CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2026-06-03 17:05:20 +02:00
Code Issues Packages Projects Releases Wiki Activity
18,037 Commits 29 Branches 127 Tags
5228668be01a324a95c0fe3b2fa81d9f68885ed8
Commit Graph

28 Commits

Author SHA1 Message Date
Mike Reeves 9ccd0acb4f Add ES credentials to postgres module config for migration 
Postgres module now queries Elasticsearch directly via HTTP
for the chat migration (bypasses RBAC that needs user context).
Pass esHostUrl, esUsername, esPassword alongside postgres creds.
 2026-04-10 11:41:33 -04:00
Mike Reeves 1ffdcab3be Add postgres adminPassword to SOC module config 
Injects the postgres superuser password from secrets pillar so
SOC can run schema migrations as admin before switching to the
app user for normal operations.
 2026-04-09 22:21:35 -04:00
Mike Reeves 55be1f1119 Only add postgres module config on manager nodes 
Removed postgres from soc/defaults.yaml (shared by all nodes)
and moved it entirely into defaults.map.jinja, which only injects
the config when postgres auth pillar exists (manager-type nodes).
Sensors and other non-manager nodes will not have a postgres module
section in their sensoroni.json, so sensoroni won't try to connect.
 2026-04-09 21:09:43 -04:00
Mike Reeves c1b1452bd9 Use manager IP for postgres hostUrl instead of container hostname 
SOC connects to postgres via the host network, not the Docker
bridge network, so it needs the manager's IP address rather than
the container hostname.
 2026-04-09 19:34:14 -04:00
Mike Reeves 2dfa83dd7d Wire postgres credentials into SOC module config 
- Create vars/postgres.map.jinja for postgres auth globals
- Add POSTGRES_GLOBALS to all manager-type role vars
  (manager, eval, standalone, managersearch, import)
- Add postgres module config to soc/defaults.yaml
- Inject so_postgres credentials from auth pillar into
  soc/defaults.map.jinja (conditional on auth pillar existing)
 2026-04-09 14:09:32 -04:00
Josh Patterson 4dc377c99f DOCKER to DOCKERMERGED 2026-03-17 15:06:06 -04:00
Jason Ertel a3cc6f025e reports 2025-08-18 09:54:40 -04:00
m0duspwnens 81fcd68e9b create and use redis:nodes and elasticsearch:nodes pillars 2024-06-20 16:42:11 -04:00
Jason Ertel 84c39b5de7 only add heavynodes to remoteHostUrls 2023-10-16 13:01:13 -04:00
Mike Reeves bd61ee22be Update defaults.map.jinja 2023-08-28 14:41:06 -04:00
m0duspwnens 4c9d172721 sorange to range 2023-07-21 16:21:18 -04:00
m0duspwnens 05a81596e5 place and access sensoronikey from sensoroni.config 2023-05-12 14:38:39 -04:00
m0duspwnens 8e18986671 enabled/disable soc in ui 2023-05-11 15:33:16 -04:00
m0duspwnens b6d55bedc8 make influxdb token accessible to all nodes 2023-03-06 13:50:17 -05:00
m0duspwnens 052e0dea2e create and manage metrics_link in a file for soc 2023-02-28 14:47:44 -05:00
Josh Patterson cbcd3c9dd9 Update defaults.map.jinja 2023-02-27 15:39:03 -05:00
Josh Patterson 8632606a24 Update defaults.map.jinja 2023-02-27 15:37:35 -05:00
Josh Patterson 8d33f01936 Update defaults.map.jinja 2023-02-27 15:01:31 -05:00
weslambert ecf70847fd Change 'GLOBALS.minion_id' to 'GLOBALS.hostname' for 'analyzerNodeId' value to ensure SOC creates analyzer jobs in the correct directory 2023-02-22 16:23:48 -05:00
Jason Ertel 8746f55834 influx upgrade 2023-02-15 08:03:22 -05:00
Jason Ertel cd27ae89cc influx upgrade 2023-02-10 16:34:06 -05:00
m0duspwnens e0e094cd95 rename sosbip and sosrange to sobip and sorange 2023-02-03 10:10:51 -05:00
m0duspwnens d4c6834cd0 merge with 2.4/dev 2023-01-06 14:01:58 -05:00
m0duspwnens cb1822a62d change ref to DOCKER.sosrange 2023-01-05 15:57:06 -05:00
Mike Reeves 308228620a Specify Influxdb host 2022-12-22 13:05:33 -05:00
m0duspwnens 6bd4860f19 fix path 2022-09-27 09:57:01 -04:00
m0duspwnens 42b03ca6df add missing soc things 2022-09-27 09:53:48 -04:00
Mike Reeves 2bd9dd80e2 Move In Day 2022-09-07 09:06:25 -04:00