exchange/tags/INL" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>INL</span></a> <a href="https://infosec.exchange/tags/CISAgov" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>CISAgov</span></a></p>
OOTS<p><span class="h-card" translate="no"><a href="https://infosec.exchange/@andreasdotorg" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>andreasdotorg</span></a></span> <span class="h-card" translate="no"><a href="https://mastodon.social/@redknight" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>redknight</span></a></span> <br>I think at that level it's conceptually easy, you "just" need (wo-)manpower to set up and maintain everything yourself. Assuming you want to set up a new cloud provider from scratch and build one/two/three new DCs in different regions in Europe:<br>- buy standard "off-the-shelve" server hardware<br>- at this level you can use US networking equipment (firewalls, routers, switches)<br>- and then use/self-host all the open-source software you want</p><p>E.g.:<br>- use your favourite <a href="https://infosec.exchange/tags/Linux" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Linux</span></a> distro (<a href="https://infosec.exchange/tags/debian" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>debian</span></a>, <a href="https://infosec.exchange/tags/ubuntu" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>ubuntu</span></a>, <a href="https://infosec.exchange/tags/fedora" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>fedora</span></a>, or whatever)<br>- set up Netbox or a similar tool (and maybe phpIPAM) + <a href="https://infosec.exchange/tags/PostGreSQL" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>PostGreSQL</span></a> Server<br>- there's probably no way around <a href="https://infosec.exchange/tags/OpenStack" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>OpenStack</span></a> either way, with <a href="https://infosec.exchange/tags/MariaDB" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>MariaDB</span></a> and some other open source tools in the background<br>- you can set up <a href="https://infosec.exchange/tags/Prometheus" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Prometheus</span></a>, <a href="https://infosec.exchange/tags/Grafana" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Grafana</span></a>, <a href="https://infosec.exchange/tags/OpenSearch" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>OpenSearch</span></a> for observability</p><p>And on top of that offer services as you see fit:<br>- automate setup/maintenance of <a href="https://infosec.exchange/tags/Kubernetes" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Kubernetes</span></a> clusters (I heard <a href="https://infosec.exchange/tags/RKE2" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>RKE2</span></a> is a fairly self-contained <a href="https://infosec.exchange/tags/K8s" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>K8s</span></a> distribution)<br>- automate setup/maintenance of DB servers<br>- provide a way to run "serverless" apps<br>- set up <a href="https://infosec.exchange/tags/nextcloud" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>nextcloud</span></a> or so</p>
Martin Boller 🇺🇦 :tux: :freebsd: :windows: :mastodon:<p>Just like DNS way, way, waaaaaaaay too many seem to mess up NTP. So I wrote a thing about monitoring NTP with OpenSearch/ElasticSearch. </p><p><a href="https://www.infosecworrier.dk/blog/2025/03/ntpmonitoring/" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">infosecworrier.dk/blog/2025/03</span><span class="invisible">/ntpmonitoring/</span></a></p><p><a href="https://infosec.exchange/tags/ElasticSearch" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>ElasticSearch</span></a> <a href="https://infosec.exchange/tags/OpenSearch" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>OpenSearch</span></a> <a href="https://infosec.exchange/tags/NTP" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>NTP</span></a> <a href="https://infosec.exchange/tags/NTPd" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>NTPd</span></a> <a href="https://infosec.exchange/tags/NTPSec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>NTPSec</span></a> <a href="https://infosec.exchange/tags/CriticalInfrastructure" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>CriticalInfrastructure</span></a></p>
OpenWebSearch.eu<p>🇫🇮 <a href="https://suma-ev.social/tags/ossym25" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>ossym25</span></a> will take us to Finland this fall!<br>The 7th International Open Search Symposium brings together the <a href="https://suma-ev.social/tags/OpenSearch" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>OpenSearch</span></a> & <a href="https://suma-ev.social/tags/OpenData" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>OpenData</span></a> Community for 3 consecutive days. </p><p>🤠 Curious what to expect?<br>If you haven't attended <a href="https://suma-ev.social/tags/ossym" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>ossym</span></a> in the past, you can get some impressions from <a href="https://suma-ev.social/tags/ossym24" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>ossym24</span></a> – which was hosted by Leibniz Supercomputing Centre – in our video below. 👇</p><p>📍 OpenWebSearch.eu is an active partner in the <a href="https://suma-ev.social/tags/OpenSearchInitiative" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>OpenSearchInitiative</span></a>. We hope to see you in <a href="https://suma-ev.social/tags/Helsinki" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Helsinki</span></a> in the fall! </p><p><a href="https://vimeo.com/1062412998" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="">vimeo.com/1062412998</span><span class="invisible"></span></a></p>
