CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-24 18:03:10 +01:00
Code Issues Packages Projects Releases Wiki Activity
6,153 Commits 19 Branches 120 Tags
19d22e1f8a7b658105e111d65eb8e2021567df99
Commit Graph

3502 Commits

Author SHA1 Message Date
Wes Lambert
19d22e1f8a Allow for Filebeat queue/output adjustments via pillar 2021-01-21 15:34:54 +00:00
Wes Lambert
0039877779 Check for port availability for Wazuh and Strelka 2021-01-21 13:29:09 +00:00
Wes Lambert
9a91674688 Add reserved ports file for sysctl 2021-01-21 13:18:22 +00:00
Wes Lambert
74e315841a Modify common to reserve Docker proxy ports 2021-01-21 13:17:16 +00:00
Josh Patterson
516634ef8d Merge pull request #2691 from Security-Onion-Solutions/issue/2679 
Issue/2679
 2021-01-20 17:41:43 -05:00
m0duspwnens
18217ba38b change so-searchnode role to so-node https://github.com/Security-Onion-Solutions/securityonion/issues/2679 2021-01-20 17:40:02 -05:00
m0duspwnens
6e756b3586 allow heathcheck state for standalone and heavynode 2021-01-20 17:34:53 -05:00
Josh Patterson
e7e6243399 Merge pull request #2689 from Security-Onion-Solutions/issue/2679 
Issue/2679
 2021-01-20 15:14:38 -05:00
m0duspwnens
18278a97ac fix salt top formatting 2021-01-20 15:13:55 -05:00
m0duspwnens
b693373d8d change how we allow or disallow states to be run https://github.com/Security-Onion-Solutions/securityonion/issues/2679 2021-01-20 15:09:53 -05:00
Jason Ertel
58f922aac3 Skip image pull if so-tcpreplay image already exists and is current 2021-01-20 11:17:10 -05:00
m0duspwnens
b1c5b83fd5 removing old search node logic and managersensor from salt top 2021-01-20 09:53:42 -05:00
m0duspwnens
caaa8cc764 add schedule state to fleet node so it gets highstate schedule 2021-01-20 09:46:49 -05:00
Jason Ertel
71e0014115 Wrap parenthesis around correlation filter to allow additional filtering 2021-01-19 17:51:23 -05:00
Jason Ertel
d91913e58e Redirect tcpreplay warnings to dev null when running so-test 2021-01-18 21:42:50 -05:00
Mike Reeves
12aa4033b6 Fix soup in case airgap is in the hostname 2021-01-18 18:08:34 -05:00
Jason Ertel
2006677a22 Add default customization file (Blank) 2021-01-15 20:08:27 -05:00
Jason Ertel
0af6afa216 Add method for making adjustments to the SOC UI 2021-01-15 16:26:06 -05:00
William Wernert
432d231a0e [fix] Don't use set -e since we depend on non-zero exit codes for this function 2021-01-15 13:52:10 -05:00
William Wernert
9726ff9ce6 [fix] Correct logic for verbose flag 2021-01-15 13:39:12 -05:00
Mike Reeves
9cf63545bc Merge pull request #2640 from Masaya-A/influxdb/strengthen 
Disable weak cipher suites from influxdb
 2021-01-15 10:50:21 -05:00
William Wernert
ed129bcf1f [fix] Add verbose flag so that so-monitor-add only sees necessary information 2021-01-15 09:25:04 -05:00
Jason Ertel
07b5f1d23e Rename functions to avoid naming conflict with setup vars 2021-01-15 08:55:30 -05:00
Masaya-A
0d93b15a63 Disable weak cipher suites from influxdb 
The default config of influxdb enables use of some weak cipher suites such as RC4 and 3DES(SWEET32).
To disable them, a list of enabled ciphers added into influxdb.conf.
 2021-01-15 11:47:04 +09:00
William Wernert
dbe22f901d [fix] Add jinja raw block to so-common 2021-01-14 14:54:37 -05:00
William Wernert
ebc5a4314a [feat] Add salt logs to log rotation config 2021-01-14 13:43:00 -05:00
William Wernert
0db439df1e Merge branch 'dev' into feature/setup 2021-01-14 13:06:32 -05:00
William Wernert
82c7832d60 [fix] Fix indent in valid_hostname 2021-01-14 12:58:21 -05:00
Jason Ertel
9d0dca05b1 Adjusted logic on so-tcpreplay to handle init for standalone/eval nodes 2021-01-13 22:29:58 -05:00
Jason Ertel
ea1ab75072 Refactored so-common node type checks for improved readability; Updated so-tcpreplay to support distributed grids 2021-01-13 12:42:54 -05:00
William Wernert
4dc3a6aa35 [refactor] Standardize list inputs to comma separated 2021-01-13 11:36:20 -05:00
m0duspwnens
df590bfd23 pillarize disk freespace for steno https://github.com/Security-Onion-Solutions/securityonion/issues/2095 2021-01-13 11:09:38 -05:00
Mike Reeves
2950779d91 Fix stralka rule update 2021-01-13 09:57:12 -05:00
m0duspwnens
225ed1c14a change suriloss and zeekloss to be more similar code style 2021-01-12 16:39:19 -05:00
William Wernert
332c6877b8 [fix] Add extra arg to printf instead of using echo 2021-01-12 11:01:25 -05:00
William Wernert
ef7a934b9d [feat] Add functions for input validation 2021-01-12 11:01:04 -05:00
m0duspwnens
6ea1a83afe resolve some issues with the zeekloss script https://github.com/Security-Onion-Solutions/securityonion/issues/2590 2021-01-11 14:10:08 -05:00
Jason Ertel
bc8e200919 Continued retry implementation for salt-key acceptance; improve timestamp coverage in setup 2021-01-10 02:34:46 -05:00
Jason Ertel
63047b4b85 Add retry logic around salt key acceptance during setup 2021-01-10 00:57:43 -05:00
Josh Patterson
d2848b9985 Merge pull request #2561 from Security-Onion-Solutions/automation/so-status 
add description for exit code 99
 2021-01-07 11:24:14 -05:00
m0duspwnens
83e7493691 add description for exit code 99 2021-01-07 11:23:39 -05:00
Josh Patterson
d287dd2412 Merge pull request #2557 from Security-Onion-Solutions/automation/so-status 
Automation/so status
 2021-01-07 09:07:12 -05:00
m0duspwnens
a5735e6654 return 99 if setup is running 2021-01-06 20:14:42 -05:00
m0duspwnens
ae7c0a26be add a quiet mode to so-status for automation testing 2021-01-06 18:46:21 -05:00
Wes Lambert
7f64d57111 Reserve port for Wazuh API and check if port is already in use 2021-01-06 14:37:28 -05:00
Wes Lambert
e7db1a99bd Set @timestamp to winlog.systemTime 2021-01-06 14:37:28 -05:00
Mike Reeves
7d25e8a08b Remove ERSPAN so log doesn't show a warning 2021-01-06 14:37:28 -05:00
Masaya-A
d37023e0f5 Make yum removing unneeded packages 
Reference: https://www.stigviewer.com/stig/red_hat_enterprise_linux_7/2020-09-03/finding/V-204452
 2021-01-06 14:37:28 -05:00
weslambert
c864cc607f Remove multiple old so-yara-update cron jobs, if needed 2021-01-06 14:37:27 -05:00
weslambert
958635b012 Remove old Strelka cron job 2021-01-06 14:37:27 -05:00