CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2026-06-14 14:18:40 +02:00
Code Issues Packages Projects Releases Wiki Activity
17,968 Commits 33 Branches 127 Tags
feature/strelka-replacement
Commit Graph

336 Commits

Author SHA1 Message Date
Mike Reeves acc9b8062e Remove Strelka container infrastructure 
Removes all Strelka container salt states and infrastructure references,
replaced by the native fileanalyze module in sensoroni.

Removed:
- salt/strelka/ directory (all container states, configs, tools)
- Docker container definitions for 6 Strelka containers
- Firewall rules for strelka_frontend
- Container references in containers.map.jinja
- top.sls and allowed_states references to strelka/strelka.manager
- so-minion add_strelka_to_minion() function and call sites
- so-deny strelka_frontend entry
- Logstash strelka bind mount
- Logrotate strelka config
- Telegraf strelka file monitoring
- so-sensor-clean strelka cleanup
- so-image-common strelka container images

Kept (still needed):
- Elasticsearch index/ingest pipeline (ingests fileanalyze output)
- Elastic agent/fleet log collection config
- SOC strelkaengine (YARA rule management)
- Kibana saved objects (dashboards)
 2026-04-06 14:57:22 -04:00
Josh Patterson 614537998a remove curator.disabled from top 2026-03-16 16:44:11 -04:00
Josh Patterson b3ed54633f cleanup steno. sensor run pcap.cleanup 2026-03-10 16:09:32 -04:00
Jason Ertel 71839bc87f remove steno 2026-03-06 15:45:36 -05:00
Josh Patterson 9960db200c Merge remote-tracking branch 'origin/2.4/dev' into bravo 2025-12-11 17:30:43 -05:00
Josh Patterson b9ff1704b0 the great ssl refactor 2025-12-11 17:30:06 -05:00
DefensiveDepth 1b55642c86 Refactor rules location 2025-11-18 09:58:14 -05:00
DefensiveDepth ded520c2c1 Merge remote-tracking branch 'origin/2.4/dev' into idstools-refactor 2025-09-17 10:42:43 -04:00
DefensiveDepth a77157391c remove idstools 2025-09-17 10:42:05 -04:00
reyesj2 24be2f869b enable stig on fleet nodes 2025-08-20 12:08:50 -05:00
Josh Patterson 26d7ceebb2 libvirt.images requires scripts from hypervisor state 2025-05-02 11:30:35 -04:00
Josh Patterson 285d73d526 enable/disable soqemussh. allow for pw to be set 2025-04-18 14:07:32 -04:00
Josh Patterson 445afca6ee use vrt 2025-04-03 13:44:13 -04:00
Josh Patterson 4165b33995 Merge remote-tracking branch 'origin/2.4/dev' into vlb2 2025-03-27 15:34:39 -04:00
Josh Patterson 1d058729e5 break out manager from non manager 2025-03-27 13:27:34 -04:00
Josh Patterson f9bf4e4130 Merge remote-tracking branch 'origin/2.4/dev' into vlb2 2025-03-27 11:26:32 -04:00
Josh Patterson 667e66bbef rename mine update and highstate state 2025-03-26 13:56:49 -04:00
Josh Patterson 55c815cae8 simplify highstate rerun when node_data pillar empty 2025-03-25 19:44:38 -04:00
Josh Patterson 79388af645 only managers need node_ips 2025-03-25 10:17:43 -04:00
Josh Patterson 8f40b66e3b update mine instead of failing highstate if no node_data 2025-03-24 19:49:24 -04:00
Josh Patterson 269919b980 run setup_hypervisor.setup_environment for mangerhype if needed 2025-03-18 09:39:49 -04:00
