CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2026-04-10 14:51:56 +02:00
Code Issues Packages Projects Releases Wiki Activity
17,973 Commits 30 Branches 125 Tags
2dfa83dd7da1ec2a0cb87aef8a9cabdc42fc0161
Commit Graph

162 Commits

Author SHA1 Message Date
Mike Reeves
868cd11874 Add so-postgres Salt states and integration wiring 
Phase 1 of the PostgreSQL central data platform:
- Salt states: init, enabled, disabled, config, ssl, auth, sostatus
- TLS via SO CA-signed certs with postgresql.conf template
- Two-tier auth: postgres superuser + so_postgres application user
- Firewall restricts port 5432 to manager-only (HA-ready)
- Wired into top.sls, pillar/top.sls, allowed_states, firewall
  containers map, docker defaults, CA signing policies, and setup
  scripts for all manager-type roles
 2026-04-08 10:58:52 -04:00
Jason Ertel
71839bc87f remove steno 2026-03-06 15:45:36 -05:00
Josh Patterson
9960db200c Merge remote-tracking branch 'origin/2.4/dev' into bravo 2025-12-11 17:30:43 -05:00
Josh Patterson
b9ff1704b0 the great ssl refactor 2025-12-11 17:30:06 -05:00
DefensiveDepth
ded520c2c1 Merge remote-tracking branch 'origin/2.4/dev' into idstools-refactor 2025-09-17 10:42:43 -04:00
DefensiveDepth
a77157391c remove idstools 2025-09-17 10:42:05 -04:00
reyesj2
0f235baa7e receiver custom fqdn 2025-09-11 16:14:43 -05:00
reyesj2
7968de06b4 enable access to global stig pillar 2025-08-21 11:06:29 -05:00
Josh Patterson
285d73d526 enable/disable soqemussh. allow for pw to be set 2025-04-18 14:07:32 -04:00
Josh Patterson
f9bf4e4130 Merge remote-tracking branch 'origin/2.4/dev' into vlb2 2025-03-27 11:26:32 -04:00
Josh Patterson
79388af645 only managers need node_ips 2025-03-25 10:17:43 -04:00
Josh Patterson
44a5b3b1e5 MANAGERHYPE setup is now complete! 2025-03-12 21:05:04 -04:00
m0duspwnens
213df68d04 merge with 120 dev and fix conflicts 2025-01-23 10:56:48 -05:00
m0duspwnens
4cc3691489 give all nodes access to soc license pillar file 2025-01-16 17:51:39 -05:00
Jason Ertel
57a9992a3d Merge branch '2.4/dev' into jertel/wip 2024-11-11 10:06:44 -05:00
m0duspwnens
39391c8088 sync pillar top 2024-10-29 11:27:49 -04:00
m0duspwnens
feb700393e merge with 2.4.120, fix merge conflicts 2024-10-25 15:09:38 -04:00
m0duspwnens
73ce526467 allow users to lock pkgs from upgrade 2024-10-16 17:06:03 -04:00
Jason Ertel
523ff66389 connect work 2024-10-16 13:44:01 -04:00
reyesj2
385054b7b8 enable stig for so desktop 
Signed-off-by: reyesj2 <94730068+reyesj2@users.noreply.github.com>
 2024-09-18 14:18:47 -04:00
m0duspwnens
64a0c171f3 ssh user, build cloud profiles and providers 2024-08-12 12:47:04 -04:00
m0duspwnens
9d2c5d54b0 hype changes 2024-08-07 10:43:53 -04:00
reyesj2
d791b23838 Generate new Kafka truststore 
Signed-off-by: reyesj2 <94730068+reyesj2@users.noreply.github.com>
 2024-07-10 11:29:09 -04:00
m0duspwnens
50f0c43212 merge dev 2024-06-26 12:33:32 -04:00
m0duspwnens
81fcd68e9b create and use redis:nodes and elasticsearch:nodes pillars 2024-06-20 16:42:11 -04:00
reyesj2
d9c58d9333 update receiver pillar access 
Signed-off-by: reyesj2 <94730068+reyesj2@users.noreply.github.com>
 2024-06-04 08:33:45 -04:00
reyesj2
3efdb4e532 Reconfigure logstash Kafka input 
- TODO: Configure what topics are pulled to searchnodes via the SOC UI

Signed-off-by: reyesj2 <94730068+reyesj2@users.noreply.github.com>
 2024-05-01 13:01:29 -04:00
m0duspwnens
d73ba7dd3e order kafka pillar assignment 2024-04-12 11:55:26 -04:00
m0duspwnens
a54a72c269 move kafka_cluster_id to kafka:cluster_id 2024-04-12 11:19:20 -04:00
m0duspwnens
e25bc8efe4 Merge remote-tracking branch 'origin/reyesj2/kafka' into kaffytaffy 2024-04-02 13:36:47 -04:00
DefensiveDepth
d7ecad4333 Initial cut to remove Playbook and deps 2024-03-25 19:42:31 -04:00
reyesj2
446f1ffdf5 merge 2.4/dev 
Signed-off-by: reyesj2 <94730068+reyesj2@users.noreply.github.com>
 2024-03-25 13:55:48 -04:00
reyesj2
a73d78300a Add initial stig state 
Signed-off-by: reyesj2 <94730068+reyesj2@users.noreply.github.com>
 2024-01-15 21:17:17 -05:00
Wes
d203aec44a Remove Curator 2023-12-08 19:37:06 +00:00
reyesj2
8cf29682bb Update to merge in 2.4/dev 
Signed-off-by: reyesj2 <94730068+reyesj2@users.noreply.github.com>
 2023-11-29 13:41:23 -05:00
reyesj2
86dc7cc804 Kafka init 
Signed-off-by: reyesj2 <94730068+reyesj2@users.noreply.github.com>
 2023-11-29 13:34:25 -05:00
m0duspwnens
b64fa51268 give desktop docker state and pillars 2023-09-01 09:16:24 -04:00
m0duspwnens
b010919099 add sensoroni, telegraf, common states to desktop. allow docker_registry connection to managers for desktop 2023-08-31 13:21:32 -04:00
m0duspwnens
a60c34d548 exclude unnecessary pillars from desktop nodes 2023-08-31 09:40:54 -04:00
Jason Ertel
5eca1acbeb incorporate features pillar 2023-07-06 13:24:45 -04:00
Wes
ed560f19d3 Remove where not applicable 2023-05-31 14:28:43 +00:00
Wes
b3f6012856 Change ordering 2023-05-31 14:22:47 +00:00
Wes
9ae26ec866 Add Fleet to top file 2023-05-31 14:21:39 +00:00
m0duspwnens
f1c8467e9b create and assign kibana.soc and kibana.adv 2023-05-15 13:13:38 -04:00
m0duspwnens
ddb776c80e add redis pillars to searchnode. move redis scripts with jinja to sbin_jinja 2023-05-04 17:26:18 -04:00
m0duspwnens
71b6311edc add logstash.nodes to pillar top 2023-05-04 13:05:16 -04:00
Mike Reeves
a38495ce39 Fix pillar top for firewall 2023-05-01 10:40:36 -04:00
Mike Reeves
e799edaf49 Fix globals order 2023-04-26 15:54:16 -04:00
Mike Reeves
868cb8183c Fix the top file 2023-04-26 14:15:34 -04:00
Mike Reeves
b3f94961ea Fix Kibana and friends 2023-04-26 13:30:23 -04:00