CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-08 18:22:47 +01:00
Code Issues Packages Projects Releases Wiki Activity
15,376 Commits 24 Branches 119 Tags
34c3a58efe651b6b04f5890f6d2d0b48494cb15e
Commit Graph

15376 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
reyesj2
5a401af1fd Update kafka process_x_roles annotation 
Signed-off-by: reyesj2 <94730068+reyesj2@users.noreply.github.com>
 2024-04-22 16:44:35 -04:00
reyesj2
25d63f7516 Setup kafka reactor for managing kafka controllers globally 
Signed-off-by: reyesj2 <94730068+reyesj2@users.noreply.github.com>
 2024-04-22 16:42:59 -04:00
Jorge Reyes
d402943403 Merge pull request #12773 from Security-Onion-Solutions/reyesj2/kismet 
Kismet integration for WiFi devices
 2024-04-22 15:59:22 -04:00
Josh Brower
64c43b1a55 Merge pull request #12805 from Security-Onion-Solutions/2.4/detectiondefaults 
Strelka fixes and more
 2024-04-19 16:53:07 -04:00
DefensiveDepth
a237ef5d96 Update default queries 2024-04-19 16:33:35 -04:00
m0duspwnens
6c5e0579cf logging changes. ensure salt master has pillarWatch engine 2024-04-19 09:32:32 -04:00
reyesj2
4ac04a1a46 add kafkapass soc annotation 
Signed-off-by: reyesj2 <94730068+reyesj2@users.noreply.github.com>
 2024-04-18 16:46:36 -04:00
reyesj2
746128e37b update so-kafka-clusterid 
This is a temporary script used to setup kafka secret and clusterid needed for kafka to start. This scripts functionality will be replaced by soup/setup scripts

Signed-off-by: reyesj2 <94730068+reyesj2@users.noreply.github.com>
 2024-04-18 15:13:29 -04:00
reyesj2
fe81ffaf78 Variables no longer used. Replaced by map file 
Signed-off-by: reyesj2 <94730068+reyesj2@users.noreply.github.com>
 2024-04-18 15:11:22 -04:00
m0duspwnens
1f6eb9cdc3 match keys better. go through files reverse first found is prio 2024-04-18 13:50:37 -04:00
Doug Burks
c48da45ac3 Merge pull request #12820 from Security-Onion-Solutions/dougburks-patch-1 
FIX: Elastic retention setting not being honored when manager hostname is a subset of search node hostname #12819
 2024-04-18 11:59:57 -04:00
reyesj2
5cc358de4e Update map files to handle empty kafka:nodes pillar 
Signed-off-by: reyesj2 <94730068+reyesj2@users.noreply.github.com>
 2024-04-18 11:58:25 -04:00
Doug Burks
406dda6051 Update so-elasticsearch-cluster-space-used 2024-04-18 11:48:15 -04:00
Doug Burks
229a989914 Update so-elasticsearch-cluster-space-total 2024-04-18 11:47:01 -04:00
DefensiveDepth
6c6647629c Refactor yara for compilation 2024-04-18 11:32:17 -04:00
m0duspwnens
610dd2c08d improve it 2024-04-18 11:11:14 -04:00
m0duspwnens
506bbd314d more comments, better logging 2024-04-18 10:26:10 -04:00
Doug Burks
7f9bc1fc0f Merge pull request #12817 from Security-Onion-Solutions/dougburks-patch-1 
FEATURE: Add queue=True to so-checkin so that it will wait for any ru…
 2024-04-18 09:30:55 -04:00
Doug Burks
8d9aae1983 FEATURE: Add queue=True to so-checkin so that it will wait for any running states #12815 2024-04-18 09:28:30 -04:00
m0duspwnens
4caa6a10b5 watch a pillar in files and take action 2024-04-17 18:09:04 -04:00
reyesj2
665b7197a6 Update Kafka nodeid 
Update so-minion to include running kafka.nodes state to ensure nodeid is generated for new brokers

