Framapiaf

0 message0 participant0 message aujourd’hui

Eric HorwathWhich <a href="https://hachyderm.io/tags/logging" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#logging</a> system do you prefer for managing logs in <a href="https://hachyderm.io/tags/Kubernetes" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Kubernetes</a>?<a href="https://hachyderm.io/tags/k8s" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#k8s</a> <a href="https://hachyderm.io/tags/log" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#log</a> <a href="https://hachyderm.io/tags/LogManagement" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#LogManagement</a> <a href="https://hachyderm.io/tags/logs" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#logs</a> <a href="https://hachyderm.io/tags/kibana" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#kibana</a> <a href="https://hachyderm.io/tags/elastic" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#elastic</a> <a href="https://hachyderm.io/tags/elasticsearch" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#elasticsearch</a> <a href="https://hachyderm.io/tags/opensearch" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#opensearch</a> <a href="https://hachyderm.io/tags/fluent" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#fluent</a> <a href="https://hachyderm.io/tags/fluent2" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#fluent2</a> <a href="https://hachyderm.io/tags/fluentbit" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#fluentbit</a> <a href="https://hachyderm.io/tags/fluentd" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#fluentd</a> <a href="https://hachyderm.io/tags/logstash" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#logstash</a> <a href="https://hachyderm.io/tags/kafka" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#kafka</a> <a href="https://hachyderm.io/tags/grafana" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#grafana</a> <a href="https://hachyderm.io/tags/loki" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#loki</a> <a href="https://hachyderm.io/tags/promtail" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#promtail</a> <a href="https://hachyderm.io/tags/cncf" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#cncf</a>

anil visualpath🔗 Join Now: <a href="https://meet.goto.com/162495453" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://meet.goto.com/162495453</a> 👉 Attend Online <a href="https://mastodon.social/tags/NewBatch" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#NewBatch</a> from Visualpath on <a href="https://mastodon.social/tags/SiteReliabilityEngineering" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#SiteReliabilityEngineering</a> (SRE)👨‍🏫 by Mr. karn (Best Industry Expert). 📅 Batch ON: 11/03/2025 <a href="https://mastodon.social/@8am" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@8am</a> IST 📲 Contact us: +91 7032290546 🌐 Visit: <a href="https://www.visualpath.in/online-site-reliability-engineering-training.html" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://www.visualpath.in/online-site-reliability-engineering-training.html</a> 👉 WhatsApp: <a href="https://wa.me/c/917032290546" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://wa.me/c/917032290546</a> 🌐 Visit Blog: <a href="https://visualpathblogs.com/category/site-reliability-engineering/" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://visualpathblogs.com/category/site-reliability-engineering/</a>📢 <a href="https://mastodon.social/tags/Terraform" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Terraform</a> <a href="https://mastodon.social/tags/ansible" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#ansible</a> <a href="https://mastodon.social/tags/Kibana" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Kibana</a> <a href="https://mastodon.social/tags/newrelic" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#newrelic</a> <a href="https://mastodon.social/tags/linux" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#linux</a> <a href="https://mastodon.social/tags/DevOps" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#DevOps</a> <a href="https://mastodon.social/tags/slack" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#slack</a> <a href="https://mastodon.social/tags/onlinetraining" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#onlinetraining</a> <a href="https://mastodon.social/tags/education" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#education</a> <a href="https://mastodon.social/tags/newtechnology" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#newtechnology</a> <a href="https://mastodon.social/tags/traininginstitute" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#traininginstitute</a> <a href="https://mastodon.social/tags/learning" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#learning</a>

