CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2026-04-25 22:17:49 +02:00
Code Issues Packages Projects Releases Wiki Activity
11,335 Commits 40 Branches 125 Tags
3a2ec8e8bfcd60392336c7f841b19bf463ff1c6a
Commit Graph

6863 Commits

Author SHA1 Message Date
Wes 7b4d8a47f0 Add copyright header to 'so-elastic-fleet-*' scripts 2023-01-24 15:07:00 +00:00
Josh Patterson 095ca29aca Merge pull request #9626 from Security-Onion-Solutions/2.4/firewall 
change MASTER to MANAGER in so-minion
 2023-01-24 09:46:17 -05:00
Wes f19cf75311 Change how event.dataset is determined for Suricata events 2023-01-24 14:45:00 +00:00
m0duspwnens ee98e0684e change MASTER to MANAGER 2023-01-24 09:44:01 -05:00
Josh Patterson b797e356b4 Merge pull request #9624 from Security-Onion-Solutions/2.4/firewall 
remove filebeat and redis(commented out) from telegraf config
 2023-01-24 09:01:59 -05:00
m0duspwnens 88107fe0df remove filebeat and redis(commented out) from telegraf config 2023-01-24 08:59:51 -05:00
Wes 51692ac66c Update index pattern in various template definitions to match new data stream naming convention 2023-01-23 21:52:44 +00:00
Wes 40c6b380df Update Import and Zeek integration policies; also update Zeek ingest node pipelines to set event.dataset. 2023-01-23 21:44:46 +00:00
Wes d342f3c4b8 Add 'so-elastic-fleet-integration-policy-bulk-delete' to perform bulk deletion of integration policies 2023-01-23 21:38:13 +00:00
Josh Patterson a503632f30 Merge pull request #9620 from Security-Onion-Solutions/2.4/firewall 
2.4/firewall
 2023-01-23 15:56:53 -05:00
Jason Ertel 5da1b03d9b Merge pull request #9619 from Security-Onion-Solutions/kilo 
switch MySQL 8 to use native password for playbook compat; fix so-verify mail inspection
 2023-01-23 15:14:00 -05:00
Jason Ertel 5a016312f6 switch MySQL 8 to use native password to avoid playbook incompatibility 2023-01-23 14:53:39 -05:00
m0duspwnens 90a224793e merge with 2.4dev and fix conflict 2023-01-23 14:49:32 -05:00
m0duspwnens 22fbb953ea create cronjob to run highstate after setup 2023-01-23 14:46:26 -05:00
Josh Patterson 1039e77550 Merge pull request #9617 from Security-Onion-Solutions/2.4/firewall 
allow elastic agent on sensors to connect to managers
 2023-01-23 13:19:49 -05:00
Josh Brower d3cb57bba2 Rerun the playbook state 2023-01-23 08:16:28 -05:00
m0duspwnens a1fa4e3ef2 revert reload_modules since bugged 2023-01-20 15:43:57 -05:00
Josh Brower 1ab8c712e4 remove exit condition 2023-01-20 15:17:04 -05:00
Wes 739c174898 Add scripts for starting, stopping, and restarting Sensoroni 2023-01-19 21:50:10 +00:00
Jason Ertel 79fb5dc525 prevent false success occurring when deleting the grafana dashboard 2023-01-19 14:19:55 -05:00
Jason Ertel 85b5d1b317 Merge branch '2.4/dev' into kilo 2023-01-19 12:53:36 -05:00
Josh Brower 027c83b5ea Merge pull request #9601 from Security-Onion-Solutions/disablecontainer 
Fixup
 2023-01-19 11:47:04 -05:00
Josh Brower 4369d2385b Temp disable Elastic Registry Repo 2023-01-19 11:45:13 -05:00
Jason Ertel 35835edf96 Merge branch '2.4/dev' into kilo 2023-01-19 11:04:32 -05:00
weslambert 7d3f6121eb Remove default "logs-*" template settings for now 2023-01-19 10:29:10 -05:00
Jason Ertel 05c7999df3 merge 2023-01-19 10:06:58 -05:00
Jason Ertel 05a6d702b0 Add logic to determine if setup succeeded and provide relevant output 2023-01-19 10:03:03 -05:00
Josh Brower e83e54936e Temp disable Elastic Registry Repo 2023-01-19 07:25:25 -05:00
weslambert 7a499c9051 Modify default 'logs-*' template priority 2023-01-18 17:24:07 -05:00
m0duspwnens 1eafb8d62a reload salt modules when docker is installed 2023-01-18 13:46:06 -05:00
m0duspwnens d501b0fac9 add elastic agent to assigned hostgroups 2023-01-18 09:46:55 -05:00
weslambert 1fed3cf474 Disable Kibana's native base path rewrite and add publicBaseUrl 2023-01-17 16:54:31 -05:00
Josh Patterson 2842178396 Merge pull request #9588 from Security-Onion-Solutions/2.4/firewall 
fix iptables
 2023-01-17 13:50:16 -05:00
m0duspwnens aa858bab45 fix iptables 2023-01-17 13:48:39 -05:00
weslambert 73a4dae28e Make sure Elastic Agent data streams do not use replicas 2023-01-13 16:10:44 -05:00
Josh Patterson 3efca0010a Merge pull request #9573 from Security-Onion-Solutions/2.4/firewall 
2.4/firewall
 2023-01-13 12:41:58 -05:00
m0duspwnens 3653df4d5f spell it right 2023-01-13 10:18:13 -05:00
m0duspwnens 6033e9a0de use port_bindings from docker defaults in docker states 2023-01-13 10:15:10 -05:00
weslambert 7cba5626b7 Merge pull request #9570 from Security-Onion-Solutions/fix/elasticsearch_templates_elastic_agent 
Change priority for Elastic Agent Elasticsearch index templates
 2023-01-12 16:48:12 -05:00
m0duspwnens a69b0951d3 add strelka containers 2023-01-12 16:47:34 -05:00
weslambert 654d869e3e Change priority from 500 to 200 for Elastic Agent index templates to avoid collisions with other templates 2023-01-12 16:46:08 -05:00
m0duspwnens d163d834d4 allow for binding ip and ports to different port number 2023-01-12 16:42:45 -05:00
weslambert fb8d8ea972 Update Elasticsearch index template for Kratos 2023-01-12 15:31:41 -05:00
weslambert 9416552338 Don't set the Kratos index explicitly 2023-01-12 15:25:35 -05:00
weslambert 66f9a06458 Merge pull request #9566 from Security-Onion-Solutions/fix/elastic_fleet_integration_policy_load 
Fix Zeek import policies and remove unnecessary dash in RITAENABLED statement
 2023-01-11 16:17:40 -05:00
Wes 0e437f84e7 Add back echo statement to print the import policy being loaded 2023-01-11 21:13:30 +00:00
Wes ea01e68846 Fix Zeek import policies and remove unnecessary dash in RITAENABLED statement 2023-01-11 21:01:31 +00:00
Josh Patterson add71cbdee Merge pull request #9565 from Security-Onion-Solutions/2.4/firewall 
2.4/firewall
 2023-01-11 15:04:25 -05:00
m0duspwnens 80f65fcd62 remove 514/tcp from filebeat for now 2023-01-11 14:54:05 -05:00
Mike Reeves 66924b63a7 Update 9999_output_redis.conf.jinja 2023-01-11 14:53:16 -05:00