securityonion

mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2026-05-28 05:55:49 +02:00

Author	SHA1	Message	Date
Mike Reeves	acc9b8062e	Remove Strelka container infrastructure Removes all Strelka container salt states and infrastructure references, replaced by the native fileanalyze module in sensoroni. Removed: - salt/strelka/ directory (all container states, configs, tools) - Docker container definitions for 6 Strelka containers - Firewall rules for strelka_frontend - Container references in containers.map.jinja - top.sls and allowed_states references to strelka/strelka.manager - so-minion add_strelka_to_minion() function and call sites - so-deny strelka_frontend entry - Logstash strelka bind mount - Logrotate strelka config - Telegraf strelka file monitoring - so-sensor-clean strelka cleanup - so-image-common strelka container images Kept (still needed): - Elasticsearch index/ingest pipeline (ingests fileanalyze output) - Elastic agent/fleet log collection config - SOC strelkaengine (YARA rule management) - Kibana saved objects (dashboards)	2026-04-06 14:57:22 -04:00
Josh Patterson	4afc986f48	firewall and logstash pipeline for managerhype	2025-09-05 13:14:47 -04:00
Josh Patterson	baf0f7ba95	firewall allow hypervisor for managersearch and standalone	2025-08-12 14:08:15 -04:00
Josh Patterson	21bb325157	Merge remote-tracking branch 'origin/2.4/dev' into vlb2	2025-04-14 08:22:42 -04:00
reyesj2	96c56297ce	external access via user/pass	2025-04-09 22:08:13 -05:00
Josh Patterson	44a5b3b1e5	MANAGERHYPE setup is now complete!	2025-03-12 21:05:04 -04:00
m0duspwnens	feb700393e	merge with 2.4.120, fix merge conflicts	2024-10-25 15:09:38 -04:00
Mike Reeves	cac1539094	Add to firewall settings and annotations	2024-09-12 13:08:01 -04:00
m0duspwnens	9d2c5d54b0	hype changes	2024-08-07 10:43:53 -04:00
m0duspwnens	52e52f35f7	hyper setup init	2024-07-31 15:49:32 -04:00
reyesj2	ea771ed21b	update firewall Signed-off-by: reyesj2 <94730068+reyesj2@users.noreply.github.com>	2024-06-24 12:01:01 -04:00
reyesj2	824f852ed7	merge 2.4/dev Signed-off-by: reyesj2 <94730068+reyesj2@users.noreply.github.com>	2024-06-10 11:26:23 -04:00
Mike Reeves	4057238185	Update defaults.yaml	2024-06-07 15:33:49 -04:00
Mike Reeves	dbc56ffee7	Update defaults.yaml	2024-06-07 15:09:09 -04:00
reyesj2	876d860488	elastic agent should be able to communicate over 9092 for sending logs to kafka brokers Signed-off-by: reyesj2 <94730068+reyesj2@users.noreply.github.com>	2024-05-29 16:40:15 -04:00
reyesj2	a6e8b25969	Add Kafka connectivity between manager - > receiver nodes. Add connectivity to Kafka between other node types that may need to publish to Kafka. Signed-off-by: reyesj2 <94730068+reyesj2@users.noreply.github.com>	2024-04-29 15:48:57 -04:00
reyesj2	af53dcda1b	Remove references to kafkanode Signed-off-by: reyesj2 <94730068+reyesj2@users.noreply.github.com>	2024-04-11 15:32:00 -04:00
m0duspwnens	1b8584d4bb	allow manager to manager on kafka ports	2024-04-03 15:36:35 -04:00
