Collect. Filter. Create.


Release Notes and News about Cyphon

Cyphon Release 1.6

We've just released Cyphon 1.6, featuring new search capabilities and more efficient Monitors.


Cyphon 1.6 adds a new search interface to your dashboard, so you can investigate alerts with greater flexibility and ease. You can now search both alerts and the data that triggered them, as well as relevant contextual data such as Bro logs. You can search based on collection, field value, and time frame.


We've also made significant improvements to how Monitors work. Monitors now poll for data instead of requiring data to be pushed to Cyphon, taking that burden off your servers.


Cyphon 1.6 also gives you greater control over the name of Distilleries. Now you can create your own human-readable names, so the data sources in your alert dashboard are more meaningful to you.

How to Upgrade

If you're running Cyphon 1.4 or earlier, follow instructions for upgrading your settings for Cyphon 1.5 before proceeding.

Update Django REST Framework Settings

Add DEFAULT_PAGINATION_CLASS to the REST_FRAMEWORK settings in your cyphon/settings/ file:

    'DEFAULT_PAGINATION_CLASS': 'rest_framework.pagination.PageNumberPagination',

Update Cyphondock

If you're using a Cyphondock deployment, you no longer need a monitor container (this functionality will now be handled by the celeryworker container instead). You should remove the monitor container from your docker-compose.yml file. See the latest version of Cyphondock on GitHub for example Docker Compose files.

Update Software

If you've installed Cyphon manually, you can download the new release from GitHub. If you're running a Cyphondock-deployment (including our Virtual Machine), you can update Cyphon by recreating your Docker containers with the latest images. Run the following commands from your cyphondock working directory:

docker pull dunbar/cyphon:latest
docker-compose down
docker-compose up -d --build