Discussions

• 1 You must be logged in to vote

  ❓

  Malcolm - Landing Page

  cullmancyber asked Sep 2, 2025 in Q&A · Unanswered

  

  

  0
• 1 You must be logged in to vote

  😥

  Bootable USB Errors during Installation

  iso relating to the ISO-installed environment for Malcolm and/or Hedgehog

  cullmancyber asked Jul 24, 2025 in Troubleshooting · Unanswered

  

  

  13
• 2 You must be logged in to vote

  🌟

  Malcolm v25.08.1

  mmguero announced Aug 28, 2025 in Releases

  

  

  0
• 1 You must be logged in to vote

  😥

  Help: I can’t load Threat Intelligence via misp.yaml in Malcolm

  intel Related to integration with threat intel feeds

  mmguero asked Aug 21, 2025 in Troubleshooting · Closed · Answered

  

  

  2
• 1 You must be logged in to vote

  ❓

  Exporting/forwarding network traffic logs?

  y0d4a asked Aug 14, 2025 in Q&A · Closed · Answered

  

  

  3
• 1 You must be logged in to vote

  😥

  Hedgehog & Malcolm Communication is not happening

  sensor For issues dealing with the Hedgehog OS capture sensor

  rushikeshk155 asked Aug 7, 2025 in Troubleshooting · Closed · Answered

  

  

  5
• 1 You must be logged in to vote

  😥

  Zeek container startup is slow when using HDD and non-default UID/GID

  zeek Relating to Malcolm's use of Zeek docker Relating to docker and docker-compose as used by Malcolm performance Related to speed/performance

  H-Dynamite asked Aug 11, 2025 in Troubleshooting · Unanswered

  

  

  4
• 1 You must be logged in to vote

  💭

  [Blog post] Building a network traffic analysis system: Deploying Malcolm on Amazon EC2

  external Depends on a bug or feature external to this project cloud Relating to deployment of Malcolm in the cloud and/or with Kubernetes

  mmguero started Aug 12, 2025 in General Discussions

  

  

  0
• 1 You must be logged in to vote

  ❓

  Version of Suricata that is part of Malcolm

  krajeshwaran asked Aug 8, 2025 in Q&A · Closed · Answered

  

  

  2
• 1 You must be logged in to vote

  🌟

  Malcolm v25.08.0

  mmguero announced Aug 7, 2025 in Releases · Closed

  

  

  0
• 1 You must be logged in to vote

  😥

  Error starting graphical display with ISO-installed Malcolm on Gen 1 Hyper-V

  iso relating to the ISO-installed environment for Malcolm and/or Hedgehog

  rushikeshk155 asked Jul 31, 2025 in Troubleshooting · Closed · Answered

  

  

  6
• 1 You must be logged in to vote

  🌟

  Malcolm v25.07.0 (see note about regression bug)

  mmguero announced Jul 30, 2025 in Releases · Closed

  

  

  0
• 1 You must be logged in to vote

  💭

  ICCP zeek plugin - need assistance

  zeek Relating to Malcolm's use of Zeek ics Relating to ICS (Industrial Control Systems) devices external Depends on a bug or feature external to this project

  Crubumble started Jul 31, 2025 in General Discussions

  

  

  0
• 1 You must be logged in to vote

  😥

  Opensearch backup for migration to Remote Opensearch Cluster

  opensearch Relating to Malcolm's use of OpenSearch performance Related to speed/performance

  GeoCoastie asked Jun 13, 2025 in Troubleshooting · Closed · Answered

  

  

  2
• 1 You must be logged in to vote

  ❓

  oinkcode (PRO code)

  enhancement New feature or request suricata Relating to Malcolm's use of Suricata

  y0d4a asked Jul 28, 2025 in Q&A · Closed · Answered

  

  

  4
• 1 You must be logged in to vote

  ❓

  accessing PCAP for processing remotely?

  upload Relating to PCAP and/or Zeek log ingestion

  mmguero asked Jul 24, 2025 in Q&A · Closed · Answered

  

  

  1
• 1 You must be logged in to vote

  🌟

  Malcolm v25.06.0

  mmguero announced Jun 23, 2025 in Releases · Closed

  

  

  0
• 1 You must be logged in to vote

  😥

  Zeek Intel Framework - TAXII autogen failing

  intel Related to integration with threat intel feeds

  bjamesschmitt asked Jul 15, 2025 in Troubleshooting · Unanswered

  

  

  

  

  17
• 2 You must be logged in to vote

  😮

  🏢 Malcolm "Office Hours"

  mmguero announced Mar 13, 2025 in General Announcements

  

  

  4
• 1 You must be logged in to vote

  ❓

  monitoring for data exfiltration

  dashboards Relating to Malcolm's OpenSearch Dashboards interface opensearch Relating to Malcolm's use of OpenSearch

  y0d4a asked Jul 12, 2025 in Q&A · Closed · Answered

  

  

  2
• 2 You must be logged in to vote

  💭

  Adding a Threshold Config File to Suppress Suricata Rules

  SzymekPL29 started Jul 3, 2025 in Tips and Tricks

  

  

  0
• 2 You must be logged in to vote

  💭

  Integrating Threat Detection with ACID framework and MMS Parser

  rayhan028 started Jun 11, 2025 in General Discussions

  

  

  0
• 1 You must be logged in to vote

  😥

  Running MALCOM with collection in containerized install

  capture Relating to pcap-capture container

  ldgrate asked Jun 10, 2025 in Troubleshooting · Closed · Answered

  

  

  2
• 1 You must be logged in to vote

  💭

  Opensearch user management

  enhancement New feature or request opensearch Relating to Malcolm's use of OpenSearch security Related to issues with bearing on the security of Malcolm itself

  DLLMyammy started Jun 4, 2025 in General Discussions

  

  

  1
• 1 You must be logged in to vote

  😥

  PCAP Files Filling up HardDrive

  capture Relating to pcap-capture container arkime Relating to Malcolm's use of Arkime

  DJNAT10 asked Jun 3, 2025 in Troubleshooting · Unanswered

  

  

  3