Arkime 3.0

Name Change, WISE UI, MultiViewer Selection Mode, API Organization and Documentation, Cross Cluster Shortcuts, Bug Fixes and More

We are excited to share that Arkime 3.0 is now available! This release includes an entirely new name (yay Arkime!), a whole new UI to configure WISE, basic Elastic Common Schema support, new MultiViewer selection mode, an Arkime viewer API rewrite with standardization and documentation, bug fixes, and much, much more. View a list of all the changes here.

Learn how to upgrade to 3.0 now!

Breaking Changes

  • Elasticsearch before 7.10 is not supported
  • All indices except for sessions2 and history will now start with arkime_ after upgrading if a prefix was not previously used
  • multies - The multiESNodes requires a name: and prefix: attribute per entry. Use prefix:arkime_ if not setting a prefix.
  • wise - custom sources will need to be modified to use the new javascript class design
  • wise - redis urls have a new standard format
  • wise - for json data keyColumn has been renamed keyPath
  • You may need to set the usersPrefix setting if your users index lives on a Arkime cluster that hasn't been upgraded to use arkime_ yet
  • ilm - you will need to run the db.pl ilm command again after upgrading

Name Change

Moloch has experienced significant growth and change and we thought this was a great time to change our name to Arkime. Learn more about our new name here. Our goals were to make the project approachable and to foster an inclusive and encouraging community. Throughout the application, the Moloch text has been changed to Arkime. We’ve also updated our logos and themes!

WISE UI

We have implemented an entirely new user interface for WISE configuration, WISE source creation and updates, and WISE statistics. This is a powerful new tool to help users get started with WISE or improve their WISE service without having to spend time on the configuration or source files. Learn more about this new UI and how to set it up here. If you’re just hearing about WISE for the first time, learn more here. We have also refactored WISE to use Javsscript classes and documented the classes and WISE APIs here.

MultiViewer Selection Mode

You can now run Arkime Viewer in MultiViewer Selection mode. In this mode, you can see a list of Arkime clusters and select which clusters to search against. Learn more about how to configure this setting here.

Viewer API Documentation and Standardization

We have taken the time to organize, standardize, and document our Arkime Viewer API endpoints. All exposed endpoints are documented here as well as many of the Arkime types that the APIs use or return. Each API endpoint now starts with /api while still supporting the old URL. We have organized the endpoint functions by grouping them into corresponding files and separating them from the Viewer application file.

Cross Cluster Shortcuts

Shortcuts can now be synced across all Arkime clusters! You no longer have to duplicate your shortcuts on each cluster. If you create a shortcut on one cluster, within 1 minute it will be synced to all the Arkime clusters. Learn more here.

MORE!

View a list of all the changes here.

Arkime Logo