Mike Reeves
|
edce5186b9
|
Add support to relaod rules instead of restart
|
2024-08-29 12:55:06 -04:00 |
|
Mike Reeves
|
306bd8faaa
|
Merge branch '2.4/dev' of github.com:Security-Onion-Solutions/securityonion into 2.4/dev
|
2024-08-29 12:39:41 -04:00 |
|
m0duspwnens
|
0766a5da91
|
change to LSHEAP. LSHOSTNAME from id grain
|
2024-08-28 16:59:24 -04:00 |
|
Josh Brower
|
9746f6e5e2
|
Merge pull request #13570 from Security-Onion-Solutions/2.4/ignore-logstash-err
Exclude logstash startup errors
|
2024-08-28 16:51:35 -04:00 |
|
DefensiveDepth
|
89a1e2500e
|
Exclude logstash startup errors
|
2024-08-28 16:50:11 -04:00 |
|
m0duspwnens
|
267d1a27ac
|
use cron instead of schedule for vm init. ensure vm shutdown
|
2024-08-28 15:52:14 -04:00 |
|
m0duspwnens
|
f5e6e49075
|
set initial schedule for vm to deal with possible manager firewall state.apply delay
|
2024-08-28 14:12:23 -04:00 |
|
m0duspwnens
|
d44ce0a070
|
add so-salt-cloud as salt-cloud wrapper
|
2024-08-28 12:41:38 -04:00 |
|
m0duspwnens
|
9ddccba780
|
LSHEAP and pipeline workers for virt
|
2024-08-28 10:09:42 -04:00 |
|
Jason Ertel
|
394ce29ea3
|
Merge pull request #13565 from Security-Onion-Solutions/jertel/an2
move custom alerters to subgroup; avoid false positives on log check
|
2024-08-28 09:39:44 -04:00 |
|
Jason Ertel
|
f19a35ff06
|
move custom alerters to subgroup; avoid false positives on log check
|
2024-08-28 09:32:25 -04:00 |
|
weslambert
|
8943e88ca8
|
Merge pull request #13562 from Security-Onion-Solutions/fix/evtx_pipelines
Update pipeline version for EVTX
|
2024-08-27 13:12:10 -04:00 |
|
Jason Ertel
|
18774aa0a7
|
Merge pull request #13561 from Security-Onion-Solutions/jertel/an2
annotation updates
|
2024-08-27 13:09:20 -04:00 |
|
weslambert
|
af80a78406
|
Update pipeline version
|
2024-08-27 13:08:35 -04:00 |
|
Jason Ertel
|
6043da4424
|
annotation updates
|
2024-08-27 13:04:43 -04:00 |
|
m0duspwnens
|
301894f6e8
|
script to fix libvirt in salt 3006.2+
|
2024-08-27 09:42:11 -04:00 |
|
m0duspwnens
|
a425a7fda2
|
update docker modules for 3006.9
|
2024-08-27 09:37:23 -04:00 |
|
m0duspwnens
|
21c3835322
|
salt3006.9, redo reactors, use virt.shutdown
|
2024-08-27 09:25:40 -04:00 |
|
Josh Brower
|
75086bac7f
|
Merge pull request #13556 from Security-Onion-Solutions/2.4/fixpolicyload
Fix policy load
|
2024-08-26 16:49:54 -04:00 |
|
DefensiveDepth
|
726df310ee
|
Add context
|
2024-08-26 16:15:56 -04:00 |
|
DefensiveDepth
|
b952728b2c
|
Fix policy load
|
2024-08-26 15:57:21 -04:00 |
|
weslambert
|
1cac2ff1d4
|
Merge pull request #13554 from Security-Onion-Solutions/fix/ilm_soc_logs
FIX: Add so-soc-logs
|
2024-08-26 12:54:03 -04:00 |
|
weslambert
|
a93c77a1cc
|
Merge pull request #13548 from Security-Onion-Solutions/fix/global_custom
Use global@custom from common pipeline
|
2024-08-26 10:42:12 -04:00 |
|
weslambert
|
dd09f5b153
|
Add so-soc-logs
|
2024-08-26 10:32:27 -04:00 |
|
Josh Patterson
|
4c10282f40
|
add es version to annotation
|
2024-08-26 09:37:19 -04:00 |
|
Josh Brower
|
29f996de66
|
