CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2026-05-09 12:52:38 +02:00
Code Issues Packages Projects Releases Wiki Activity
18,150 Commits 53 Branches 125 Tags
fixhype
Commit Graph

484 Commits

Author SHA1 Message Date
Jorge Reyes ce3ad3a895 Merge pull request #15844 from Security-Onion-Solutions/reyesj2/elastic-agent-warning 
update default elastic agent logging level to warning
 2026-04-30 09:46:28 -05:00
reyesj2 39d0947102 update default elastic agent logging level to warning 2026-04-29 17:38:40 -05:00
Jorge Reyes 2f01ce3b23 so-elastic-fleet-outputs-update now checks for cert drift. Remove running --cert arg on cert change to prevent highstate from running outputs-update 2x 2026-04-29 12:33:28 -05:00
reyesj2 9cec79b299 check current fleet policy cert against cert on disk 
Co-authored-by: Copilot <copilot@github.com>
 2026-04-28 13:34:39 -05:00
reyesj2 5f2ec76ba8 prevent fleetnode from being able to run elasticfleet.manager state manually 2026-04-23 09:50:45 -05:00
reyesj2 b015c8ff14 remove docker import 2026-04-23 09:31:30 -05:00
reyesj2 7e70870a9e remove globals import 2026-04-23 09:25:36 -05:00
reyesj2 22b32a16dd include elasticfleet.config 2026-04-23 08:30:47 -05:00
reyesj2 339959d1c0 split up elasticfleet/enabled state 2026-04-22 20:30:40 -05:00
reyesj2 06a555fafb urlencode elasticsearch version 2026-04-21 14:01:31 -05:00
reyesj2 0405a66c72 enable elastic agent patch release for 9.3.3 2026-04-13 16:27:28 -05:00
reyesj2 a232cd89cc ES 9.3.3 2026-04-13 13:36:51 -05:00
reyesj2 89e49d0bf3 rework elasticsearch index template generation 2026-04-09 16:44:51 -05:00
reyesj2 f0b67a415a more filestream integration policy updates 2026-04-09 12:40:55 -05:00
reyesj2 dd56e7f1ac filestream integration policy updates 2026-04-07 11:08:10 -05:00
reyesj2 8101bc4941 ES 9.3.2 2026-04-06 15:08:30 -05:00
Josh Patterson d3f819017b ensure bool sliders for elasticfleet config options 2026-03-19 13:13:26 -04:00
Josh Patterson c2c5aea244 ensure bool sliders for each state:enabled annotation 2026-03-19 12:35:38 -04:00
Josh Patterson 74ad2990a7 Merge remote-tracking branch 'origin/3/dev' into delta 2026-03-18 13:05:02 -04:00
Josh Patterson e19e83bebb allow user defined ulimits 2026-03-18 10:38:15 -04:00
Doug Burks 930985b770 update helpLink references for new documentation 2026-03-18 09:46:45 -04:00
Josh Patterson 2349750e13 DOCKER to DOCKERMERGED 2026-03-17 16:19:02 -04:00
Josh Patterson 00986dc2fd Merge remote-tracking branch 'origin/delta' into customulimit 2026-03-17 16:04:09 -04:00
Mike Reeves 2d97dfc8a1 Add customizable ulimit settings for all Docker containers 
Add ulimits as a configurable advanced setting for every container,
allowing customization through the web UI. Move hardcoded ulimits
from elasticsearch and zeek into defaults.yaml and fix elasticsearch
ulimits that were incorrectly nested under the environment key.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-03-17 15:10:42 -04:00
Josh Patterson 4dc377c99f DOCKER to DOCKERMERGED 2026-03-17 15:06:06 -04:00
Josh Patterson 7bf63b822d replace placeholder files with .gitkeep to keep empty directories 2026-03-17 11:40:49 -04:00
Jorge Reyes 7e5daf7f7f fix suricata filestream dataset 2026-02-24 12:46:20 -06:00
Jorge Reyes fd29fdd975 Merge pull request #15438 from Security-Onion-Solutions/reyesj2-patch-13 
ensure exclude_files excludes log rotation pattern
 2026-01-29 11:45:08 -06:00
reyesj2 2de98b1397 ensure exclude_files excludes log rotation pattern 2026-01-29 11:06:24 -06:00
Jorge Reyes 1d57c02608 Merge pull request #15436 from Security-Onion-Solutions/reyesj2-patch-13 2026-01-28 15:36:50 -06:00
reyesj2 ebeeb91297 run fleet ssl state in fleet.config to ensure all required certs are created before so-elastic-fleet-setup runs 2026-01-28 15:23:38 -06:00
reyesj2 1c06bddb09 include all so-grid-nodes_* policies in automatic EA upgrades 2026-01-28 11:01:57 -06:00
Jorge Reyes 36f8c490c8 Merge pull request #15418 from Security-Onion-Solutions/reyesj2-patch-11 
update heavynode's elastic-agent standalone policy
 2026-01-28 08:11:02 -06:00
reyesj2 4ad6136d98 update redis log file path 2026-01-27 14:23:22 -06:00
reyesj2 8900f9ade3 collect elasticsearch logs on heavynodes via fleet managed elastic agent 2026-01-26 13:51:58 -06:00
reyesj2 8cf0d59560 remove block of elasticsearch-logs integration on heavynodes 2026-01-26 12:48:15 -06:00
reyesj2 a78e0b0871 only create /opt/so/state/eaintegrations.txt when all policies have been created/updated successfully 2026-01-26 12:26:21 -06:00
reyesj2 32f030f6f6 formatting 2026-01-26 12:24:31 -06:00
reyesj2 809422c517 add retries to so-resources repo pull 2026-01-22 16:39:19 -06:00
reyesj2 ba68e3c9bd more better 2026-01-20 15:30:19 -06:00
reyesj2 a8e218a9ff reinstall agent on grid nodes when service wasn't cleanly removed. eg. manually deleting /opt/Elastic/Agent/ 2026-01-20 12:37:06 -06:00
Josh Patterson a192455fae Merge remote-tracking branch 'origin/2.4/dev' into bravo 2026-01-19 17:17:58 -05:00
Josh Patterson 66f17e95aa Merge pull request #15397 from Security-Onion-Solutions/fstes 
Fstes
 2026-01-16 18:38:06 -05:00
Josh Patterson 9905d23976 inform which state is being applied 2026-01-16 18:27:24 -05:00
Josh Patterson 074158b495 discard so-elasticsearch-templates-load running again during setup 2026-01-16 17:42:00 -05:00
Josh Patterson 82d5115b3f rerun so-elasticsearch-templates-load during setup 2026-01-16 16:43:10 -05:00
Jorge Reyes 6eda7932e8 Merge pull request #15394 from Security-Onion-Solutions/reyesj2/elastic9-filestream 
remove usage of deprecated 'logs' integration in favor of 'filestream'
 2026-01-16 13:19:15 -06:00
reyesj2 2133ada3a1 add additional retries within scripts before salt re-runs the entire script 2026-01-16 13:09:08 -06:00
Josh Patterson 00fbc1c259 add back individual signing policies 2026-01-12 09:25:15 -05:00
Josh Patterson 3bc552ef38 Merge remote-tracking branch 'origin/2.4/dev' into bravo 2026-01-08 17:15:48 -05:00