CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-06 09:12:45 +01:00
Code Issues Packages Projects Releases Wiki Activity
17,085 Commits 24 Branches 119 Tags
4dae1afe0b62478aa94dc2f317dba75c04e4723d
Commit Graph

17085 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Doug Burks
4dae1afe0b Add files via upload 2025-09-17 12:37:29 -04:00
Doug Burks
456cad1ada Update DOWNLOAD_AND_VERIFY_ISO.md for 2.4.180 2025-09-17 12:36:55 -04:00
Jorge Reyes
562b7e54cb Merge pull request #15031 from Security-Onion-Solutions/reyesj2/kfoutput 
fix case of broken kafka output policy when new receiver is added and…
 2025-09-15 15:33:48 -05:00
Jorge Reyes
3c847bca8b Merge pull request #15034 from Security-Onion-Solutions/reyesj2/patch31 
run so-elastic-agent-gen-installers
 2025-09-15 15:28:42 -05:00
reyesj2
ce2cc26224 run so-elastic-agent-gen-installers 2025-09-15 15:25:38 -05:00
Jorge Reyes
f3c574679c Merge pull request #15033 from Security-Onion-Solutions/reyesj2/patch31 
8.18.6 agent
 2025-09-15 15:21:46 -05:00
reyesj2
5da3fed1ce 8.18.6 agent 2025-09-15 15:19:43 -05:00
reyesj2
e6bcf5db6b fix case of broken kafka output policy when new receiver is added and secret storage was overwritten 2025-09-15 13:46:02 -05:00
Jorge Reyes
4d24c57903 Merge pull request #15028 from Security-Onion-Solutions/reyesj2/ea-alerter 
agent monitor template & dataset name update
 2025-09-12 14:45:20 -05:00
reyesj2
0606c0a454 agent monitor template & dataset name update 2025-09-12 14:26:22 -05:00
Josh Patterson
bb984e05e3 Merge pull request #15026 from Security-Onion-Solutions/vlb2 
fix role check
 2025-09-12 14:34:18 -04:00
Jorge Reyes
b35b0aaf2c Merge pull request #14941 from Security-Onion-Solutions/reyesj2/lgest 
zeek dns.resolved_ip
 2025-09-12 13:22:40 -05:00
Josh Patterson
62f04fa5dd fix role check 2025-09-12 14:09:30 -04:00
Josh Brower
d89df5f0dd Merge pull request #15025 from Security-Onion-Solutions/2.4/fixes 
Parsing fix
 2025-09-12 13:44:03 -04:00
DefensiveDepth
f0c1922600 Support endpoint logs with no host.ip field 2025-09-12 13:31:34 -04:00
DefensiveDepth
ab2cdd18ed Support endpoint logs with no host.ip field 2025-09-12 13:29:43 -04:00
Jorge Reyes
889bb7ddf4 Merge pull request #15024 from Security-Onion-Solutions/reyesj2/pypy 
fix analyzers and upgrade deps
 2025-09-12 11:11:34 -05:00
reyesj2
a959f90d0b Merge remote-tracking branch 'origin/2.4/dev' into reyesj2/pypy 2025-09-12 11:05:54 -05:00
Jorge Reyes
a54cd004d6 Merge pull request #15013 from Security-Onion-Solutions/reyesj2/kfoutput 
update kafka output policy
 2025-09-12 07:34:54 -05:00
Jorge Reyes
5100032fbd Merge pull request #15022 from Security-Onion-Solutions/reyesj2/cfqdn-recv 
receiver custom fqdn
 2025-09-11 16:33:41 -05:00
reyesj2
0f235baa7e receiver custom fqdn 2025-09-11 16:14:43 -05:00
Jorge Reyes
e5660b8c8e Merge pull request #15020 from Security-Onion-Solutions/reyesj2/essuriroll 
suricata metadata index rollover 1d -> 30d
 2025-09-11 16:03:30 -05:00
reyesj2
588a1b86d1 suricata metadata index rollover 1d -> 30d 2025-09-11 15:46:45 -05:00
Jorge Reyes
46f0afa24b Merge pull request #15019 from Security-Onion-Solutions/reyesj2/ea-alerter 
lower filestream fingerprint length
