CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-22 00:43:09 +01:00
Code Issues Packages Projects Releases Wiki Activity
8,670 Commits 18 Branches 120 Tags
04d2b523060d340c6031ae3f09bca0c1d73affd7
Commit Graph

5105 Commits

Author SHA1 Message Date
William Wernert
a4289b7ab9 Merge pull request #6107 from Security-Onion-Solutions/foxtrot 
Manage docker gid and run preflight check during setup
 2021-11-04 10:07:05 -04:00
Mike Reeves
dc07aba63d Update so-common-template.json.jinja 2021-11-03 13:50:31 -04:00
Mike Reeves
747f14d60e Make common template honor replicas 2021-11-03 13:11:38 -04:00
William Wernert
9a9d1480de Manage docker group's gid to prevent gid overlap 2021-11-02 10:41:36 -04:00
Josh Brower
8b52f87a60 Merge pull request #6066 from Security-Onion-Solutions/fix/evtx-import-elastic-creds 
Fix/evtx import elastic creds
 2021-11-02 09:25:25 -04:00
Josh Brower
a6f399acf4 Fix evtx import logging 2021-11-02 09:19:32 -04:00
Josh Brower
3534256517 Add evtx import logging 2021-11-02 09:03:52 -04:00
Josh Brower
b756c0cd38 Pull ES Creds at Runtime 2021-11-02 08:57:11 -04:00
Josh Brower
2ba619144c Support non-WEL Beats 2021-11-02 08:23:29 -04:00
Mike Reeves
095e6bd48c Merge pull request #6044 from Burak-PLT/patch-1 
Update auth.sls
 2021-11-01 10:22:16 -04:00
William Wernert
a5cba5ecf8 Merge branch 'dev' into foxtrot 2021-10-29 10:01:46 -04:00
Burak-PLT
f081938be5 Update auth.sls 
Change default password lengths to 72 characters from 20.
 2021-10-28 16:00:58 -04:00
m0duspwnens
5c5b4004e9 Merge remote-tracking branch 'remotes/origin/dev' into issue/5759 2021-10-28 08:52:04 -04:00
Josh Patterson
05e0f92ec5 Merge pull request #6036 from Security-Onion-Solutions/issue/5955 
include ssl state in telegraf state
 2021-10-28 08:50:57 -04:00
m0duspwnens
0cea5e8f22 include ssl state in telegraf state 2021-10-28 08:46:27 -04:00
m0duspwnens
7eb42fa6bd change boolean 2021-10-28 08:43:03 -04:00
m0duspwnens
18ce9c7819 disable zeekpacketlosscron and telegraf checks if zeek is diabled via pillar 2021-10-28 07:46:02 -04:00
Mike Reeves
c8c8cf203f Enable cluster stats 2021-10-27 15:44:52 -04:00
Josh Patterson
19056b9177 Merge pull request #6027 from Security-Onion-Solutions/issue/5955 
Issue/5955
 2021-10-27 15:07:22 -04:00
William Wernert
eee612e73d Make folder/file states explicit 
Rather than using /nsm/zeek (max_depth: 1) create explicit states for /nsm/zeek/spool and /nsm/zeek/spool/state.db that set correct ownership
 2021-10-27 11:43:09 -04:00
William Wernert
331801eec2 Merge branch 'dev' into foxtrot 2021-10-27 10:58:16 -04:00
m0duspwnens
e7f43cff5e limit nodes that bind filebeat certs in so-logstash 2021-10-27 10:45:10 -04:00
William Wernert
90d473f2d6 Update ip for root user in mysql when running so-ip-update 2021-10-27 10:42:33 -04:00
m0duspwnens
bf403a8307 only manager nodes get cert, key and att&ck binds 2021-10-27 09:47:12 -04:00
m0duspwnens
58d62f29ea include ssl state in registry state 2021-10-26 11:55:47 -04:00
m0duspwnens
c0dd9efd9b change so-thehive-es binds and requires 2021-10-26 10:50:16 -04:00
m0duspwnens
36ae07b78e change timeout from 60 to 120 2021-10-26 10:49:50 -04:00
Mike Reeves
d77328608e Remove port bindings for steno 
Steno runs in host mode so port bindings are not required
 2021-10-26 10:23:33 -04:00
m0duspwnens
682cbfd223 remove the mode 2021-10-26 09:23:24 -04:00
m0duspwnens
fa2edb2b59 make cortex_init and hive_init time out after 1 minutes vs 5 minutes 2021-10-26 08:39:30 -04:00
m0duspwnens
0c679b62b2 Merge remote-tracking branch 'remotes/origin/dev' into issue/5955 2021-10-25 16:29:41 -04:00
m0duspwnens
7e8d74e770 just use mode 2021-10-25 15:50:27 -04:00
m0duspwnens
9a78d13bee change perms on mysql 2021-10-25 15:37:23 -04:00
weslambert
3be0d05eea Update field removal based on HTTP input changes 2021-10-25 13:16:30 -04:00
weslambert
7fa43a276a Rename default headers and host for HTTP input 2021-10-25 13:15:20 -04:00
William Wernert
dca30146ab Merge branch 'dev' into foxtrot 2021-10-25 10:50:25 -04:00
William Wernert
6e34905b42 Escape single quotes and allow for any character in node description 2021-10-25 10:48:09 -04:00
m0duspwnens
ee7e714f43 change to file_mode 2021-10-22 16:55:23 -04:00
m0duspwnens
d7e5377a44 more requires 2021-10-22 16:46:45 -04:00
William Wernert
38b16a507b Update ip for root user in mysql when running so-ip-update 2021-10-22 15:29:32 -04:00
William Wernert
17af513692 Escape single quotes and allow for any character in node description 2021-10-22 15:28:37 -04:00
m0duspwnens
283f7296bc fix require 2021-10-22 14:45:22 -04:00
m0duspwnens
9f6407fcb0 fix dupe ids 2021-10-22 14:26:04 -04:00
m0duspwnens
f61400680d fix dupe ids 2021-10-22 14:22:15 -04:00
m0duspwnens
fed8bfac67 more requires on docker containers 2021-10-22 14:10:59 -04:00
William Wernert
352e30f9e1 Add CUSTOM_FLEET_HOSTNAME to subjectAltName of fleet.key 
Resolves #4319
 2021-10-22 11:16:29 -04:00
m0duspwnens
451b19dc4d change from file to x509 2021-10-22 09:53:20 -04:00
William Wernert
d5d970672d Merge pull request #5974 from Security-Onion-Solutions/foxtrot 
Add so-deny script + rewrite so-allow to match
 2021-10-21 16:37:05 -04:00
m0duspwnens
f93c6146f5 docker binds requires 2021-10-21 15:24:55 -04:00
weslambert
40dd33affe Merge pull request #5971 from Security-Onion-Solutions/feature/es_templates 
Add .keyword subfield for conflict fields
 2021-10-21 15:07:00 -04:00