CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-06 09:12:45 +01:00
Code Issues Packages Projects Releases Wiki Activity
10,306 Commits 24 Branches 119 Tags
37df49d4f35f80ee96334cde19c302a47b320ab3
Commit Graph

10306 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Josh Patterson
37df49d4f3 Merge pull request #8296 from Security-Onion-Solutions/elastalert_esversion_check 
use onlyif requisite instead
 2022-07-13 15:22:40 -04:00
m0duspwnens
7d7cf42d9a use onlyif requisite instead 2022-07-13 15:21:34 -04:00
Doug Burks
de0a7d3bcd Merge pull request #8293 from Security-Onion-Solutions/dougburks-patch-1 
change hyperlink for Elastic 8 issues
 2022-07-13 12:41:50 -04:00
Doug Burks
c67a58a5b1 change hyperlink for Elastic 8 issues 2022-07-13 12:40:03 -04:00
Josh Patterson
e79ca4bb9b Merge pull request #8291 from Security-Onion-Solutions/elastalert_esversion_check 
do not start elastalert if elasticsearch is not v8
 2022-07-13 11:24:12 -04:00
m0duspwnens
086cf3996d do not start elastalert if elasticsearch is not v8 2022-07-13 11:21:27 -04:00
Doug Burks
7ae5d49a4a Merge pull request #8290 from Security-Onion-Solutions/dougburks-patch-1 
increment version to 2.3.140
 2022-07-13 09:33:37 -04:00
Doug Burks
34d3c6a882 increment version to 2.3.140 2022-07-13 09:32:28 -04:00
weslambert
4a5664db7b Merge pull request #8289 from Security-Onion-Solutions/fix/soup_unsupported_indices_check 
Add missing 'fi' to if/then for unsupported indices check
 2022-07-13 09:15:22 -04:00
weslambert
513c7ae56c Add missing 'fi' to if/then for unsupported indices check 2022-07-13 09:13:28 -04:00
weslambert
fa894cf83b Merge pull request #8288 from Security-Onion-Solutions/fix/soup_elastalert_indices_deletion_check 
Ensure Elastalert indices are deleted before continuing with SOUP
 2022-07-13 08:44:04 -04:00
weslambert
8e92060c29 Ensure Elastalert indices are deleted before continuing with SOUP -- if they are not, generate a failure condition 2022-07-13 08:38:55 -04:00
weslambert
d7eb8b9bcb Merge pull request #8281 from Security-Onion-Solutions/fix/soup_elasticsearch8_index_compatibility 
SOUP - Check for indices created by Elasticsearch 6
 2022-07-12 16:20:47 -04:00
weslambert
d0a0ca8458 Update exit code for ES checks 2022-07-12 16:15:44 -04:00
Josh Patterson
57b79421d8 Merge pull request #8280 from Security-Onion-Solutions/fix_filebeat 
move port bindings back under port bindings
 2022-07-12 16:12:49 -04:00
weslambert
4502182b53 Typo - Ensure Elasticsearch version 6 indices are checked 2022-07-12 15:35:46 -04:00
weslambert
0fc6f7b022 Add check for Elasticsearch 6 indices 2022-07-12 15:34:24 -04:00
m0duspwnens
ec451c19f8 move port bindings back under port bindings 2022-07-12 15:17:25 -04:00
weslambert
e9a22d0aff Merge pull request #8275 from Security-Onion-Solutions/fix/filebeat_es_output_additions 
Specify outputs for Elasticsearch and Kibana for Eval and Import Mode
 2022-07-11 19:03:07 -04:00
weslambert
11d3ed36b7 Specify outputs for Elasticsearch and Kibana for Eval and Import Mode 
Add outputs for Elasticsearch and Kibana for Eval/Import Mode, since Logstash is not used in Eval Mode or Import Mode. Otherwise, logs from these inputs end up in a filebeat-prefixed index.
