LME v2.1.0

[2.1.0] - Timberrrrr! - 2025-06-13

What's Changed

Elasticsearch Upgrade Support

LME now provides robust support for upgrading Elasticsearch in line with new versions of Elastic.

• Includes tested procedures for upgrade, rollback, and backup.
• Ensures continued compatibility with Elastic features while maintaining data integrity.

Updates to Install Automations

The Ansible playbooks utilized for installing LME have been modularized, enabling a streamlined, one-click installation process across various Linux distributions. Supported distributions include:

• Ubuntu 22.04
• Ubuntu 24.04
• Debian 12.10

This modular approach simplifies the deployment process, offering users greater flexibility and efficiency across different environments.

Documentation Repository Split

In a bid to enhance organization and contributor workflows, LME’s documentation is now maintained in a separate GitHub repository.

• Code and documentation are versioned and managed separately, ensuring clarity and ease of access.
• The new documentation repository can be found at this link and can also be found in the LME repository README.

SBOM Generation

LME now includes scripts for generating a Software Bill of Materials (SBOM) specific to each deployment.

• Output formats include SPDX (machine-readable) and syft-table (human-readable).

Sigma Rule Integration

LME now supports Sigma rules for detection use cases.

• Sigma rules are integrated into the native Kibana alert index.
• ElastAlert2 monitors the Kibana alert index and generates alerts based on Sigma rule matches.

Password Changer Enhancements

• Improvements have been made to the password changer script, ensuring it accurately updates credentials within containers.
• Supports more secure post-installation configuration and credential rotation.

Full Changelog: v2.0.2...v2.1.0