Merge pull request #13547 from Security-Onion-Solutions/2.4/soupchanges
Elastic Fleet refactoring
|
2024-08-23 13:56:05 -04:00 |
|
DefensiveDepth
|
c575e02fbb
|
Use correct name
|
2024-08-23 13:52:20 -04:00 |
|
weslambert
|
e96a0108c3
|
Add global@custom
|
2024-08-23 13:05:34 -04:00 |
|
DefensiveDepth
|
e86fce692c
|
Merge remote-tracking branch 'origin/2.4/dev' into 2.4/soupchanges
|
2024-08-23 11:44:39 -04:00 |
|
DefensiveDepth
|
8d35c7c139
|
Merge branch '2.4/soupchanges' of https://github.com/Security-Onion-Solutions/securityonion into 2.4/soupchanges
|
2024-08-23 11:37:16 -04:00 |
|
DefensiveDepth
|
0a5725a62e
|
Refactor for Elastic Upgrade
|
2024-08-23 11:36:47 -04:00 |
|
Jorge Reyes
|
1c6f5126db
|
Merge pull request #13546 from Security-Onion-Solutions/reyesj2/kfano
set kafka.id in common ingest pipeline
|
2024-08-23 09:50:08 -04:00 |
|
reyesj2
|
1ec5e3bf2a
|
add kafka.id to common ingest pipeline
Signed-off-by: reyesj2 <94730068+reyesj2@users.noreply.github.com>
|
2024-08-23 09:47:21 -04:00 |
|
Jason Ertel
|
d29727c869
|
Merge pull request #13540 from Security-Onion-Solutions/jertel/an2
exclude all logstash errors related to license manager init log line
|
2024-08-22 18:17:23 -04:00 |
|
Jason Ertel
|
eabb894580
|
exclude all logstash errors related to license manager init log line
|
2024-08-22 17:52:37 -04:00 |
|
weslambert
|
96339f0de6
|
Merge pull request #13537 from Security-Onion-Solutions/fix/elastic_template_check
FIX: Check Elasticsearch for endpoint component template before loading templates
|
2024-08-22 10:46:49 -04:00 |
|
weslambert
|
d7e3e134a5
|
Check Elasticsearch for template
|
2024-08-22 10:33:13 -04:00 |
|
Jason Ertel
|
dfb0ff7a98
|
Merge pull request #13535 from Security-Onion-Solutions/jertel/an2
notification updates
|
2024-08-22 09:19:43 -04:00 |
|
Jason Ertel
|
48f1e24bf5
|
notification updates
|
2024-08-22 09:04:43 -04:00 |
|
Jason Ertel
|
cf47508185
|
notification updates
|
2024-08-22 09:02:32 -04:00 |
|
weslambert
|
2a024039bf
|
Merge pull request #13528 from Security-Onion-Solutions/fix/detections_alerts_ilm
Create detections.alerts ILM policy with corresponding name
|
2024-08-21 14:50:10 -04:00 |
|
weslambert
|
212cc478de
|
Change back to so
|
2024-08-21 14:39:24 -04:00 |
|
weslambert
|
88ea60df2a
|
Fix name
|
2024-08-21 14:38:57 -04:00 |
|
weslambert
|
c1b7232a88
|
Fix for detections-alerts
|
2024-08-21 14:38:29 -04:00 |
|
Mike Reeves
|
04577a48be
|
Merge pull request #13530 from Security-Onion-Solutions/raidtools
|
2024-08-21 14:33:40 -04:00 |
|
weslambert
|
18ef37a2d0
|
Merge pull request #13531 from Security-Onion-Solutions/fix/elastic_templates_fleet_package_check
Check for endpoint package
|
2024-08-21 14:28:12 -04:00 |
|
weslambert
|
4108e67178
|
Check for endpoint package
|
2024-08-21 14:22:28 -04:00 |
|
Mike Reeves
|
ff479de7bd
|
Add support for new appliance raid controllers
|
2024-08-21 14:10:24 -04:00 |
|
weslambert
|
4afac201b9
|
Change ILM policy name
|
2024-08-21 13:25:26 -04:00 |
|
weslambert
|
c30537fe6a
|
Ensure endpoint is installed
|
2024-08-21 13:00:04 -04:00 |
|