CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-06 09:12:45 +01:00
Code Issues Packages Projects Releases Wiki Activity
9,759 Commits 24 Branches 119 Tags
2c66fa1883c70a3e36846ebb3a331b264a5b9136
Commit Graph

224 Commits

Author SHA1 Message Date
Josh Brower
3610b0cd30 merge in dev 2022-02-21 16:52:53 -05:00
Wes Lambert
de731fc05d Remove default templates from ES template pillar since they are now managed in the defaults file. 2022-02-15 17:04:57 +00:00
Josh Brower
37b17b8821 Initial support - IDH Node 2022-02-07 19:27:51 -05:00
m0duspwnens
797d769661 use actual hostname in logstash:nodes pillar 2022-02-03 10:36:18 -05:00
Jason Ertel
1d885a5419 Add case template to eval installs 2021-12-29 11:38:38 -05:00
Jason Ertel
e87cbc37a4 Add case template 2021-12-28 19:17:15 -05:00
m0duspwnens
759bf9837e pillar top clean up for receiver and logstash.nodes 2021-12-15 09:31:03 -05:00
m0duspwnens
d9a384cc29 remove global:pipeline pillar call from logstash pipeline pillars 2021-12-15 09:30:15 -05:00
m0duspwnens
c490a3be36 move node_data pillar to logstash:nodes, set extra hosts for filebeat docker 2021-12-14 13:32:42 -05:00
m0duspwnens
8d0872bce5 create node_data pillar from mine data, use node_data pillar for filebeat config 2021-12-13 15:48:30 -05:00
m0duspwnens
f3ec5df447 add receiver node 2021-12-07 11:13:51 -05:00
m0duspwnens
96666ab307 add receiver node 2021-12-07 10:19:32 -05:00
m0duspwnens
8da2133cff give kibana.secrets pillar to import node 2021-11-11 11:31:07 -05:00
m0duspwnens
392305e4ed add engame changes that were missing from merge somehow 2021-11-10 09:01:42 -05:00
m0duspwnens
57c6e26634 encrypt kibana saved objects - https://github.com/Security-Onion-Solutions/securityonion/issues/6146 2021-11-09 16:41:25 -05:00
m0duspwnens
c8fb504ee0 Revert "Merge remote-tracking branch 'remotes/origin/dev' into issue/3933" 
This reverts commit 54eec92621, reversing
changes made to 7832e59629.
 2021-10-13 15:22:46 -04:00
Wes Lambert
e1629d7ec4 Initial EG stuff 2021-10-13 17:13:07 +00:00
Mike Reeves
6ae2fba71f Update search.sls 2021-09-14 13:57:26 -04:00
Mike Reeves
2cc25587d9 Update eval.sls 2021-09-14 13:57:04 -04:00
Mike Reeves
614a6dc9fe Update manager.sls 2021-09-14 13:56:43 -04:00
William Wernert
e41811fbd0 [fix] Typo 2021-07-13 15:14:13 -04:00
William Wernert
80525ee736 [wip] Add logscan pipeline 2021-07-08 12:29:50 -04:00
m0duspwnens
c9ee28ce01 adding elasticsearch.auth to heavynode and searchnode 2021-06-21 14:47:24 -04:00
Jason Ertel
fca1c6e957 Merge branch 'dev' into kilo 2021-06-14 10:40:04 -04:00
Mike Reeves
7fba904f75 Dynamix Pipelines take 1 2021-06-09 15:32:39 -04:00
Mike Reeves
33db9023eb Revert to SO taxonomy for zeek and suricata 2021-06-08 13:50:39 -04:00
m0duspwnens
d25a439bd4 more changes 2021-06-01 10:53:58 -04:00
m0duspwnens
0134ceef16 merge and resolve conflict in elasticsearch state 2021-05-27 11:33:44 -04:00
m0duspwnens
6da0b57ce1 fix file.file_exists 2021-05-25 11:55:22 -04:00
m0duspwnens
8d9d5a267a generate elasticsearch.auth pillar if it doesnt exist 2021-05-25 11:52:58 -04:00
Mike Reeves
e5a41b60ef Merge remote-tracking branch 'remotes/origin/dev' into pipeline 2021-05-24 09:14:03 -04:00
m0duspwnens
0de1c9a669 removing unreference pillar file docker/config.sls 2021-05-18 07:57:00 -04:00
Wes Lambert
37929dbd7d Add additional config for Filebeat modules 2021-05-06 13:54:28 +00:00
Josh Brower
bba9913be1 Temp revert Fleet Live Query to Hunt 2021-03-17 08:25:25 -04:00
Josh Brower
548f67ca6f Initial support for Live Queries in Hunt 2021-03-04 18:21:13 -05:00
William Wernert
f5c044e3e3 [fix] Log directory fixes 
* The playbook log dir is owned by the socore group, so we can use `su root socore`
* Addresses https://github.com/Security-Onion-Solutions/securityonion/pull/2681#issuecomment-767761670
---
* influxdb runs as root, so we can set the log directory permissions to 755 for this service
 2021-01-26 16:07:34 -05:00
William Wernert
c7c3d004ca [fix] More helix -> helixsensor 2020-12-15 14:01:19 -05:00
m0duspwnens
4e04f31b8e remove old firewall ports pillar file https://github.com/Security-Onion-Solutions/securityonion/issues/1586 2020-12-14 10:24:49 -05:00
TOoSmOotH
379f1d98d8 fix addtotab 2020-12-10 09:15:17 -05:00
TOoSmOotH
d6fa739c60 Adding queue=True 2020-12-08 11:17:47 -05:00
Mike Reeves
8ea088c3fc Restart Elastic on addition of node. 2020-12-07 14:09:41 -05:00
Mike Reeves
d004263b71 Add Elastic Clustering 2020-12-02 14:33:22 -05:00
m0duspwnens
1afa12e607 add elasticsearch template manager pillar and assign to manager node 2020-10-13 16:08:15 -04:00
m0duspwnens
f38519247b change capture loss to every 5 minutes and default grafana dashboard to 1h 2020-10-08 17:52:02 -04:00
William Wernert
d84f85335e [fix] Add jinja option, missing log dirs, compress option 2020-10-06 17:18:39 -04:00
William Wernert
b64a91f13c [refactor] Remove nocompress option 2020-10-06 14:51:43 -04:00
William Wernert
9737b01676 [feat] Move logrotate configuration settings to pillar 2020-10-06 13:22:44 -04:00
William Wernert
f782299281 Remove preconfigured zeeklog + create it during setup 2020-09-28 15:12:36 -04:00
Mike Reeves
0a0e00866c Upgrade Fun 2020-09-14 14:50:22 -04:00
Mike Reeves
5d4e8925a3 Add Firewall Logic 2020-09-09 21:16:40 -04:00