CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2026-04-25 14:07:49 +02:00
Code Issues Packages Projects Releases Wiki Activity
9,244 Commits 40 Branches 125 Tags
0cf877f169bc30448a09cc3460cc1d42b9b6e128
Commit Graph

232 Commits

Author SHA1 Message Date
m0duspwnens bd7ef1cc59 fix whitespace control 2021-12-16 09:19:20 -05:00
m0duspwnens f9b04ab96a add node's own ip to FILEBEAT_EXTRA_HOSTS 2021-12-15 16:53:22 -05:00
m0duspwnens 522bc1d2b8 fix loadbalance logic and whitespace for filebeat.yml 2021-12-15 16:21:08 -05:00
m0duspwnens 024860d0ae rename EXTRA_NODES to LOGSTASH_NODES AND REDIS_NODES 2021-12-14 23:43:06 -05:00
m0duspwnens c490a3be36 move node_data pillar to logstash:nodes, set extra hosts for filebeat docker 2021-12-14 13:32:42 -05:00
m0duspwnens 6518691c55 sort the items 2021-12-13 18:16:25 -05:00
m0duspwnens 067e79894f fix loop for node_data 2021-12-13 16:26:38 -05:00
m0duspwnens 6de2f5bd03 fix node_data 2021-12-13 15:55:09 -05:00
m0duspwnens 8d0872bce5 create node_data pillar from mine data, use node_data pillar for filebeat config 2021-12-13 15:48:30 -05:00
m0duspwnens 86f67198bf loadbalance filebeat if across managers and receivers 2021-12-10 17:43:06 -05:00
m0duspwnens 6bf4d5a576 https://github.com/Security-Onion-Solutions/securityonion/issues/6206 2021-11-12 11:37:55 -05:00
m0duspwnens 283f7296bc fix require 2021-10-22 14:45:22 -04:00
m0duspwnens 9f6407fcb0 fix dupe ids 2021-10-22 14:26:04 -04:00
m0duspwnens f61400680d fix dupe ids 2021-10-22 14:22:15 -04:00
m0duspwnens fed8bfac67 more requires on docker containers 2021-10-22 14:10:59 -04:00
weslambert bb36fc1ed8 Add TI module defaults 2021-10-15 17:16:38 -04:00
William Wernert dd1769fbef Only check for logscan on manager-type and import 2021-08-05 11:02:09 -04:00
William Wernert 33bd6aed20 Fix logscan pipeline on eval 
* Rename logscan pipeline to logscan.alert
* Add module to indices array in filebeat.yml
 2021-07-30 14:41:15 -04:00
William Wernert 9bf1d3e0c6 Misc fixes 2021-07-16 14:59:44 -04:00
William Wernert 818f912a90 [fix] Remove indent 2021-07-14 10:13:14 -04:00
William Wernert 2b0bca8e55 Merge branch 'dev' into feature/logscan 2021-07-12 14:58:30 -04:00
weslambert a895270bc8 Allow setting Filebeat logging level in pillar 2021-07-12 10:27:43 -04:00
William Wernert 80525ee736 [wip] Add logscan pipeline 2021-07-08 12:29:50 -04:00
Mike Reeves ea50023ca5 Fix filebeat modules 2021-06-24 15:53:14 -04:00
m0duspwnens 8cd2bc7c13 adding so-eval to ES_INCLUDED_NODES 2021-06-17 09:37:21 -04:00
m0duspwnens 2a5198cae4 change perms to resolve error about module-setup.yml being 660 2021-06-17 08:49:21 -04:00
Jason Ertel 2d34208269 Elastic auth: Fun with Salt 2021-06-16 17:52:22 -04:00
Jason Ertel 09fbb045a1 If ES auth disabled ensure user/pass are blank 2021-06-16 09:59:57 -04:00
Jason Ertel dd8eb29a18 Continue merge of ECS into Elastic Auth 2021-06-15 09:11:58 -04:00
Jason Ertel 37f4caf536 Make new ECS changes Elastic-auth compatible 2021-06-14 12:13:50 -04:00
Jason Ertel fca1c6e957 Merge branch 'dev' into kilo 2021-06-14 10:40:04 -04:00
m0duspwnens fd5d540c78 update roles that include es state 2021-06-14 10:00:19 -04:00
m0duspwnens d2069dc5f2 update roles that include es state 2021-06-14 09:58:50 -04:00
m0duspwnens 5941332d49 fix two bugs 2021-06-14 08:51:29 -04:00
m0duspwnens f7600af89b dont loop if modules arent defined for the node 2021-06-11 13:52:33 -04:00
Mike Reeves 12d4d4a4f7 Dynamix Pipelines take 2 2021-06-10 09:19:15 -04:00
Mike Reeves 264080546c Add log path 2021-06-09 11:37:27 -04:00
Mike Reeves 56eb220ed6 Revert to SO taxonomy for zeek and suricata 2021-06-08 09:52:05 -04:00
Jason Ertel 901242f7e9 remove extra parenthesis 2021-06-02 16:23:45 -04:00
Jason Ertel 20e896cacf Update all configs to pass user/pass to ES 2021-06-02 12:17:15 -04:00
m0duspwnens b23ce7462e add depenency 2021-05-27 11:26:25 -04:00
m0duspwnens 842aa97f7e load filebeat modules when es container starts and if fb container is running 2021-05-26 11:00:18 -04:00
Mike Reeves 34d4eedf67 Remove old modules 2021-05-26 10:11:47 -04:00
m0duspwnens 525d4325c7 define ZEEKLOGLOOKUP in the yaml 2021-05-25 17:18:58 -04:00
m0duspwnens ecf7e25a51 fix merge conflict 2021-05-25 17:16:44 -04:00
m0duspwnens dfaf40f583 add zeekloglookup to translate zeeklogs to filebeat filesets 2021-05-25 17:14:26 -04:00
Mike Reeves 543154f037 Remove old modules 2021-05-25 16:58:18 -04:00
m0duspwnens 2eee6b45bc Merge branch 'pipeline' of https://github.com/Security-Onion-Solutions/securityonion into pipeline 2021-05-25 16:52:08 -04:00
m0duspwnens 0de5c6f204 fix sodefault modules 2021-05-25 16:52:02 -04:00
Mike Reeves 9363fc153c Fix pillar for module 2021-05-25 16:44:13 -04:00