final tidy before release

.gitignore

@@ -1,3 +1,4 @@
+.DS_Store
 siem/resources/*
 siem/certs/*
 siem/conf/siem/config.ps1

README.md

@@ -11,7 +11,7 @@
     dP .dMP dMP.aMP dMP"AMF dMP dMP   dMP   dMP.aMP dMP dMP    
     VMMMP"  VMMMP" dMP dMP dMP dMP   dMP    VMMMP" dMP dMP     
 
-    v0.1 -- Caleb Anderson [email protected]
+    v0.1.0 INITIAL RELEASE 2020-08-24 -- Caleb Anderson [email protected]
 
 This project creates a drop in ELK SIEM component for use in a infosec redteam lab. It will install the ELK stack, register a trial, create TLS certificates, setup users, setup beat index templates etc etc. (see "Activities"). This is not designed to replace the excellent DetectionLab (https://github.com/clong/DetectionLab), but instead provide an easy to use, low configuration, drop-in component you can integrate into existing labs or use as part of custom redteam scenarios. 
 
@@ -210,6 +210,12 @@ replacing the 7.9.0 on the $VERSION= line with your ELK version.
 
 You should copy the generated template file to ./conf/winlogbeat/
 
+## TODO
+
+* Support for more data sources, EDRs etc with associated installers
+* Custom detection rules
+* ... your idea here? Get in touch!
+
 ## Contact
 
 Latest version: https://github.com/dirtyfilthy/siem-from-scratch

siem/helpers/logo.sh

@@ -12,7 +12,7 @@ VMMMP" dMP dMMMMMP dMP dMP dMP        dMP     dMP dMP  VMMMP" dMP dMP dMP
 dP .dMP dMP.aMP dMP"AMF dMP dMP   dMP   dMP.aMP dMP dMP    
 VMMMP"  VMMMP" dMP dMP dMP dMP   dMP    VMMMP" dMP dMP     
 
-v0.1 -- Caleb Anderson [email protected]
+v0.1.0 INITIAL RELEASE 2020-08-24 -- Caleb Anderson [email protected]
+
 
-                                                           
 '

siem/scripts/debian-install-siem.sh

@@ -29,7 +29,7 @@ check_kibana(){
 wait_for_kibana(){
 	TIMEOUT=$1
 	STARTTIME=$(date +%s)
-	echo "[?] waiting for kibana to start"
+	echo "[?] waiting for kibana to start (normally under 60 seconds)"
 	while ! check_kibana; do
 		CURRENTTIME=$(date +%s)
 		ELAPSED=$(expr $CURRENTTIME - $STARTTIME)