CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2026-05-10 21:30:30 +02:00
Code Issues Packages Projects Releases Wiki Activity
17,982 Commits 53 Branches 125 Tags
470b3bd4da726e7cce13cbc82aab9b897da4c342
Commit Graph

50 Commits

Author SHA1 Message Date
Mike Reeves cefbe01333 Add telegraf_output selector for InfluxDB/Postgres dual-write 
Introduces global.telegraf_output (INFLUXDB|POSTGRES|BOTH, default BOTH)
so Telegraf can write metrics to Postgres alongside or instead of
InfluxDB. Each minion authenticates with its own so_telegraf_<minion>
role and writes to a matching schema inside a shared so_telegraf
database, keeping blast radius per-credential to that minion's data.

- Per-minion credentials auto-generated and persisted in postgres/auth.sls
- postgres/telegraf_users.sls reconciles roles/schemas on every apply
- Firewall opens 5432 only to minion hostgroups when Postgres output is active
- Reactor on salt/auth + orch/telegraf_postgres_sync.sls provision new
  minions automatically on key accept
- soup post_to_3.1.0 backfills users for existing minions on upgrade
- so-show-stats prints latest CPU/mem/disk/load per minion for sanity checks
- so-telegraf-trim + nightly cron prune rows older than
  postgres.telegraf.retention_days (default 14)
 2026-04-15 14:32:10 -04:00
Josh Patterson 6d7066c381 add license 2025-07-02 16:20:30 -04:00
Josh Patterson d003e1380f ensure hypervisor is remove from salt cloud profiles when key is deleted 2025-07-02 16:14:43 -04:00
Josh Patterson 40531dd919 add LSHOSTNAME option to so-minion. use -L in sominion_setup reactor 2025-05-29 12:22:52 -04:00
Josh Patterson ef436026d5 info to debug. remove old reactors 2025-05-06 11:51:59 -04:00
Josh Patterson 6246e25fbe 640 for pubkey and empty pillar 2025-04-29 10:19:01 -04:00
Josh Patterson ae993c47c1 remove minion pillar files when a vm is destroyed 2025-03-11 11:12:45 -04:00
Josh Patterson 8047e196fe fix pipeline workers, zeek/suricata lbprocs, CPUCORES and CORECOUNT 2025-02-28 17:21:06 -05:00
Josh Patterson c6c979dc19 properly set memory and CPUCORES for minion pillars during vm setup 2025-02-28 16:12:28 -05:00
Josh Patterson fd9a4966ec move logic from reactor to orchestration 2025-02-23 14:07:51 -05:00
Josh Patterson 3246176c0a comments 2025-02-21 14:34:08 -05:00
Josh Patterson b68f561e6f progress and hw tracking for soc hypervisor dynamic annotations 2025-02-21 09:50:01 -05:00
m0duspwnens 6367aed62a reactor needs to match runner function parameter structure 2025-01-16 14:59:11 -05:00
m0duspwnens 0e0fb885d2 hypervisor highstate after image creation, not when key accepted 2025-01-16 11:13:36 -05:00
m0duspwnens 01ac1cdcca check features and allowed/states 2025-01-15 14:13:12 -05:00
m0duspwnens 2e3c1adc63 runner to setup manager for first hypervisor 2025-01-14 16:20:21 -05:00
m0duspwnens 776afa4a36 setup items on manager when hypervisor joins the grid 2025-01-09 16:32:41 -05:00
m0duspwnens 267d1a27ac use cron instead of schedule for vm init. ensure vm shutdown 2024-08-28 15:52:14 -04:00
m0duspwnens 9ddccba780 LSHEAP and pipeline workers for virt 2024-08-28 10:09:42 -04:00
m0duspwnens 21c3835322 salt3006.9, redo reactors, use virt.shutdown 2024-08-27 09:25:40 -04:00
m0duspwnens 205560cc95 updates 2024-08-20 08:31:46 -04:00
m0duspwnens 7698243caf fix reactors 2024-08-16 13:37:44 -04:00
m0duspwnens 810be2c9d2 virt start 2024-07-31 15:19:29 -04:00
Mike Reeves 2bd9dd80e2 Move In Day 2022-09-07 09:06:25 -04:00
Josh Brower d020f1d1a1 Fix Fleet Custom Hostname Reactor 2021-03-19 08:15:47 -04:00
Josh Brower e7a927188b Fleet Fixes - mysql race condition 2020-11-30 17:28:11 -05:00
m0duspwnens 0e19594c97 enable fleet in global pillars before running fleet state during setup https://github.com/Security-Onion-Solutions/securityonion/issues/1857 2020-11-09 15:25:11 -05:00
m0duspwnens 85969dc16d add quotes and remove quotes 2020-09-29 16:29:05 -04:00
m0duspwnens bf99bab6c0 add quotes and remove quotes 2020-09-29 16:26:45 -04:00
Mike Reeves 24ed92c9dc minio and change to global 2020-08-04 15:54:03 -04:00
Josh Brower ba8395fc11 Fleet reactor fix 2020-07-14 13:04:29 -04:00
Jason Ertel 8f66a27f07 Refactor image repository to a single variable 2020-07-13 18:26:43 -04:00
m0duspwnens 3cf31e2460 https://github.com/Security-Onion-Solutions/securityonion/issues/404 2020-07-09 11:27:06 -04:00
Josh Brower 3418f5748c Fleet custom hostname regex fix 2020-06-17 13:08:47 -04:00
Josh Brower 913c1a89bf Fleet setup fixes 2020-06-08 13:28:27 -04:00
Josh Brower 3f3990ac83 Merge remote-tracking branch 'remotes/origin/dev' into feature/fleet-setup 2020-06-08 08:30:37 -04:00
Josh Brower 3d92145bb9 Fleet standalone - custom hostnames 2020-06-03 15:52:18 -04:00
Josh Brower e53e891bd6 Fleet reactor - Typo fix 2020-05-28 11:36:38 -04:00
Josh Brower 11c641fd1b Initial support - integrated Fleet setup 2020-05-27 15:34:14 -04:00
m0duspwnens fafb469b5c change from default to local - https://github.com/Security-Onion-Solutions/securityonion-saltstack/issues/749 2020-05-26 11:59:00 -04:00
m0duspwnens d0242c1da6 update references of /opt/so/saltstack to /opt/so/saltstack/default. use var default_salt_dir where appropriate - https://github.com/Security-Onion-Solutions/securityonion-saltstack/issues/749 2020-05-21 10:54:47 -04:00
Josh Brower 3db67de27a osquery packages fix 2020-05-13 20:39:56 -04:00
m0duspwnens 766b56a944 update dockers to 1.2.2 2020-04-23 10:11:26 -04:00
Josh Brower fabec23b37 osquery package versioning bugfix 2020-04-14 16:42:25 -04:00
Josh Brower 29ebed3005 Fleet package fixes 2020-04-13 16:18:58 -04:00
Josh Brower 051f6d2310 Fleet pipeline fixes 2020-04-03 16:10:38 -04:00
m0duspwnens ec60b7a2d4 changing back from beacon to scheduled jobs for healthcheck 2020-04-02 15:22:20 -04:00
m0duspwnens 9acaa514cf monitoring zeek - https://github.com/Security-Onion-Solutions/securityonion-saltstack/issues/90 2020-04-01 13:06:37 -04:00
Josh Brower e5ecf0f4cb Fleet dedicated node - various fixes 2020-03-25 13:03:40 -04:00
Josh Brower 9bcba41882 Feature/Fleet-Standalone 2020-03-24 20:57:24 -04:00