CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2026-06-14 22:28:43 +02:00
Code Issues Packages Projects Releases Wiki Activity
17,968 Commits 33 Branches 127 Tags
feature/strelka-replacement
Commit Graph

90 Commits

Author SHA1 Message Date
Mike Reeves acc9b8062e Remove Strelka container infrastructure 
Removes all Strelka container salt states and infrastructure references,
replaced by the native fileanalyze module in sensoroni.

Removed:
- salt/strelka/ directory (all container states, configs, tools)
- Docker container definitions for 6 Strelka containers
- Firewall rules for strelka_frontend
- Container references in containers.map.jinja
- top.sls and allowed_states references to strelka/strelka.manager
- so-minion add_strelka_to_minion() function and call sites
- so-deny strelka_frontend entry
- Logstash strelka bind mount
- Logrotate strelka config
- Telegraf strelka file monitoring
- so-sensor-clean strelka cleanup
- so-image-common strelka container images

Kept (still needed):
- Elasticsearch index/ingest pipeline (ingests fileanalyze output)
- Elastic agent/fleet log collection config
- SOC strelkaengine (YARA rule management)
- Kibana saved objects (dashboards)
 2026-04-06 14:57:22 -04:00
Jason Ertel 71839bc87f remove steno 2026-03-06 15:45:36 -05:00
DefensiveDepth 2f6fb717c1 Merge remote-tracking branch 'origin/2.4/dev' into idstools-refactor 2025-11-06 10:38:37 -05:00
reyesj2 635545630b strelka use single master image 2025-11-03 09:36:46 -06:00
DefensiveDepth a77157391c remove idstools 2025-09-17 10:42:05 -04:00
Jason Ertel 523ff66389 connect work 2024-10-16 13:44:01 -04:00
Jason Ertel f0e4e52364 es sig pulled from es dir 2024-09-11 11:12:20 -04:00
Josh Patterson e7a7a8609a Merge pull request #13640 from Security-Onion-Solutions/esver 
only elasticsearch image uses es version
 2024-09-09 16:45:14 -04:00
m0duspwnens 8702d95434 only elasticsearch image uses es version 2024-09-09 16:38:38 -04:00
Jason Ertel 5625771ffb es version shift 2024-09-05 13:16:28 -04:00
Jason Ertel c85e5643db es version shift 2024-09-05 13:14:45 -04:00
m0duspwnens 7d9b3b1f28 use correct sig 2024-09-04 15:36:17 -04:00
m0duspwnens 2b807c2409 update comment 2024-09-04 10:33:14 -04:00
m0duspwnens 0af2e85f91 update annotation. 2024-09-04 10:32:11 -04:00
m0duspwnens cfdc8ede90 fix es version logic 2024-09-03 16:49:39 -04:00
m0duspwnens c20ac6c2d8 fix if and awk 2024-09-03 15:20:49 -04:00
m0duspwnens 529844eb36 update so-image-common to use es version for es containers 2024-09-03 12:38:21 -04:00
m0duspwnens 4e142e0212 put alphabetical 2024-04-02 16:47:35 -04:00
m0duspwnens c9bf1c86c6 Merge remote-tracking branch 'origin/reyesj2/kafka' into kaffytaffy 2024-04-02 16:40:47 -04:00
reyesj2 b032eed22a Update kafka to use manager docker registry 
Signed-off-by: reyesj2 <94730068+reyesj2@users.noreply.github.com>
 2024-04-02 16:34:06 -04:00
m0duspwnens f7534a0ae3 make manager download so-kafka container 2024-04-02 16:01:12 -04:00
DefensiveDepth d7ecad4333 Initial cut to remove Playbook and deps 2024-03-25 19:42:31 -04:00
Wes d203aec44a Remove Curator 2023-12-08 19:37:06 +00:00
m0duspwnens 07902d17cc display container dl status during soup 2023-10-16 11:20:19 -04:00
m0duspwnens 1a7761c531 display container dl status during soup 2023-10-16 11:00:31 -04:00
Josh Brower 17dd21703d Reenable Elastic Package Registry 2023-05-03 12:08:46 -04:00
Jason Ertel a9b3594b35 merge 2023-02-15 08:06:41 -05:00
weslambert 40d3269db3 Remove 'so-filebeat' from list of trusted containers 2023-02-13 09:58:39 -05:00
Jason Ertel ea0c3db8e1 upgrade influxdb 2023-02-08 13:23:45 -05:00
Wes b381c5424e Remove extra whitespace after 'so-elastic-agent-builder' line in 'so-image-common' 2023-01-26 16:13:23 +00:00
Wes f1db1bc273 Ensure Kratos events are sent to a data stream instead of an index 2023-01-26 16:12:06 +00:00
weslambert 6ee66a34bc Revert "Elastic Agent and Fleet - Import Mode" 2023-01-25 17:12:03 -05:00
Wes 86a925e1c7 Download Elastic Agent images for Import Mode 2023-01-25 16:09:12 +00:00
Josh Brower e83e54936e Temp disable Elastic Registry Repo 2023-01-19 07:25:25 -05:00
Doug Burks e95034886e add influxdb and telegraf to import mode 2022-12-22 09:49:57 -05:00
Josh Brower 8db49feb32 Use our docker image 2022-11-16 08:24:25 -05:00
Josh Brower b7b92c73a3 add so-elastic-agent to container list 2022-09-14 11:00:16 -04:00
Josh Brower 0df7d0249a Add so-elastic-agent-builder 2022-09-12 12:22:35 -04:00
Mike Reeves 2bd9dd80e2 Move In Day 2022-09-07 09:06:25 -04:00
Mike Reeves ff30f572d7 Remove thehive from image common 2022-03-14 10:40:41 -04:00
Josh Brower 30c40ed3d7 IDH Initial Support 2022-02-09 10:37:47 -05:00
Jason Ertel eefcc929c2 Update copyright pattern to match other repos 2022-01-24 10:09:23 -05:00
Jason Ertel 7c22f46a55 Update copyright year for 2022 2022-01-24 09:35:29 -05:00
Doug Burks 7d1f9c51e8 fix typo in so-image-common 2021-12-15 07:24:30 -05:00
William Wernert 73dacdcbff Add logscan to images for pull during soup if it's enabled 2021-09-23 09:52:23 -04:00
William Wernert fb4c2c35e3 Remove so-logscan from so-image-common arrays 2021-08-13 13:58:08 -04:00
William Wernert dd0e407935 Use correct container name 2021-07-28 15:06:38 -04:00
William Wernert cf9121dfc2 Actually download so-learn container 2021-07-28 14:13:16 -04:00
William Wernert dbc4ffd69a Fix typo 2021-05-25 09:20:45 -04:00
William Wernert f445186f1e Remove redundant error messages 2021-05-18 13:38:55 -04:00