CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2026-05-10 13:20:30 +02:00
Code Issues Packages Projects Releases Wiki Activity
17,968 Commits 53 Branches 125 Tags
feature/strelka-replacement
Commit Graph

206 Commits

Author SHA1 Message Date
Mike Reeves c6c538363d Add fileanalyze module salt configuration 
Adds sensoroni agent configuration for the new fileanalyze module
that replaces the Strelka file analysis containers:
- defaults.yaml: default config values (watchDirs, concurrency, dedup, etc.)
- sensoroni.json: Jinja2 template to render module config when enabled
- soc_sensoroni.yaml: SOC config schema with descriptions for all settings
 2026-04-06 14:12:48 -04:00
Mike Reeves ebc1152376 Rebuild all analyzer source-packages for Python 3.14 
Full rebuild of all analyzer source-packages via pip download targeting
cp314/manylinux_2_17_x86_64 to match the so-soc Dockerfile base image
(python:3.14.3-slim).

Replaces cp313 wheels with cp314 for pyyaml and charset_normalizer,
and picks up certifi 2026.2.25 (from 2026.1.4).
 2026-03-16 18:58:24 -04:00
Mike Reeves 625bfb3ba7 Rebuild analyzer source-packages wheels for Python 3.14 
The so-soc Dockerfile base image moved to python:3.14.3-slim but
analyzer source-packages still contained cp313 wheels for pyyaml and
charset_normalizer, causing pip install failures at container startup.

Replace all cp313 wheels with cp314 builds (pyyaml 6.0.3,
charset_normalizer 3.4.6) across all 14 analyzers and update the
CI python-test workflow to match.
 2026-03-16 18:58:23 -04:00
Jason Ertel 71839bc87f remove steno 2026-03-06 15:45:36 -05:00
Jason Ertel 2c4d833a5b update 2.4 references to 3 2026-03-05 11:05:19 -05:00
reyesj2 bcb850d98a analyzer typo 2026-02-20 12:34:28 -06:00
reyesj2 4036469857 analyzer dep upgrades 2026-02-19 15:10:50 -06:00
Matthew Wright db168a0452 update case report for attached ai sessions 2026-01-08 13:59:51 -05:00
Matthew Wright 3a410eed1a assistant session reports 2026-01-05 14:45:02 -05:00
Jason Ertel 8f75bfb0a4 csv delimiter 2025-10-09 13:02:02 -04:00
reyesj2 a959f90d0b Merge remote-tracking branch 'origin/2.4/dev' into reyesj2/pypy 2025-09-12 11:05:54 -05:00
reyesj2 b2e7f58b3d analyzer test updates 2025-08-22 17:36:48 -05:00
reyesj2 a6600b8762 elasticsearch dep upgrades 2025-08-22 17:11:06 -05:00
reyesj2 5479d49379 greynoise breakup long line for linter 2025-08-22 16:00:05 -05:00
reyesj2 924b06976c spamhaus config typos 2025-08-22 13:50:40 -05:00
Jason Ertel c91e9ea4e0 return to normalcy 2025-08-22 13:23:19 -04:00
reyesj2 c2c96dad6e bump version 2025-08-22 08:43:48 -05:00
reyesj2 1a08833e77 typo 2025-08-22 08:41:03 -05:00
reyesj2 d16dfcf4e8 emailrep dep upgrades 2025-08-21 16:22:48 -05:00
reyesj2 b79c7b0540 sublime dep upgrades 2025-08-21 16:17:44 -05:00
reyesj2 9f45792217 pulsedive dep upgrades 2025-08-21 16:07:08 -05:00
reyesj2 d3108c3549 greynoise dep upgrade + use community version with no auth 2025-08-21 14:30:21 -05:00
reyesj2 7d883cb5e0 echotrail api no longer available 2025-08-21 12:38:00 -05:00
reyesj2 ebd81c1df9 otx dep upgrades 2025-08-21 12:22:47 -05:00
reyesj2 418dbee9fa virustotal dep upgrades 2025-08-21 12:15:13 -05:00
reyesj2 cccc3bf625 urlscan dep upgrades 2025-08-21 12:06:35 -05:00
reyesj2 a3e0072631 update readme threatfox uses auth for api now 2025-08-21 11:48:17 -05:00
reyesj2 220e485312 threatfox dep upgrade + use auth for api access 2025-08-21 11:47:54 -05:00
reyesj2 67f8fca043 spamhaus dep upgrades 2025-08-21 11:32:13 -05:00
reyesj2 0e0ab8384c localfile dep upgrade 2025-08-21 11:26:59 -05:00
reyesj2 58228f70ca malwarehashregistry dep upgrades 2025-08-21 11:16:28 -05:00
reyesj2 c412e9bad2 malwarebazaar api uses auth 2025-08-20 21:04:05 -05:00
reyesj2 87a28e8ce7 malwarebazaar dep upgrades + use auth 2025-08-20 20:59:23 -05:00
reyesj2 9ca0c7d53a urlhaus dep upgrades + update to use authenticated abusech api 2025-08-20 17:20:10 -05:00
reyesj2 2e94e452ed whoislookup py 3.13 2025-08-20 16:39:13 -05:00
reyesj2 6a0d40ee0d leave requirements.txt as is 2025-08-20 16:20:26 -05:00
reyesj2 0cebcf4432 upgrade whoislookup deps 2025-08-20 16:09:08 -05:00
Jason Ertel a3cc6f025e reports 2025-08-18 09:54:40 -04:00
Jason Ertel 7fe9e2cbfd more analyzer dep updates 2025-05-08 15:53:16 -04:00
Jason Ertel c34914c8de update deps 2025-05-02 08:19:54 -04:00
Jason Ertel be4df48742 deps update 2025-05-01 15:44:34 -04:00
Jason Ertel 86eab6fda2 dep updates 2025-05-01 15:31:26 -04:00
Jason Ertel 5d2bed950e update analyser deps for py 3.13 2025-05-01 11:16:58 -04:00
Jason Ertel 9dafa062f8 annotation/config updates 2025-02-25 17:00:41 -05:00
Jason Ertel 275a678fa1 removed unused property 2024-03-13 13:49:44 -04:00
Jason Ertel a55e04e64a pcap improvements 2024-03-08 15:48:53 -05:00
Jason Ertel 12653eec8c add new pcap annotations 2024-03-06 08:14:33 -05:00
m0duspwnens c0d19e11b9 fix } placement 2024-03-05 10:07:32 -05:00
m0duspwnens 1a58aa61a0 only import pcap and suricata if sensor 2024-03-05 09:54:40 -05:00
m0duspwnens 4be1214bab pcap engine logic for sensoroni 2024-01-30 16:53:57 -05:00