CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-19 23:43:07 +01:00
Code Issues Packages Projects Releases Wiki Activity
8,397 Commits 18 Branches 120 Tags
2ffb723bbd77c3669687b13a42d8029e8b2d98a7
Commit Graph

4922 Commits

Author SHA1 Message Date
Jason Ertel
7fe0182ede Refactor so-test and so-tcpreplay to be compatible with SO 2.3.20+; Change hive_init and cortex_init to initialize the cortex and fleet services directly on the manager IP instead of attempting to use the public URL 2020-12-28 11:26:56 -05:00
William Wernert
4d1cb37468 [feat] Add function to wait for dpkg lock 2020-12-28 09:35:51 -05:00
Jason Ertel
8f15d794bc Silence curl progress output during hive/cortex init 2020-12-24 08:44:28 -05:00
Jason Ertel
baf5be1a3a Return adequate exit code when init fails; Logs output of init scripts for troubleshooting failed installations 2020-12-23 20:14:46 -05:00
Jason Ertel
9cf150f988 Switch from Jinja syntax to bash 2020-12-23 15:11:43 -05:00
Jason Ertel
2d44b69e8d Refactor hive and cortex init to use wait loops instead of hardcoded sleeps 2020-12-23 12:12:38 -05:00
Jason Ertel
aa5c0a7351 Clarify prompt instructions for so-elastalert-test 2020-12-23 09:37:44 -05:00
Jason Ertel
eef1f49d09 Corrected cortex_init process which was incorrectly attempting to access ES via the external URL; Removing 1-2 minute sleeps during init to see if those are no longer needed 2020-12-22 22:56:01 -05:00
Jason Ertel
cfe5019f51 Add firewall listhogroups and listportgroups commands; Change AMI test defaults to use a custom hostname for cypress access 2020-12-22 17:59:59 -05:00
Wes Lambert
ac96ded2dc Support setting rule repos via pillar 2020-12-22 15:36:15 +00:00
Mike Reeves
7116c2103b Update Docker Clean 2020-12-21 17:06:14 -05:00
Mike Reeves
b49355d346 Update changes.json 2020-12-21 16:54:55 -05:00
m0duspwnens
a18c89d804 fix typo in so-analyst-install warning 2020-12-21 11:42:03 -05:00
weslambert
def08895d5 Merge pull request #2393 from Security-Onion-Solutions/fix/strelka_filestream 
Fix/strelka filestream
 2020-12-18 15:48:54 -05:00
weslambert
2fee2ca143 Change identifier name to be more descriptive 2020-12-18 15:40:54 -05:00
weslambert
7453626b06 Add identifier 2020-12-18 15:39:52 -05:00
m0duspwnens
ad45779978 fix duplicate state name for fw 2020-12-18 15:01:55 -05:00
m0duspwnens
66f62b912e Merge remote-tracking branch 'remotes/origin/dev' into fix/sensoroni_fw 2020-12-18 14:14:55 -05:00
m0duspwnens
4bbedfa027 put portgroup name in statename 2020-12-18 14:14:45 -05:00
m0duspwnens
e756bbc430 limit sensor uptime in grafana dash to 2 decimal 2020-12-18 13:40:55 -05:00
Mike Reeves
dea88e4c68 Update soup 2020-12-18 13:27:08 -05:00
m0duspwnens
dbf82a891f add sensoroni port to minions for manager nodes 2020-12-18 13:06:14 -05:00
Mike Reeves
96bd1e72a7 Update soup 2020-12-18 11:55:24 -05:00
weslambert
1a463bccaf Add cron.absent to remove old cron job if present 2020-12-18 11:25:14 -05:00
m0duspwnens
90dcad7e6f make sure timestamp on steno log line has changed so we dont snapshot the drop% 2020-12-18 11:00:24 -05:00
weslambert
9493aad1a5 Read from dedicated unprocessed dir 2020-12-18 10:53:17 -05:00
weslambert
bf76c1b58c Create unprocessed dir and move Zeek extracted files there 2020-12-18 10:52:14 -05:00
Mike Reeves
575098e368 Update init.sls 2020-12-17 20:23:38 -05:00
Mike Reeves
39425c1ba8 Fix extra extrahosts 2020-12-17 20:15:56 -05:00
TOoSmOotH
6448ddc31a Allow SNs to resolve the ES master 2020-12-17 20:08:21 -05:00
m0duspwnens
412e8eeccb tell dc to use 4 decimal spot for suriloss calc 2020-12-17 18:05:25 -05:00
Mike Reeves
6ccbe47f10 Fix Jinja 2020-12-17 16:34:49 -05:00
Jason Ertel
370a2cdb81 Update change.json for 2.3.20 2020-12-17 15:49:09 -05:00
TOoSmOotH
d99596ad06 Fix Docker Settings on new installs 2020-12-17 15:21:29 -05:00
William Wernert
1f523deaea [fix] Playbook setup bug fixes 
* Increase timeout for port check
* Exit with non-zero code in user create script if timeout exceeded or error occurs
 2020-12-17 12:23:06 -05:00
Josh Brower
73ad89f4ba Fix so-suricata-testrule 2020-12-17 11:05:57 -05:00
Masaya-A
59ae5f63cf Make yum removing unneeded packages 
Reference: https://www.stigviewer.com/stig/red_hat_enterprise_linux_7/2020-09-03/finding/V-204452
 2020-12-17 22:14:03 +09:00
Josh Patterson
011dc48d96 Merge pull request #2363 from Security-Onion-Solutions/fix/grafana-eval 
Fix/grafana eval
 2020-12-16 18:05:02 -05:00
m0duspwnens
027929bb6d fix eval grafana dashboard 2020-12-16 17:59:54 -05:00
TOoSmOotH
345710a48d Make sure thehive is up then soup by hitting api 2020-12-16 17:41:38 -05:00
m0duspwnens
90e499f6e9 fix eval grafana dashboard 2020-12-16 17:25:56 -05:00
TOoSmOotH
23110d3b33 Make sure thehive is up then soup 2020-12-16 17:23:51 -05:00
William Wernert
384456a991 [fix] Make repo directory during soup if it doesn't exist 2020-12-16 16:18:17 -05:00
TOoSmOotH
6e84227525 Add DB migration for thehive 2020-12-16 16:06:05 -05:00
Josh Patterson
3ff99da302 Merge pull request #2359 from Security-Onion-Solutions/fix/so-status-import-node 
Fix/so status import node
 2020-12-16 14:22:08 -05:00
m0duspwnens
2d497cb724 change to just Hunt 2020-12-16 14:15:57 -05:00
Mike Reeves
eecb323459 remove extra state.apply common 2020-12-16 13:12:38 -05:00
m0duspwnens
2e278586f2 disable steno in so-status for import node 2020-12-16 13:03:24 -05:00
m0duspwnens
81e2b4d572 Merge remote-tracking branch 'remotes/origin/dev' into fix/so-status-import-node 2020-12-16 12:02:39 -05:00
m0duspwnens
96b72d46be show steno,zeek,suricata as disabled in so-status on import node 2020-12-16 12:01:48 -05:00