CloudShark Support

CloudShark 3.3

Release Type Release Number Release Date
Original CloudShark 3.3 May 16th, 2017
Maintenance Release #1 CloudShark 3.3.1 June 8th, 2017
Maintenance Release #2 CloudShark 3.3.2 July 10th, 2017
Maintenance Release #3 CloudShark 3.3.3 July 19th, 2017
Maintenance Release #4 CloudShark 3.3.4 July 26th, 2017

CloudShark 3.3 May 16th, 2017

Happy Spring!

We’ve been putting up with cold temperatures and a lot of rain here in New England and the sun is finally going to come out this week. To celebrate, we’re releasing our latest version of CloudShark and bringing our Threat Assessment add-on to our Enterprise customers.

Whether it’s WannaCry, Dridex, RIG or whatever the next one is going to be called, CloudShark can help you detect and analyze malware traffic and potential threats in your capture files. Use our built-in Suricata rules, or bring your own!

Visit our website to learn more about the Threat Assessment addon.

Contact if you’re interested in trying it out!

— CloudShark

New Features and Highlights

Threat Assessment add-on


CloudShark Threat Assessment is now available to Enterprise Customers! The add-on requires you first upgrade to CloudShark 3.3.

Read more about it and contact to start your evaluation.

Display Filter from Graphs

We’ve added a button to jump from a zoomed in selection of a bandwidth graph directly to those packets. CloudShark is able to compute a display filter for the visible time range over the active series. Zoom in, and click the “Apply as Display Filter” button to open a new tab with those packets.

Upgraded to latest TShark

CloudShark 3.2 includes the latest protocols and dissectors from the latest Wireshark 2.2 release. You can read the Wireshark release notes here.

Improved Offline Installation

For customers deploying CloudShark in an offline environment we have a new and improved offline installer. This new installer creates a local Yum repository to reduce the number of files that need to be downloaded and managed separately. It also saves packages to this repository needed to install the new Threat Assessment add-on to make starting an evaluation as easy as contacting for a trial license.

Bug fixes and other changes

  • Using new Markdown parser for comments and annotations
  • Fixes an issue with incorrect timestamps in some bandwidth graphs
  • Mitigated potential XSS with improved user-input filtering

Upgrade Instructions

Users upgrading from a version as old as CloudShark 2.8.x can run the following as root to perform the upgrade:

cloudshark-admin --install-latest

Please read the upgrade instructions if you are upgrading from an older version of CloudShark.

CloudShark 3.3.1 June 8th, 2017

CloudShark 3.3.1 fixes a regression in 3.3.0 where external-group mappings are not preserved for logged-in users. We recommend upgrading to CloudShark 3.3.1 if you are taking advantage of this feature.

CloudShark 3.3.2 July 10th, 2017

CloudShark 3.3.2 improves the Threat Details view within our latest add-on: CloudShark Threat Assessment. By grouping threats together by payload, we are able to reduce alert-clutter and show you the best analysis when multiple alerts trigger on the same payload.

From this view, you can now access the raw rule source describing what it triggered on, as well as all the other matching alerts. Additionally, it provides quick links to jump to other alerts for the same hosts, and streams.

Bugfixes and other changes

  • Removes support for exporting a graph to PDF. Please rely on the browser’s built-in functionality for that task. Export to SVG, PNG, and JPG is still supported.
  • Resolves problem importing multi-line comments from a PCAPNG formatted file
  • Fixes issue with flashing notifications in Threat Assessment Demo mode

CloudShark 3.3.3 June 19th, 2017

CloudShark 3.3.3 resolves a bug preventing guest upload from working in certain deployments. If you have enabled Guest Upload on your appliance, we recommend upgrading to 3.3.3 to prevent any problems with that functionality.

If Guest Upload is NOT enabled, there are no other changes in this release.

CloudShark 3.3.4 June 26th, 2017

CloudShark 3.3.4 introduces a minor, but incredibly useful new feature for people working with different kinds of capture files.

Column Presets

The “Profile” dialog for every capture file is where users can choose which summary columns they see when looking at a packet capture. Typically this has defaulted to a set of columns that was useful for most general analysis, but wasn’t ideal for specific jobs.

CloudShark 3.3.4 introduces a new preset drop-down containing a few specialized analysis profiles to choose from to do different types of analysis. The initial offering includes improved support for Generic analysis, a view for TCP sequence/ack analysis, Wireless traffic, and HTTP.

These will be user-configurable in future releases.

Resolved Hosts DNS Tool

An additional tab has been added to the DNS Analysis Tool. Now, CloudShark will extract all of the hosts and addresses that were resolved as part of the capture. This does not do any additional external queries to DNS, but relies on the DNS responses inside the capture file to build up this list.

Clicking on a row will bring you to the traffic from that host, as well as the DNS response and query for that name.

Bug fixes and other changes

  • Improvements when upgrading the Threat Assessment addon with custom rules
  • Fixed a behavior when typing annotations that could lead to losing everything you had typed before saving.
  • Resolved bug that could crash CloudShark under heavy load related to Threat Assessment

About CloudShark Appliance

CloudShark Appliance is made by QA Cafe, a technology company based in Portsmouth, NH. Our passion for packet captures has grown out of our other product CDRouter.

Get in touch via our Contact us page or by following us on your favorite service: