Discussions

• 1 You must be logged in to vote

  😥

  Having trouble while booting up the OS 25.07.0 first time

  iso relating to the ISO-installed environment for Malcolm and/or Hedgehog

  rushikeshk155 asked Jul 31, 2025 in Troubleshooting · Unanswered

  

  

  1
• 1 You must be logged in to vote

  💭

  ICCP zeek plugin - need assistance

  zeek Relating to Malcolm's use of Zeek ics Relating to ICS (Industrial Control Systems) devices external Depends on a bug or feature external to this project

  Crubumble started Jul 31, 2025 in General Discussions

  

  

  0
• 1 You must be logged in to vote

  😥

  Bootable USB Errors during Installation

  iso relating to the ISO-installed environment for Malcolm and/or Hedgehog

  cullmancyber asked Jul 24, 2025 in Troubleshooting · Unanswered

  

  

  4
• 1 You must be logged in to vote

  🌟

  Malcolm v25.07.0

  mmguero announced Jul 30, 2025 in Releases

  

  

  0
• 1 You must be logged in to vote

  😥

  Opensearch backup for migration to Remote Opensearch Cluster

  opensearch Relating to Malcolm's use of OpenSearch performance Related to speed/performance

  GeoCoastie asked Jun 13, 2025 in Troubleshooting · Closed · Answered

  

  

  2
• 1 You must be logged in to vote

  ❓

  oinkcode (PRO code)

  enhancement New feature or request suricata Relating to Malcolm's use of Suricata

  y0d4a asked Jul 28, 2025 in Q&A · Closed · Answered

  

  

  4
• 1 You must be logged in to vote

  ❓

  accessing PCAP for processing remotely?

  upload Relating to PCAP and/or Zeek log ingestion

  mmguero asked Jul 24, 2025 in Q&A · Closed · Answered

  

  

  1
• 1 You must be logged in to vote

  🌟

  Malcolm v25.06.0

  mmguero announced Jun 23, 2025 in Releases · Closed

  

  

  0
• 1 You must be logged in to vote

  😥

  Zeek Intel Framework - TAXII autogen failing

  intel Related to integration with threat intel feeds

  bjamesschmitt asked Jul 15, 2025 in Troubleshooting · Unanswered

  

  

  

  

  17
• 2 You must be logged in to vote

  😮

  🏢 Malcolm "Office Hours"

  mmguero announced Mar 13, 2025 in General Announcements

  

  

  4
• 1 You must be logged in to vote

  ❓

  monitoring for data exfiltration

  dashboards Relating to Malcolm's OpenSearch Dashboards interface opensearch Relating to Malcolm's use of OpenSearch

  y0d4a asked Jul 12, 2025 in Q&A · Closed · Answered

  

  

  2
• 2 You must be logged in to vote

  💭

  Adding a Threshold Config File to Suppress Suricata Rules

  SzymekPL29 started Jul 3, 2025 in Tips and Tricks

  

  

  0
• 2 You must be logged in to vote

  💭

  Integrating Threat Detection with ACID framework and MMS Parser

  rayhan028 started Jun 11, 2025 in General Discussions

  

  

  0
• 1 You must be logged in to vote

  😥

  Running MALCOM with collection in containerized install

  capture Relating to pcap-capture container

  ldgrate asked Jun 10, 2025 in Troubleshooting · Closed · Answered

  

  

  2
• 1 You must be logged in to vote

  💭

  Opensearch user management

  enhancement New feature or request opensearch Relating to Malcolm's use of OpenSearch security Related to issues with bearing on the security of Malcolm itself

  DLLMyammy started Jun 4, 2025 in General Discussions

  

  

  1
• 1 You must be logged in to vote

  😥

  PCAP Files Filling up HardDrive

  capture Relating to pcap-capture container arkime Relating to Malcolm's use of Arkime

  DJNAT10 asked Jun 3, 2025 in Troubleshooting · Unanswered

  

  

  3
• 1 You must be logged in to vote

  😥

  Logstash SSL Error

  logstash Relating to Malcolm's use of Logstash sensor For issues dealing with the Hedgehog OS capture sensor

  GeoCoastie asked May 20, 2025 in Troubleshooting · Closed · Answered

  

  

  3
• 1 You must be logged in to vote

  😥

  NGINX Issue after updating from 25.03.1 -> 25.05.0

  arkime Relating to Malcolm's use of Arkime upgrade Related to the Malcolm/Hedgehog upgrade process

  SzymekPL29 asked May 28, 2025 in Troubleshooting · Closed · Answered

  

  

  3
• 1 You must be logged in to vote

  💭

  Arkime/Cluster Prefix (feature request?)

  enhancement New feature or request elastic Related to issue with external ElasticSearch/Kibana output arkime Relating to Malcolm's use of Arkime opensearch Relating to Malcolm's use of OpenSearch

  divinehawk started May 27, 2025 in General Discussions

  

  

  1
• 1 You must be logged in to vote

  😥

  Logstash zeek event failure

  zeek Relating to Malcolm's use of Zeek logstash Relating to Malcolm's use of Logstash sensor For issues dealing with the Hedgehog OS capture sensor

  divinehawk asked May 16, 2025 in Troubleshooting · Closed · Answered

  

  

  1
• 1 You must be logged in to vote

  ❓

  Malcolm and Suricata alert IP association issue

  suricata Relating to Malcolm's use of Suricata

  H-Dynamite asked Apr 29, 2025 in Q&A · Unanswered

  

  

  1
• 1 You must be logged in to vote

  ❓

  Transfer client certificate to Malcolm sensor

  dwade5 asked May 7, 2025 in Q&A · Closed · Answered

  

  

  4
• 1 You must be logged in to vote

  😥

  📢 🐛 NetBox regression in v25.04.1, update containing fix is forthcoming

  mmguero asked May 13, 2025 in Troubleshooting · Closed · Answered

  

  

  1
• 1 You must be logged in to vote

  🌟

  Malcolm v25.05.0

  mmguero announced May 15, 2025 in Releases · Closed

  

  

  0
• 1 You must be logged in to vote

  😥

  Missing Fields

  elastic Related to issue with external ElasticSearch/Kibana output

  devilman85 asked May 11, 2025 in Troubleshooting · Closed · Answered

  

  

  8