CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-06 09:12:45 +01:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #10892 from Security-Onion-Solutions/feature/elastic_8.8.2

Browse Source 
Elastic 8.8.2
This commit is contained in:
weslambert
2023-07-31 22:24:21 -04:00
committed by GitHub
parent 9d59e4250f 48d9c14563
commit ae6997a6b7
21 changed files with 21 additions and 20 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
salt/common/tools/sbin/so-common
View File

@@ -5,7 +5,7 @@
# https://securityonion.net/license; you may not use this file except in compliance with the # https://securityonion.net/license; you may not use this file except in compliance with the
# Elastic License 2.0. # Elastic License 2.0.
ELASTIC_AGENT_TARBALL_VERSION="8.7.1" ELASTIC_AGENT_TARBALL_VERSION="8.8.2"
DEFAULT_SALT_DIR=/opt/so/saltstack/default DEFAULT_SALT_DIR=/opt/so/saltstack/default
DOC_BASE_URL="https://docs.securityonion.net/en/2.4" DOC_BASE_URL="https://docs.securityonion.net/en/2.4"

1
salt/elasticfleet/defaults.yaml
View File

@@ -32,4 +32,5 @@ elasticfleet:
- fim - fim
- github - github
- google_workspace - google_workspace
- log
- 1password - 1password

2
salt/elasticfleet/files/integrations-dynamic/grid-nodes_general/import-zeek-logs.json
View File

@@ -13,7 +13,7 @@
"logs-logfile": { "logs-logfile": {
"enabled": true, "enabled": true,
"streams": { "streams": {
"log.log": { "log.logs": {
"enabled": true, "enabled": true,
"vars": { "vars": {
"paths": [ "paths": [

2
salt/elasticfleet/files/integrations-dynamic/grid-nodes_general/zeek-logs.json
View File

@@ -14,7 +14,7 @@
"logs-logfile": { "logs-logfile": {
"enabled": true, "enabled": true,
"streams": { "streams": {
"log.log": { "log.logs": {
"enabled": true, "enabled": true,
"vars": { "vars": {
"paths": [ "paths": [

2
salt/elasticfleet/files/integrations/grid-nodes_general/idh-logs.json
View File

@@ -11,7 +11,7 @@
"logs-logfile": { "logs-logfile": {
"enabled": true, "enabled": true,
"streams": { "streams": {
"log.log": { "log.logs": {
"enabled": true, "enabled": true,
"vars": { "vars": {
"paths": [ "paths": [

2
salt/elasticfleet/files/integrations/grid-nodes_general/import-evtx-logs.json
View File

@@ -12,7 +12,7 @@
"logs-logfile": { "logs-logfile": {
"enabled": true, "enabled": true,
"streams": { "streams": {
"log.log": { "log.logs": {
"enabled": true, "enabled": true,
"vars": { "vars": {
"paths": [ "paths": [

2
salt/elasticfleet/files/integrations/grid-nodes_general/import-suricata-logs.json
View File

@@ -11,7 +11,7 @@
"logs-logfile": { "logs-logfile": {
"enabled": true, "enabled": true,
"streams": { "streams": {
"log.log": { "log.logs": {
"enabled": true, "enabled": true,
"vars": { "vars": {
"paths": [ "paths": [

2
salt/elasticfleet/files/integrations/grid-nodes_general/kratos-logs.json
View File

@@ -11,7 +11,7 @@
"logs-logfile": { "logs-logfile": {
"enabled": true, "enabled": true,
"streams": { "streams": {
"log.log": { "log.logs": {
"enabled": true, "enabled": true,
"vars": { "vars": {
"paths": [ "paths": [

2
salt/elasticfleet/files/integrations/grid-nodes_general/soc-auth-sync-logs.json
View File

@@ -11,7 +11,7 @@
"logs-logfile": { "logs-logfile": {
"enabled": true, "enabled": true,
"streams": { "streams": {
"log.log": { "log.logs": {
"enabled": true, "enabled": true,
"vars": { "vars": {
"paths": [ "paths": [

2
salt/elasticfleet/files/integrations/grid-nodes_general/soc-salt-relay-logs.json
View File

@@ -11,7 +11,7 @@
"logs-logfile": { "logs-logfile": {
"enabled": true, "enabled": true,
"streams": { "streams": {
"log.log": { "log.logs": {
"enabled": true, "enabled": true,
"vars": { "vars": {
"paths": [ "paths": [

2
salt/elasticfleet/files/integrations/grid-nodes_general/soc-sensoroni-logs.json
View File

@@ -11,7 +11,7 @@
"logs-logfile": { "logs-logfile": {
"enabled": true, "enabled": true,
"streams": { "streams": {
"log.log": { "log.logs": {
"enabled": true, "enabled": true,
"vars": { "vars": {
"paths": [ "paths": [

2
salt/elasticfleet/files/integrations/grid-nodes_general/soc-server-logs.json
View File

@@ -11,7 +11,7 @@
"logs-logfile": { "logs-logfile": {
"enabled": true, "enabled": true,
"streams": { "streams": {
"log.log": { "log.logs": {
"enabled": true, "enabled": true,
"vars": { "vars": {
"paths": [ "paths": [

2
salt/elasticfleet/files/integrations/grid-nodes_general/strelka-logs.json
View File