CybernewsSoftware giant Elastic rolled out security updates, warning users of a critical vulnerability in Kibana's data visualization dashboard.<a href="https://infosec.exchange/tags/malware" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#malware</a> <a href="https://infosec.exchange/tags/bug" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#bug</a> <a href="https://infosec.exchange/tags/Kibana" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Kibana</a> <a href="https://infosec.exchange/tags/vulnerability" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#vulnerability</a> <a href="https://cnews.link/critical-kibana-vulnerability-remote-code-execution-1/" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://cnews.link/critical-kibana-vulnerability-remote-code-execution-1/</a>

securityaffairs<a href="https://infosec.exchange/tags/Elastic" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Elastic</a> patches critical <a href="https://infosec.exchange/tags/Kibana" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Kibana</a> flaw allowing code execution <a href="https://securityaffairs.com/174999/security/elastic-kibana-critical-flaw.html" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://securityaffairs.com/174999/security/elastic-kibana-critical-flaw.html</a> <a href="https://infosec.exchange/tags/securityaffairs" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#securityaffairs</a> <a href="https://infosec.exchange/tags/hacking" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#hacking</a>

anil visualpath🔗 Join now: <a href="https://bit.ly/4igasPB" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://bit.ly/4igasPB</a> 👉 Meeting ID: 463 001 180553 👉 Passcode: xV2xf9vM 👉 Attend Online <a href="https://mastodon.social/tags/FreeDemo" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#FreeDemo</a> from Visualpath on <a href="https://mastodon.social/tags/SiteReliabilityEngineering" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#SiteReliabilityEngineering</a> (SRE) by 👨‍🏫 Mr. Karn (Best Industry Expert). 📅 Demo on: 08/03/2025 <a href="https://mastodon.social/@9am" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@9am</a> IST 📲 Contact us: +91 7032290546 🌐 Visit: <a href="https://www.visualpath.in/online-site-reliability-engineering-training.html" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://www.visualpath.in/online-site-reliability-engineering-training.html</a>📢 <a href="https://mastodon.social/tags/Terraform" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Terraform</a> <a href="https://mastodon.social/tags/ansible" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#ansible</a> <a href="https://mastodon.social/tags/Kibana" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Kibana</a> <a href="https://mastodon.social/tags/newrelic" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#newrelic</a> <a href="https://mastodon.social/tags/linux" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#linux</a> <a href="https://mastodon.social/tags/DevOps" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#DevOps</a> <a href="https://mastodon.social/tags/slack" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#slack</a> <a href="https://mastodon.social/tags/onlinetraining" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#onlinetraining</a> <a href="https://mastodon.social/tags/education" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#education</a> <a href="https://mastodon.social/tags/newtechnology" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#newtechnology</a>

anil visualpath🔗 Join now: <a href="https://bit.ly/4igasPB" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://bit.ly/4igasPB</a> 👉 Meeting ID: 463 001 180553 👉 Passcode: xV2xf9vM 👉 Attend Online <a href="https://mastodon.social/tags/FreeDemo" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#FreeDemo</a> from Visualpath on <a href="https://mastodon.social/tags/SiteReliabilityEngineering" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#SiteReliabilityEngineering</a> (SRE) by 👨‍🏫 Mr. Preet (Best Industry Expert). 📅 Demo on: 08/03/2025 <a href="https://mastodon.social/@9am" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@9am</a> IST 📲 Contact us: +91 7032290546 🌐 Visit: <a href="https://www.visualpath.in/online-site-reliability-engineering-training.html" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://www.visualpath.in/online-site-reliability-engineering-training.html</a> 👉 WhatsApp: <a href="https://wa.me/c/917032290546" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://wa.me/c/917032290546</a> 🌐 Visit Blog: <a href="https://visualpathblogs.com/category/site-reliability-engineering/" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://visualpathblogs.com/category/site-reliability-engineering/</a>📢 <a href="https://mastodon.social/tags/Terraform" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Terraform</a> <a href="https://mastodon.social/tags/ansible" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#ansible</a> <a href="https://mastodon.social/tags/Kibana" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Kibana</a> <a href="https://mastodon.social/tags/newrelic" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#newrelic</a> <a href="https://mastodon.social/tags/linux" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#linux</a> <a href="https://mastodon.social/tags/DevOps" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#DevOps</a> <a href="https://mastodon.social/tags/slack" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#slack</a> <a href="https://mastodon.social/tags/onlinetraining" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#onlinetraining</a> <a href="https://mastodon.social/tags/education" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#education</a> <a href="https://mastodon.social/tags/newtechnology" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#newtechnology</a> <a href="https://mastodon.social/tags/traininginstitute" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#traininginstitute</a>

