CCF-VM 3.0

What's New

• Google Cloud Platform (GCP) Support!!!!
• CyLR 1.4.0
• CDQR 4.1.1
• Plaso 20171231
• OS Updates

Google Cloud Platform (GCP) Information

• Install Google Cloud SDK on host used to control GCP (laptop/desktop with Windows, MacOS or Linux that supports the GCP SDK)
• Download the CCF-VM Cloud image CCF-VM_3.0.tar.gz
• Run the following commands to install and log into CCF-VM Cloud

  gsutil mb gs://<GCP Storage Bucket Name>/
  gsutil cp CCF-VM_3.0.tar.gz gs://<GCP Storage Bucket Name>/CCF-VM_3.0.tar.gz
  gcloud compute images create ccf-vm-image --source-uri gs://<GCP Storage Bucket Name>/CCF-VM_3.0.tar.gz
  gcloud compute instances create ccf-vm --image ccf-vm-image --machine-type n1-standard-4 --zone <GCP zone>
  gcloud compute ssh ccf-vm --zone <GCP zone>

CCF-VM v2.2

What's New

• Updated CDQR to 4.0.1
• Updated CyLR to 1.3.3
• Created System Services and logging for:
  • Cerebro
  • TimeSketch
  • Celery
• Updated "update.sh" script that updates the OS, CDQR, CyLR with one command
• Uploading portion of TimeSketch web UI now works! (NOTE: Must change .db to .plaso for the database file to be recognized by TimeSketch)

CCF-VM v2.1

What's New

• Updated and many bug fixes

CCF-VM v2.0

What's New

• Added TimeSketch!!!!
• Includes Redis & MySQL as well
• Updated CDQR 4.0.0
• Replaced kopf with Cerebro for ElasticSearch DB
• Updated ElasticSearch
• Updated Kibana
• Changed to .zip archive format for the OVF for maximum compatibility
• Updated "update.sh" script that updates the OS, CDQR, CyLR in one click
  • https://github.com/rough007/CCF-VM/blob/master/update.sh
• Added Default Dashboards, Searches, and Visualizations for importing / recovery purposes
  • https://github.com/rough007/CCF-VM/blob/master/Default_Objects.json