Carlos Mogas da Silva<p>hey <span class="h-card" translate="no"><a href="https://social.vivaldi.net/@Vivaldi" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>Vivaldi</span></a></span>, how about some <a href="https://mastodon.r3pek.org/tags/opensearch" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>opensearch</span></a> love? You're not "discovering" <a href="https://mastodon.r3pek.org/tags/searxng" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>searxng</span></a> as a search engine 😔</p>
Seth Grover<p>Malcolm v25.02.0 contains some <strong>major performance improvements</strong>, a few smaller new features and enhancements, several component version updates, bug fixes, and documentation updates. See the <a href="https://github.com/cisagov/Malcolm/releases/tag/v25.02.0" rel="nofollow noopener noreferrer" target="_blank">release notes</a> for more details.</p><ul><li>✨ Features and enhancements<ul><li>performance improvements (<strong>4x faster</strong>) for NetBox enrichment (<a href="https://github.com/cisagov/Malcolm/issues/#547" rel="nofollow noopener noreferrer" target="_blank">#547</a>) and autopopulation</li><li>performance improvements (<strong>18x faster</strong>) for Suricata's processing of uploaded PCAP files (<a href="https://github.com/cisagov/Malcolm/issues/#457" rel="nofollow noopener noreferrer" target="_blank">#457</a>)</li><li>include <a href="https://github.com/corelight/zeek-long-connections" rel="nofollow noopener noreferrer" target="_blank">corelight/zeek-long-connections</a> plugin to log long connections (<a href="https://github.com/cisagov/Malcolm/issues/#585" rel="nofollow noopener noreferrer" target="_blank">#585</a>)</li><li>significant work-in-progress towards support for Sigma rules via OpenSearch Security Analytics (still incomplete due to some blocking issues upstream, see <a href="https://github.com/cisagov/Malcolm/issues/475" rel="nofollow noopener noreferrer" target="_blank">#475</a> for details)</li></ul></li><li>✅ Component version updates<ul><li>Arkime to <a href="https://github.com/arkime/arkime/blob/10bf375cc98e2c12c0286fddc7c79cb3126b993c/CHANGELOG#L43-L75" rel="nofollow noopener noreferrer" target="_blank">v5.6.1</a></li><li>capa to <a href="https://github.com/mandiant/capa/releases/tag/v9.0.0" rel="nofollow noopener noreferrer" target="_blank">v9.0.0</a></li><li>OpenSearch and OpenSearch Dashboards to <a href="https://github.com/opensearch-project/opensearch-build/blob/main/release-notes/opensearch-release-notes-2.19.0.md" rel="nofollow noopener noreferrer" target="_blank">v2.19.0</a></li></ul></li></ul><p><a href="https://malcolm.fyi/" rel="nofollow noopener noreferrer" target="_blank">Malcolm</a> is a powerful, easily deployable network 🖧 traffic analysis tool suite for network security monitoring 🕵🏻♀️.</p><p>Malcolm operates as a cluster of containers 📦, isolated sandboxes which each serve a dedicated function of the system. This makes Malcolm deployable with frameworks like Docker 🐋, <a href="https://malcolm.fyi/docs/quickstart.html#DockerVPodman" rel="nofollow noopener noreferrer" target="_blank">Podman</a> 🦭, and <a href="https://malcolm.fyi/docs/kubernetes.html#Kubernetes" rel="nofollow noopener noreferrer" target="_blank">Kubernetes</a> ⎈. Check out the <a href="https://malcolm.fyi/docs/quickstart.html" rel="nofollow noopener noreferrer" target="_blank">Quick Start</a> guide for examples on how to get up and running.</p><p>Alternatively, dedicated official <a href="https://malcolm.fyi/docs/malcolm-hedgehog-e2e-iso-install.html#InstallationExample" rel="nofollow noopener noreferrer" target="_blank">ISO installer images</a> 💿 for Malcolm and Hedgehog Linux 🦔 can be downloaded from Malcolm's <a href="https://github.com/cisagov/Malcolm/releases" rel="nofollow noopener noreferrer" target="_blank">releases page</a> on GitHub. Due to limits on individual files in GitHub releases, these ISO files have been split 🪓 into 2GB chunks and can be reassembled with scripts provided for both Bash 🐧 (<a href="https://github.com/cisagov/Malcolm/blob/main/scripts/release_cleaver.sh" rel="nofollow noopener noreferrer" target="_blank"><code>release_cleaver.sh</code></a>) and PowerShell 🪟 (<a href="https://github.com/cisagov/Malcolm/blob/main/scripts/release_cleaver.ps1" rel="nofollow noopener noreferrer" target="_blank"><code>release_cleaver.ps1</code></a>). See <a href="https://malcolm.fyi/docs/download.html#DownloadISOs" rel="nofollow noopener noreferrer" target="_blank"><strong>Downloading Malcolm - Installer ISOs</strong></a> for instructions.</p><p>As always, join us on the <a href="https://github.com/cisagov/Malcolm/discussions" rel="nofollow noopener noreferrer" target="_blank">Malcolm discussions board</a> 💬 to engage with the community, or pop some corn 🍿 and <a href="https://www.youtube.com/@malcolmnetworktrafficanalysis/playlists" rel="nofollow noopener noreferrer" target="_blank">watch a video</a> 📼.