anil visualpath<a href="https://mastodon.social/tags/Visualpath" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Visualpath</a> offers <a href="https://mastodon.social/tags/sitereliabilityengineering" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#sitereliabilityengineering</a> Online Training in Bangalore with expert-led, job-oriented training and real-time projects.Our SRE Certification Course includes daily recorded sessions, 24/7 access, and resume preparation support. Enroll now or call +91-7032290546 for a free demo! 🌐 Visit: <a href="https://www.visualpath.in/online-site-reliability-engineering-training.html" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://www.visualpath.in/online-site-reliability-engineering-training.html</a> 👉 WhatsApp: <a href="https://wa.me/c/917032290546" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://wa.me/c/917032290546</a> 🌐 Visit Blog: <a href="https://visualpathblogs.com/category/site-reliability-engineering/" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://visualpathblogs.com/category/site-reliability-engineering/</a><a href="https://mastodon.social/tags/Terraform" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Terraform</a> <a href="https://mastodon.social/tags/ansible" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#ansible</a> <a href="https://mastodon.social/tags/Kibana" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Kibana</a> <a href="https://mastodon.social/tags/newrelic" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#newrelic</a> <a href="https://mastodon.social/tags/linux" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#linux</a> <a href="https://mastodon.social/tags/DevOps" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#DevOps</a>

Philipp Krennrunning <a href="https://mastodon.social/tags/elasticsearch" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#elasticsearch</a> + <a href="https://mastodon.social/tags/kibana" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#kibana</a> preview releases just got a lot easier: `curl -fsSL <a href="https://elastic.co/start-local" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://elastic.co/start-local</a> | sh -s -- -v 9.0.0-beta1` 🙌or also older versions for testing: `curl -fsSL <a href="https://elastic.co/start-local" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://elastic.co/start-local</a> | sh -s -- -v 7.17.27`no need for my hack any more 😅

anil visualpath<a href="https://mastodon.social/tags/Visualpath" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Visualpath</a>, a leading <a href="https://mastodon.social/tags/sitereliabilityengineerEngineering" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#sitereliabilityengineerEngineering</a> Training Online in Bangalore offers expert-led courses with real-time projects. Get Daily Recorded Sessions for Reference and 24/7 Access to Recorded Sessions for flexible learning. Our SRE online courses are globally accessible in the USA, UK, Canada, Dubai, and Australia. Enroll now or call +91-7032290546 for a free demo! Visit: <a href="https://www.visualpath.in/online-site-reliability-engineering-training.html" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://www.visualpath.in/online-site-reliability-engineering-training.html</a><a href="https://mastodon.social/tags/Terraform" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Terraform</a> <a href="https://mastodon.social/tags/ansible" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#ansible</a> <a href="https://mastodon.social/tags/Kibana" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Kibana</a> <a href="https://mastodon.social/tags/newrelic" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#newrelic</a> <a href="https://mastodon.social/tags/linux" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#linux</a>

Philipp Krennsince I keep running into the question: how do I stay up to date with releases?for every project that does releases on <a href="https://mastodon.social/tags/GitHub" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#GitHub</a> (like <a href="https://mastodon.social/tags/elasticsearch" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#elasticsearch</a>, <a href="https://mastodon.social/tags/kibana" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#kibana</a>,... but also countless others), you can watch "custom" events and then only select "releases". you'll only get release updates

Andreas GohrIs there really no simple <a href="https://octodon.social/tags/ElasticSearch" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#ElasticSearch</a> client ala <a href="https://octodon.social/tags/adminer" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#adminer</a> or <a href="https://octodon.social/tags/phpmyadmin" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#phpmyadmin</a> that lets me poke at a ElasticSearch index to just verify what's there? I seriously have no idea what 95% of what <a href="https://octodon.social/tags/Kibana" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Kibana</a> even does. And yes I know I can poke around using curl, but I would really appreciate a very simple web interface.

