CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2026-04-25 14:07:49 +02:00
Code Issues Packages Projects Releases Wiki Activity
11,278 Commits 40 Branches 125 Tags
1d0e09bdf7b986dbfe27cada6fc6ddf752827026
Commit Graph

11278 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
weslambert 3f9764d22d Merge pull request #9633 from Security-Onion-Solutions/fix/elastic_agent_more_improvements 
More Elastic Agent Integration Improvements
 2023-01-24 15:16:52 -05:00
Mike Reeves a048034f16 Salt for Ubuntu 2023-01-24 13:38:39 -05:00
Jason Ertel 7b1f867ac3 Add defaults for auto extracted observables 2023-01-24 13:17:50 -05:00
Wes 4b9c92c53d Set RITA event.dataset value explicitly 2023-01-24 18:00:34 +00:00
Wes 38ead7cb82 Remove import tag for now 2023-01-24 17:58:19 +00:00
Wes 44d149b1c3 Allow imported data to use a tag of 'import' 2023-01-24 17:01:52 +00:00
Wes 1e5377c78a Condense RITA integration policies, add ICS tags, and improve output readability 2023-01-24 16:56:20 +00:00
m0duspwnens b23575d85e add global vars for manager 2023-01-24 11:03:03 -05:00
Jason Ertel b0709e93fa test workflow 2023-01-24 10:50:52 -05:00
Jason Ertel fd7d51a59b Merge pull request #9630 from Security-Onion-Solutions/kilo 
Kilo
 2023-01-24 10:45:12 -05:00
Jason Ertel 0dc5e7e714 try paths with wildcard 2023-01-24 10:38:59 -05:00
Jason Ertel 62b96c3698 rework filter for action 2023-01-24 10:31:02 -05:00
Jason Ertel ec2e923530 Add proper spacing between headers and content 2023-01-24 10:28:39 -05:00
Jason Ertel 2bffd9b473 Merge pull request #9628 from Security-Onion-Solutions/kilo 
try paths filter on both even though docs only mention support for push
 2023-01-24 10:27:30 -05:00
Jason Ertel cfc232eafa try paths filter on both even though docs only mention support for push 2023-01-24 10:23:42 -05:00
m0duspwnens 6d3f57d648 Merge remote-tracking branch 'remotes/origin/2.4/dev' into 2.4/firewall 2023-01-24 10:17:24 -05:00
m0duspwnens 50895ee304 need to set_minion_info in setup for each node type 2023-01-24 10:16:58 -05:00
weslambert 7e0e5071d9 Merge pull request #9627 from Security-Onion-Solutions/fix/elastic_agent_integration_improvements 
Elastic Agent Integration Improvements
 2023-01-24 10:10:01 -05:00
Mike Reeves 2da30f42d4 Check for Ubuntu 2023-01-24 10:07:32 -05:00
Wes 7b4d8a47f0 Add copyright header to 'so-elastic-fleet-*' scripts 2023-01-24 15:07:00 +00:00
Josh Patterson 095ca29aca Merge pull request #9626 from Security-Onion-Solutions/2.4/firewall 
change MASTER to MANAGER in so-minion
 2023-01-24 09:46:17 -05:00
Wes f19cf75311 Change how event.dataset is determined for Suricata events 2023-01-24 14:45:00 +00:00
m0duspwnens ee98e0684e change MASTER to MANAGER 2023-01-24 09:44:01 -05:00
Josh Patterson b797e356b4 Merge pull request #9624 from Security-Onion-Solutions/2.4/firewall 
remove filebeat and redis(commented out) from telegraf config
 2023-01-24 09:01:59 -05:00
m0duspwnens 88107fe0df remove filebeat and redis(commented out) from telegraf config 2023-01-24 08:59:51 -05:00
Wes 51692ac66c Update index pattern in various template definitions to match new data stream naming convention 2023-01-23 21:52:44 +00:00
Wes 40c6b380df Update Import and Zeek integration policies; also update Zeek ingest node pipelines to set event.dataset. 2023-01-23 21:44:46 +00:00
Wes d342f3c4b8 Add 'so-elastic-fleet-integration-policy-bulk-delete' to perform bulk deletion of integration policies 2023-01-23 21:38:13 +00:00
Josh Patterson a503632f30 Merge pull request #9620 from Security-Onion-Solutions/2.4/firewall 
2.4/firewall
 2023-01-23 15:56:53 -05:00
m0duspwnens d1ec7c8ace remove to match with 2.4/dev 2023-01-23 15:50:53 -05:00
Jason Ertel 5da1b03d9b Merge pull request #9619 from Security-Onion-Solutions/kilo 
switch MySQL 8 to use native password for playbook compat; fix so-verify mail inspection
 2023-01-23 15:14:00 -05:00
Jason Ertel 5a016312f6 switch MySQL 8 to use native password to avoid playbook incompatibility 2023-01-23 14:53:39 -05:00
m0duspwnens 90a224793e merge with 2.4dev and fix conflict 2023-01-23 14:49:32 -05:00
m0duspwnens 22fbb953ea create cronjob to run highstate after setup 2023-01-23 14:46:26 -05:00
Jason Ertel d421aa82a2 do not treat all installs as ISO; fix check for non-empty mail files 2023-01-23 14:04:26 -05:00
Josh Patterson 1039e77550 Merge pull request #9617 from Security-Onion-Solutions/2.4/firewall 
allow elastic agent on sensors to connect to managers
 2023-01-23 13:19:49 -05:00
Mike Reeves f077b5c96d Remove 18.04 2023-01-23 13:11:50 -05:00
Josh Brower f811223ba7 Merge pull request #9614 from Security-Onion-Solutions/playbookfixup 
Playbookfixup
 2023-01-23 08:20:06 -05:00
Josh Brower d3cb57bba2 Rerun the playbook state 2023-01-23 08:16:28 -05:00
m0duspwnens a1fa4e3ef2 revert reload_modules since bugged 2023-01-20 15:43:57 -05:00
Josh Brower 1ab8c712e4 remove exit condition 2023-01-20 15:17:04 -05:00
Jason Ertel a613d960b9 Merge pull request #9608 from Security-Onion-Solutions/kilo 
setup improvements
 2023-01-20 13:11:11 -05:00
Jason Ertel 9541214073 logCmd with tee is eating the exit code 2023-01-20 12:26:52 -05:00
Jason Ertel 56478da0b2 eliminate find/exec issue altogether to keep it simple 2023-01-20 11:58:29 -05:00
Jason Ertel c3384d8381 further improvements 2023-01-20 11:23:13 -05:00
Jason Ertel 1e4f9c9f26 use newer find syntax to allow the exec to work inside a quoted string 2023-01-20 11:01:02 -05:00
Jason Ertel fea4a1b33d Merge branch '2.4/dev' into kilo 2023-01-20 10:33:17 -05:00
Jason Ertel ece63b72e2 Ensure so-verify output is logged 2023-01-20 07:38:58 -05:00
Jason Ertel 46aa7ebdf3 correct find/exec syntax 2023-01-20 06:48:33 -05:00
weslambert 9c83b775ee Merge pull request #9604 from Security-Onion-Solutions/feature/sensoroni_scripts 
Add scripts for starting, stopping, and restarting Sensoroni
 2023-01-19 16:59:29 -05:00