Signed-off-by: reyesj2 <94730068+reyesj2@users.noreply.github.com>
 2024-04-17 17:08:41 -04:00
Mike Reeves
3854620bcd Merge pull request #12810 from Security-Onion-Solutions/TOoSmOotH-patch-1 
Update limited-analyst.json
 2024-04-17 13:21:04 -04:00
Mike Reeves
67a57e9df7 Update limited-analyst.json 2024-04-17 13:14:45 -04:00
m0duspwnens
4b79623ce3 watch pillar files for changes and do something 2024-04-16 16:51:35 -04:00
DefensiveDepth
ff28476191 Fix compile_yara path 2024-04-16 13:10:17 -04:00
DefensiveDepth
8cc4d2668e Move compile_yara 2024-04-16 12:52:14 -04:00
DefensiveDepth
dbfb178556 Add test 2024-04-16 12:22:53 -04:00
m0duspwnens
c4994a208b restart salt minion if a manager and signing policies change 2024-04-15 11:37:21 -04:00
reyesj2
eedea2ca88 Merge remote-tracking branch 'remotes/origin/kaffytaffy' into reyesj2/kafka 2024-04-12 16:24:33 -04:00
reyesj2
de6ea29e3b update default process.role to broker only 
Signed-off-by: reyesj2 <94730068+reyesj2@users.noreply.github.com>
 2024-04-12 16:18:53 -04:00
m0duspwnens
bb983d4ba2 just broker as default process 2024-04-12 16:16:03 -04:00
Josh Brower
5e8b16569f Merge pull request #12793 from Security-Onion-Solutions/2.4/detectiondefaults 
Add docs for ruleset change
 2024-04-12 13:54:06 -04:00
m0duspwnens
c014508519 need /opt/so/conf/ca/cacerts on receiver for kafka to run 2024-04-12 13:50:25 -04:00
DefensiveDepth
f5e42e73af Add docs for ruleset change 2024-04-12 13:30:20 -04:00
reyesj2
fcfbb1e857 Merge kaffytaffy 
Signed-off-by: reyesj2 <94730068+reyesj2@users.noreply.github.com>
 2024-04-12 12:50:56 -04:00
reyesj2
911ee579a9 Typo 
Signed-off-by: reyesj2 <94730068+reyesj2@users.noreply.github.com>
 2024-04-12 12:16:20 -04:00
reyesj2
a6ff92b099 Note to remove so-kafka-clusterid. Update soup and setup to generate needed kafka pillar values 
Signed-off-by: reyesj2 <94730068+reyesj2@users.noreply.github.com>
 2024-04-12 12:11:18 -04:00
m0duspwnens
d73ba7dd3e order kafka pillar assignment 2024-04-12 11:55:26 -04:00
m0duspwnens
04ddcd5c93 add receiver managersearch and standalone to kafka.nodes pillar 2024-04-12 11:52:57 -04:00
reyesj2
af29ae1968 Merge kaffytaffy 
Signed-off-by: reyesj2 <94730068+reyesj2@users.noreply.github.com>
 2024-04-12 11:43:46 -04:00
reyesj2
fbd3cff90d Make global.pipeline use GLOBALMERGED value 
Signed-off-by: reyesj2 <94730068+reyesj2@users.noreply.github.com>
 2024-04-12 11:21:19 -04:00
m0duspwnens
0ed9894b7e create kratos local pillar dirs during setup 2024-04-12 11:19:46 -04:00
m0duspwnens
a54a72c269 move kafka_cluster_id to kafka:cluster_id 2024-04-12 11:19:20 -04:00
Josh Brower
5b81a73e58 Merge pull request #12791 from Security-Onion-Solutions/2.4/detectiondefaults 
Fix fingerprint paths
 2024-04-12 09:01:38 -04:00
DefensiveDepth
49ccd86c39 Fix fingerprint paths 2024-04-12 08:35:44 -04:00
m0duspwnens
f514e5e9bb add kafka to receiver 2024-04-11 16:23:05 -04:00
reyesj2
3955587372 Use global.pipeline for redis / kafka states 
Signed-off-by: reyesj2 <94730068+reyesj2@users.noreply.github.com>
 2024-04-11 16:20:09 -04:00
reyesj2
6b28dc72e8 Update annotation for global.pipeline 
Signed-off-by: reyesj2 <94730068+reyesj2@users.noreply.github.com>
 2024-04-11 15:38:33 -04:00
reyesj2
ca7253a589 Run kafka-clusterid script when pillar values are missing 
Signed-off-by: reyesj2 <94730068+reyesj2@users.noreply.github.com>
 2024-04-11 15:38:03 -04:00
reyesj2
af53dcda1b Remove references to kafkanode 
Signed-off-by: reyesj2 <94730068+reyesj2@users.noreply.github.com>
 2024-04-11 15:32:00 -04:00