CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-08 02:02:50 +01:00
Code Issues Packages Projects Releases Wiki Activity
6,470 Commits 24 Branches 119 Tags
52fd3c04703982e29aac7c6ed3f12c334b68b4cc
Commit Graph

6470 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Jason Ertel
7d97e3590c Redirect tcpreplay init output to file 2021-01-06 14:37:27 -05:00
Jason Ertel
bdbc637852 Stop SOC prior to opening the firewall for analysts, this ensures no outside requests can be processed prior to the server rebooting 2021-01-06 14:37:27 -05:00
Jason Ertel
10d04f760d Use manager internal IP for intra-service comms 2021-01-06 14:37:26 -05:00
Jason Ertel
ebb0e615b9 Fix script typo to correctly run the so-test 2021-01-06 14:37:26 -05:00
Jason Ertel
f20feabda2 Reboot to ensure thehive falls in line before kicking off the test 2021-01-06 14:37:26 -05:00
Jason Ertel
9b40318bfe Ensure so-test is logged 2021-01-06 14:37:26 -05:00
Jason Ertel
fc44474519 Add eval automation 2021-01-06 14:37:26 -05:00
Jason Ertel
229657f7d2 Use AMI's public IP for external access 2021-01-06 14:37:26 -05:00
Jason Ertel
fb28faa4e3 Monitor interface will not always be bond0 - pull correct value from pillar; Replay test data after automated test installations complete. 2021-01-06 14:37:26 -05:00
weslambert
36ae09ac4a Merge pull request #2545 from Security-Onion-Solutions/fix/wazuh_port_reservation 
Reserve port for Wazuh API and check if port is already in use
 2021-01-06 11:49:23 -05:00
weslambert
55344725e7 Merge pull request #2544 from Security-Onion-Solutions/fix/winlog_timestamp 
Set @timestamp to winlog.systemTime
 2021-01-06 11:49:01 -05:00
Wes Lambert
875908dc90 Set @timestamp to winlog.systemTime 2021-01-06 16:47:35 +00:00
Wes Lambert
f2b677bfcb Reserve port for Wazuh API and check if port is already in use 2021-01-06 15:52:10 +00:00
m0duspwnens
48f81d9ac6 reduce setting ssh commands down to 1 function and 1 function call 2021-01-06 08:58:33 -05:00
m0duspwnens
94fd79cd28 originally had sshpass package install reveresed, fixed it here 2021-01-06 08:51:33 -05:00
m0duspwnens
aecc0c025e fix comment 2021-01-06 08:49:08 -05:00
m0duspwnens
91ad7f26bf no longer need to pass $automated to compare_versions 2021-01-06 08:45:33 -05:00
m0duspwnens
c65e722164 Merge branch 'dev' of https://github.com/Security-Onion-Solutions/securityonion into dev 2021-01-06 08:39:56 -05:00
m0duspwnens
749b21e684 make sure ssh commands get set whether automated install or not 2021-01-05 14:12:43 -05:00
Mike Reeves
1154b533d6 Remove ERSPAN so log doesn't show a warning 2021-01-05 13:56:56 -05:00
m0duspwnens
0f9bf9deb6 make sshcmd, scpcmd, ssh_copy_id_cmd global to so-functions; 2021-01-05 13:49:51 -05:00
m0duspwnens
c93dfa7b33 hardcode automation pw 2021-01-05 11:47:22 -05:00
m0duspwnens
81c4d879eb first round of testing for automated testing ssh/scp 2021-01-05 10:26:19 -05:00
Mike Reeves
dc429494ac Merge pull request #2370 from Masaya-A/improve/yum 
Make yum removing unneeded packages
 2021-01-05 09:26:04 -05:00
William Wernert
294601ff64 [feat] Reorder network-only prompt 2021-01-04 16:40:16 -05:00
weslambert
707528d7e8 Merge pull request #2530 from Security-Onion-Solutions/fix/strelka_cron_2 
Remove multiple old so-yara-update cron jobs, if needed
 2021-01-04 16:30:22 -05:00
weslambert
c1e245043e Remove multiple old so-yara-update cron jobs, if needed 2021-01-04 16:29:32 -05:00
William Wernert
f94e421f4e [fix] Fix automation compatibility 2021-01-04 14:46:48 -05:00
m0duspwnens
38f985ae22 Merge branch 'dev' of https://github.com/Security-Onion-Solutions/securityonion into dev 2021-01-04 14:10:41 -05:00
William Wernert
9d674d6d3a [feat] Add so-monitor-add script 2021-01-04 13:35:14 -05:00
William Wernert
7bfac1e8df [fix] Don't prompt to only set up network and then skip if network was previously configured 2021-01-04 11:58:25 -05:00
William Wernert
65c3849c7b Merge pull request #2527 from Security-Onion-Solutions/feature/setup 
Feature/setup
 2021-01-04 11:41:07 -05:00
William Wernert
f8c7413b15 [fix] Move is_iso variable assignment up 2021-01-04 10:37:07 -05:00
weslambert
e51f60f7fa Merge pull request #2521 from Security-Onion-Solutions/fix/strelka_rule_cron 
Remove old Strelka cron job
 2021-01-04 10:19:50 -05:00
weslambert
535820bfa7 Remove old Strelka cron job 2021-01-04 10:18:32 -05:00
William Wernert
0fa001ed92 [fix] Add more logic to network-only process 2021-01-04 09:27:22 -05:00
William Wernert
a714d36b99 [fix] Remove condition for stopping SOC, since the parent condition covers what's tested 2021-01-02 21:03:15 -05:00
Jason Ertel
455da7ec5d Only stop SOC if is_manager or is_import 2020-12-31 15:09:22 -05:00
Jason Ertel
4b244645ba so-fleet-setup doesn't need an interactive terminal to run, remove 'it' 2020-12-31 10:52:59 -05:00
Jason Ertel
6b81419d38 tcpreplay doesn't need an interactive terminal to run, remove 'it' 2020-12-30 22:02:19 -05:00
Jason Ertel
e167bfed20 Redirect tcpreplay init output to file 2020-12-30 18:48:56 -05:00
Jason Ertel
df305c49a6 Stop SOC prior to opening the firewall for analysts, this ensures no outside requests can be processed prior to the server rebooting 2020-12-30 16:33:46 -05:00
William Wernert
3f3fe78322 [fix] Correct reversed logic 2020-12-30 14:01:20 -05:00
Jason Ertel
13f0ddabfc Use manager internal IP for intra-service comms 2020-12-30 12:02:42 -05:00
Jason Ertel
19d14cf277 Fix script typo to correctly run the so-test 2020-12-30 10:31:04 -05:00
Jason Ertel
a49ddfb887 Reboot to ensure thehive falls in line before kicking off the test 2020-12-29 20:42:50 -05:00
Jason Ertel
827a571db8 Ensure so-test is logged 2020-12-29 17:25:53 -05:00
Jason Ertel
989e2b8b78 Add eval automation 2020-12-29 16:15:10 -05:00
William Wernert
0a57b78900 [feat] Add option to set up only network on an iso 2020-12-29 12:52:21 -05:00
Jason Ertel
74dd2187fb Use AMI's public IP for external access 2020-12-29 11:16:57 -05:00