CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2026-03-24 05:22:38 +01:00
Code Issues Packages Projects Releases Wiki Activity
17,933 Commits 39 Branches 123 Tags
3/dev
Commit Graph

175 Commits

Author SHA1 Message Date
Josh Patterson
7af6efda1e ensure bool sliders strelka 2026-03-19 14:46:49 -04:00
Josh Patterson
74ad2990a7 Merge remote-tracking branch 'origin/3/dev' into delta 2026-03-18 13:05:02 -04:00
Josh Patterson
e19e83bebb allow user defined ulimits 2026-03-18 10:38:15 -04:00
Doug Burks
930985b770 update helpLink references for new documentation 2026-03-18 09:46:45 -04:00
Josh Patterson
2349750e13 DOCKER to DOCKERMERGED 2026-03-17 16:19:02 -04:00
Josh Patterson
00986dc2fd Merge remote-tracking branch 'origin/delta' into customulimit 2026-03-17 16:04:09 -04:00
Mike Reeves
2d97dfc8a1 Add customizable ulimit settings for all Docker containers 
Add ulimits as a configurable advanced setting for every container,
allowing customization through the web UI. Move hardcoded ulimits
from elasticsearch and zeek into defaults.yaml and fix elasticsearch
ulimits that were incorrectly nested under the environment key.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-03-17 15:10:42 -04:00
Josh Patterson
4dc377c99f DOCKER to DOCKERMERGED 2026-03-17 15:06:06 -04:00
Mike Reeves
afc14ec29d Remove non-Oracle Linux 9 support from salt states 
Simplifies salt states, map files, and modules to only support
Oracle Linux 9, removing all Debian/Ubuntu/CentOS/Rocky/AlmaLinux/RHEL
conditional branches.
 2026-03-16 16:58:39 -04:00
reyesj2
635545630b strelka use single master image 2025-11-03 09:36:46 -06:00
Josh Patterson
cd6deae0a7 add missing strelka backend scanners to SOC UI annotation file 2025-04-02 11:20:12 -04:00
Josh Patterson
0b8a7f5b67 fix strelka annotations. restart strelka containers on config change 2025-04-02 10:10:34 -04:00
m0duspwnens
a0558ace16 replace: False to remove state warning 2024-10-24 10:33:16 -04:00
Jason Ertel
217bb388a0 Clarify enabled settings 2024-09-16 10:05:17 -04:00
Corey Ogburn
0cc57fc240 Change Compilation Report Path 
Move compilation report path to /opt/so/state and mount that foulder in SOC
 2024-05-17 15:47:23 -06:00
weslambert
d9edff38df Create compile report for SOC integrity check 2024-05-17 16:10:10 -04:00
Wes
823ff7ce11 Remove exclusions and repos 2024-05-09 17:03:13 +00:00
m0duspwnens
c864fec70c allow strelka.manager to run on standalone 2024-05-09 11:53:50 -04:00
m0duspwnens
a74fee4cd0 strelka compiled rules 2024-05-09 11:26:02 -04:00
m0duspwnens
3a99624eb8 seperate manager states for strelka 2024-05-09 10:03:02 -04:00
weslambert
01a68568a6 Use state 2024-05-08 16:37:13 -04:00
weslambert
0567b93534 Remove mode 2024-05-08 15:39:59 -04:00
Wes
77e2117051 Account for 0 active rules and change watch 2024-05-08 18:47:52 +00:00
Wes
bee8c2c1ce Remove watch 2024-05-07 13:21:59 +00:00
weslambert
a5e89c0854 Merge pull request #12947 from Security-Onion-Solutions/fix/strelka_yara_distributed 
Fix YARA rules for distributed deployments
 2024-05-06 15:53:08 -04:00
Wes
1e48955376 Restart when rules change 2024-05-06 19:39:03 +00:00
Wes
5056ec526b Add compiled directory 2024-05-06 19:27:38 +00:00
Wes
d2fa77ae10 Update compile script 2024-05-06 19:10:41 +00:00
Wes
445fb31634 Add manager SLS 2024-05-06 19:09:37 +00:00
Wes
5aa611302a Handle YARA rules for distributed deployments 2024-05-06 19:08:01 +00:00
DefensiveDepth
3c3ed8b5c5 Add runtime status logs 2024-04-24 16:33:47 -04:00
DefensiveDepth
a237ef5d96 Update default queries 2024-04-19 16:33:35 -04:00
DefensiveDepth
6c6647629c Refactor yara for compilation 2024-04-18 11:32:17 -04:00
DefensiveDepth
8cc4d2668e Move compile_yara 2024-04-16 12:52:14 -04:00
weslambert
8429a364dc Remove Strelka rules watch 2024-03-21 10:09:36 -04:00
weslambert
1568f57096 Remove Strelka config 2024-03-21 10:07:27 -04:00
Wes
e8ae609012 Add Strelka rules watch back 2024-03-08 16:27:17 +00:00
Wes
4e32935991 Add Strelka config back 2024-03-08 16:24:37 +00:00
Josh Brower
49b5788ac1 add bindings 2024-02-01 07:21:49 -05:00
Corey Ogburn
858166bcae WIP: Detections Changes 
Removed some strelka/yara rules from salt.

Removed yara scripts for downloading and updating rules. This will be managed by SOC.

Added a new compile_yara.py script.

Added the strelka repos folder.
 2024-01-30 15:43:51 -07:00
weslambert
4d7af21dd5 Fix quote 2024-01-23 13:55:37 -05:00
weslambert
1698d95efe Use PLACEHOLDER for key values 2024-01-23 13:45:26 -05:00
weslambert
72319e33db Avoid leak test triggering 2024-01-23 12:38:09 -05:00
Wes
3bcb0bc132 Update defaults 2024-01-23 17:18:54 +00:00
Mike Reeves
ee45fc31a2 Delete salt/strelka/tools/sbin_jinja/so-yara-download 2023-09-28 11:04:16 -04:00
m0duspwnens
05e7c32cf9 remove duplicate filecheck_run cron 2023-09-27 10:08:08 -04:00
Jason Ertel
bb3632d1b2 fix bind if statement 2023-09-18 14:38:15 -04:00
Jason Ertel
66bb1272ae avoid volume sprawl 2023-09-18 13:39:56 -04:00
m0duspwnens
0a88c812e8 differnet watchdog package names for debian vs redhat fams 2023-08-25 13:03:33 -04:00
m0duspwnens
ab1d97c985 restart filecheck if watchdog pkg changes 2023-08-25 09:39:16 -04:00