CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2026-02-26 00:45:34 +01:00
Code Issues Packages Projects Releases Wiki Activity
17,724 Commits 28 Branches 121 Tags
2552a5c17d54f683437c5fac8f84b1d3f258ccc6
Commit Graph

17724 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Mike Reeves
2552a5c17d Merge pull request #15522 from Security-Onion-Solutions/TOoSmOotH-patch-4 
Rename model ID from 'sonnet-4.5' to 'sonnet'
 2026-02-24 10:11:43 -05:00
Mike Reeves
fa479c4b89 Merge pull request #15517 from Security-Onion-Solutions/souppcap 
Add Support for upgrading to 3.0
 2026-02-24 10:11:24 -05:00
Mike Reeves
479e3e0afa Update display name for Claude Sonnet model 2026-02-24 10:10:49 -05:00
Mike Reeves
be35b59b8c Update echo messages for PCAP engine clarity 2026-02-24 10:04:26 -05:00
Mike Reeves
c52d3269d6 Rename model ID from 'sonnet-4.5' to 'sonnet' 2026-02-24 09:45:46 -05:00
Josh Patterson
3583b92836 Merge pull request #15519 from Security-Onion-Solutions/bravo 
fix soup failure if salt-relay isn't running
 2026-02-23 15:17:49 -05:00
Josh Patterson
2375061cfa so-yaml.py tell which key not found 2026-02-23 13:19:03 -05:00
Josh Patterson
1a9a087af2 redirect not found if key isn't found 2026-02-23 13:17:38 -05:00
Josh Patterson
bf16de7bfd fix duplicate log lines in soup log 2026-02-23 12:07:04 -05:00
Josh Patterson
863c7abc8b fix soup failure if salt-relay isn't running 2026-02-23 11:36:20 -05:00
Mike Reeves
7170289a5e Continue upgrade after pcapengine is changed to SURICATA 
Instead of exiting and requiring the user to rerun the script after
changing pcapengine to SURICATA, let the script continue to the
version check and upgrade.
 2026-02-23 11:35:32 -05:00
Mike Reeves
ca040044bb Use so-yaml to update pcapengine pillar and fix file path 
Replace fragile sed with so-yaml.py replace for proper YAML handling.
Also correct the pillar file path from soc_soc.sls to soc_global.sls.
 2026-02-23 11:16:30 -05:00
Mike Reeves
f17e2961ed Add PCAP orphan warning and require SURICATA before upgrade 
- Warn users that undeleted Stenographer PCAP data will be inaccessible
  and never automatically cleaned up if they switch to SURICATA without
  deleting it first
- Require pcapengine to be set to SURICATA before allowing upgrade,
  with clear messaging when the user declines to change it
 2026-02-23 11:05:30 -05:00
Mike Reeves
bbc7668786 Add version check, PCAP cleanup prompts, and SOC config references to soupto3 
- Skip upgrade if already running Security Onion 3.x.x
- Add interactive prompts to delete Stenographer PCAP data (with double confirmation) and change pcapengine to SURICATA
- Direct users to SOC Configuration UI instead of editing pillar files directly
- Consolidate TRANSITION and STENO cases to reduce repeated code
 2026-02-23 10:49:54 -05:00
Mike Reeves
1888f9e757 Soup to 3 2026-02-23 10:07:16 -05:00
Josh Patterson
5822d1c974 Merge pull request #15513 from Security-Onion-Solutions/bravo 
fix consecutive comments
 2026-02-20 16:12:12 -05:00
Josh Patterson
b3139c5008 fix consecutive comments 2026-02-20 16:07:59 -05:00
Jorge Reyes
0a64bb0a87 Merge pull request #15511 from Security-Onion-Solutions/reyesj2/analyzdepupg 
upgrade analyzer deps
 2026-02-20 13:28:32 -06:00
Jorge Reyes
cf6b5aeceb Merge pull request #15503 from Security-Onion-Solutions/reyesj2/mngdanno 
migrate managed_integrations pillar
 2026-02-20 13:28:23 -06:00
reyesj2
bcb850d98a analyzer typo 2026-02-20 12:34:28 -06:00
Josh Patterson
f0139c04f0 Merge pull request #15510 from Security-Onion-Solutions/bravo 
