CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2026-01-04 23:34:28 +01:00
Code Issues Packages Projects Releases Wiki Activity
16,739 Commits 20 Branches 120 Tags
4c9773c68d7f99b50e4f458d6d4d9c48d701ca0e
Commit Graph

10694 Commits

Author SHA1 Message Date
Josh Patterson
4c9773c68d reenable sslverify 2025-06-09 14:37:06 -04:00
Josh Patterson
4666670f4f remove logging prefixes 2025-06-09 13:53:23 -04:00
Josh Patterson
0f71b45e0f CPU model=host is deprecated 2025-06-09 09:55:16 -04:00
Josh Patterson
3efe0eac13 Merge remote-tracking branch 'origin/2.4/dev' into vlb2 2025-06-06 08:54:23 -04:00
Jason Ertel
643afeeae7 enable STS for browser redirects 2025-06-05 16:02:27 -04:00
Josh Patterson
d9fb79403b seems new openldap / libldap.so.2 doesnt have EVP_md2 dependency so check for it before trying to remove it 2025-06-05 15:57:56 -04:00
Josh Patterson
2ef89be67d Merge remote-tracking branch 'origin/2.4/dev' into vlb2 2025-06-05 09:40:44 -04:00
Jason Ertel
ab89858d04 update to new config location 2025-06-04 17:19:53 -04:00
Josh Patterson
395c4e37ba fix issue with predicable names after kernel update 2025-06-04 16:57:59 -04:00
Jason Ertel
832d66052e upgrade registry to 3.0.0 2025-06-04 09:13:54 -04:00
Corey Ogburn
fc9107f129 Updated Playbook Repo Config 
The repo and folder have changed. We're splitting out playbooks into their own repo: github.com/security-onion-solutions/securityonion-resources-playbooks.
 2025-06-03 13:33:30 -06:00
Jorge Reyes
d9790b04f6 Merge pull request #14676 from Security-Onion-Solutions/reyesj2/fixsystemtime 
fix system integration time overwrite and delete unused ingest pipeline
 2025-06-03 14:01:42 -05:00
Jorge Reyes
88fa04b0f6 Merge pull request #14698 from Security-Onion-Solutions/reyesj2/esidxinfo 
add so-elasticsearch-index-growth
 2025-06-03 09:37:54 -05:00
reyesj2
d240fca721 remove usage of temp file 2025-06-03 08:45:04 -05:00
reyesj2
4d6171bde6 rename script 
Signed-off-by: reyesj2 <94730068+reyesj2@users.noreply.github.com>
 2025-06-03 07:32:12 -05:00
reyesj2
6238a5b3ed tighten up search timeframe 2025-06-02 16:31:26 -05:00
reyesj2
061600fa7a shebang line 2025-06-02 15:55:46 -05:00
reyesj2
1b89cc6818 so-elasticsearch-index-growth script 2025-06-02 15:41:03 -05:00
Josh Patterson
6e1e617124 Merge remote-tracking branch 'origin/2.4/dev' into vlb2 2025-06-02 14:06:00 -04:00
Josh Brower
0277891392 Use Stable branch 2025-06-02 13:10:13 -04:00
Josh Patterson
08d99a3890 remove unneeded files 2025-05-30 12:50:59 -04:00
Doug Burks
bf38055a6c add echo to end of so-elasticsearch-ilm-stop 2025-05-30 11:41:50 -04:00
Doug Burks
90b8d6b2f7 add echo to end of so-elasticsearch-ilm-start 2025-05-30 11:41:11 -04:00
Doug Burks
45d541d4f2 FIX: so-elasticsearch-ilm-start needs shebang #14688 2025-05-30 09:55:53 -04:00
Josh Patterson
b3c48674c5 Merge remote-tracking branch 'origin/2.4/dev' into vlb2 2025-05-30 09:52:14 -04:00
Doug Burks
27358137f2 FIX: so-suricata-testrule should disable pcap logging #14685 2025-05-30 09:24:41 -04:00
Doug Burks
