fa8162de02
Merge pull request #15749 from Security-Onion-Solutions/feature/postgres
...
Add so-postgres Salt states and infrastructure
2026-04-28 10:15:47 -04:00
b22585ca90
Merge pull request #15833 from Security-Onion-Solutions/reyesj2-es933
...
exclude more transform job errors
2026-04-27 15:05:11 -05:00
9f2ca7012f
exclude more transform job errors
2026-04-27 15:02:13 -05:00
cd6707a566
Merge pull request #15800 from Security-Onion-Solutions/feature/vm-raid-status
...
monitor raid for vms
2026-04-22 09:42:44 -04:00
247091766c
more error handling during image updates
2026-04-21 10:18:05 -04:00
ee437265fc
monitor raid for vms
2026-04-20 12:00:02 -04:00
5228668be0
Fix Telegraf→Postgres table creation and state.apply race
...
- Telegraf's partman template passed p_type:='native', which pg_partman
5.x (the version shipped by postgresql-17-partman on Debian) rejects.
Switched to 'range' so partman.create_parent() actually creates
partitions and Telegraf's INSERTs succeed.
- Added a postgres_wait_ready gate in telegraf_users.sls so psql execs
don't race the init-time restart that docker-entrypoint.sh performs.
- so-verify now ignores the literal "-v ON_ERROR_STOP=1" token in the
setup log. Dropped the matching entry from so-log-check, which scans
container stdout where that token never appears.
2026-04-17 13:00:12 -04:00
c124186989
so-log-check: exclude psql ON_ERROR_STOP flag
...
The psql invocation flag '-v ON_ERROR_STOP=1' used by the so-postgres
init script gets flagged by so-log-check because the token 'ERROR'
matches its error regex. Add to the exclusion list.
2026-04-15 19:45:42 -04:00
358a2e6d3f
Add so-postgres to container image pull list
...
Add to both the import and default manager container lists so
the image gets downloaded during installation.
2026-04-09 10:02:41 -04:00
74ad2990a7
Merge remote-tracking branch 'origin/3/dev' into delta
2026-03-18 13:05:02 -04:00
20c4da50b1
Merge pull request #15632 from Security-Onion-Solutions/reyesj2-15601
...
fix global override settings affecting non-data stream indices
2026-03-18 10:51:17 -05:00
83bd8a025c
ignore redis restart warning in logstash log
2026-03-18 10:59:20 -04:00
d6263812a6
move daemon.json to docker/files
2026-03-17 15:09:09 -04:00
1a943aefc5
rollover datastreams to get latest index templates + remove existing ilm policies from so-case / so-detection indices
2026-03-17 13:49:20 -05:00
744d8fdd5e
Merge pull request #15620 from Security-Onion-Solutions/mreeves/remove-non-oracle9-salt
...
Remove non-Oracle Linux 9 support from salt states
2026-03-16 17:10:24 -04:00
afc14ec29d
Remove non-Oracle Linux 9 support from salt states
...
Simplifies salt states, map files, and modules to only support
Oracle Linux 9, removing all Debian/Ubuntu/CentOS/Rocky/AlmaLinux/RHEL
conditional branches.
2026-03-16 16:58:39 -04:00
59134c65d0
Merge pull request #15619 from Security-Onion-Solutions/mreeves/remove-non-oracle9-support
...
Remove support for non-Oracle Linux 9 operating systems
2026-03-16 16:55:59 -04:00
d2cee468a0
Remove support for non-Oracle Linux 9 operating systems
...
Security Onion now exclusively supports Oracle Linux 9. This removes
detection, setup, and update logic for Ubuntu, Debian, CentOS, Rocky,
AlmaLinux, and RHEL.
2026-03-16 16:44:07 -04:00
94f454c311
cleanup file.absent
2026-03-16 15:57:15 -04:00
75cddbf444
set container ulimits to default
2026-03-11 14:46:29 -04:00
7f07c96a2f
pcapout still used for extracts
2026-03-09 14:58:27 -04:00
e8adea3022
restore pcapout since it's still used
2026-03-07 08:20:08 -05:00
71839bc87f
remove steno
2026-03-06 15:45:36 -05:00
2c4d833a5b
update 2.4 references to 3
2026-03-05 11:05:19 -05:00
863276e24f
Merge pull request #15539 from Security-Onion-Solutions/jertel/wip
...
prepare for nextgen docs
2026-02-27 13:18:47 -05:00
9bd5e1897a
prepare for nextgen docs
2026-02-27 13:09:55 -05:00
78ae6cd84c
upgrade docker
2026-02-20 12:29:23 -05:00
6ce6eb95d6
use existing retry
2026-01-29 15:54:36 -06:00
b3d1dd51a4
initialize specific indices as needed
2026-01-29 15:41:39 -06:00
6b1939b827
exclude known issues with 3 integrations
2026-01-27 12:59:17 -06:00
55b3fa389e
no dates
2026-01-23 16:33:22 -06:00
b3ae716929
ignore kratos file mapping error
2026-01-23 16:31:30 -06:00
f6bde3eb04
remove double logging
2026-01-20 11:56:31 -05:00
a192455fae
Merge remote-tracking branch 'origin/2.4/dev' into bravo
2026-01-19 17:17:58 -05:00
d430ed6727
false positive
2026-01-15 15:25:28 -06:00
349d77ffdf
exclude kafka restart error
2026-01-15 14:43:57 -06:00
152f2e03f1
Merge remote-tracking branch 'origin/2.4/dev' into bravo
2026-01-06 15:15:30 -05:00
2d705e7caa
exempt kratos online check
2026-01-06 09:47:35 -05:00
9878d9d37e
handle steno ca certs directory properly
2025-12-12 19:07:00 -05:00
1475f0fc2f
timestamp logging for wait_for_salt_minion
2025-12-12 16:30:42 -05:00
8158fee8fc
change how we determine if the salt-minion is ready
2025-12-12 15:24:47 -05:00
f15a39c153
Add historical hashes
2025-12-03 11:24:04 -05:00
9a6ff75793
Merge remote-tracking branch 'origin/2.4/dev' into idstools-refactor
2025-11-12 08:51:51 -05:00
e3972dc5af
Merge remote-tracking branch 'origin/2.4/dev' into bravo
2025-11-10 13:28:42 -05:00
274295bc97
return exit codes
2025-11-07 17:39:13 -05:00
a84df14137
rename forward node -> sensor node
2025-11-06 15:23:55 -06:00
2f6fb717c1
Merge remote-tracking branch 'origin/2.4/dev' into idstools-refactor
2025-11-06 10:38:37 -05:00
635545630b
strelka use single master image
2025-11-03 09:36:46 -06:00
1949be90c2
allow to preserve files
2025-10-29 16:49:59 -04:00
dca38c286a
Merge pull request #15137 from Security-Onion-Solutions/amv
...
allow user to create VMs that mount virtual disk for /nsm. new nsm_total grain
2025-10-14 11:25:57 -04:00
Mike Reeves
Jorge Reyes
Josh Patterson
Jason Ertel
Mike Reeves
Jason Ertel
DefensiveDepth