</p><p><a href="https://infosec.exchange/tags/Malcolm" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Malcolm</span></a> <a href="https://infosec.exchange/tags/HedgehogLinux" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>HedgehogLinux</span></a> <a href="https://infosec.exchange/tags/Zeek" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Zeek</span></a> <a href="https://infosec.exchange/tags/Arkime" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Arkime</span></a> <a href="https://infosec.exchange/tags/NetBox" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>NetBox</span></a> <a href="https://infosec.exchange/tags/OpenSearch" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>OpenSearch</span></a> <a href="https://infosec.exchange/tags/Elasticsearch" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Elasticsearch</span></a> <a href="https://infosec.exchange/tags/Suricata" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Suricata</span></a> <a href="https://infosec.exchange/tags/PCAP" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>PCAP</span></a> <a href="https://infosec.exchange/tags/NetworkTrafficAnalysis" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>NetworkTrafficAnalysis</span></a> <a href="https://infosec.exchange/tags/networksecuritymonitoring" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>networksecuritymonitoring</span></a> <a href="https://infosec.exchange/tags/OT" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>OT</span></a> <a href="https://infosec.exchange/tags/ICS" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>ICS</span></a> <a href="https://infosec.exchange/tags/icssecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>icssecurity</span></a> <a href="https://infosec.exchange/tags/CyberSecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>CyberSecurity</span></a> <a href="https://infosec.exchange/tags/Cyber" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Cyber</span></a> <a href="https://infosec.exchange/tags/Infosec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Infosec</span></a> <a href="https://infosec.exchange/tags/INL" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>INL</span></a> <a href="https://infosec.exchange/tags/DHS" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>DHS</span></a> <a href="https://infosec.exchange/tags/CISA" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>CISA</span></a> <a href="https://infosec.exchange/tags/CISAgov" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>CISAgov</span></a></p>
The Linux Foundation<p>🚀 Scale vector search without breaking the bank! @OpenSearchProject introduces disk-based vector search, combining efficient quantization with secondary storage to reduce RAM usage while maintaining accuracy.</p><p>Read more: <a href="https://opensearch.org/blog/Reduce-Cost-with-Disk-based-Vector-Search/" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">opensearch.org/blog/Reduce-Cos</span><span class="invisible">t-with-Disk-based-Vector-Search/</span></a><br><a href="https://social.lfx.dev/tags/OpenSearch" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>OpenSearch</span></a> <a href="https://social.lfx.dev/tags/VectorSearch" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>VectorSearch</span></a> <a href="https://social.lfx.dev/tags/AI" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>AI</span></a></p>
The Linux Foundation<p>The <span class="h-card" translate="no"><a href="https://fosstodon.org/@OpenSearchProject" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>OpenSearchProject</span></a></span> just launched OpenSearch 2.19! </p><p>🚀Smarter search, AI-powered upgrades & major storage savings: 60% less storage for vectors, 90% lower memory use with Lucene binary vectors, & better hybrid search. <br>Read the blog to explore more! </p><p>🔗<a href="https://opensearch.org/blog/explore-OpenSearch-2-19/" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">opensearch.org/blog/explore-Op</span><span class="invisible">enSearch-2-19/</span></a></p><p><a href="https://social.lfx.dev/tags/OpenSearch" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>OpenSearch</span></a> <a href="https://social.lfx.dev/tags/AI" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>AI</span></a> <a href="https://social.lfx.dev/tags/Search" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Search</span></a></p>
The Linux Foundation<p>💡 AI-powered search just got easier!</p><p>With Instant DeepSeek, OpenSearch lets you integrate DeepSeek LLMs with one API call—no manual setup, no complex orchestration. 🚀</p><p>🔹 One-click deployment<br>🔹 Automated pipelines<br>🔹 Faster LLM integration</p><p>🔗 <a href="https://opensearch.org/blog/one-click-deepseek-integration/" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">opensearch.org/blog/one-click-</span><span class="invisible">deepseek-integration/</span></a></p><p><a href="https://social.lfx.dev/tags/OpenSearch" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>OpenSearch</span></a> <a href="https://social.lfx.dev/tags/DeepSeek" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>DeepSeek</span></a> <a href="https://social.lfx.dev/tags/AI" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>AI</span></a> <a href="https://social.lfx.dev/tags/LLM" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>LLM</span></a> <a href="https://social.lfx.dev/tags/DevTools" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>DevTools</span></a> <a href="https://social.lfx.dev/tags/CloudComputing" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>CloudComputing</span></a></p>