Philipp Krennthe stars are back for <a href="https://mastodon.social/tags/elasticsearch" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#elasticsearch</a>, <a href="https://mastodon.social/tags/kibana" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#kibana</a>,...⭐️ after the accidental change to make things too secure 🫠, the last piece of the github restore of all the public elastic repos is finally done. also big thanks to @github to working this out with us

Philipp Krennwe're deprecating <a href="https://mastodon.social/tags/kibana" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#kibana</a> for macOS x86_64 🪦 aarch / ARM64 are of course staying around and docker images will work on both architectures. since apple switched to the M* CPUs a while ago and other projects like pytorch stopped supporting x86_64 earlier, we'll follow. both the hardware and our dependencies (like Node.js) are becoming an issue shout if we're overlooking something here and this is a bigger issue than expected for you for some reason!

Philipp Krennwe wanted to make things better (more secure) but we took some elastic github repos private in error including <a href="https://mastodon.social/tags/elasticsearch" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#elasticsearch</a> and <a href="https://mastodon.social/tags/kibana" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#kibana</a> hold tight — we'll get this sorted out with github 🤞<a href="https://twitter.com/ElasticStatus/status/1851239606492225663" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://twitter.com/ElasticStatus/status/1851239606492225663</a>

Philipp Krennwhat is the easiest way to run <a href="https://mastodon.social/tags/elasticsearch" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#elasticsearch</a> and <a href="https://mastodon.social/tags/kibana" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#kibana</a>? curl -fsSL <a href="https://elastic.co/start-local" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://elastic.co/start-local</a> | shand this is what it looks like:

benzogaga33 :verified:Revue de presse de l’April pour la semaine 36 de l’année 2024 <a href="https://linuxfr.org/news/revue-de-presse-de-l-april-pour-la-semaine-36-de-l-annee-2024" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://linuxfr.org/news/revue-de-presse-de-l-april-pour-la-semaine-36-de-l-annee-2024</a> <a href="https://mamot.fr/tags/cour_des_comptes" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#cour_des_comptes</a> <a href="https://mamot.fr/tags/revue_de_presse" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#revue_de_presse</a> <a href="https://mamot.fr/tags/elasticsearch" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#elasticsearch</a> <a href="https://mamot.fr/tags/Internet" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Internet</a> <a href="https://mamot.fr/tags/kibana" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#kibana</a>

Sam Stepanyan :verified: 🐘<a href="https://infosec.exchange/tags/Elastic" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Elastic</a>: Critical <a href="https://infosec.exchange/tags/Kibana" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Kibana</a> Vulnerabilities (CVE-2024-37288, CVE-2024-37285) Expose Systems to Arbitrary Code Execution potentially leading to complete system compromise. Both CVEs are related to YAML <a href="https://infosec.exchange/tags/Deserialization" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Deserialization</a>. Patch now - Upgrade to Kibana v8.15.1: 👇 <a href="https://securityonline.info/critical-kibana-flaws-cve-2024-37288-cve-2024-37285-expose-systems-to-arbitrary-code-execution/" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://securityonline.info/critical-kibana-flaws-cve-2024-37288-cve-2024-37285-expose-systems-to-arbitrary-code-execution/</a><a href="https://securityonline.info/critical-kibana-flaws-cve-2024-37288-cve-2024-37285-expose-systems-to-arbitrary-code-execution/" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://securityonline.info/critical-kibana-flaws-cve-2024-37288-cve-2024-37285-expose-systems-to-arbitrary-code-execution/</a>