58936b31d5 FIX: Improve annotation for Elasticsearch index deletion #14682 2025-05-29 15:19:21 -04:00
reyesj2
fcdacc3b0d fix system integration time overwrite and delete unused ingest pipeline 2025-05-29 12:21:28 -05:00
Josh Patterson
40531dd919 add LSHOSTNAME option to so-minion. use -L in sominion_setup reactor 2025-05-29 12:22:52 -04:00
Josh Patterson
05dfce62fb corrections to allowed_states 2025-05-28 13:34:17 -04:00
Jorge Reyes
d3ee5ed7b8 use zeek network.community_id when available 2025-05-28 09:20:41 -05:00
Josh Patterson
e5b12ecdb9 need to allow for pw removal 2025-05-23 12:44:42 -04:00
Josh Patterson
be5e41227f rename step 2025-05-23 11:41:45 -04:00
Josh Patterson
08f208cd38 ensure bootstrap-salt is updated for salt-cloud installs 2025-05-22 15:37:34 -04:00
Jason Ertel
db08ac9022 Merge pull request #14651 from Security-Onion-Solutions/jertel/mhf 
Backport Hotfix to dev
 2025-05-22 13:44:36 -04:00
Josh Patterson
18d899a7f9 add so-docker-prune from hotfix/2.4.150 2025-05-22 09:29:51 -04:00
Josh Patterson
b2650da057 Merge remote-tracking branch 'origin/2.4/dev' into vlb2 2025-05-22 09:10:20 -04:00
Josh Patterson
a430a47a30 fix allowed_states check 2025-05-21 14:45:34 -04:00
Mike Reeves
ddd023c69a Update so-docker-prune 2025-05-21 13:47:45 -04:00
Josh Brower
b753d40861 Tighten parsing 2025-05-20 17:06:11 -04:00
Josh Patterson
a32aac7111 apply salt.cloud.config when hypervisor joins 2025-05-20 13:38:24 -04:00
Josh Brower
2fff6232c1 Merge pull request #14638 from Security-Onion-Solutions/2.4/playbooks-parsing 
Add parsing for Playbook
 2025-05-19 18:06:05 -04:00
Corey Ogburn
39f74fe547 Use the new JSON object editor for RulesRepos config entries 2025-05-19 15:38:45 -06:00
Corey Ogburn
11fb33fdeb Add RulesetName to Rule Repos 
Fill in `rulesetName` in the rules repos of the ElastAlert and Strelka engines. These will act as an example to anybody adding their repos to these lists. The field is not required, but helps avoid collisions when managing repos as the value is used for the folder name. When not present, the final folder of the repo url is used as the rulesetName and as the folder name on disk.

Note that rulesetNames including a `/` will create extra folders in the path but the rulesetName will contain the slash, i.e. `rulesetName="joesecurity/sigma-rules"` will create the nested structure of `reposFolder/joesecurity/sigma-rules" containing the contents of the repo. All rules imported from this repo will have the ruleset of `joesecurity/sigma-rules`.
 2025-05-19 14:19:56 -06:00
Josh Brower
58f4db95ea Create playbooks dir 2025-05-19 15:31:50 -04:00
Josh Brower
b55cb257b6 Add parsing for Playbook 2025-05-19 13:25:27 -04:00
Josh Patterson
b0a8191f59 Merge remote-tracking branch 'origin/2.4/dev' into vlb2 2025-05-19 10:02:26 -04:00
Josh Patterson
28aedcf50b remove vm map example 2025-05-19 09:58:43 -04:00
Josh Patterson
6988f03ebc setup bridge and fix salt before first highstate for hypervisors 2025-05-16 14:24:07 -04:00
reyesj2
870a9ff80c dedup 2025-05-16 10:24:09 -05:00