Kris Freedain 🙏 🏋🏻 🍕<p>And <span class="h-card" translate="no"><a href="https://hachyderm.io/@geekygirldawn" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>geekygirldawn</span></a></span> shows us the data - forked projects are proving to have a positive impact on external contributions in <a href="https://fosstodon.org/tags/opensource" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>opensource</span></a>! <a href="https://fosstodon.org/tags/StateofOpenCon" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>StateofOpenCon</span></a> <a href="https://fosstodon.org/tags/soocon25" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>soocon25</span></a> <a href="https://fosstodon.org/tags/OpenSearch" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>OpenSearch</span></a></p>
Seth Grover<p><a href="https://github.com/cisagov/Malcolm/releases/tag/v25.01.0" rel="nofollow noopener noreferrer" target="_blank">Malcolm v25.01.0</a> contains quite a few UI/UX improvements; new parsers; a bevy of component version updates including to Arkime, Zeek, NetBox; and several bug fixes.</p><ul><li>✨ Features and enhancements<ul><li>integrate <a href="https://github.com/cisagov/icsnpp-omron-fins" rel="nofollow noopener noreferrer" target="_blank">Omron FINS</a> parser and added corresponding dashboard (<a href="https://github.com/cisagov/Malcolm/issues/554" rel="nofollow noopener noreferrer" target="_blank">cisagov/Malcolm#554</a>)</li><li>integrate <a href="https://docs.zeek.org/en/master/logs/postgresql.html" rel="nofollow noopener noreferrer" target="_blank">PostgreSQL</a> parser (added in Zeek v7.1.0) and added corresponding dashboard (<a href="https://github.com/cisagov/Malcolm/issues/553" rel="nofollow noopener noreferrer" target="_blank">cisagov/Malcolm#553</a>)</li><li>normalize <a href="https://malcolm.fyi/docs/third-party-logs.html#Beats" rel="nofollow noopener noreferrer" target="_blank">Winlogbeat</a> with Fluent Bit's <code>winlog</code>/<code>winevtlog</code> event and <code>evtx</code> event schemas (<a href="https://github.com/cisagov/Malcolm/issues/356" rel="nofollow noopener noreferrer" target="_blank">cisagov/Malcolm#356</a>)<ul><li><a href="https://www.elastic.co/guide/en/beats/winlogbeat/current/_winlogbeat_overview.html" rel="nofollow noopener noreferrer" target="_blank">Winlogbeat</a> seems to <a href="https://github.com/fluent/fluent-bit/discussions/9810" rel="nofollow noopener noreferrer" target="_blank">parse</a> more <a href="https://www.elastic.co/guide/en/beats/winlogbeat/current/exported-fields-winlog.html" rel="nofollow noopener noreferrer" target="_blank">fields</a> from Windows events than Fluent Bit's <a href="https://docs.fluentbit.io/manual/pipeline/inputs/windows-event-log-winevtlog" rel="nofollow noopener noreferrer" target="_blank"><code>winevtlog</code></a> or <a href="https://docs.fluentbit.io/manual/pipeline/inputs/windows-event-log" rel="nofollow noopener noreferrer" target="_blank"><code>winlog</code></a> do, so users forwarding Windows event logs to Malcolm using Fluent Bit may want to evaluate Winlogbeat as an alternative.</li></ul></li><li>support <a href="https://malcolm.fyi/docs/third-party-logs.html#Syslog" rel="nofollow noopener noreferrer" target="_blank">syslog ingestion</a> over UDP and/or TCP (<a href="https://github.com/cisagov/Malcolm/issues/354" rel="nofollow noopener noreferrer" target="_blank">cisagov/Malcolm#354</a>)</li><li>clicking field values in Dashboards tables will now pivot to Arkime or NetBox (<a href="https://github.com/cisagov/Malcolm/issues/551" rel="nofollow noopener noreferrer" target="_blank">cisagov/Malcolm#551</a>)</li><li>add navigation pane to all non-network dashboards (<a href="https://github.com/cisagov/Malcolm/issues/543" rel="nofollow noopener noreferrer" target="_blank">cisagov/Malcolm#543</a>)</li></ul></li><li>✅ Component version updates<ul><li>Arkime to <a href="https://github.com/arkime/arkime/blob/f1a38f076fff8142c74b9d588b2b05dbfbf30b62/CHANGELOG#L41-L66" rel="nofollow noopener noreferrer" target="_blank">v5.6.0</a></li><li>beats to <a href="https://www.elastic.co/guide/en/beats/libbeat/current/release-notes-8.17.0.html" rel="nofollow noopener noreferrer" target="_blank">v8.17.0</a></li><li>elasticsearch-dsl Python library to <a href="https://github.com/elastic/elasticsearch-dsl-py/releases/tag/v8.17.1" rel="nofollow noopener noreferrer" target="_blank">v8.17.1</a></li><li>Jinja Python library to <a href="https://github.com/pallets/jinja/releases/tag/3.1.5" rel="nofollow noopener noreferrer" target="_blank">v3.1.5</a> (security fix release)</li><li>Logstash to <a href="https://www.elastic.co/guide/en/logstash/current/logstash-8-17-0.html" rel="nofollow noopener noreferrer" target="_blank">v8.17.0</a></li><li>NetBox to <a href="https://github.com/netbox-community/netbox/releases/tag/v4.1.11" rel="nofollow noopener noreferrer" target="_blank">v4.1.11</a></li><li>osd_transform_vis (Dashboards visualization library) to <a href="https://github.com/lguillaud/osd_transform_vis/releases/tag/2.18.0" rel="nofollow noopener noreferrer" target="_blank">v2.18.0</a></li><li>yq to <a href="https://github.com/mikefarah/yq/releases/tag/v4.45.1" rel="nofollow noopener noreferrer" target="_blank">v4.45.1</a></li><li>Zeek to <a href="https://github.com/zeek/zeek/releases/tag/v7.1.0" rel="nofollow noopener noreferrer" target="_blank">v7.1.0</a> (<a href="https://github.com/cisagov/Malcolm/issues/553" rel="nofollow noopener noreferrer" target="_blank">cisagov/Malcolm#553</a>)</li></ul></li><li>🐛 Bug fixes<ul><li><a href="https://malcolm.fyi/docs/file-scanning.html#ZeekFileExtractionUI" rel="nofollow