Jason Ertel

 Consider also adjusting the "optional components" setup screen to more helpful descriptions, such as (just ideas, not set in stone): - OSSEC FleetDM: Device management - WAZUH Host-based monitoring...

I suggested a similarly named high-level whitelist script called `so-deny` in https://github.com/Security-Onion-Solutions/securityonion/issues/4621.

Assigned to @weslambert to add more information about what problem this issue will solve, so that the implementer knows when it's complete.

I think it sounds like a good improvement. It would be good to document what the behavior is if an invalid color name or hex code is given, so that...

@thecatontheflat Once you complete the remaining checklist items I will merge this. It looks like you already completed the doc updates so that can probably be checked off, and I'm...

This is now implemented thanks to PR #88. However, it's not automated. It requires a manually set configuration parameter and care must be taken to ensure the parameter is disabled...

InfluxDB is rejecting the input, saying it's too much data. If you're hosting your own InfluxDB you could look into adjust the max request size. If you're using a cloud-hosted...

Good idea. The value for `endtime` likely needs to be a list in order for the rest of the `get_top_counts()` code to work, but yes, similar to your proposal. Feel...

Absolutely! This sounds like a very useful enhancement, as I've seen Emporia have a few short outages over the past couple of weeks.

I'm open to the suggestions. I'd like to see the implementation before merging it, of course. The way to do this is for you to: 1. First _fork_ the vuegraf...