Commit Graph
1377 Commits
Author SHA1 Message Date
Mike ReevesandClaude Opus 4.6 2d97dfc8a1 Add customizable ulimit settings for all Docker containers
Add ulimits as a configurable advanced setting for every container,
allowing customization through the web UI. Move hardcoded ulimits
from elasticsearch and zeek into defaults.yaml and fix elasticsearch
ulimits that were incorrectly nested under the environment key.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-03-17 15:10:42 -04:00
Josh Patterson 1a7d72c630 ensure empty directory tracked by git 2026-03-17 11:11:02 -04:00
Josh Patterson 94f454c311 cleanup file.absent 2026-03-16 15:57:15 -04:00
Josh Patterson 17881c9a36 cleanup highlander 2026-03-16 15:56:16 -04:00
reyesj2 4d5ace2a89 add file.bytes.missing field mapping 2026-02-24 14:32:01 -06:00
reyesj2 f4be73fdde re-add event-mappings to kratos index for event.ingested mapping 2026-02-24 14:23:08 -06:00
reyesj2 742649a337 rename kratos file to file.path 2026-02-24 14:21:28 -06:00
reyesj2 32a26559dd add dns.query.type and dns.query.type_name field mappings 2026-02-24 14:00:06 -06:00
reyesj2 0ebd8e4d6c migrate elasticsearch:managed_integrations pillar to new manager:managed_integrations pillar 2026-02-18 19:00:35 -06:00
reyesj2 d540b024b2 keep logsdb disabled 2026-01-30 16:02:46 -06:00
reyesj2 2038227308 remove reference to .fleet_final_pipeline-1
- configure global@custom ingest pipeline to run  .fleet_final_pipeline-1 when available (heavynodes do not have this pipeline).
  - Update global@custom pipeline to remove error message related to sending EA logs through logstash (https://github.com/elastic/kibana/issues/183959)
2026-01-26 14:01:58 -06:00
reyesj2 5d0c187497 format json 2026-01-23 14:45:31 -06:00
Josh Patterson a192455fae Merge remote-tracking branch 'origin/2.4/dev' into bravo 2026-01-19 17:17:58 -05:00
reyesj2 596bc178df ensure docker cp command follows container symlinks 2026-01-15 15:18:18 -06:00
Josh Patterson 00fbc1c259 add back individual signing policies 2026-01-12 09:25:15 -05:00
Josh Patterson 3bc552ef38 Merge remote-tracking branch 'origin/2.4/dev' into bravo 2026-01-08 17:15:48 -05:00
Josh Patterson 1887d2c0e9 update heavynode pattern 2026-01-08 17:15:00 -05:00
reyesj2 cb1e59fa49 Merge branch '2.4/dev' of github.com:Security-Onion-Solutions/securityonion into reyesj2/elastic9-autosoup 2026-01-07 10:30:45 -06:00
Josh Patterson f2370043a8 Merge remote-tracking branch 'origin/2.4/dev' into bravo 2026-01-06 09:12:00 -05:00
reyesj2 f2b7ffe0eb align with ECS fieldnames 2026-01-05 14:48:10 -06:00
reyesj2 a53619f10f update kratos index template 2026-01-05 12:22:01 -06:00
reyesj2 33c34cdeca Merge branch '2.4/dev' of github.com:Security-Onion-Solutions/securityonion into reyesj2/elastic9-autosoup 2025-12-29 15:49:49 -06:00
reyesj2 7977a020ac elasticsearch 9.0.8 2025-12-16 16:03:47 -06:00
Josh Patterson 9960db200c Merge remote-tracking branch 'origin/2.4/dev' into bravo 2025-12-11 17:30:43 -05:00
Josh Patterson b9ff1704b0 the great ssl refactor 2025-12-11 17:30:06 -05:00
DefensiveDepth a945768251 Refactor backup 2025-12-11 11:15:30 -05:00
reyesj2 45a8c0acd1 merge 2.4/dev 2025-12-02 11:16:08 -06:00
reyesj2 cc8fb96047 valid config for number_of_replicas in allocate action includes 0 2025-11-24 11:12:09 -06:00
reyesj2 3339b50daf drop forcemerge when max_num_segements doesn't exist or empty 2025-11-21 16:39:45 -06:00
reyesj2 415ea07a4f clean up 2025-11-21 16:04:26 -06:00
reyesj2 b80ec95fa8 update regex, revert to default will allow setting value back to '' | None 2025-11-21 14:41:03 -06:00
reyesj2 90638f7a43 Merge branch 'reyesj2/advea' into reyesj2/advilm 2025-11-21 14:25:28 -06:00
reyesj2 c5db7c8752 suricata.capture_file keyword 2025-11-20 14:26:12 -06:00
reyesj2 6f42ff3442 suricata capture_file 2025-11-20 14:16:49 -06:00
reyesj2 433dab7376 format json 2025-11-20 14:16:10 -06:00
reyesj2 b52dd53e29 advanced ilm actions 2025-11-19 13:24:55 -06:00
reyesj2 de4424fab0 remove typos 2025-11-14 19:15:51 -06:00
reyesj2 bcec999be4 zeek.dns reduce errors 2025-11-14 15:47:29 -06:00
reyesj2 7c73b4713f update analyzer pipeline 2025-11-14 15:47:29 -06:00
reyesj2 fcfd74ec1e zeek.analyzer format json 2025-11-14 15:47:29 -06:00
reyesj2 68b0cd7549 rename zeek.dpd zeek.analyzer 2025-11-14 15:47:29 -06:00
reyesj2 715d801ce8 format json zeek.dns 2025-11-14 15:47:19 -06:00
Jorge ReyesandGitHub a5d8385f07 Merge pull request #15230 from Security-Onion-Solutions/reyesj2/pipeline-upd
suricata pipeline updates
2025-11-14 10:43:33 -06:00
reyesj2 211bf7e77b ignore errors on tld script 2025-11-14 09:25:19 -06:00
reyesj2 1542b74133 move dns tld fields to its own pipeline 2025-11-14 09:24:58 -06:00
reyesj2 da9717bc79 don't attempt rename if field doesn't exist -- reducing pipeline stat errors 2025-11-14 08:15:40 -06:00
reyesj2 431e0b0780 format suricata.alert json 2025-11-13 19:29:50 -06:00
reyesj2 e782266caa suricata 8 dns v3 2025-11-13 19:21:31 -06:00
reyesj2 7be70faab6 format json 2025-11-13 10:49:37 -06:00
Jorge ReyesandGitHub 4a49f9d004 Merge branch '2.4/dev' into reyesj2/retention 2025-11-06 14:29:08 -06:00