noopener noreferrer" target="_blank">Extracted File Downloads</a> interface not working with some filenames (<a href="https://github.com/cisagov/Malcolm/issues/524" rel="nofollow noopener noreferrer" target="_blank">cisagov/Malcolm#524</a>)</li><li>user-defined custom field formats for index patterns are overwritten (<a href="https://github.com/cisagov/Malcolm/issues/542" rel="nofollow noopener noreferrer" target="_blank">cisagov/Malcolm#542</a>)</li><li>port numbers should not be shown with commas in Dashboards (<a href="https://github.com/cisagov/Malcolm/issues/540" rel="nofollow noopener noreferrer" target="_blank">cisagov/Malcolm#540</a>)</li><li>pivoting between Arkime and Dashboards doesn't work when Malcolm is behind a reverse proxy (e.g., traefik) (<a href="https://github.com/cisagov/Malcolm/issues/552" rel="nofollow noopener noreferrer" target="_blank">cisagov/Malcolm#552</a>)</li><li><code>opensearch.keystore</code> not created when running in Hedgehog run profile (<a href="https://github.com/cisagov/Malcolm/issues/533" rel="nofollow noopener noreferrer" target="_blank">cisagov/Malcolm#533</a>)</li><li>ensure all conn.log entries are tagged <code>ics</code> for OT protocols (<a href="https://github.com/cisagov/Malcolm/issues/541" rel="nofollow noopener noreferrer" target="_blank">cisagov/Malcolm#541</a>)</li></ul></li></ul><p><a href="https://malcolm.fyi/" rel="nofollow noopener noreferrer" target="_blank">Malcolm</a> is a powerful, easily deployable network 🖧 traffic analysis tool suite for network security monitoring 🕵🏻♀️.</p><p>Malcolm operates as a cluster of containers 📦, isolated sandboxes which each serve a dedicated function of the system. This makes Malcolm deployable with frameworks like Docker 🐋, <a href="https://malcolm.fyi/docs/quickstart.html#DockerVPodman" rel="nofollow noopener noreferrer" target="_blank">Podman</a> 🦭, and <a href="https://malcolm.fyi/docs/kubernetes.html#Kubernetes" rel="nofollow noopener noreferrer" target="_blank">Kubernetes</a> ⎈. Check out the <a href="https://malcolm.fyi/docs/quickstart.html" rel="nofollow noopener noreferrer" target="_blank">Quick Start</a> guide for examples on how to get up and running.</p><p>Alternatively, dedicated official <a href="https://malcolm.fyi/docs/malcolm-hedgehog-e2e-iso-install.html#InstallationExample" rel="nofollow noopener noreferrer" target="_blank">ISO installer images</a> 💿 for Malcolm and Hedgehog Linux 🦔 can be downloaded from Malcolm's <a href="https://github.com/cisagov/Malcolm/releases" rel="nofollow noopener noreferrer" target="_blank">releases page</a> on GitHub. Due to limits on individual files in GitHub releases, these ISO files have been split 🪓 into 2GB chunks and can be reassembled with scripts provided for both Bash 🐧 (<a href="https://github.com/cisagov/Malcolm/blob/main/scripts/release_cleaver.sh" rel="nofollow noopener noreferrer" target="_blank"><code>release_cleaver.sh</code></a>) and PowerShell 🪟 (<a href="https://github.com/cisagov/Malcolm/blob/main/scripts/release_cleaver.ps1" rel="nofollow noopener noreferrer" target="_blank"><code>release_cleaver.ps1</code></a>). See <a href="https://malcolm.fyi/docs/download.html#DownloadISOs" rel="nofollow noopener noreferrer" target="_blank"><strong>Downloading Malcolm - Installer ISOs</strong></a> for instructions.</p><p>As always, join us on the <a href="https://github.com/cisagov/Malcolm/discussions" rel="nofollow noopener noreferrer" target="_blank">Malcolm discussions board</a> 💬 to engage with the community, or pop some corn 🍿 and <a href="https://www.youtube.com/@malcolmnetworktrafficanalysis/playlists" rel="nofollow noopener noreferrer" target="_blank">watch a video</a> 📼.</p><p><a href="https://infosec.exchange/tags/Malcolm" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Malcolm</span></a> <a href="https://infosec.exchange/tags/HedgehogLinux" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>HedgehogLinux</span></a> <a href="https://infosec.exchange/tags/Zeek" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Zeek</span></a> <a href="https://infosec.exchange/tags/Arkime" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Arkime</span></a> <a href="https://infosec.exchange/tags/NetBox" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>NetBox</span></a> <a href="https://infosec.exchange/tags/OpenSearch" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>OpenSearch</span></a> <a href="https://infosec.exchange/tags/Elasticsearch" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Elasticsearch</span></a> <a href="https://infosec.exchange/tags/Suricata" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Suricata</span></a> <a href="https://infosec.exchange/tags/PCAP" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>PCAP</span></a> <a href="https://infosec.exchange/tags/NetworkTrafficAnalysis" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>NetworkTrafficAnalysis</span></a> <a href="https://infosec.exchange/tags/networksecuritymonitoring" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>networksecuritymonitoring</span></a> <a href="https://infosec.exchange/tags/OT" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>OT</span></a> <a href="https://infosec.exchange/tags/ICS" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>ICS</span></a> <a href="https://infosec.exchange/tags/icssecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>icssecurity</span></a> <a href="https://infosec.exchange/tags/CyberSecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>CyberSecurity</span></a> <a href="https://infosec.exchange/tags/Cyber" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Cyber</span></a> <a href="https://infosec.exchange/tags/Infosec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Infosec</span></a> <a href="https://infosec.exchange/tags/INL" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>INL</span></a> <a href="https://infosec.exchange/tags/DHS" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>DHS</span></a> <a href="https://infosec.exchange/tags/CISA" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>CISA</span></a> <a href="https://infosec.exchange/tags/CISAgov" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>CISAgov</span></a></p>
