CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2026-04-25 05:57:49 +02:00
Code Issues Packages Projects Releases Wiki Activity
7,783 Commits 40 Branches 125 Tags
4eaef944541e352b13f7227858b22a92d25d3c2e
Commit Graph

410 Commits

Author SHA1 Message Date
weslambert fcbacd473d Add ELK, redis 2021-06-30 09:34:56 -04:00
weslambert 06d77d9972 Update so-common-template.json 2021-06-30 09:31:32 -04:00
Jason Ertel 5298cb8cfb Update copyrights 2021-06-21 07:06:49 -04:00
Jason Ertel fca1c6e957 Merge branch 'dev' into kilo 2021-06-14 10:40:04 -04:00
Mike Reeves 12d4d4a4f7 Dynamix Pipelines take 2 2021-06-10 09:19:15 -04:00
Jason Ertel 89a02383b8 Correct cronjob path issue for sysctl; suppress diff outputs from users/roles files; suppress salt state output during user sync 2021-06-09 16:31:32 -04:00
Mike Reeves 1c7741fdbe Add templates for SO logs 2021-06-09 12:38:19 -04:00
Jason Ertel e22421ec99 Refactor users/roles management via salt due to Salt's clobbering of the inode which breaks Docker mounts 2021-06-04 20:01:30 -04:00
weslambert cba719b3a0 Remove extra comma 2021-06-02 16:42:09 -04:00
weslambert 4241bb08b8 Add suricata/zeek until we migrate templates 2021-06-02 16:37:43 -04:00
weslambert 4c74e7f308 Add event.kind and set name to module[dot]dataset 2021-06-02 15:35:26 -04:00
weslambert db48c15f1d Create event.kind field and rename dataset to be module[dot]dataset 2021-06-02 15:33:18 -04:00
Jason Ertel fc6b3726a4 Fix missing colon for mode 2021-06-02 15:23:16 -04:00
Jason Ertel 588da4d7dc Resolve salt pillar/state/jinja race condition 2021-06-02 14:34:21 -04:00
Mike Reeves 7b7111e12c Fix some hunt queries 2021-06-02 13:53:39 -04:00
Mike Reeves e00fe0a732 Enable for all modes 2021-06-02 10:02:11 -04:00
Jason Ertel 7aede4d058 Persist chown/chmod settings on users/roles files 2021-06-02 09:01:16 -04:00
m0duspwnens 7e48740ea7 fix merge conflict 2021-06-01 10:56:02 -04:00
m0duspwnens d25a439bd4 more changes 2021-06-01 10:53:58 -04:00
Josh Patterson c4ae8c3418 Merge pull request #4359 from Security-Onion-Solutions/pipeline_userpass 
generate pillar file if auth enabled or not
 2021-06-01 09:38:34 -04:00
m0duspwnens f87dce8ec1 generate pillar file if auth enabled or not 2021-06-01 09:38:07 -04:00
Josh Patterson 5d2f1c8e11 Merge pull request #4357 from Security-Onion-Solutions/pipeline_userpass 
fix logic
 2021-06-01 08:36:48 -04:00
m0duspwnens 1aa2852ed6 fix logic 2021-06-01 08:35:43 -04:00
Jason Ertel a42a406f53 Remove extra users file mounts; disable elastic anon access when auth enabled 2021-05-29 07:52:08 -04:00
m0duspwnens 3aad5a30e9 fix logic on password created in pillar and fix how me manage 2021-05-28 18:28:53 -04:00
m0duspwnens 68abaa5e3c update auth.map and curl.config to use new elasticsearch:auth pillar format 2021-05-28 14:03:21 -04:00
m0duspwnens 63b31de2b8 add additional users - manage file if user name isnt returned from grepping the file 2021-05-28 13:58:03 -04:00
m0duspwnens 18926009d3 remove unneeded curl.config template 2021-05-28 10:38:06 -04:00
m0duspwnens 0134ceef16 merge and resolve conflict in elasticsearch state 2021-05-27 11:33:44 -04:00
m0duspwnens dc8520df42 user curl.config for curl and elasticscripts 2021-05-26 18:04:30 -04:00
m0duspwnens 7263e35a89 happy little comment 2021-05-26 14:52:59 -04:00
m0duspwnens 4d991d3773 propogate users and users_roles 2021-05-26 14:52:10 -04:00
Jason Ertel c531ef0773 Move user sync'd files to saltstack for grid propagation 2021-05-26 13:44:30 -04:00
Jason Ertel a6a4c03029 Improve error scenarios for user sync; Ensure user sync runs before Elastic container starts 2021-05-26 12:08:10 -04:00
m0duspwnens c3b2e1e8b2 dont show changes 2021-05-25 16:16:57 -04:00
m0duspwnens e261c197f3 add elasticsearch.auth state to statnalone node 2021-05-25 13:46:18 -04:00
m0duspwnens 8d9d5a267a generate elasticsearch.auth pillar if it doesnt exist 2021-05-25 11:52:58 -04:00
m0duspwnens bd301880ad define the default 2021-05-24 16:32:30 -04:00
m0duspwnens 2deb703272 map users_roles and users conf into docker container 2021-05-24 16:30:55 -04:00
Jason Ertel 8c6489a49a Initial pass at synchronizing users file 2021-05-24 15:48:05 -04:00
m0duspwnens 87609ba5d1 fix elasticcurl if auth is enabled 2021-05-24 15:44:01 -04:00
m0duspwnens ba3a51387c set default to False 2021-05-24 15:31:46 -04:00
m0duspwnens a4226cc39a use elastic map file 2021-05-24 15:14:05 -04:00
Wes Lambert a1a79719fc Add ignore above for message keyword field 2021-05-05 12:07:30 +00:00
Wes Lambert 619402cc67 Add event_data to common template so elastalert/playbook event_data fields can be indexed and searchable 2021-05-03 17:03:30 +00:00
Jason Ertel 44ad8ce888 Switch to the ES-included community_id plugin 2021-04-29 12:08:07 -04:00
Josh Brower 7cbeed985a Differentiate between event & ingest timestamp 2021-04-13 12:55:40 -04:00
Josh Brower cf4de255ec Fix Wazuh WEL Shipping 2021-04-12 15:18:18 -04:00
Wes Lambert 942de130ca Enforce date type for ingest.timestamp 2021-03-31 12:24:51 +00:00
Josh Brower 71ae5b60ea Update Sigmac mappings and config for IPs and ports 2021-03-16 09:32:40 -04:00