CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-07 09:42:46 +01:00
Code Issues Packages Projects Releases Wiki Activity
7,405 Commits 24 Branches 119 Tags
34d4eedf672cb523942c14f16c8a57ef1036fbe9
Commit Graph

1248 Commits

Author SHA1 Message Date
William Wernert
e9b85337ff [fix] Only prompt if entry doesn't exist, deep compare arrays 2021-02-22 15:41:09 -05:00
William Wernert
fd33a6cebe Rename script, prompt user to apply if they didn't pass --apply 2021-02-22 15:32:18 -05:00
William Wernert
cdf766eeae explicitely -> explicitly 2021-02-22 14:30:26 -05:00
William Wernert
8fc82fa3ef Fix minion pillar directory 2021-02-22 14:27:22 -05:00
Mike Reeves
6ed1cc3875 Add Soup Functions 2021-02-22 14:02:37 -05:00
Mike Reeves
d5069d12cf Merge pull request #3071 from Security-Onion-Solutions/delta 
Add acng to import installs for consistency
 2021-02-22 11:34:23 -05:00
William Wernert
e65c9e5c7c Don't expect apply arg at beginning of command 2021-02-22 11:29:30 -05:00
William Wernert
4bcb7403a9 Add apply option to end of command 2021-02-22 11:27:03 -05:00
William Wernert
bef3a6921c [fix] SID wildcards are not parsed by idstools, remove 2021-02-22 11:12:02 -05:00
William Wernert
f7bef9200b [fix] Only look for manager-type pillars 
* SID disabling is only managed globally for now, so don't give the option to edit a different pillar
 2021-02-22 10:38:53 -05:00
William Wernert
bb6f3107bc [fix] idstools can run on an import node as well 2021-02-22 10:29:40 -05:00
William Wernert
f2a1e89633 Merge branch 'dev' into feature/so-rules 2021-02-22 10:03:14 -05:00
William Wernert
abae673568 Update help text to reflect arg requirement changes 2021-02-22 10:00:29 -05:00
Jason Ertel
747d62dae5 Add acng to import installs for consistency 2021-02-22 09:44:24 -05:00
Josh Brower
5ca3dc492c Merge pull request #3061 from Security-Onion-Solutions/foxtrot 
Fix Playbook Fields & Mappings
 2021-02-21 09:40:59 -05:00
Josh Brower
046cc0fbb0 Merge pull request #3052 from Security-Onion-Solutions/feature/sigma-tweaks 
Feature/sigma tweaks
 2021-02-19 15:16:34 -05:00
Josh Brower
8c69e19419 Add sigma refresh script 2021-02-19 15:14:37 -05:00
Josh Brower
2a324eac32 Add sigma refresh script 2021-02-19 15:12:55 -05:00
William Wernert
c73970620d [fix] Correct indent 2021-02-19 14:38:43 -05:00
William Wernert
34174a3290 Print relevant help if no/partial command passed 2021-02-19 14:34:32 -05:00
William Wernert
4689e32ce4 Add sed for curly braces in minion pillars to soup 2021-02-19 10:18:06 -05:00
William Wernert
2184c6d59f [fix] Create dict value if it doesn't exist 2021-02-19 09:31:22 -05:00
William Wernert
9183c0a92c [feat] Initial so-rules script 
* Quote curly braces in minion pillar, need to add sed function in soup
 2021-02-19 09:24:12 -05:00
Jason Ertel
faa78c0e26 Salt doesn't like a name starting with a non alpha-numeric char. Switch back to long if/then format 2021-02-18 14:51:09 -05:00
Jason Ertel
6f7bc650a0 Apply reserved ports if the existing file is 0 bytes 2021-02-18 11:20:13 -05:00
m0duspwnens
7a595df5b6 strelka logrotate - https://github.com/Security-Onion-Solutions/securityonion/issues/2736 2021-02-17 11:17:41 -05:00
m0duspwnens
2b07d89b5a error: /opt/so/conf/sensor-rotate.conf:8 unknown option 'endscript' -- ignoring line 2021-02-17 11:01:18 -05:00
m0duspwnens
e6ae1af85f test rotating strelka log at 100k 2021-02-17 10:47:06 -05:00
m0duspwnens
7099ed4bf5 delete many backup files 2021-02-16 11:55:49 -05:00
m0duspwnens
1ccc5480e1 remove oldest backup 2021-02-16 11:40:45 -05:00
Mike Reeves
5043b970ef Fix tar syntax 2021-02-06 19:14:44 -05:00
Mike Reeves
a3ca84db66 Fix backupdir name state 2021-02-06 15:32:42 -05:00
Mike Reeves
bf79c92456 Lock down Backups folder permissions 2021-02-05 22:31:08 -05:00
Mike Reeves
8f97973fac Lock down Backups folder permissions 2021-02-05 22:17:31 -05:00
Jason Ertel
e427f8178d Implement locking to so-firewall script 2021-02-04 16:06:11 -05:00
Jason Ertel
a13b31fbcc Merge branch 'dev' into automation/ami 2021-02-04 16:05:39 -05:00
Jason Ertel
6b54a29ac7 Remove 'new user' references from so-user 2021-02-03 15:23:58 -05:00
William Wernert
8d01b87ab5 Merge branch 'dev' into foxtrot 2021-02-01 13:56:33 -05:00
William Wernert
daebe90b6e [fix] fix retry command handling 
* use eval "$cmd" to handle strings correctly
* add-apt-repo doesn't need dpkg lock so don't use retry for those lines
 2021-02-01 12:06:19 -05:00
William Wernert
44617fdddf [fix] Run command being retried within quotes 2021-02-01 11:28:28 -05:00
William Wernert
36ce389202 Remove wait_for_apt, use common retry function to run apt commands 2021-02-01 10:55:14 -05:00
Mike Reeves
18f2c7b482 Raid Setup for Appliances 2021-01-29 16:03:18 -05:00
Jason Ertel
2926527ad0 Place sig keys in same dir as other sig files 2021-01-29 13:21:58 -05:00
Jason Ertel
73909c4dea Place sig keys in same dir as other sig files 2021-01-29 13:00:56 -05:00
Jason Ertel
c055427e40 Add support for image key/sig retries 2021-01-29 11:18:06 -05:00
William Wernert
f5c044e3e3 [fix] Log directory fixes 
* The playbook log dir is owned by the socore group, so we can use `su root socore`
* Addresses https://github.com/Security-Onion-Solutions/securityonion/pull/2681#issuecomment-767761670
---
* influxdb runs as root, so we can set the log directory permissions to 755 for this service
 2021-01-26 16:07:34 -05:00
Mike Reeves
3b1cea94d1 Merge branch 'dev' into telegraf3 2021-01-25 19:36:49 -05:00
Mike Reeves
4ef38f8d04 Add EPS and RAID status collection for telegraf 2021-01-25 19:14:46 -05:00
m0duspwnens
944817732b grep for the scrip to be running https://github.com/Security-Onion-Solutions/securityonion/issues/2722 2021-01-25 15:22:04 -05:00
William Wernert
59a4b148bc Merge branch 'dev' into logrotate-fix 2021-01-22 15:20:55 -05:00