OpenSearch Project<p>Tackle the optimization of hybrid search in a systematic way and train models that dynamically predict the best way to run hybrid search in your search application. <a href="https://fosstodon.org/tags/OpenSearch" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>OpenSearch</span></a> <a href="https://buff.ly/40fXivR" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="">buff.ly/40fXivR</span><span class="invisible"></span></a></p>
OpenSearch Project<p>Submit a proposal for this year's <a href="https://fosstodon.org/tags/OpenSearchCon" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>OpenSearchCon</span></a> EU! Suggested topics are 'Search', 'Analytics, Security, and Observability', 'Community', and 'Operating <a href="https://fosstodon.org/tags/OpenSearch" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>OpenSearch</span></a>' <br><a href="https://buff.ly/4086Xo0" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="">buff.ly/4086Xo0</span><span class="invisible"></span></a></p>
Seth Grover<p><a href="https://github.com/cisagov/Malcolm/releases/tag/v24.12.0" rel="nofollow noopener noreferrer" target="_blank">Malcolm v24.12.0</a> contains several improvements to the Malcolm configuration script, the Malcolm user interface, and the Malcolm API, as well as component version updates and bug fixes. This release also corresponds with the release of <a href="https://github.com/idaholab/Malcolm-Test" rel="nofollow noopener noreferrer" target="_blank"><code>malcolm-test</code></a>, a Malcolm system testing framework.</p><p><a href="https://malcolm.fyi/" rel="nofollow noopener noreferrer" target="_blank">Malcolm</a> is a powerful, easily deployable network traffic analysis tool suite for network security monitoring.</p><p>Malcolm operates as a cluster of containers 📦, isolated sandboxes which each serve a dedicated function of the system. This makes Malcolm deployable with frameworks like Docker, <a href="https://malcolm.fyi/docs/quickstart.html#DockerVPodman" rel="nofollow noopener noreferrer" target="_blank">Podman</a>, and <a href="https://malcolm.fyi/docs/kubernetes.html#Kubernetes" rel="nofollow noopener noreferrer" target="_blank">Kubernetes</a>. Check out the <a href="https://malcolm.fyi/docs/quickstart.html" rel="nofollow noopener noreferrer" target="_blank">Quick Start</a> guide for examples on how to get up and running.</p><p>Alternatively, dedicated official <a href="https://malcolm.fyi/docs/malcolm-hedgehog-e2e-iso-install.html#InstallationExample" rel="nofollow noopener noreferrer" target="_blank">ISO installer images</a> 💿 for Malcolm and Hedgehog Linux can be downloaded from Malcolm's <a href="https://github.com/cisagov/Malcolm/releases" rel="nofollow noopener noreferrer" target="_blank">releases page</a> on GitHub. Due to limits on individual files in GitHub releases, these ISO files have been split 🪓 into 2GB chunks and can be reassembled with scripts provided for both Bash 🐧 (<a href="https://github.com/cisagov/Malcolm/blob/main/scripts/release_cleaver.sh" rel="nofollow noopener noreferrer" target="_blank"><code>release_cleaver.sh</code></a>) and PowerShell 🪟 (<a href="https://github.com/cisagov/Malcolm/blob/main/scripts/release_cleaver.ps1" rel="nofollow noopener noreferrer" target="_blank"><code>release_cleaver.ps1</code></a>). See <a href="https://malcolm.fyi/docs/download.html#DownloadISOs" rel="nofollow noopener noreferrer" target="_blank"><strong>Downloading Malcolm - Installer ISOs</strong></a> for instructions.</p><p>As always, join us on the <a href="https://github.com/cisagov/Malcolm/discussions" rel="nofollow noopener noreferrer" target="_blank">Malcolm discussions board</a> 💬 to engage with the community, or pop some corn 🍿 and <a href="https://www.youtube.com/@malcolmnetworktrafficanalysis/playlists" rel="nofollow noopener noreferrer" target="_blank">watch a video</a> 📼. More videos are <a href="https://github.com/cisagov/Malcolm/wiki/Learning" rel="nofollow noopener noreferrer" target="_blank">coming soon</a>.