CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2026-04-25 14:07:49 +02:00
Code Issues Packages Projects Releases Wiki Activity
7,987 Commits 40 Branches 125 Tags
235d8b7cf0abf8b6b9f48c8e286015dfc151466c
Commit Graph

362 Commits

Author SHA1 Message Date
m0duspwnens 0627ca2fc2 use heavynode hostname for certs if heavynode. changes to logstash pipeline for redis if heavynode 2021-07-06 15:32:39 -04:00
weslambert 2f3f04e4ca Change from nodename to host 2021-07-06 14:18:39 -04:00
weslambert 2e91f27336 Add conditional for heavynode 2021-07-06 14:17:49 -04:00
weslambert 10b1829830 Add conditional for heavynode 2021-07-06 14:16:34 -04:00
weslambert 4946f32d88 Add extra_hosts entry for local instance when running as heavy node 2021-07-06 14:14:58 -04:00
Jason Ertel 2d34208269 Elastic auth: Fun with Salt 2021-06-16 17:52:22 -04:00
Jason Ertel 09fbb045a1 If ES auth disabled ensure user/pass are blank 2021-06-16 09:59:57 -04:00
Jason Ertel dd8eb29a18 Continue merge of ECS into Elastic Auth 2021-06-15 09:11:58 -04:00
Jason Ertel fca1c6e957 Merge branch 'dev' into kilo 2021-06-14 10:40:04 -04:00
Mike Reeves 12d4d4a4f7 Dynamix Pipelines take 2 2021-06-10 09:19:15 -04:00
Mike Reeves 7fba904f75 Dynamix Pipelines take 1 2021-06-09 15:32:39 -04:00
Mike Reeves 4c90a0ed7e Add templates for SO logs 2021-06-09 12:04:32 -04:00
Mike Reeves a959ec1eb1 Revert to SO taxonomy for zeek and suricata 2021-06-08 13:23:31 -04:00
Mike Reeves 3e138cbc6d Revert to SO taxonomy for zeek and suricata 2021-06-08 13:14:46 -04:00
Jason Ertel e22421ec99 Refactor users/roles management via salt due to Salt's clobbering of the inode which breaks Docker mounts 2021-06-04 20:01:30 -04:00
Jason Ertel 5c527b2c48 Rename username param to user since logstash is 'unique' 2021-06-03 07:51:43 -04:00
Jason Ertel 901242f7e9 remove extra parenthesis 2021-06-02 16:23:45 -04:00
weslambert a1b34e7a88 Fix Suricata index name 2021-06-02 15:30:14 -04:00
Jason Ertel 20e896cacf Update all configs to pass user/pass to ES 2021-06-02 12:17:15 -04:00
Mike Reeves bfcde15a24 elastic pipeline test 2021-05-26 14:22:14 -04:00
Mike Reeves 1e564c2140 Fix zeek jinja 2021-05-25 10:22:36 -04:00
Wes Lambert 37929dbd7d Add additional config for Filebeat modules 2021-05-06 13:54:28 +00:00
Mike Reeves 2e01330e1b Update 9101_output_osquery_livequery.conf.jinja 2021-03-09 13:15:04 -05:00
Josh Brower 00da549430 Merge pull request #3358 from Security-Onion-Solutions/delta 
FEATURE: Initial support for viewing Osquery Live Query results in Hunt
 2021-03-09 09:18:57 -05:00
Josh Brower fe8788c09a Merge remote-tracking branch 'remotes/origin/dev' into delta 2021-03-08 12:56:47 -05:00
Josh Brower 548f67ca6f Initial support for Live Queries in Hunt 2021-03-04 18:21:13 -05:00
Mike Reeves a0a8d12526 Enable SSL and Features 2021-03-04 10:08:28 -05:00
Mike Reeves 49371a1d6a fix elastic output for ssl 2021-03-03 14:30:45 -05:00
Mike Reeves bfd05a8cfc Change to https for elastic connections 2021-03-02 11:32:29 -05:00
Mike Reeves 3219f4cd12 Remove Features Option 2021-03-02 11:04:50 -05:00
Josh Brower b8137214e4 Initial Support - Live Query to Hunt 2021-02-26 08:08:09 -05:00
Mike Reeves 4212afe0c9 Add features option back 2021-01-30 19:57:18 -05:00
Mike Reeves 636687ac59 Merge pull request #2702 from Security-Onion-Solutions/essecurity 
SSL with Elastic Basic license. Remove features option.
 2021-01-21 13:57:28 -05:00
Mike Reeves 9408d62c65 Remove features 2021-01-21 13:55:53 -05:00
m0duspwnens b693373d8d change how we allow or disallow states to be run https://github.com/Security-Onion-Solutions/securityonion/issues/2679 2021-01-20 15:09:53 -05:00
William Wernert a4897d2063 [fix] Add Elasticsearch to containers running on Helix sensor 2020-12-16 09:07:38 -05:00
William Wernert 15347d1209 [fix] More condition changes for Helix 2020-12-15 15:08:33 -05:00
m0duspwnens 1fca5e65df redo how containers get added to so-status https://github.com/Security-Onion-Solutions/securityonion/issues/1681 2020-11-10 15:31:47 -05:00
Mike Reeves 13be0da484 Add a place where custom logstash certs can go 2020-10-28 15:26:41 -04:00
Mike Reeves 361b13dc88 Add a place where custom logstash certs can go 2020-10-28 15:25:00 -04:00
Wes Lambert 884cc2d054 Don't predefine index date for Logstash outputs 2020-10-12 15:41:47 +00:00
Mike Reeves 96083e1458 update logstash outputs 2020-10-11 17:06:56 -04:00
Mike Reeves e4ce17d4de Turn on SSL output 2020-10-11 16:10:55 -04:00
Mike Reeves a7bd1c2ce5 Turn on SSL output 2020-10-11 15:58:12 -04:00
Wes Lambert 69a04dedd3 Filterlog config changes 2020-10-09 23:56:52 +00:00
weslambert 8e829b47ae Remove dataset name since pipeline no longer in use 2020-10-07 11:48:56 -04:00
m0duspwnens 748dc5ba91 logstash changes per https://github.com/Security-Onion-Solutions/securityonion/issues/1444 2020-10-05 14:10:05 -04:00
m0duspwnens 09cc8ae1fb fail the state if it isnt in top 2020-09-09 16:48:50 -04:00
m0duspwnens a229ae82ce only allow state to run if it is in top for the node 2020-09-02 16:15:52 -04:00
Mike Reeves df95baa835 Point logstash to use intca.crt 2020-08-20 10:45:48 -04:00