Philipp Krennif you have made it this far and want to see how this all maps to <a href="https://mastodon.social/tags/elasticsearch" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#elasticsearch</a> + <a href="https://mastodon.social/tags/kibana" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#kibana</a>, the following image from the FAQ (<a href="https://elastic.co/pricing/faq/licensing" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://elastic.co/pricing/faq/licensing</a>) is the best description, which should clear up most of the confusion 8/10

Philipp Krennthe <a href="https://mastodon.social/tags/elastic" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#elastic</a> addition of the <a href="https://mastodon.social/tags/opensource" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#opensource</a> AGPL is in progress — actually <a href="https://mastodon.social/tags/kibana" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#kibana</a> is starting: <a href="https://github.com/elastic/kibana/pull/192025" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://github.com/elastic/kibana/pull/192025</a> this is a friday evening operation since it changes ~20K files and will cause conflicts in many open PRs since it's a confusing and very emotional topic, let's see where things are going 1/10

🛡 H3lium@infosec.exchange/:~# :blinking_cursor:Critical Kibana Vulnerability - Arbitrary Code Execution via YAML DeserializationDate: September 5, 2024 CVE: CVE-2024-37285 Vulnerability Type: Deserialization of Untrusted Data CWE: [[CWE-502]] Sources: <a href="https://discuss.elastic.co/t/kibana-8-15-1-security-update-esa-2024-27-esa-2024-28/366119" rel="nofollow noopener noreferrer" target="_blank">Elastic Security Advisory</a>SynopsisCVE-2024-37285 impacts Kibana versions 8.10.0 to 8.15.0, where a deserialization flaw allows remote code execution if an attacker injects malicious YAML payloads. This vulnerability requires that an attacker has elevated Elasticsearch and Kibana privileges.Issue SummaryThe vulnerability arises from improper YAML deserialization within Kibana. A malicious actor can craft a YAML payload and execute arbitrary code, provided they have specific Elasticsearch index and Kibana privileges. This issue affects Kibana from versions 8.10.0 through 8.15.0 and is critical due to its ease of exploitation and the potential for widespread impact.Technical Key FindingsAttackers exploit this flaw by submitting a specially crafted YAML document that Kibana deserializes without proper validation. Once the malicious code is parsed, it can run on the server with elevated privileges, enabling arbitrary code execution. The attacker must have the following Elasticsearch indices permissions; <ul><li><code>write</code> access to system indices <code>.kibana_ingest*</code> </li><li>The <code>allow_restricted_indices</code> flag needs to be set to <code>true</code></li></ul>The attacker must also have ANY of the following Kibana privileges; <ul><li>Under <code>Fleet</code> the <code>All</code> privilege is granted</li><li>Under <code>Integration</code> the <code>Read</code> or <code>All</code> privilege is granted</li><li>Access to the <code>fleet-setup</code> privilege is gained through the Fleet Server’s service account token## Vulnerable Products</li><li>Kibana versions 8.10.0 to 8.15.0.</li></ul>Impact AssessmentSuccessful exploitation could allow an attacker to execute arbitrary commands, leading to a complete system compromise. This could affect confidentiality, integrity, and availability, making it a high-risk issue for organizations relying on Kibana for data visualization and exploration.Patches or WorkaroundUpgrading to Kibana version 8.15.1 resolves this vulnerability. Additionally, limiting access to Elasticsearch indices and restricting Kibana privileges reduces exposure.Tags<a href="https://infosec.exchange/tags/CVE" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#CVE</a>-2024-37285 <a href="https://infosec.exchange/tags/Kibana" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Kibana</a> <a href="https://infosec.exchange/tags/ArbitraryCodeExecution" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#ArbitraryCodeExecution</a> <a href="https://infosec.exchange/tags/YAML" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#YAML</a> <a href="https://infosec.exchange/tags/Deserialization" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Deserialization</a> <a href="https://infosec.exchange/tags/ElasticStack" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#ElasticStack</a> <a href="https://infosec.exchange/tags/CyberSecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#CyberSecurity</a>

Recherches récentes

Options de recherche

Administré par :

Statistiques du serveur :

#kibana