CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-07 17:52:46 +01:00
Code Issues Packages Projects Releases Wiki Activity
10,440 Commits 24 Branches 119 Tags
06ddae13b51b26b38441a62846d94e0467d2689e
Commit Graph

81 Commits

Author SHA1 Message Date
m0duspwnens
53883e4ade manage suricata classifications.config https://github.com/Security-Onion-Solutions/securityonion/issues/7918 2022-05-26 11:40:33 -04:00
Doug Burks
db4f138a78 FIX: surilogcompress cron job not running 
The suricata user was originally created with `/opt/so/conf/suricata` as its home directory. I think at some point we changed permissions on `/opt/so/conf` and at that point the `surilogcompress` cron job stopped working. Changing the home directory to `/nsm/suricata` works on all of my PROD systems (including Ubuntu and CentOS).

For more information, please see:
https://github.com/Security-Onion-Solutions/securityonion/issues/7133
 2022-03-15 07:10:02 -04:00
Jason Ertel
eefcc929c2 Update copyright pattern to match other repos 2022-01-24 10:09:23 -05:00
m0duspwnens
d7e5377a44 more requires 2021-10-22 16:46:45 -04:00
Josh Brower
4d307c53e8 Add support for disabling Zeek and Suricata 2021-09-17 13:01:50 -04:00
m0duspwnens
ebea9a7198 remove space 2021-06-16 08:07:28 -04:00
m0duspwnens
ad9441bb60 prevent suricata state from running on manager and managersearch https://github.com/Security-Onion-Solutions/securityonion/issues/2977 2021-06-16 08:06:26 -04:00
m0duspwnens
e87fb013dc prevent salt warning - The 'file_mode' argument will be ignored. Please use 'mode' instead to set file permissions. 2021-03-19 16:21:18 -04:00
m0duspwnens
ec179f8e9b https://github.com/Security-Onion-Solutions/securityonion/issues/3515 2021-03-17 18:44:25 -04:00
Jason Ertel
7222f1faa5 fix merge issue 2021-02-20 16:41:12 -05:00
Mike Reeves
b4b449aa14 Pull in Suricata changes 2021-02-19 11:01:15 -05:00
Josh Patterson
79e7b1da4d Merge pull request #3021 from Security-Onion-Solutions/issue/2989 
change suricata clean cron to run once a day
 2021-02-18 14:07:40 -05:00
m0duspwnens
03487c2a31 change suricata clean cron to run once a day 2021-02-18 14:06:45 -05:00
Josh Patterson
0ab9577863 Merge pull request #3018 from Security-Onion-Solutions/all_rules_dont_show_changes 
dont show changes since file can be large
 2021-02-18 12:23:54 -05:00
m0duspwnens
bf100a2310 dont show changes since file can be large 2021-02-18 12:23:22 -05:00
m0duspwnens
4b07d5e457 add identifier to eve clean cron 2021-02-18 09:39:54 -05:00
m0duspwnens
041d193f2d fix brackets 2021-02-18 09:37:37 -05:00
m0duspwnens
0bef8b6662 limit number of eve.json files for suricata https://github.com/Security-Onion-Solutions/securityonion/issues/2989 2021-02-18 09:26:59 -05:00
Masaya-A
995d618ff5 Add cron.absent to remove old cron job if present 2021-01-25 15:45:33 +09:00
William Wernert
59a4b148bc Merge branch 'dev' into logrotate-fix 2021-01-22 15:20:55 -05:00
Masaya-A
bcdf826204 Update init.sls 2021-01-22 09:26:52 +09:00
m0duspwnens
b693373d8d change how we allow or disallow states to be run https://github.com/Security-Onion-Solutions/securityonion/issues/2679 2021-01-20 15:09:53 -05:00
m0duspwnens
96b72d46be show steno,zeek,suricata as disabled in so-status on import node 2020-12-16 12:01:48 -05:00
m0duspwnens
1fca5e65df redo how containers get added to so-status https://github.com/Security-Onion-Solutions/securityonion/issues/1681 2020-11-10 15:31:47 -05:00
Mike Reeves
0a0e00866c Upgrade Fun 2020-09-14 14:50:22 -04:00
m0duspwnens
09cc8ae1fb fail the state if it isnt in top 2020-09-09 16:48:50 -04:00
m0duspwnens
a229ae82ce only allow state to run if it is in top for the node 2020-09-02 16:15:52 -04:00
Mike Reeves
a97ca94354 Rotate suri stats log hourly 2020-08-23 16:08:17 -04:00
Mike Reeves
ebd8105cb5 Rotate suri stats log hourly 2020-08-23 16:03:37 -04:00
Mike Reeves
b7da768dc7 add logrotate 2020-08-20 16:46:32 -04:00
m0duspwnens
35027e32b3 dont constantly run steno or suricata containers for import node 2020-08-14 14:43:37 -04:00
Mike Reeves
24ed92c9dc minio and change to global 2020-08-04 15:54:03 -04:00
m0duspwnens
e3efaee864 change reference from bro to zeek 2020-07-17 14:41:44 -04:00
Jason Ertel
8f66a27f07 Refactor image repository to a single variable 2020-07-13 18:26:43 -04:00
m0duspwnens
5ca3ecf4bd fix reference to master grain 2020-07-09 15:42:39 -04:00
m0duspwnens
3cf31e2460 https://github.com/Security-Onion-Solutions/securityonion/issues/404 2020-07-09 11:27:06 -04:00
m0duspwnens
2079eba0ad Merge remote-tracking branch 'remotes/origin/dev' into feature/suripillar 2020-06-26 13:09:15 -04:00
m0duspwnens
052c65c05e add the things to pillarize suricata - https://github.com/Security-Onion-Solutions/securityonion/issues/584 2020-06-26 13:07:41 -04:00
Mike Reeves
30ac5f9764 ADding Suricata log compression 2020-06-25 12:56:26 -04:00
m0duspwnens
f8193cb914 beginning to pillarize suricata 2020-06-04 09:40:38 -04:00
Wes Lambert
d56bc4c167 fix path 2020-05-27 17:01:05 +00:00
Wes Lambert
b7a0f79038 Update Suricata init 2020-05-27 16:58:31 +00:00
m0duspwnens
766b56a944 update dockers to 1.2.2 2020-04-23 10:11:26 -04:00
Mike Reeves
d9e27a5444 Update Versions 2020-04-15 15:37:59 -04:00
Josh Brower
f9e07709f2 bpf fix 2020-02-18 16:36:20 -05:00
Josh Brower
3925ed52c7 Suricata - BPF hotfix 2020-01-28 22:02:18 -05:00
Josh Brower
f536e89064 Suricata bpf cleanup 2020-01-28 16:12:46 -05:00
Josh Brower
8204ffdd05 Suricata bpf - docker bind bpf file 2020-01-28 15:51:13 -05:00
Josh Brower
5403dab027 Suricata - Initial bpf support 2020-01-28 15:48:40 -05:00
Wes Lambert
b995b09d52 Update version in all state files 2020-01-28 14:59:53 +00:00