securityonion

mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2026-04-10 14:51:56 +02:00

Author	SHA1	Message	Date
Mike Reeves	55be1f1119	Only add postgres module config on manager nodes Removed postgres from soc/defaults.yaml (shared by all nodes) and moved it entirely into defaults.map.jinja, which only injects the config when postgres auth pillar exists (manager-type nodes). Sensors and other non-manager nodes will not have a postgres module section in their sensoroni.json, so sensoroni won't try to connect.	2026-04-09 21:09:43 -04:00
Mike Reeves	c1b1452bd9	Use manager IP for postgres hostUrl instead of container hostname SOC connects to postgres via the host network, not the Docker bridge network, so it needs the manager's IP address rather than the container hostname.	2026-04-09 19:34:14 -04:00
Mike Reeves	2dfa83dd7d	Wire postgres credentials into SOC module config - Create vars/postgres.map.jinja for postgres auth globals - Add POSTGRES_GLOBALS to all manager-type role vars (manager, eval, standalone, managersearch, import) - Add postgres module config to soc/defaults.yaml - Inject so_postgres credentials from auth pillar into soc/defaults.map.jinja (conditional on auth pillar existing)	2026-04-09 14:09:32 -04:00
Mike Reeves	b87af8ea3d	Add postgres.auth to allowed_states Matches the elasticsearch.auth pattern where auth states use the full sls path check and are explicitly listed.	2026-04-09 12:39:46 -04:00
Mike Reeves	46e38d39bb	Enable postgres by default Safe because postgres states are only applied to manager-type nodes via top.sls and allowed_states.map.jinja.	2026-04-09 12:23:47 -04:00
Mike Reeves	61bdfb1a4b	Add daily PostgreSQL database backup - pg_dumpall piped through gzip, stored in /nsm/backup/ - Runs daily at 00:05 (4 minutes after config backup) - 7-day retention matching existing config backup policy - Skips gracefully if container isn't running	2026-04-09 10:29:10 -04:00
Mike Reeves	358a2e6d3f	Add so-postgres to container image pull list Add to both the import and default manager container lists so the image gets downloaded during installation.	2026-04-09 10:02:41 -04:00
Mike Reeves	762e73faf5	Add so-postgres host management scripts - so-postgres-manage: wraps docker exec for psql operations (sql, sqlfile, shell, dblist, userlist) - so-postgres-start/stop/restart: standard container lifecycle - Scripts installed to /usr/sbin via file.recurse in config.sls	2026-04-09 09:55:42 -04:00
Mike Reeves	868cd11874	Add so-postgres Salt states and integration wiring Phase 1 of the PostgreSQL central data platform: - Salt states: init, enabled, disabled, config, ssl, auth, sostatus - TLS via SO CA-signed certs with postgresql.conf template - Two-tier auth: postgres superuser + so_postgres application user - Firewall restricts port 5432 to manager-only (HA-ready) - Wired into top.sls, pillar/top.sls, allowed_states, firewall containers map, docker defaults, CA signing policies, and setup scripts for all manager-type roles	2026-04-08 10:58:52 -04:00
Mike Reeves	88de246ce3	Merge pull request #15725 from Security-Onion-Solutions/3/main License Link to dev	2026-04-06 10:59:22 -04:00
Mike Reeves	3643b57167	Merge pull request #15724 from Security-Onion-Solutions/TOoSmOotH-patch-2 Fix JA4+ license link in soc_zeek.yaml	2026-04-06 10:24:04 -04:00