upgrade docker
 2026-02-20 12:32:10 -05:00
Josh Patterson
78ae6cd84c upgrade docker 2026-02-20 12:29:23 -05:00
Matthew Wright
b7e0b2faa3 Merge pull request #15505 from Security-Onion-Solutions/mwright/gemini-tests 
New so-yaml.py Functions for Gemini Cypress Test Support
 2026-02-20 10:06:15 -05:00
Josh Patterson
bfd1cf2d9b Merge pull request #15509 from Security-Onion-Solutions/bravo 
upgrade docker
 2026-02-20 08:31:38 -05:00
Josh Patterson
8cc8a63a4e upgrade docker 2026-02-20 07:59:07 -05:00
coreyogburn
b3a0eb0761 Merge pull request #15507 from Security-Onion-Solutions/cogburn/update-assistant-annot 
healthTimeoutSeconds should be an int
 2026-02-19 15:58:05 -07:00
Corey Ogburn
38e45056f2 healthTimeoutSeconds should be an int 2026-02-19 15:56:28 -07:00
Josh Patterson
39bad077ae Merge pull request #15506 from Security-Onion-Solutions/bravo 
upgrade docker
 2026-02-19 17:17:43 -05:00
Josh Patterson
b349d27e8c upgrade docker 2026-02-19 17:12:39 -05:00
Matthew Wright
90eee49ab6 whitespace issue pt2 2026-02-19 16:35:35 -05:00
Matthew Wright
f025886b31 whitespace issue 2026-02-19 16:33:40 -05:00
Matthew Wright
7fa01f5fd5 added new funcs to so-yaml.py to support gemini tests 2026-02-19 16:20:44 -05:00
reyesj2
75e1f74244 Merge branch '2.4/dev' of github.com:Security-Onion-Solutions/securityonion into reyesj2/analyzdepupg 2026-02-19 15:10:54 -06:00
reyesj2
4036469857 analyzer dep upgrades 2026-02-19 15:10:50 -06:00
reyesj2
256c1122c3 remove old pillar 2026-02-19 11:08:23 -06:00
reyesj2
aa2a1a3d3c typo for so-yaml file input 2026-02-19 11:08:06 -06:00
Jorge Reyes
93f52453b4 Merge pull request #15499 from Security-Onion-Solutions/reyesj2-patch-15 
rework autosoup for intermediate upgrades
 2026-02-19 09:08:00 -06:00
Jorge Reyes
a9307aa308 Clarify duration for Elasticsearch upgrade verification 
Added a note about the potential duration of the Elasticsearch upgrade verification process.
 2026-02-19 08:31:26 -06:00
reyesj2
0ebd8e4d6c migrate elasticsearch:managed_integrations pillar to new manager:managed_integrations pillar 2026-02-18 19:00:35 -06:00
coreyogburn
8fc3011f92 Merge pull request #15501 from Security-Onion-Solutions/cogburn/protocols 
Add OpenAI Protocols
 2026-02-18 14:34:10 -07:00
Corey Ogburn
911c9d56db Add OpenAI Protocols 2026-02-18 14:32:18 -07:00
Josh Patterson
c1273c3d2c Merge pull request #15500 from Security-Onion-Solutions/bravo 
upgrade docker
 2026-02-18 16:29:50 -05:00
Josh Patterson
d0018c9333 upgrade docker 2026-02-18 15:52:37 -05:00
Matthew Wright
3349c1a936 Merge pull request #15492 from Security-Onion-Solutions/mwright/investigate-refactor 
Assistant: Investigated Query Toggle Filter
 2026-02-18 15:04:33 -05:00
Josh Patterson
32819c8635 upgrade docker 2026-02-18 14:20:17 -05:00
reyesj2
58c0a9183c unmount current agupdate dir, before final upgrade on airgap 2026-02-18 10:04:32 -06:00
Jorge Reyes
7dfd212519 Merge pull request #15497 from Security-Onion-Solutions/revert-15465-reyesj2/iso-soup 
Revert "allow network installs to use ISO for faster soupin"
 2026-02-18 10:04:16 -06:00
Jorge Reyes
b8fb0fa735 Revert "allow network installs to use ISO for faster soupin" 2026-02-18 10:02:24 -06:00
Jorge Reyes
e6f767b613 Merge pull request #15496 from Security-Onion-Solutions/revert-15468-reyesj2/iso-soup 
Revert "don't set is_airgap when using nonairgap_useiso: not a true airgap sy…"
 2026-02-18 10:02:13 -06:00
Jorge Reyes
d00fb4ccf7 Revert "don't set is_airgap when using nonairgap_useiso: not a true airgap sy…" 2026-02-18 09:42:12 -06:00