CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2026-03-24 05:22:38 +01:00
Code Issues Packages Projects Releases Wiki Activity
17,894 Commits 39 Branches 123 Tags
quickfixes
Commit Graph

466 Commits

Author SHA1 Message Date
Josh Patterson
74ad2990a7 Merge remote-tracking branch 'origin/3/dev' into delta 2026-03-18 13:05:02 -04:00
Josh Patterson
e19e83bebb allow user defined ulimits 2026-03-18 10:38:15 -04:00
Doug Burks
930985b770 update helpLink references for new documentation 2026-03-18 09:46:45 -04:00
Josh Patterson
2349750e13 DOCKER to DOCKERMERGED 2026-03-17 16:19:02 -04:00
Josh Patterson
00986dc2fd Merge remote-tracking branch 'origin/delta' into customulimit 2026-03-17 16:04:09 -04:00
Mike Reeves
2d97dfc8a1 Add customizable ulimit settings for all Docker containers 
Add ulimits as a configurable advanced setting for every container,
allowing customization through the web UI. Move hardcoded ulimits
from elasticsearch and zeek into defaults.yaml and fix elasticsearch
ulimits that were incorrectly nested under the environment key.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-03-17 15:10:42 -04:00
Josh Patterson
4dc377c99f DOCKER to DOCKERMERGED 2026-03-17 15:06:06 -04:00
Josh Patterson
7bf63b822d replace placeholder files with .gitkeep to keep empty directories 2026-03-17 11:40:49 -04:00
Jorge Reyes
7e5daf7f7f fix suricata filestream dataset 2026-02-24 12:46:20 -06:00
Jorge Reyes
fd29fdd975 Merge pull request #15438 from Security-Onion-Solutions/reyesj2-patch-13 
ensure exclude_files excludes log rotation pattern
 2026-01-29 11:45:08 -06:00
reyesj2
2de98b1397 ensure exclude_files excludes log rotation pattern 2026-01-29 11:06:24 -06:00
Jorge Reyes
1d57c02608 Merge pull request #15436 from Security-Onion-Solutions/reyesj2-patch-13 2026-01-28 15:36:50 -06:00
reyesj2
ebeeb91297 run fleet ssl state in fleet.config to ensure all required certs are created before so-elastic-fleet-setup runs 2026-01-28 15:23:38 -06:00
reyesj2
1c06bddb09 include all so-grid-nodes_* policies in automatic EA upgrades 2026-01-28 11:01:57 -06:00
Jorge Reyes
36f8c490c8 Merge pull request #15418 from Security-Onion-Solutions/reyesj2-patch-11 
update heavynode's elastic-agent standalone policy
 2026-01-28 08:11:02 -06:00
reyesj2
4ad6136d98 update redis log file path 2026-01-27 14:23:22 -06:00
reyesj2
8900f9ade3 collect elasticsearch logs on heavynodes via fleet managed elastic agent 2026-01-26 13:51:58 -06:00
reyesj2
8cf0d59560 remove block of elasticsearch-logs integration on heavynodes 2026-01-26 12:48:15 -06:00
reyesj2
a78e0b0871 only create /opt/so/state/eaintegrations.txt when all policies have been created/updated successfully 2026-01-26 12:26:21 -06:00
reyesj2
32f030f6f6 formatting 2026-01-26 12:24:31 -06:00
reyesj2
809422c517 add retries to so-resources repo pull 2026-01-22 16:39:19 -06:00
reyesj2
ba68e3c9bd more better 2026-01-20 15:30:19 -06:00
reyesj2
a8e218a9ff reinstall agent on grid nodes when service wasn't cleanly removed. eg. manually deleting /opt/Elastic/Agent/ 2026-01-20 12:37:06 -06:00
Josh Patterson
a192455fae Merge remote-tracking branch 'origin/2.4/dev' into bravo 2026-01-19 17:17:58 -05:00
Josh Patterson
66f17e95aa Merge pull request #15397 from Security-Onion-Solutions/fstes 
Fstes
 2026-01-16 18:38:06 -05:00
Josh Patterson
9905d23976 inform which state is being applied 2026-01-16 18:27:24 -05:00
Josh Patterson
074158b495 discard so-elasticsearch-templates-load running again during setup 2026-01-16 17:42:00 -05:00
Josh Patterson
82d5115b3f rerun so-elasticsearch-templates-load during setup 2026-01-16 16:43:10 -05:00
Jorge Reyes
6eda7932e8 Merge pull request #15394 from Security-Onion-Solutions/reyesj2/elastic9-filestream 
remove usage of deprecated 'logs' integration in favor of 'filestream'
 2026-01-16 13:19:15 -06:00
reyesj2
2133ada3a1 add additional retries within scripts before salt re-runs the entire script 2026-01-16 13:09:08 -06:00
Josh Patterson
00fbc1c259 add back individual signing policies 2026-01-12 09:25:15 -05:00
Josh Patterson
3bc552ef38 Merge remote-tracking branch 'origin/2.4/dev' into bravo 2026-01-08 17:15:48 -05:00
reyesj2
e9341ee8d3 remove usage of deprecated 'logs' integration in favor of 'filestream' 2025-12-24 10:40:23 -06:00
reyesj2
b61885add5 Fix Kafka output policy - singular topic key 2025-12-17 16:03:12 -06:00
reyesj2
7977a020ac elasticsearch 9.0.8 2025-12-16 16:03:47 -06:00
Josh Patterson
9960db200c Merge remote-tracking branch 'origin/2.4/dev' into bravo 2025-12-11 17:30:43 -05:00
Josh Patterson
b9ff1704b0 the great ssl refactor 2025-12-11 17:30:06 -05:00
reyesj2
8477420911 logstash adv config state file 2025-12-03 20:10:06 -06:00
reyesj2
877444ac29 cert update is a forced update 2025-12-02 15:16:59 -06:00
reyesj2
b0d9426f1b automated cert update for kafka fleet output policy 2025-12-02 15:11:00 -06:00
reyesj2
18accae47e annotation typo 2025-12-02 15:10:29 -06:00
reyesj2
45a8c0acd1 merge 2.4/dev 2025-12-02 11:16:08 -06:00
Jorge Reyes
6fbed2dd9f Merge pull request #15264 from Security-Onion-Solutions/reyesj2-patch-2 
add force & certs flag to update fleet certs as needed
 2025-12-01 11:11:25 -06:00
reyesj2
edf3c9464f add --certs flag to update certs. Used with --force, to ensure certs are updated even if hosts update isn't needed 2025-11-25 16:16:19 -06:00
reyesj2
90638f7a43 Merge branch 'reyesj2/advea' into reyesj2/advilm 2025-11-21 14:25:28 -06:00
reyesj2
1fb00c8eb6 update so-elastic-fleet-outputs-update to use advanced output options when set, else empty "". Also trigger update_logstash_outputs() when hash of config_yaml has changed 2025-11-21 14:22:42 -06:00
reyesj2
4490ea7635 format EA logstash output adv config items 2025-11-21 14:21:17 -06:00
reyesj2
bce7a20d8b soc configurable EA logstash output adv settings 2025-11-21 14:19:51 -06:00
reyesj2
b52dd53e29 advanced ilm actions 2025-11-19 13:24:55 -06:00
reyesj2
45b4b1d963 ingest zeek analyzer.log + update dpd dashboard with analyzer tag 2025-11-14 15:47:29 -06:00