CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2026-03-27 06:52:40 +01:00
Code Issues Packages Projects Releases Wiki Activity
17,941 Commits 43 Branches 123 Tags
3/dev
Commit Graph

477 Commits

Author SHA1 Message Date
Josh Patterson
f0f9de4b44 add status updates for pillar conversions 2026-03-20 16:12:10 -04:00
Josh Patterson
e857a8487a convert suricata pillar data yes/no to true/false 2026-03-20 15:35:44 -04:00
Jorge Reyes
20c4da50b1 Merge pull request #15632 from Security-Onion-Solutions/reyesj2-15601 
fix global override settings affecting non-data stream indices
 2026-03-18 10:51:17 -05:00
reyesj2
1a943aefc5 rollover datastreams to get latest index templates + remove existing ilm policies from so-case / so-detection indices 2026-03-17 13:49:20 -05:00
Josh Patterson
4224713cc6 Merge pull request #15624 from Security-Onion-Solutions/moreja 
Add SOC UI toggle for JA4+ fingerprinting
 2026-03-17 09:44:04 -04:00
Mike Reeves
64bb0dfb5b Merge pull request #15610 from Security-Onion-Solutions/moresoup 
Add -r flag to so-yaml get and migrate pcap pillar to suricata
 2026-03-16 17:36:32 -04:00
Mike Reeves
d2cee468a0 Remove support for non-Oracle Linux 9 operating systems 
Security Onion now exclusively supports Oracle Linux 9. This removes
detection, setup, and update logic for Ubuntu, Debian, CentOS, Rocky,
AlmaLinux, and RHEL.
 2026-03-16 16:44:07 -04:00
Jason Ertel
7dcd923ebf Merge pull request #15612 from Security-Onion-Solutions/jertel/wip 
API errors will no longer redirect
 2026-03-13 17:04:51 -04:00
Jason Ertel
1fcd8a7c1a API errors will no longer redirect 2026-03-13 16:53:38 -04:00
Mike Reeves
4a89f7f26b Add -r flag to so-yaml get for raw output without YAML formatting 
Preserve default get behavior with yaml.safe_dump output for backwards
compatibility. Add -r flag for clean scalar output used by soup pcap
migration.
 2026-03-13 16:24:41 -04:00
Mike Reeves
7f4adb70bd Fix so-yaml get to print scalar values without YAML document end marker 2026-03-13 15:34:04 -04:00
Mike Reeves
81c1d8362d Fix pcap migration to strip yaml document end marker from so-yaml output 2026-03-13 15:09:37 -04:00
Mike Reeves
18f971954b Improve soup version checks and migrate pcap pillar to suricata 
Consolidate version checks to use regex patterns for 2.4.21X and 3.x
versions. Add migrate_pcap_to_suricata to move pcap.enabled to
suricata.pcap.enabled in minion and pcap pillar files during upgrade.
 2026-03-13 14:54:23 -04:00
Mike Reeves
89f144df75 Remove upgrade instructions for 2.4 branch 
Removed outdated instructions for upgrading to the latest 2.4 branch.
 2026-03-11 16:05:06 -04:00
Mike Reeves
cfccbe2bed Update version check to include 2.4.211 2026-03-11 15:59:23 -04:00
Mike Reeves
4539024280 Add minimum version check and fix function call syntax in soup 
Require at least Security Onion 2.4.210 before allowing upgrade.
Fix determine_elastic_agent_upgrade() call syntax (remove parens).
 2026-03-10 15:05:52 -04:00
Mike Reeves
91759587f5 Update version numbers for upgrade scripts 2026-03-10 14:58:43 -04:00
Mike Reeves
bc9841ea8c Refactor upgrade functions and remove unused code 
Removed deprecated functions and updated version checks for upgrades.
 2026-03-10 14:45:40 -04:00
Mike Reeves
685e22bd68 soup cleanup 2026-03-10 11:58:06 -04:00
Mike Reeves
d78a5867b8 Refactor upgrade functions and version checks 
Removed redundant upgrade functions and streamlined version checks.
