securityonion

mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-11 03:32:53 +01:00

Author	SHA1	Message	Date
Wes	31a49268cb	Add o365 and okta	2023-08-23 20:20:06 +00:00
Wes	3f2793088a	Add templates	2023-08-23 19:02:50 +00:00
m0duspwnens	9cba9d9ae0	allow to override number_of_replicas from one place in soc ui	2023-08-17 15:00:01 -04:00
m0duspwnens	4d497022db	replace . with _x_ for soc ui compat	2023-08-10 09:52:18 -04:00
Wes	d84dbf9535	Add fleet	2023-07-24 18:53:52 +00:00
Wes	de7b7ff989	Add endpoint	2023-07-24 18:35:02 +00:00
weslambert	e02bdffe34	Fix typos	2023-06-23 16:10:22 -04:00
Wes	b96d3473f2	Fix indentation	2023-06-23 18:38:04 +00:00
Wes	62fa15c63e	Add more templates	2023-06-23 14:43:15 +00:00
weslambert	e995576b1d	Remove extra templates	2023-06-23 09:41:49 -04:00
Wes	c2ac60b82e	Add system.system template and add event-mappings	2023-06-14 13:28:00 +00:00
Wes	af003cc2a1	Add osquery templates	2023-06-13 20:43:39 +00:00
Wes	5547a1b7ab	Add event mappings	2023-06-13 18:23:50 +00:00
Wes	d0a6881c2c	Add event mappings and remove meta information for now	2023-06-13 13:35:46 +00:00
Wes	57268ba934	Change priority of templates	2023-06-12 14:29:45 +00:00
Wes	42f5ad9939	Add templates for system.auth and systen.syslog	2023-06-12 14:23:24 +00:00
Wes	ad5a424c03	Update templates for integrations	2023-06-09 18:32:50 +00:00
m0duspwnens	2a979197a0	enabled/disable elasticsearch in ui	2023-05-09 09:33:37 -04:00
Mike Reeves	2cb6f0f1e6	Add curator settings	2023-03-27 12:30:39 -04:00
weslambert	0a9a064648	Remove node attrs configuration since node roles will be used	2023-03-23 13:45:51 -04:00
Wes	84360aa9bf	Set replicas for Osquery manager indices to 0	2023-03-22 21:47:49 +00:00
Wes	eaaa028999	Update Elastic Agent template settings	2023-03-22 19:52:13 +00:00
Mike Reeves	5fc297b8c1	Change Elastic Logic	2023-03-21 16:52:08 -04:00
Wes	e105e56fac	Move data stream configuration outside of ILM policy definition	2023-03-13 13:27:02 +00:00
weslambert	16d9478196	Add index lifecycle management policy definitions for default Elastic Agent data streams	2023-03-10 16:54:47 -05:00
Wes	c9118699a9	Add index management lifecycle policy defintion and reference in index template	2023-02-10 15:10:30 +00:00
Wes	f1db1bc273	Ensure Kratos events are sent to a data stream instead of an index	2023-01-26 16:12:06 +00:00
Wes	51692ac66c	Update index pattern in various template definitions to match new data stream naming convention	2023-01-23 21:52:44 +00:00
weslambert	7d3f6121eb	Remove default "logs-*" template settings for now	2023-01-19 10:29:10 -05:00
weslambert	7a499c9051	Modify default 'logs-*' template priority	2023-01-18 17:24:07 -05:00
weslambert	73a4dae28e	Make sure Elastic Agent data streams do not use replicas	2023-01-13 16:10:44 -05:00
weslambert	7cba5626b7	Merge pull request #9570 from Security-Onion-Solutions/fix/elasticsearch_templates_elastic_agent Change priority for Elastic Agent Elasticsearch index templates	2023-01-12 16:48:12 -05:00
weslambert	654d869e3e	Change priority from 500 to 200 for Elastic Agent index templates to avoid collisions with other templates	2023-01-12 16:46:08 -05:00
weslambert	fb8d8ea972	Update Elasticsearch index template for Kratos	2023-01-12 15:31:41 -05:00
Wes	c3b83f1fc8	Update template settings to use data streams	2023-01-11 14:03:11 +00:00
m0duspwnens	c880be8d45	use curator defaults.yaml merged with pillar for actions	2022-10-21 10:38:32 -04:00
Wes	46dd4c2749	Rename component mappings and references for Security Onion	2022-09-20 20:33:06 +00:00
Wes	12e940f809	Change managed_by value from 'fleet' to 'security_onion' for Elastic Agent templates in defaults.yaml	2022-09-16 20:55:49 +00:00
Mike Reeves	b38f0fa996	Update watermark settings	2022-09-13 12:13:45 -04:00
weslambert	030f4d228a	Add back Elastic Agent default templates	2022-09-12 15:10:24 -04:00
Mike Reeves	74ef6c0ed0	Fix yaml for idh,es,kib,esalert	2022-09-09 15:30:28 -04:00
Wes	86d60e444d	Add Elastic Agent index/template configuration to defaults file	2022-09-08 00:20:22 +00:00
Josh Brower	8e368bdebe	Merge in upstream dev	2022-05-06 20:01:07 -04:00
weslambert	542db5b7f5	Update defaults.yaml	2022-04-21 17:24:24 -04:00
weslambert	7128b04636	Remove indices.query.bool.max_clause_count because it is dynamically allocated in Elastic 8	2022-03-17 21:20:41 -04:00
Wes Lambert	c549b20221	Add DTC client mappings	2022-03-07 18:36:26 +00:00
weslambert	254cf53c2f	Increase clause count to 3500	2022-03-04 10:36:37 -05:00
Wes Lambert	ffae22beef	Add DTC syslog mappings for .keyword and add refs to defaults.yml	2022-03-04 13:04:11 +00:00
Wes Lambert	aa8d24b6cd	Add DTC destination, source, and winlog mapping references to templates in defaults file	2022-03-03 13:42:20 +00:00
Wes Lambert	c5b16fdf3b	Adjust field limit for now	2022-03-02 16:33:39 +00:00

1 2

70 Commits