m0duspwnens	ed6137a76a	allow sensor and searchnode to connect to manager kafka ports	2024-04-03 10:24:10 -04:00
m0duspwnens	e25bc8efe4	Merge remote-tracking branch 'origin/reyesj2/kafka' into kaffytaffy	2024-04-02 13:36:47 -04:00
DefensiveDepth	d7ecad4333	Initial cut to remove Playbook and deps	2024-03-25 19:42:31 -04:00
reyesj2	446f1ffdf5	merge 2.4/dev Signed-off-by: reyesj2 <94730068+reyesj2@users.noreply.github.com>	2024-03-25 13:55:48 -04:00
m0duspwnens	3eb6fe2df9	allow managersearch to receiver redis and 5644	2024-03-08 09:52:12 -05:00
reyesj2	8cf29682bb	Update to merge in 2.4/dev Signed-off-by: reyesj2 <94730068+reyesj2@users.noreply.github.com>	2023-11-29 13:41:23 -05:00
reyesj2	86dc7cc804	Kafka init Signed-off-by: reyesj2 <94730068+reyesj2@users.noreply.github.com>	2023-11-29 13:34:25 -05:00
m0duspwnens	07ed93de19	add elastic agent to desktop	2023-09-01 14:33:32 -04:00
m0duspwnens	b010919099	add sensoroni, telegraf, common states to desktop. allow docker_registry connection to managers for desktop	2023-08-31 13:21:32 -04:00
Wes	60b0af5ab7	Allow external syslog	2023-08-30 13:05:30 +00:00
m0duspwnens	28dfdbf06d	securityonion_desktop is just desktop	2023-08-09 08:51:39 -04:00
m0duspwnens	00efc2f88f	rename workstation to desktop for firewall	2023-08-09 07:31:31 -04:00
m0duspwnens	014aeffb2a	add analyst back	2023-08-04 09:56:33 -04:00
m0duspwnens	726ec72350	allow idh to connect to salt_manager ports on managres	2023-08-04 09:22:59 -04:00
m0duspwnens	a51acfc314	rename analyst to workstation for fw rules. allow workstation to connect to salt_manager port on managers	2023-08-04 09:17:22 -04:00
m0duspwnens	682289ef23	add sensoroni ports where missing	2023-08-04 09:01:09 -04:00
m0duspwnens	593cdbd060	add rules for idh to connect to managers, change idh from sensor to idh in so-firewall-minion	2023-08-04 08:50:06 -04:00
weslambert	4adaddf13f	Move syslog to the INPUT chain where needed	2023-08-01 10:14:59 -04:00
m0duspwnens	57562ad5e3	add managersearch and standlone fw rules for searchnode	2023-07-31 13:34:08 -04:00
Josh Brower	f24a3a51ce	Heavy Node fixes	2023-07-25 18:28:41 -04:00
Josh Brower	7805ca8beb	Add Failover Support	2023-07-10 10:38:14 -04:00
m0duspwnens	5de9e5baf4	allow sensor to logstash on receiver	2023-06-15 14:46:46 -04:00
m0duspwnens	469390696e	2.4 receiver changes	2023-06-15 11:04:16 -04:00
m0duspwnens	2db95fe1b4	fw rules for receiver to managers	2023-06-14 15:24:14 -04:00
m0duspwnens	934b0f45a1	allow receiver to connect to salt manager	2023-06-14 15:08:07 -04:00
Josh Brower	5536f5a8c2	Add Fleet node to other roles	2023-05-17 09:32:20 -04:00
Mike Reeves	fb298224fc	Update defaults.yaml	2023-05-16 08:17:50 -04:00
Mike Reeves	a4cd695cc8	Airgap Rules Fix	2023-05-11 16:00:07 -04:00
m0duspwnens	b0bd64bc10	define and assign elastic_agent_update port	2023-05-03 12:40:56 -04:00
m0duspwnens	8359f1983c	idh firewall	2023-05-03 10:53:13 -04:00
m0duspwnens	c597766390	assign firewall pillars to * in top	2023-05-03 10:17:45 -04:00
m0duspwnens	80b40503fb	no more plural roles, update so-firewall-minion	2023-05-01 17:28:16 -04:00

1 2

52 Commits