CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2026-05-09 21:02:36 +02:00
Code Issues Packages Projects Releases Wiki Activity
17,968 Commits 53 Branches 125 Tags
feature/strelka-replacement
Commit Graph

99 Commits

Author SHA1 Message Date
Mike Reeves acc9b8062e Remove Strelka container infrastructure 
Removes all Strelka container salt states and infrastructure references,
replaced by the native fileanalyze module in sensoroni.

Removed:
- salt/strelka/ directory (all container states, configs, tools)
- Docker container definitions for 6 Strelka containers
- Firewall rules for strelka_frontend
- Container references in containers.map.jinja
- top.sls and allowed_states references to strelka/strelka.manager
- so-minion add_strelka_to_minion() function and call sites
- so-deny strelka_frontend entry
- Logstash strelka bind mount
- Logrotate strelka config
- Telegraf strelka file monitoring
- so-sensor-clean strelka cleanup
- so-image-common strelka container images

Kept (still needed):
- Elasticsearch index/ingest pipeline (ingests fileanalyze output)
- Elastic agent/fleet log collection config
- SOC strelkaengine (YARA rule management)
- Kibana saved objects (dashboards)
 2026-04-06 14:57:22 -04:00
Jason Ertel 71839bc87f remove steno 2026-03-06 15:45:36 -05:00
reyesj2 12b3081a62 fix agentstatus script 2026-02-25 16:39:33 -06:00
DefensiveDepth 5ab6bda639 Fixup logic 2025-12-10 17:16:35 -05:00
DefensiveDepth 9304513ce8 Add support for suricata rules load status 2025-12-04 12:26:13 -05:00
reyesj2 044d230158 get 200 from es before collecting metrics 2025-04-30 13:05:36 -05:00
reyesj2 1ddc653a52 fix input error in agentstatus script 2025-04-29 13:40:39 -05:00
reyesj2 3cb3281cd5 add metrics for es index sizes 2025-04-29 12:38:41 -05:00
Mike Reeves 976ddd3982 add agentstatus to telegraf 2024-04-03 10:06:08 -04:00
Mike Reeves 64748b98ad add agentstatus to telegraf 2024-04-03 09:56:12 -04:00
Mike Reeves 3335612365 add agentstatus to telegraf 2024-04-03 09:54:16 -04:00
Mike Reeves 513273c8c3 add agentstatus to telegraf 2024-04-03 09:43:55 -04:00
Mike Reeves 283939b18a Gather metrics from elastic agent to influx 2024-04-02 15:36:01 -04:00
m0duspwnens 907cf9f992 transition pcap 2024-03-11 12:20:28 -04:00
Mike Reeves 58d222284e Merge pull request #12271 from Security-Onion-Solutions/suripcap 
Suricata PCAP
 2024-03-04 17:27:38 -05:00
Mike Reeves e7914fc5a1 Update stenoloss.sh 2024-02-22 12:49:06 -05:00
m0duspwnens f32cb1f115 fix find to work with steno and suri pcap 2024-01-30 15:48:10 -05:00
m0duspwnens d118ff4728 add GLOBALS.pcap_engine 2024-01-29 16:54:08 -05:00
Mike Reeves 88d2ddba8b add placeholder for telegraf 2024-01-29 15:53:54 -05:00
Jason Ertel 9f17bd2255 lks/fps 2024-01-24 11:17:32 -05:00
reyesj2 07602076f1 Update telegraf script 
Signed-off-by: reyesj2 <94730068+reyesj2@users.noreply.github.com>
 2024-01-18 16:48:16 -05:00
reyesj2 739feb25a4 Add telegraf script to import featuresdetected 
Signed-off-by: reyesj2 <94730068+reyesj2@users.noreply.github.com>
 2024-01-17 15:55:00 -05:00
m0duspwnens eeb249e00d look for needs_restarted file 2024-01-16 17:22:09 -05:00
m0duspwnens dff06cb085 changes for telegraf os.sh 2024-01-16 17:03:36 -05:00
Jason Ertel e075d07f5c show last highstate date/time on grid metrics screen; expose maxUploadSize and staleMetricsMs settings on config screen 2023-12-29 11:38:42 -05:00
Jason Ertel a732985351 grid page enhancements 2023-12-08 08:38:42 -05:00
Mike Reeves 039d5ae9aa Delete salt/telegraf/scripts/beatseps.sh 2023-09-27 16:09:27 -04:00
m0duspwnens 673b45af09 import ZEEKMERGED 2023-08-08 09:41:42 -04:00
m0duspwnens a06040c035 add WORKERS calculation back to zeekcaptureloss script 2023-08-08 09:37:37 -04:00
m0duspwnens e286b8f2ba Merge remote-tracking branch 'origin/2.4/dev' into fix/tgrafzeekcloss 2023-08-08 09:36:12 -04:00
m0duspwnens 69553f9017 removes spaces from zeekcaptureloss script 2023-08-08 09:34:59 -04:00
Doug Burks 90102b1148 Finish reverting yesterday's change to zeekcaptureloss.sh 2023-08-05 09:23:27 -04:00
Doug Burks ec81cbd70d Revert yesterday's change to zeekcaptureloss.sh 2023-08-05 09:11:58 -04:00
m0duspwnens 9af2a731ca fix count of WORKERS for zeekcaptureloss script for telegraf 2023-08-04 16:29:30 -04:00
Mike Reeves cb8faf7c5f Fix the rest of the analyst entries 2023-06-26 16:14:04 -04:00
bryant-treacle 839275814c Update redis.sh - Added percent of used memory. 2023-05-19 08:51:49 -04:00
Mike Reeves 275aead5b9 Allow auth for redis check for tgraf 2023-01-04 14:30:28 -05:00
Mike Reeves 48a3f4e261 Allow auth for redis check for tgraf 2023-01-04 14:14:10 -05:00
Jason Ertel ae6fbab45d refactor sostatus telegraf input script 2022-09-19 10:27:20 -04:00
Jason Ertel 9542a5ada2 complete rewrite of so-status 2022-09-16 17:46:52 -04:00
Mike Reeves 2bd9dd80e2 Move In Day 2022-09-07 09:06:25 -04:00
Doug Burks eda7a8d7ea FIX: Update telegraf influxdbsize.sh to collect influxdb size from influxdb_size.log #7468 2022-03-18 13:15:43 -04:00
Jason Ertel eefcc929c2 Update copyright pattern to match other repos 2022-01-24 10:09:23 -05:00
Jason Ertel 7c22f46a55 Update copyright year for 2022 2022-01-24 09:35:29 -05:00
m0duspwnens 0b28e89f3c change how telegraf script determine if there is already and instance of the script already running 2021-11-04 23:22:13 -04:00
Mike Reeves 64f25961b0 Fix Steno Math for PL 2021-10-19 11:15:58 -04:00
Mike Reeves b9a3d3a6a9 Fix Steno Math for PL 2021-10-19 11:14:02 -04:00
Mike Reeves 14557983e1 Update raid.sh 2021-04-28 10:24:39 -04:00
Mike Reeves be6933e8fb Change EPS for Telegraf 2021-04-19 14:20:00 -04:00
Mike Reeves 0c0edbaac8 Change EPS for Telegraf 2021-04-19 13:29:46 -04:00