Josh Patterson 44a5b3b1e5 MANAGERHYPE setup is now complete! 2025-03-12 21:05:04 -04:00
Josh Patterson b68f561e6f progress and hw tracking for soc hypervisor dynamic annotations 2025-02-21 09:50:01 -05:00
m0duspwnens 08bbeedbd7 add automatic NVMe device mounting for VMs with LVM support 2025-01-30 09:55:26 -05:00
m0duspwnens 213df68d04 merge with 120 dev and fix conflicts 2025-01-23 10:56:48 -05:00
m0duspwnens 17943ef0db add hypervisor state to hypervisor node 2025-01-18 08:24:50 -05:00
m0duspwnens 24eadf2507 add libvirt state to highstate for hypervisor. update allowed_states for libvirt 2025-01-16 17:46:20 -05:00
Jason Ertel 57a9992a3d Merge branch '2.4/dev' into jertel/wip 2024-11-11 10:06:44 -05:00
m0duspwnens feb700393e merge with 2.4.120, fix merge conflicts 2024-10-25 15:09:38 -04:00
m0duspwnens 5fb660bc9a remove kernel bool option, just use list 2024-10-17 09:29:03 -04:00
Jason Ertel 523ff66389 connect work 2024-10-16 13:44:01 -04:00
reyesj2 385054b7b8 enable stig for so desktop 
Signed-off-by: reyesj2 <94730068+reyesj2@users.noreply.github.com>
 2024-09-18 14:18:47 -04:00
m0duspwnens 9d2c5d54b0 hype changes 2024-08-07 10:43:53 -04:00
reyesj2 cf1335dd84 searchnode logstash-kafka cert generation 
Signed-off-by: reyesj2 <94730068+reyesj2@users.noreply.github.com>
 2024-07-20 11:31:33 -04:00
reyesj2 268dcbe00b update receiver node allowed states 
Signed-off-by: reyesj2 <94730068+reyesj2@users.noreply.github.com>
 2024-06-18 15:44:51 -04:00
reyesj2 2ad87bf1fe merge 2.4/dev 
Signed-off-by: reyesj2 <94730068+reyesj2@users.noreply.github.com>
 2024-05-08 16:30:45 -04:00
m0duspwnens 5e2e5b2724 Merge remote-tracking branch 'origin/2.4/dev' into orchit 2024-05-07 10:44:14 -04:00
m0duspwnens dcc1f656ee predownload logstash and elastic for new searchnode and heavynode 2024-05-07 10:13:51 -04:00
Wes 5aa611302a Handle YARA rules for distributed deployments 2024-05-06 19:08:01 +00:00
reyesj2 58ebbfba20 Add kafka state to standalone highstate 
Signed-off-by: reyesj2 <94730068+reyesj2@users.noreply.github.com>
 2024-05-01 13:03:14 -04:00
m0duspwnens f514e5e9bb add kafka to receiver 2024-04-11 16:23:05 -04:00
m0duspwnens 780ad9eb10 add kafka to manager nodes 2024-04-02 15:50:25 -04:00
m0duspwnens e25bc8efe4 Merge remote-tracking branch 'origin/reyesj2/kafka' into kaffytaffy 2024-04-02 13:36:47 -04:00
DefensiveDepth d7ecad4333 Initial cut to remove Playbook and deps 2024-03-25 19:42:31 -04:00
reyesj2 446f1ffdf5 merge 2.4/dev 
Signed-off-by: reyesj2 <94730068+reyesj2@users.noreply.github.com>
 2024-03-25 13:55:48 -04:00
Josh Brower 1847e5c3c0 Enable nginx on Fleet Node 2024-01-28 11:37:18 -05:00
reyesj2 a73d78300a Add initial stig state 
Signed-off-by: reyesj2 <94730068+reyesj2@users.noreply.github.com>
 2024-01-15 21:17:17 -05:00
Wes aba5893965 Add disabled state for Curator 2023-12-18 20:50:49 +00:00
Wes d203aec44a Remove Curator 2023-12-08 19:37:06 +00:00
reyesj2 8cf29682bb Update to merge in 2.4/dev 
Signed-off-by: reyesj2 <94730068+reyesj2@users.noreply.github.com>
 2023-11-29 13:41:23 -05:00