CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2026-03-22 12:45:29 +01:00
Code Issues Packages Projects Releases Wiki Activity
17,894 Commits 37 Branches 123 Tags
quickfixes
Commit Graph

17894 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Mike Reeves
d3938b61d2 ja4plus nest enabled under ja4plus key for defaults 2026-03-19 12:39:37 -04:00
Mike Reeves
83b7fecbbc ja4plus cleanup 2026-03-19 11:12:24 -04:00
Mike Reeves
d227cf71c8 ja4plus cleanup 2026-03-19 11:01:40 -04:00
Josh Patterson
020b9db610 Merge pull request #15641 from Security-Onion-Solutions/delta 
Support docker ulimit customization
 2026-03-19 09:46:33 -04:00
Josh Patterson
cceaebe350 remove restriction of mmap locked on suricata ulimits 2026-03-19 09:42:39 -04:00
Josh Patterson
a982056363 Merge remote-tracking branch 'origin/3/dev' into delta 2026-03-18 15:45:15 -04:00
Josh Patterson
db81834e06 fix indentation to match prior indentation 2026-03-18 15:44:49 -04:00
Jason Ertel
318e4ec54b Merge pull request #15643 from Security-Onion-Solutions/jertel/wip 
fix casing to match annotation docs
 2026-03-18 15:36:47 -04:00
Jorge Reyes
20bf05e9f3 Merge pull request #15644 from Security-Onion-Solutions/reyesj2-361 
fix so-idh and so-redis datastream config
 2026-03-18 14:36:17 -05:00
Josh Patterson
4254769e68 Merge remote-tracking branch 'origin/3/dev' into delta 2026-03-18 15:32:52 -04:00
reyesj2
c16ff2bd99 so-idh and so-redis datastream config 2026-03-18 14:31:23 -05:00
Jason Ertel
0c88b32fc2 fix casing to match annotation docs 2026-03-18 15:31:19 -04:00
Josh Patterson
0814f34f0e don't define zeek nofile, already uses docker default 2026-03-18 13:13:06 -04:00
Jason Ertel
b6366e52ba Merge pull request #15642 from Security-Onion-Solutions/jertel/wip 
more doc updates
 2026-03-18 13:09:36 -04:00
Jason Ertel
825f377d2d more doc updates 2026-03-18 13:05:36 -04:00
Josh Patterson
74ad2990a7 Merge remote-tracking branch 'origin/3/dev' into delta 2026-03-18 13:05:02 -04:00
Josh Patterson
738ce62d35 Merge pull request #15640 from Security-Onion-Solutions/customulimit 
ensure valid ulimit names
 2026-03-18 12:51:15 -04:00
Josh Patterson
057ec6f0f1 ensure valid ulimit names 2026-03-18 12:49:46 -04:00
Jorge Reyes
20c4da50b1 Merge pull request #15632 from Security-Onion-Solutions/reyesj2-15601 
fix global override settings affecting non-data stream indices
 2026-03-18 10:51:17 -05:00
Jason Ertel
5fb396fc09 Merge pull request #15637 from Security-Onion-Solutions/jertel/wip 
ignore redis restart warning in logstash log
 2026-03-18 11:13:00 -04:00
Josh Patterson
a0b1e31717 Merge pull request #15638 from Security-Onion-Solutions/customulimit 
remove .jinja from daemon.json
 2026-03-18 11:09:41 -04:00
Josh Patterson
cacae12ba3 remove .jinja from daemon.json 2026-03-18 11:08:33 -04:00
Jason Ertel
83bd8a025c ignore redis restart warning in logstash log 2026-03-18 10:59:20 -04:00
Josh Patterson
2a271b950b Merge pull request #15636 from Security-Onion-Solutions/customulimit 
Customulimit
 2026-03-18 10:42:19 -04:00
Josh Patterson
e19e83bebb allow user defined ulimits 2026-03-18 10:38:15 -04:00
Doug Burks
066918e27d Merge pull request #15634 from Security-Onion-Solutions/dougburks-3dev 
update helpLink references for new documentation