 2026-03-09 17:10:18 -04:00
Jason Ertel
863276e24f Merge pull request #15539 from Security-Onion-Solutions/jertel/wip 
prepare for nextgen docs
 2026-02-27 13:18:47 -05:00
Jason Ertel
9bd5e1897a prepare for nextgen docs 2026-02-27 13:09:55 -05:00
Josh Brower
17e3a4bf21 Merge pull request #15536 from Security-Onion-Solutions/idstools-cleanup 
Move rm to post
 2026-02-27 08:39:50 -05:00
DefensiveDepth
2284283b17 Move rm to post 2026-02-27 08:35:28 -05:00
Josh Patterson
972aa1f8a1 Merge pull request #15534 from Security-Onion-Solutions/bravo 
restart salt minion before failing if not ready
 2026-02-26 15:20:44 -05:00
Josh Patterson
79d9b6e0a4 restart salt minion before failing if not ready 2026-02-26 12:05:21 -05:00
DefensiveDepth
5e7b0cfe0e Cleanup idstools 2026-02-26 09:05:54 -05:00
Josh Patterson
1a9a087af2 redirect not found if key isn't found 2026-02-23 13:17:38 -05:00
Josh Patterson
bf16de7bfd fix duplicate log lines in soup log 2026-02-23 12:07:04 -05:00
Josh Patterson
863c7abc8b fix soup failure if salt-relay isn't running 2026-02-23 11:36:20 -05:00
Jorge Reyes
cf6b5aeceb Merge pull request #15503 from Security-Onion-Solutions/reyesj2/mngdanno 
migrate managed_integrations pillar
 2026-02-20 13:28:23 -06:00
reyesj2
256c1122c3 remove old pillar 2026-02-19 11:08:23 -06:00
reyesj2
aa2a1a3d3c typo for so-yaml file input 2026-02-19 11:08:06 -06:00
Jorge Reyes
93f52453b4 Merge pull request #15499 from Security-Onion-Solutions/reyesj2-patch-15 
rework autosoup for intermediate upgrades
 2026-02-19 09:08:00 -06:00
Jorge Reyes
a9307aa308 Clarify duration for Elasticsearch upgrade verification 
Added a note about the potential duration of the Elasticsearch upgrade verification process.
 2026-02-19 08:31:26 -06:00
reyesj2
0ebd8e4d6c migrate elasticsearch:managed_integrations pillar to new manager:managed_integrations pillar 2026-02-18 19:00:35 -06:00
reyesj2
58c0a9183c unmount current agupdate dir, before final upgrade on airgap 2026-02-18 10:04:32 -06:00
Jorge Reyes
b8fb0fa735 Revert "allow network installs to use ISO for faster soupin" 2026-02-18 10:02:24 -06:00
Jorge Reyes
d00fb4ccf7 Revert "don't set is_airgap when using nonairgap_useiso: not a true airgap sy…" 2026-02-18 09:42:12 -06:00
reyesj2
534a0ad41f clean up ES version compatibility check and autosoups 2026-02-17 16:20:11 -06:00
Josh Patterson
fb364aec5d upgrade salt 3006.19 2026-02-17 09:27:52 -05:00
Josh Patterson
c28bcfa85e upgrade salt 3006.19 2026-02-13 16:24:19 -05:00
Josh Patterson
ada463320b upgrade salt 3006.19 2026-02-13 15:51:54 -05:00
Josh Patterson
2b05583035 update salt 3006.19 2026-02-13 14:49:53 -05:00
reyesj2
f0df6a171c don't set is_airgap when using nonairgap_useiso: not a true airgap system so we should keep it separate 2026-02-06 13:13:42 -06:00
reyesj2
19157aa76c consistently use nonairgap_useiso var 2026-02-06 11:55:50 -06:00
reyesj2
1c092bf791 allow network installs to use ISO for faster soup 2026-02-06 11:53:49 -06:00
reyesj2
b3d1dd51a4 initialize specific indices as needed 2026-01-29 15:41:39 -06:00
reyesj2
057131dce7 disable redis on heavynodes -- no longer in use 2026-01-27 16:39:07 -06:00
reyesj2
b4c8f7924a missing updates to variables 2026-01-22 16:49:20 -06:00