CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2026-03-20 03:35:28 +01:00
Code Issues Packages Projects Releases Wiki Activity
17,895 Commits 37 Branches 123 Tags
3/dev
Commit Graph

1918 Commits

Author SHA1 Message Date
Jorge Reyes
20c4da50b1 Merge pull request #15632 from Security-Onion-Solutions/reyesj2-15601 
fix global override settings affecting non-data stream indices
 2026-03-18 10:51:17 -05:00
Jason Ertel
83bd8a025c ignore redis restart warning in logstash log 2026-03-18 10:59:20 -04:00
reyesj2
1a943aefc5 rollover datastreams to get latest index templates + remove existing ilm policies from so-case / so-detection indices 2026-03-17 13:49:20 -05:00
Mike Reeves
d2cee468a0 Remove support for non-Oracle Linux 9 operating systems 
Security Onion now exclusively supports Oracle Linux 9. This removes
detection, setup, and update logic for Ubuntu, Debian, CentOS, Rocky,
AlmaLinux, and RHEL.
 2026-03-16 16:44:07 -04:00
Jason Ertel
7f07c96a2f pcapout still used for extracts 2026-03-09 14:58:27 -04:00
Jason Ertel
e8adea3022 restore pcapout since it's still used 2026-03-07 08:20:08 -05:00
Jason Ertel
71839bc87f remove steno 2026-03-06 15:45:36 -05:00
Jason Ertel
2c4d833a5b update 2.4 references to 3 2026-03-05 11:05:19 -05:00
Jason Ertel
863276e24f Merge pull request #15539 from Security-Onion-Solutions/jertel/wip 
prepare for nextgen docs
 2026-02-27 13:18:47 -05:00
Jason Ertel
9bd5e1897a prepare for nextgen docs 2026-02-27 13:09:55 -05:00
Josh Patterson
78ae6cd84c upgrade docker 2026-02-20 12:29:23 -05:00
reyesj2
6ce6eb95d6 use existing retry 2026-01-29 15:54:36 -06:00
reyesj2
b3d1dd51a4 initialize specific indices as needed 2026-01-29 15:41:39 -06:00
reyesj2
6b1939b827 exclude known issues with 3 integrations 2026-01-27 12:59:17 -06:00
reyesj2
55b3fa389e no dates 2026-01-23 16:33:22 -06:00
reyesj2
b3ae716929 ignore kratos file mapping error 2026-01-23 16:31:30 -06:00
Josh Patterson
f6bde3eb04 remove double logging 2026-01-20 11:56:31 -05:00
Josh Patterson
a192455fae Merge remote-tracking branch 'origin/2.4/dev' into bravo 2026-01-19 17:17:58 -05:00
reyesj2
d430ed6727 false positive 2026-01-15 15:25:28 -06:00
reyesj2
349d77ffdf exclude kafka restart error 2026-01-15 14:43:57 -06:00
Josh Patterson
152f2e03f1 Merge remote-tracking branch 'origin/2.4/dev' into bravo 2026-01-06 15:15:30 -05:00
Jason Ertel
2d705e7caa exempt kratos online check 2026-01-06 09:47:35 -05:00
Josh Patterson
1475f0fc2f timestamp logging for wait_for_salt_minion 2025-12-12 16:30:42 -05:00
Josh Patterson
8158fee8fc change how we determine if the salt-minion is ready 2025-12-12 15:24:47 -05:00
DefensiveDepth
f15a39c153 Add historical hashes 2025-12-03 11:24:04 -05:00
DefensiveDepth
9a6ff75793 Merge remote-tracking branch 'origin/2.4/dev' into idstools-refactor 2025-11-12 08:51:51 -05:00
Josh Patterson
e3972dc5af Merge remote-tracking branch 'origin/2.4/dev' into bravo 2025-11-10 13:28:42 -05:00
Josh Patterson
274295bc97 return exit codes 2025-11-07 17:39:13 -05:00
reyesj2
a84df14137 rename forward node -> sensor node 2025-11-06 15:23:55 -06:00
DefensiveDepth
2f6fb717c1 Merge remote-tracking branch 'origin/2.4/dev' into idstools-refactor 2025-11-06 10:38:37 -05:00
reyesj2
635545630b strelka use single master image 2025-11-03 09:36:46 -06:00
Josh Patterson
1949be90c2 allow to preserve files 2025-10-29 16:49:59 -04:00
Jorge Reyes
1c5a72ee85 Merge pull request #15124 from Security-Onion-Solutions/reyesj2/es-8188 
ignore error for elastic-fleet agent
 2025-10-08 14:13:46 -05:00
reyesj2
8a8ea04088 ignore error for elastic-fleet agent 2025-10-08 14:01:18 -05:00
Jason Ertel
030e4961d7 updates for wiretap lib 2025-10-01 12:13:56 -04:00
reyesj2
c92dc580a2 centralize MINION_ROLE lookup_role 2025-09-19 13:17:52 -05:00
reyesj2
d03dd7ac2d check for oom kill only in the last 24 hours 
Signed-off-by: reyesj2 <94730068+reyesj2@users.noreply.github.com>
 2025-09-19 11:32:13 -05:00
reyesj2
c9db52433f add oom check to so-log-check 
Signed-off-by: reyesj2 <94730068+reyesj2@users.noreply.github.com>
 2025-09-19 11:08:42 -05:00
DefensiveDepth
a77157391c remove idstools 2025-09-17 10:42:05 -04:00
reyesj2
84b38daf62 name destination_geo & source_geo to destination.as and source.as better aligning with ECS and linking other log sources already using .as for ASN geo data. 
Signed-off-by: reyesj2 <94730068+reyesj2@users.noreply.github.com>
 2025-07-25 16:17:22 -05:00
reyesj2
415f456661 ignore composable templates with error in the name 2025-07-12 08:30:04 -05:00
Jason Ertel
3056410fd1 Merge pull request #14828 from Security-Onion-Solutions/jertel/wip 
exclude component updates indexes with error in the name
 2025-07-10 07:51:34 -04:00
Jason Ertel
bf8da60605 exclude component updates indexes with error in the name 2025-07-10 07:47:53 -04:00
Josh Patterson
1e9f3a65a4 Merge remote-tracking branch 'origin/2.4/dev' into vlb2 2025-06-25 15:35:30 -04:00
Jason Ertel
21d9964827 fix logging 2025-06-24 11:03:08 -04:00
Jason Ertel
b052a75e64 refactor airgap playbook to eliminate dupe code and shrink ISO 2025-06-24 09:34:57 -04:00
Jason Ertel
db08ac9022 Merge pull request #14651 from Security-Onion-Solutions/jertel/mhf 
Backport Hotfix to dev
 2025-05-22 13:44:36 -04:00
Josh Patterson
18d899a7f9 add so-docker-prune from hotfix/2.4.150 2025-05-22 09:29:51 -04:00
Mike Reeves
ddd023c69a Update so-docker-prune 2025-05-21 13:47:45 -04:00
Josh Patterson
b0a8191f59 Merge remote-tracking branch 'origin/2.4/dev' into vlb2 2025-05-19 10:02:26 -04:00