 2025-09-11 14:34:46 -05:00
reyesj2
a7651b2734 lower filestream fingerprint length 2025-09-11 14:30:49 -05:00
reyesj2
890f76e45c avoid delay in log ingest after a forced kafka output policy update 2025-09-10 20:21:11 -05:00
Jorge Reyes
e6eecc93c8 Merge pull request #15012 from Security-Onion-Solutions/reyesj2/ea-alerter 
add configurable realert threshold per agent
 2025-09-10 13:19:21 -05:00
reyesj2
8dc0f8d20e fix elastic agent ssl unpack error 2025-09-10 12:49:30 -05:00
reyesj2
fbdc0c4705 add configurable realert threshold per agent 2025-09-10 10:56:09 -05:00
Josh Patterson
d1a2b57aa2 Merge pull request #15011 from Security-Onion-Solutions/hideroni 
don't show sensoroni config changes
 2025-09-10 09:15:55 -04:00
Josh Patterson
f5ec1d4b7c don't show sensoroni config changes 2025-09-10 09:09:02 -04:00
Jorge Reyes
0aa556e375 Merge pull request #15009 from Security-Onion-Solutions/reyesj2/ea-alerter 
so-elastic-agent-monitor
 2025-09-09 17:00:39 -05:00
Josh Patterson
d9e86c15bc Merge pull request #15010 from Security-Onion-Solutions/vlb2 
fix repo files to remove
 2025-09-09 17:15:52 -04:00
Josh Patterson
4107fa006f fix repo files to remove 2025-09-09 16:51:42 -04:00
reyesj2
29980ea958 offline threshold check 2025-09-09 15:39:55 -05:00
reyesj2
8f36d2ec00 update log file name 2025-09-09 15:38:50 -05:00
coreyogburn
10511b8431 Merge pull request #15008 from Security-Onion-Solutions/cogburn/fix-templates 
Fix Index Patterns
 2025-09-09 14:03:36 -06:00
Corey Ogburn
2535ae953d Fix Index Patterns 
so-assistant-chat and so-assistant-session both had templates with a trailing dash that prevented the pattern from applying to the name of the indices.
 2025-09-09 14:00:01 -06:00
coreyogburn
2f68cd7483 Merge pull request #14991 from Security-Onion-Solutions/cogburn/wip-module 
Cogburn/wip module
 2025-09-09 10:32:06 -06:00
reyesj2
6655276410 force update to kafka-fleet-output-policy 2025-09-08 21:13:29 -05:00
reyesj2
9f7bcb0f7d add --force flag to so-kafka-fleet-output-policy & default to using fleet secret storage for client key 2025-09-08 21:13:11 -05:00
Corey Ogburn
aa43177d8c Fix Setting Name 
enabledInSoc => enabled
 2025-09-08 09:13:25 -06:00
Matthew Wright
12959d114c added threshold config fields for assistant 2025-09-08 09:13:25 -06:00
reyesj2
855b489c4b datastream 2025-09-08 09:13:24 -06:00
Corey Ogburn
673f9cb544 Responding to Feedback 2025-09-08 09:13:24 -06:00
Corey Ogburn
0a3ff47008 Cleanup Annotations 
Removed fields no longer need annotations.
 2025-09-08 09:13:24 -06:00
Corey Ogburn
834e34128d Non-dev URL 2025-09-08 09:13:23 -06:00
Corey Ogburn
73776f8d11 Cleaning up New ES Indexes 2025-09-08 09:13:23 -06:00
Corey Ogburn
120e61e45c ClientParams 
Removed investigation prompt from module settings and moved to client settings, added enabledInSoc.
 2025-09-08 09:13:23 -06:00
Corey Ogburn
fc2d450de0 Update Settings 
The apiKey will be built off of the license rather than a new setting. The model is hardcoded for now at the AI Gateway level. We're going to use the investigationPrompt as a trigger for the feature being visible in the UI but by default will be blank for now.
 2025-09-08 09:13:22 -06:00