 2026-03-18 10:01:43 -04:00
Doug Burks
930985b770 update helpLink references for new documentation 2026-03-18 09:46:45 -04:00
Jorge Reyes
346dc446de Merge pull request #15630 from Security-Onion-Solutions/reyesj2-449 
use elasticsearch recommended vm.max_map_count
 2026-03-17 15:36:06 -05:00
reyesj2
7e7b8dc8a8 vm.max_map_count allow for minion specific values 2026-03-17 15:23:46 -05:00
Josh Patterson
341471d38e DOCKER to DOCKERMERGED 2026-03-17 16:19:36 -04:00
Josh Patterson
2349750e13 DOCKER to DOCKERMERGED 2026-03-17 16:19:02 -04:00
reyesj2
2c6c502067 use elasticsearch recommended vm.max_map_count 2026-03-17 15:12:29 -05:00
Josh Patterson
00986dc2fd Merge remote-tracking branch 'origin/delta' into customulimit 2026-03-17 16:04:09 -04:00
Josh Patterson
d60bef1371 add spft/hard ulimits 2026-03-17 16:00:09 -04:00
Josh Patterson
5806a85214 Merge pull request #15629 from Security-Onion-Solutions/ulimits 
Add customizable ulimit settings for all Docker containers
 2026-03-17 15:14:31 -04:00
Mike Reeves
2d97dfc8a1 Add customizable ulimit settings for all Docker containers 
Add ulimits as a configurable advanced setting for every container,
allowing customization through the web UI. Move hardcoded ulimits
from elasticsearch and zeek into defaults.yaml and fix elasticsearch
ulimits that were incorrectly nested under the environment key.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-03-17 15:10:42 -04:00
Josh Patterson
d6263812a6 move daemon.json to docker/files 2026-03-17 15:09:09 -04:00
Josh Patterson
ef7d1771ab DOCKER TO DOCKERMERGED 2026-03-17 15:08:10 -04:00
Josh Patterson
4dc377c99f DOCKER to DOCKERMERGED 2026-03-17 15:06:06 -04:00
reyesj2
a52e5d0474 update index template priorities + explicity add datastream config options 2026-03-17 13:50:15 -05:00
reyesj2
1a943aefc5 rollover datastreams to get latest index templates + remove existing ilm policies from so-case / so-detection indices 2026-03-17 13:49:20 -05:00
Mike Reeves
4bb61d999d Merge pull request #15628 from Security-Onion-Solutions/zeekload 
Add salt states for custom Zeek package loading
 2026-03-17 13:40:14 -04:00
Mike Reeves
e0e0e3e97b Exclude README from zkg sync 2026-03-17 13:36:56 -04:00
Mike Reeves
6b039b3f94 Consolidate zkg directory creation into file.recurse with makedirs 2026-03-17 13:36:03 -04:00
Josh Patterson
d2d2f0cb5f Merge pull request #15627 from Security-Onion-Solutions/delta 
old code cleanup. add ja4 toggle in soc.
 2026-03-17 13:24:59 -04:00
Mike Reeves
e6ee7dac7c Add salt states for custom Zeek package loading 
Create /opt/so/conf/zeek/zkg directory and sync custom packages
from the manager via file.recurse. Bind mount the directory into
the so-zeek container so the entrypoint can install packages on
startup.
 2026-03-17 13:22:59 -04:00
Josh Patterson
7bf63b822d replace placeholder files with .gitkeep to keep empty directories 2026-03-17 11:40:49 -04:00
Josh Patterson
1a7d72c630 ensure empty directory tracked by git 2026-03-17 11:11:02 -04:00
Josh Patterson
4224713cc6 Merge pull request #15624 from Security-Onion-Solutions/moreja 
Add SOC UI toggle for JA4+ fingerprinting
 2026-03-17 09:44:04 -04:00
Mike Reeves
b452e70419 Keep JA4S_raw and JA4H_raw hardcoded to disabled 2026-03-17 09:37:37 -04:00