CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2026-01-25 01:13:28 +01:00
Code Issues Packages Projects Releases Wiki Activity
17,451 Commits 23 Branches 121 Tags
271f545f4f8d2cbbf4fe2bb324126d35db2d455b
Commit Graph

11225 Commits

Author SHA1 Message Date
Josh Patterson
6ff701bd5c soc ui improvements for hypervisor layout. show free hardware for a hypervisor in the description 2025-02-16 01:33:50 -05:00
Josh Patterson
c34be5313d hardware logging. vm state file logging 2025-02-15 21:41:01 -05:00
Josh Patterson
ec2fc0a5f2 change locking method 2025-02-15 18:56:04 -05:00
Josh Patterson
ad54afe39a ensure socore:socore ownership 2025-02-15 12:11:23 -05:00
Josh Patterson
eb4cd75218 virtual_node_manager lookup hardware from defaults. allocate hw in vm file 2025-02-15 11:29:47 -05:00
Josh Patterson
a84f5a1e32 updated logging added returns 2025-02-15 11:14:39 -05:00
Josh Patterson
e193347fb4 add hypervisor to host keys first connection. cleaner qcow2 logging. 2025-02-15 10:54:49 -05:00
Josh Patterson
ad27c8674b no longer need add_* nodes 2025-02-15 10:50:09 -05:00
reyesj2
03b76cbcf5 remove state files 2025-02-13 08:51:50 -06:00
reyesj2
c711ffe6c5 keep pipeline "managed" metadata 2025-02-13 08:44:56 -06:00
reyesj2
09c7b31918 update pfsense pipeline version. Remove unused component templates 2025-02-12 16:33:56 -06:00
reyesj2
40cb3a53ae Revert ES 8.17.2 upgrade -> 8.17.1 
Signed-off-by: reyesj2 <94730068+reyesj2@users.noreply.github.com>
 2025-02-12 13:18:08 -06:00
Josh Patterson
5123a86062 start of dynamic annotations for hypervisor 2025-02-12 13:21:39 -05:00
reyesj2
fb0cd436d3 ES 8.17.2 TODO: Check import-evtx-logs.json for updated pipeline versions 
Signed-off-by: reyesj2 <94730068+reyesj2@users.noreply.github.com>
 2025-02-11 11:23:04 -06:00
reyesj2
33f145a40b ensure network packet capture integration data has event.module:network_traffic 2025-02-10 13:16:39 -06:00
reyesj2
3b69ff9fc9 integration policy update 2025-02-10 13:16:25 -06:00
reyesj2
9bde70a8e2 zeek.software typo 
Signed-off-by: reyesj2 <94730068+reyesj2@users.noreply.github.com>
 2025-02-07 15:19:40 -06:00
m0duspwnens
010c205eec configure bond and monitor nics 2025-02-07 14:45:06 -05:00
reyesj2
dd17ee7665 fix defining custom logstash pipelines when kafka is enabled 2025-02-06 22:19:24 -06:00
Josh Patterson
160c84ec1a Merge pull request #14200 from Security-Onion-Solutions/2.4/dev 
2.4/dev
 2025-02-06 17:41:22 -05:00
m0duspwnens
924c0b63bd put vnm engine in place 2025-02-06 16:05:56 -05:00
m0duspwnens
9b8dce0c77 only wait and make predicable when virt-install runs 2025-02-06 15:44:28 -05:00
m0duspwnens
7159678385 create predicatble interfaces 2025-02-06 15:30:46 -05:00
Jason Ertel
4b51066327 Merge pull request #14191 from Security-Onion-Solutions/jertel/wip 
ca download; ignore shard errors on startup; clarify oidc id
 2025-02-05 15:09:57 -05:00
Jason Ertel
bf19c6e730 ca download; ignore shard errors on startup; clarify oidc id 2025-02-05 15:04:04 -05:00
Joshua Brower
4636a8d9b1 Refresh Agent installers 2025-02-05 09:38:33 -05:00
Joshua Brower
95fe212202 Rework for MSI 2025-02-05 09:29:45 -05:00
Corey Ogburn
23ebe966e0 Added Large Values Warning 
maxBulkEscalateEvents now has a warning that large values may run into other limits.
 2025-02-04 10:33:04 -07:00
Corey Ogburn
d0fa6eaf83 New Limit on Bulk Creating Related Events 
Used by the UI and API to hint at a user that not every event will be attached to a case. Supports values up to 10,000 (the default limit on the number of documents returned by a single ES search).
 2025-02-03 14:20:33 -07:00
m0duspwnens
c8e232c598 cloudinit network config out of user-data. default 220G disk 2025-02-03 12:20:34 -05:00
Joshua Brower
b874619f0d Fix ip-mappings ILM 2025-02-03 09:31:08 -05:00
m0duspwnens
a3013ff85b simplify the LVM deactivation process by removing unnecessary VG removal attempts 2025-01-31 16:36:51 -05:00
m0duspwnens
65c5abfa88 add note regarding possible missing devices 2025-01-31 16:15:46 -05:00
m0duspwnens
0114e36cfa set lvm = system uuid and only sanitize new nvme if doesnt belong to current vm 2025-01-31 15:17:54 -05:00
m0duspwnens
5c56e0f498 already configured not failure state 2025-01-31 11:18:11 -05:00
m0duspwnens
61992ae787 verify script work with 1 or more nvme 2025-01-30 13:28:08 -05:00
m0duspwnens
08bbeedbd7 add automatic NVMe device mounting for VMs with LVM support 2025-01-30 09:55:26 -05:00
m0duspwnens
a5f2db8c80 add preflight check to ensure repo connectivity prior to installing salt-minion with salt-cloud 2025-01-29 18:17:29 -05:00
m0duspwnens
8d1ce0460f remove possible race condition caused by vm init cron for setup.virt.init. setup.virt and mine updated during salt-cloud call with init_script 2025-01-29 14:23:10 -05:00
Josh Patterson
fe4129c8e0 env discovery.type single-node change 
only managers and heavynodes are eligible for discovery.type=single-node
 2025-01-29 09:11:52 -05:00
m0duspwnens
3c85b48291 manage with contents to simplify salt cloud profile file_map 2025-01-29 08:12:50 -05:00
m0duspwnens
ea2e026c56 only manager nodes or heavynodes should ever be single-node 2025-01-29 08:10:05 -05:00
m0duspwnens
8b3f310212 install python3-dnf-plugin-versionlock on vm before first highstate 2025-01-29 04:08:30 -05:00
m0duspwnens
87136e9e2b restart salt-minion to trigger highstate 2025-01-28 16:38:20 -05:00
m0duspwnens
5a6a9d6ec2 round ES_HEAP_SIZE 2025-01-28 16:01:49 -05:00
m0duspwnens
d3b3a0eb8a wrap salt-cloud -yd. start implementing vm/minion cleanup with ip removal 2025-01-28 14:04:58 -05:00
m0duspwnens
91fc59cffc add removehost option to so-firewall. add logging to console and so-firewall.log 2025-01-28 14:04:02 -05:00
m0duspwnens
e32dbad0d0 fix monitoring for add_ files 2025-01-28 11:22:26 -05:00
Jorge Reyes
8828a3049d Merge pull request #14155 from Security-Onion-Solutions/reyesj2/es-integ-tmp 
add additional weird_integration
 2025-01-27 16:36:17 -06:00
reyesj2
d74b69d84d add additional weird_integration 2025-01-27 16:34:33 -06:00