</p><p><a href="https://github.com/cisagov/Malcolm/compare/v24.11.0...v24.12.0" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">github.com/cisagov/Malcolm/com</span><span class="invisible">pare/v24.11.0...v24.12.0</span></a></p><ul><li>✨ Features and enhancements<ul><li>Creation of a <a href="https://github.com/idaholab/Malcolm-Test" rel="nofollow noopener noreferrer" target="_blank">Malcolm system testing framework</a> (<a href="https://github.com/cisagov/Malcolm/issues/486" rel="nofollow noopener noreferrer" target="_blank">#486</a>)</li><li>Added a number of <a href="https://github.com/idaholab/Malcolm/blob/main/shared/bin/zeek_install_plugins.sh" rel="nofollow noopener noreferrer" target="_blank">Zeek packages</a> to detect various CVEs</li><li>Improvements to the <a href="https://malcolm.fyi/docs/api-indices.html" rel="nofollow noopener noreferrer" target="_blank">Indices</a>, <a href="https://mmguero-dev.github.io/Malcolm/docs/api-ready.html" rel="nofollow noopener noreferrer" target="_blank">Ready</a>, and <a href="https://malcolm.fyi/docs/api-ingest-stats.html" rel="nofollow noopener noreferrer" target="_blank">Document Ingest Statistics</a> APIs</li><li>Use new arkime tag-hiding feature to hide <code>netbox</code> tag from UI (<a href="https://github.com/cisagov/Malcolm/issues/495" rel="nofollow noopener noreferrer" target="_blank">#495</a>)</li><li>Provide configuration script options for pulling from threat intel feeds (<a href="https://github.com/cisagov/Malcolm/issues/532" rel="nofollow noopener noreferrer" target="_blank">#532</a>)</li><li>Prompt during configuration whether to enable capture statistics (<a href="https://github.com/cisagov/Malcolm/issues/504" rel="nofollow noopener noreferrer" target="_blank">#504</a>)</li><li>Add additional EVTX fields to index template (<a href="https://github.com/cisagov/Malcolm/issues/525" rel="nofollow noopener noreferrer" target="_blank">#525</a>) and minor improvements to normalization</li><li>Add simple readiness indicator to upload page (<a href="https://github.com/cisagov/Malcolm/issues/528" rel="nofollow noopener noreferrer" target="_blank">#528</a>)</li><li>Add option to upload page to disable NetBox enrichment for the currently-uploaded batch of PCAPs</li><li>Expose more of the Logstash API passthrough to the <a href="https://malcolm.fyi/docs/api.html#API" rel="nofollow noopener noreferrer" target="_blank">Malcolm API</a></li></ul></li><li>✅ Component version updates<ul><li>Arkime to <a href="https://github.com/arkime/arkime/blob/979a843b206f0087090864c3f7b8fe3d2e9ae399/CHANGELOG#L49-L64" rel="nofollow noopener noreferrer" target="_blank">v5.5.1</a></li><li>capa to <a href="https://github.com/mandiant/capa/releases/tag/v8.0.1" rel="nofollow noopener noreferrer" target="_blank">v8.0.1</a></li><li>elasticearch-dsl Python library to <a href="https://github.com/elastic/elasticsearch-dsl-py/releases/tag/v8.17.0" rel="nofollow noopener noreferrer" target="_blank">v8.17.0</a></li><li>elasticsearch Python library to <a href="https://github.com/elastic/elasticsearch-py/releases/tag/v8.17.0" rel="nofollow noopener noreferrer" target="_blank">v8.17.0</a></li><li>Fluent Bit to <a href="https://github.com/fluent/fluent-bit/releases/tag/v3.2.2" rel="nofollow noopener noreferrer" target="_blank">v3.2.2</a></li><li>NetBox to <a href="https://github.com/netbox-community/netbox/releases" rel="nofollow noopener noreferrer" target="_blank">v4.1.8</a> (major update from the v4.0.x series, see <a href="https://github.com/cisagov/Malcolm/issues/496" rel="nofollow noopener noreferrer" target="_blank">#496</a>)</li><li>opensearch-py Python library to <a href="https://github.com/opensearch-project/opensearch-py/releases/tag/v2.8.0" rel="nofollow noopener noreferrer" target="_blank">v2.8.0</a></li><li>yq to <a href="https://github.com/mikefarah/yq/releases/tag/v4.44.6" rel="nofollow noopener noreferrer" target="_blank">v4.44.6</a></li><li>Zeek to <a href="https://github.com/zeek/zeek/releases/tag/v7.0.5" rel="nofollow noopener noreferrer" target="_blank">v7.0.5</a> (security and bugfix release)</li></ul></li><li>🐛 Bug fixes<ul><li>Zeek DNS records don't open correctly in Arkime sessions (<a href="https://github.com/cisagov/Malcolm/issues/509" rel="nofollow noopener noreferrer" target="_blank">#509</a>)</li><li>Mandiant threat intel source doesn't get split correctly when using JSON zeek log format (<a href="https://github.com/cisagov/Malcolm/issues/494" rel="nofollow noopener noreferrer" target="_blank">#494</a>)</li><li>Set <code>indices.query.bool.max_clause_count</code> to 8192 to reflect maximum number of fields</li><li>Increase Java stack size (<code>-Xss</code>) for Logstash from <code>1536k</code> to <code>2048k</code></li><li>Minor fixes for parsing Zeek <code>intel.log</code> (some fields not named correctly with Zeek JSON-formatted logs)</li><li>Fixes to some Zeek <code>dns.log</code> parsing conflicts between <a href="https://www.elastic.co/guide/en/ecs/current/ecs-dns.html" rel="nofollow noopener noreferrer" target="_blank">ECS's DNS fields</a> and what the Arkime schema is expecting</li><li>Fixed setting the <code>Signature</code> <a href="https://malcolm.fyi/docs/severity.html#Severity" rel="nofollow noopener noreferrer" target="_blank">event severity tags</a></li></ul></li><li>🧹 Code and project maintenance<ul><li>Replaced hard-coded Malcolm version number in documentation markdown files with variable-based replacer populated during generation</li><li>Documentation and screenshot updates</li></ul></li></ul><p><a href="https://infosec.exchange/tags/Malcolm" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Malcolm</span></a> <a href="https://infosec.exchange/tags/HedgehogLinux" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>HedgehogLinux</span></a> <a href="https://infosec.exchange/tags/Zeek" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Zeek</span></a> <a href="https://infosec.exchange/tags/Arkime" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Arkime</span></a> <a href="https://infosec.exchange/tags/NetBox" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>NetBox</span></a> <a href="https://infosec.exchange/tags/OpenSearch" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>OpenSearch</span></a> <a