 2022-07-11 17:22:09 -04:00
weslambert
d828bbfe47 Merge pull request #8273 from Security-Onion-Solutions/fix/kibana_space_defaults_cases 
Add securitySolutionCases feature to ensure Cases are disabled by default
 2022-07-11 16:39:30 -04:00
weslambert
bd32394560 Add securitySolutionCases feature to ensure Cases are disabled by default 2022-07-11 16:38:05 -04:00
weslambert
6f4f050a96 Merge pull request #8272 from Security-Onion-Solutions/fix/soup_kibana_space_defaults 
Run so-kibana-space-defaults when upgrading to 2.3.140
 2022-07-11 14:47:11 -04:00
weslambert
f77edaa5c9 Run so-kibana-space-defaults to re-establish the default enabled features since Fleet feature name changed 2022-07-11 14:41:23 -04:00
Jason Ertel
15124b6ad7 Merge pull request #8271 from Security-Onion-Solutions/kilo 
Add content-type header to PUT request, now required in Kratos 0.10.1
 2022-07-11 13:47:28 -04:00
Jason Ertel
077053afbd Add content-type header to PUT request, now required in Kratos 0.10.1 2022-07-11 13:43:41 -04:00
weslambert
dd1d5b1a83 Merge pull request #8270 from Security-Onion-Solutions/fix/curator_actions_delete_kratos 
Add delete and warm action for Kratos indices in applicable Curator delete/warm scripts
 2022-07-11 11:39:43 -04:00
weslambert
e82b6fcdec Typo - Change 'delete' to 'warm' 2022-07-11 11:34:53 -04:00
weslambert
8c8ac41b36 Add action for Kratos indices 2022-07-11 11:32:03 -04:00
weslambert
b611dda143 Add delete action for Kratos indices 2022-07-11 11:31:22 -04:00
weslambert
3f5b98d14d Merge pull request #8269 from Security-Onion-Solutions/fix/curator_actions_kratos 
Add Curator actions and adjust Curator close scripts to account for so-kibana and so-kratos indices
 2022-07-11 11:21:20 -04:00
Wes Lambert
0b6219d95f Adjust Curator close scripts to include Kibana and Kratos indices 2022-07-11 14:51:33 +00:00
Wes Lambert
2f729e24d9 Add Curator action files for Kratos indices 2022-07-11 14:34:10 +00:00
weslambert
992b6e14de Merge pull request #8268 from Security-Onion-Solutions/fix/kibana_disable_fleetv2 
Disable fleetv2 because it is now used to control Fleet visibility and 'fleet' is now used for 'Integrations'
 2022-07-11 10:09:12 -04:00
weslambert
09a1d8c549 Disable fleetv2 because it is now used to control Fleet visibility and 'fleet' is now used for 'Integrations' 2022-07-11 10:06:24 -04:00
Jason Ertel
f28c6d590a Merge pull request #8263 from Security-Onion-Solutions/kilo 
Remove Jinja from yaml files before parsing
 2022-07-08 20:32:22 -04:00
Jason Ertel
4f8bb6049b Future proof the jinja check to ensure the script does not silently overwrite jinja templates 2022-07-08 17:30:00 -04:00
Jason Ertel
a8e6b26406 Remove Jinja from yaml files before parsing 2022-07-08 17:07:24 -04:00
weslambert
2903bdbc7e Merge pull request #8260 from Security-Onion-Solutions/fix/kratos_dedicated_index_and_filestream_id_additions 
Add dedicated index for Kratos and IDs for all filestream inputs
 2022-07-08 12:04:40 -04:00
Wes Lambert
5c90fce3a1 Add Kratos Logstash output to search pipeline for Logstash 2022-07-08 15:58:00 +00:00
Wes Lambert
26698cfd07 Add Logstash output for dedicated Kratos index 2022-07-08 15:55:55 +00:00
Wes Lambert
764e8688b1 Modify Kratos input to use dedicated index and add filestream ID for all applicable inputs 2022-07-08 15:53:55 +00:00
Wes Lambert
b06c16f750 Add ingest node pipeline for Kratos 2022-07-08 15:53:00 +00:00
weslambert
42cfab4544 Merge pull request #8256 from Security-Onion-Solutions/fix/kibana_restart_after_role_sync 
Restart Kibana in case it times out before being able to read role update
 2022-07-07 17:44:47 -04:00
weslambert
4bbc901860 Restart Kibana in case it times out before being able to read in new role configuration 2022-07-07 17:19:02 -04:00
weslambert
a343f8ced0 Merge pull request #8255 from Security-Onion-Solutions/fix/so_kibana_user_role 
Force so-user to sync roles to ensure so_kibana role change
 2022-07-07 16:19:30 -04:00
weslambert
85be2f4f99 Force so-user to sync roles to ensure so_kibana role change from superuser to kibana_system 2022-07-07 15:55:44 -04:00
weslambert
8b3fa0c4c6 Merge pull request #8252 from Security-Onion-Solutions/feature/elastic_8_3_2 
Update to Elastic 8.3.2
 2022-07-07 11:14:14 -04:00
weslambert
ede845ce00 Update to Kibana 8.3.2 2022-07-07 11:05:44 -04:00
weslambert
42c96553c5 Update to Kibana 8.3.2 2022-07-07 11:04:43 -04:00