@@ -11,7 +11,7 @@
"logs-logfile": { "logs-logfile": {
"enabled": true, "enabled": true,
"streams": { "streams": {
"log.log": { "log.logs": {
"enabled": true, "enabled": true,
"vars": { "vars": {
"paths": [ "paths": [

2
salt/elasticfleet/files/integrations/grid-nodes_general/suricata-logs.json
View File

@@ -11,7 +11,7 @@
"logs-logfile": { "logs-logfile": {
"enabled": true, "enabled": true,
"streams": { "streams": {
"log.log": { "log.logs": {
"enabled": true, "enabled": true,
"vars": { "vars": {
"paths": [ "paths": [

2
salt/elasticfleet/files/integrations/grid-nodes_heavy/kratos-logs.json
View File

@@ -11,7 +11,7 @@
"logs-logfile": { "logs-logfile": {
"enabled": true, "enabled": true,
"streams": { "streams": {
"log.log": { "log.logs": {
"enabled": true, "enabled": true,
"vars": { "vars": {
"paths": [ "paths": [

2
salt/elasticfleet/files/integrations/grid-nodes_heavy/soc-auth-sync-logs.json
View File

@@ -11,7 +11,7 @@
"logs-logfile": { "logs-logfile": {
"enabled": true, "enabled": true,
"streams": { "streams": {
"log.log": { "log.logs": {
"enabled": true, "enabled": true,
"vars": { "vars": {
"paths": [ "paths": [

2
salt/elasticfleet/files/integrations/grid-nodes_heavy/soc-salt-relay-logs.json
View File

@@ -11,7 +11,7 @@
"logs-logfile": { "logs-logfile": {
"enabled": true, "enabled": true,
"streams": { "streams": {
"log.log": { "log.logs": {
"enabled": true, "enabled": true,
"vars": { "vars": {
"paths": [ "paths": [

2
salt/elasticfleet/files/integrations/grid-nodes_heavy/soc-sensoroni-logs.json
View File

@@ -11,7 +11,7 @@
"logs-logfile": { "logs-logfile": {
"enabled": true, "enabled": true,
"streams": { "streams": {
"log.log": { "log.logs": {
"enabled": true, "enabled": true,
"vars": { "vars": {
"paths": [ "paths": [

2
salt/elasticfleet/files/integrations/grid-nodes_heavy/soc-server-logs.json
View File

@@ -11,7 +11,7 @@
"logs-logfile": { "logs-logfile": {
"enabled": true, "enabled": true,
"streams": { "streams": {
"log.log": { "log.logs": {
"enabled": true, "enabled": true,
"vars": { "vars": {
"paths": [ "paths": [

2
salt/kibana/files/config_saved_objects.ndjson
View File

@@ -1 +1 @@
{"attributes": {"buildNum": 39457,"defaultIndex": "logs-*","defaultRoute": "/app/dashboards#/view/a8411b30-6d03-11ea-b301-3d6c35840645","discover:sampleSize": 100,"theme:darkMode": true,"timepicker:timeDefaults": "{\n \"from\": \"now-24h\",\n \"to\": \"now\"\n}"},"coreMigrationVersion": "8.7.1","id": "8.7.1","migrationVersion": {"config": "7.13.0"},"references": [],"type": "config","updated_at": "2021-10-10T10:10:10.105Z","version": "WzI5NzUsMl0="} {"attributes": {"buildNum": 39457,"defaultIndex": "logs-*","defaultRoute": "/app/dashboards#/view/a8411b30-6d03-11ea-b301-3d6c35840645","discover:sampleSize": 100,"theme:darkMode": true,"timepicker:timeDefaults": "{\n \"from\": \"now-24h\",\n \"to\": \"now\"\n}"},"coreMigrationVersion": "8.8.2","id": "8.8.2","references": [],"type": "config","updated_at": "2021-10-10T10:10:10.105Z","version": "WzI5NzUsMl0="}

2
salt/kibana/tools/sbin_jinja/so-kibana-config-load
View File

@@ -63,7 +63,7 @@ update() {
IFS=$'\r\n' GLOBIGNORE='*' command eval 'LINES=($(cat $1))' IFS=$'\r\n' GLOBIGNORE='*' command eval 'LINES=($(cat $1))'
for i in "${LINES[@]}"; do for i in "${LINES[@]}"; do
RESPONSE=$(curl -K /opt/so/conf/elasticsearch/curl.config -X PUT "localhost:5601/api/saved_objects/config/8.7.1" -H 'kbn-xsrf: true' -H 'Content-Type: application/json' -d " $i ") RESPONSE=$(curl -K /opt/so/conf/elasticsearch/curl.config -X PUT "localhost:5601/api/saved_objects/config/8.8.2" -H 'kbn-xsrf: true' -H 'Content-Type: application/json' -d " $i ")
echo $RESPONSE; if [[ "$RESPONSE" != *"\"success\":true"* ]] && [[ "$RESPONSE" != *"updated_at"* ]] ; then RETURN_CODE=1;fi echo $RESPONSE; if [[ "$RESPONSE" != *"\"success\":true"* ]] && [[ "$RESPONSE" != *"updated_at"* ]] ; then RETURN_CODE=1;fi
done done