href="https://infosec.exchange/tags/Elasticsearch" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Elasticsearch</span></a> <a href="https://infosec.exchange/tags/Suricata" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Suricata</span></a> <a href="https://infosec.exchange/tags/PCAP" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>PCAP</span></a> <a href="https://infosec.exchange/tags/NetworkTrafficAnalysis" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>NetworkTrafficAnalysis</span></a> <a href="https://infosec.exchange/tags/networksecuritymonitoring" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>networksecuritymonitoring</span></a> <a href="https://infosec.exchange/tags/OT" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>OT</span></a> <a href="https://infosec.exchange/tags/ICS" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>ICS</span></a> <a href="https://infosec.exchange/tags/icssecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>icssecurity</span></a> <a href="https://infosec.exchange/tags/CyberSecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>CyberSecurity</span></a> <a href="https://infosec.exchange/tags/Cyber" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Cyber</span></a> <a href="https://infosec.exchange/tags/Infosec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Infosec</span></a> <a href="https://infosec.exchange/tags/INL" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>INL</span></a> <a href="https://infosec.exchange/tags/DHS" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>DHS</span></a> <a href="https://infosec.exchange/tags/CISA" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>CISA</span></a> <a href="https://infosec.exchange/tags/CISAgov" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>CISAgov</span></a></p>
OpenWebSearch.eu<p>📣 Bringing what matters most to <a href="https://suma-ev.social/tags/Mattermost" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Mattermost</span></a>! </p><p>We invite you to join us on our Mattermost community channel, because an active, engaging community of open search enthusiasts is a crucial building block for our future success! </p><p>To sign up and join, simply follow the instructions as given here: <br><a href="https://openwebsearch.eu/community/ows-eu-community-on-mattermost/" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">openwebsearch.eu/community/ows</span><span class="invisible">-eu-community-on-mattermost/</span></a></p><p>We hope to see you on our community board very soon! 😀</p><p><a href="https://suma-ev.social/tags/opensearch" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>opensearch</span></a> <a href="https://suma-ev.social/tags/nextgenerationinternet" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>nextgenerationinternet</span></a> <a href="https://suma-ev.social/tags/ngi" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>ngi</span></a></p>
The Linux Foundation<p>In this inspiring keynote, Anandhi Bumstead, Director of Software Development at the OpenSearch Project, takes us through OpenSearch’s journey—from a fork of Elasticsearch to an innovation hub for search, analytics, and AI. </p><p>Learn more: <a href="https://opensearch.org/blog/driving-community-contributions/" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">opensearch.org/blog/driving-co</span><span class="invisible">mmunity-contributions/</span></a><br><a href="https://social.lfx.dev/tags/OpenSearch" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>OpenSearch</span></a> <a href="https://social.lfx.dev/tags/OpenSource" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>OpenSource</span></a> <a href="https://social.lfx.dev/tags/AWS" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>AWS</span></a> <a href="https://social.lfx.dev/tags/AI" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>AI</span></a></p>
OpenWebSearch.eu<p>🤩 The time has come - we are kicking off our new <a href="https://suma-ev.social/tags/webinar" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>webinar</span></a> series next week! </p><p>As part of our December <a href="https://suma-ev.social/tags/CommunityUpdate" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>CommunityUpdate</span></a> we invite you to join the webinar "Hands-on utilization of the Open Web Crawler – OWI onboarding" with Michael Dinzinger and Saber Zerhoudi – both from University of Passau.</p><p>When: 2nd December, 15:00-16:15 CET <br>Where: Online via Big Blue Button <br>Register here: <a href="https://openwebsearch.eu/community/owseu-community-updates/" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">openwebsearch.eu/community/ows</span><span class="invisible">eu-community-updates/</span></a></p><p><a href="https://suma-ev.social/tags/opensearch" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>opensearch</span></a> <a href="https://suma-ev.social/tags/openwebsearch" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>openwebsearch</span></a> <a href="https://suma-ev.social/tags/nextgenerationinternet" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>nextgenerationinternet</span></a> <a href="https://suma-ev.social/tags/ngi" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>ngi</span></a></p>
ExploreLive feeds
Mastodon is the best way to keep up with what's happening.
Follow anyone across the fediverse and see it all in chronological order. No algorithms, ads, or clickbait in sight.
Create accountLoginDrag & drop to upload