hubble 3.0.7 releases: a modular, open-source security compliance framework
HubbleStack (Hubble for short) is a modular, open-source, security & compliance auditing framework which is built in python, using SaltStack as a library. It provides on-demand profile-based auditing, real-time security event notifications, alerting and reporting. It also reports security information to Splunk, Logstash, or other endpoints. HubbleStack is a free and open-source project made possible by Adobe.
Hubble supports success/fail auditing via a number of included modules. The codename for the audit piece of Hubble is “Nova.” Hubble can gather incredible amounts of raw data from your hosts for later analysis. The codename for the insights piece of Hubble is Nebula. It primarily uses osquery which allows you to query your system as if it were a database. Pulsar is designed to monitor for file system events, acting as a real-time File Integrity Monitoring (FIM) agent. Pulsar uses python-inotify to watch for these events and report them to your destination of choice.
- Users can now specify proxy using a single paramter
https_proxyin config file to configure proxy for azurefs fileserver as well as for splunk APIs
- Added support for Debian 10
- Fixed cloud_details grain when
http_proxyis set in environment variable
- Fixed intermediate return handling for splunk_fdg_return
- Fixed import issue in fdg.process
- Fixed default sourcetype issue
Copyright (C) 2014