Mike Reeves	5b3ca98b80	Fix JA4+ license link in soc_zeek.yaml Updated the license link in the JA4+ fingerprinting description.	2026-04-06 10:12:37 -04:00
Jason Ertel	76f4ccf8c8	Merge pull request #15705 from Security-Onion-Solutions/3/main Merge pr/workflow changes back to dev	2026-04-01 10:57:34 -04:00
Jason Ertel	2a37ad82b2	Merge pull request #15704 from Security-Onion-Solutions/jertel/mainpr pr/workflow changes	2026-04-01 10:55:57 -04:00
Jason Ertel	80540da52f	pr/workflow changes	2026-04-01 10:48:47 -04:00
Jason Ertel	e4ba3d6a2a	pr/workflow changes	2026-04-01 10:47:59 -04:00
Mike Reeves	3dec6986b6	Merge pull request #15702 from Security-Onion-Solutions/3/main soup fix	2026-03-31 15:12:01 -04:00
Mike Reeves	bbfb58ea4e	Merge pull request #15701 from Security-Onion-Solutions/TOoSmOotH-patch-1 Update SOUP_BRANCH to use 3/main instead of 2.4/main	2026-03-31 15:09:34 -04:00
Mike Reeves	c91deb97b1	Update SOUP_BRANCH to use 3/main instead of 2.4/main	2026-03-31 15:07:23 -04:00
Mike Reeves	ff45e5ebc6	Merge pull request #15699 from Security-Onion-Solutions/TOoSmOotH-patch-4 Version Bump	2026-03-31 13:55:55 -04:00
Mike Reeves	1e2b51eae6	Add version 3.1.0 to discussion template options	2026-03-31 13:53:00 -04:00
Mike Reeves	58d332ea94	Bump version from 3.0.0 to 3.1.0	2026-03-31 13:52:07 -04:00
Mike Reeves	dcc67b9b8f	Merge pull request #15696 from Security-Onion-Solutions/3/dev 3.0.0 3.0.0-20260331	2026-03-31 13:47:03 -04:00
Mike Reeves	cd886dd0f9	Merge pull request #15698 from Security-Onion-Solutions/merge-main-into-dev Merge 3/main into 3/dev	2026-03-31 09:49:36 -04:00
Mike Reeves	37a6e28a6c	Merge remote-tracking branch 'origin/3/dev' into merge-main-into-dev	2026-03-31 09:48:06 -04:00
Mike Reeves	434a2e7866	Merge pull request #15695 from Security-Onion-Solutions/3.0.0 3.0.0	2026-03-31 09:33:34 -04:00
Mike Reeves	79707db6ee	3.0.0	2026-03-31 09:17:08 -04:00
Josh Brower	0707507412	Merge pull request #15694 from Security-Onion-Solutions/fixpath Remove hardcoded index	2026-03-30 12:47:55 -04:00
Josh Brower	c7e865aa1c	Remove hardcoded index	2026-03-30 12:42:48 -04:00
Josh Brower	a89db79854	Merge pull request #15691 from Security-Onion-Solutions/jertel/wip revisit workflows	2026-03-27 16:24:30 -04:00
Jason Ertel	812f65eee8	revisit workflows	2026-03-27 16:11:31 -04:00
Josh Patterson	cfa530ba9c	Merge pull request #15690 from Security-Onion-Solutions/delta ensure bool sliders soc	2026-03-27 15:19:30 -04:00
Josh Patterson	922c008b11	ensure bool sliders soc	2026-03-27 15:02:54 -04:00
Mike Reeves	ea30749512	Merge pull request #15676 from Security-Onion-Solutions/TOoSmOotH-patch-3 Make AI adapter settings visible	2026-03-26 09:43:58 -04:00
Mike Reeves	0a55592d7e	Make AI adapter settings visible Changed 'advanced' field from True to False for AI adapters and available models.	2026-03-26 09:37:39 -04:00
Josh Brower	115ca2c41d	Merge pull request #15672 from Security-Onion-Solutions/yaracomments update yara template	2026-03-24 15:59:48 -04:00
Josh Brower	9e53bd3f2d	update yara template	2026-03-24 15:56:26 -04:00
Josh Brower	d4f1078f84	Merge pull request #15669 from Security-Onion-Solutions/lowercasefix Lowercase network transport	2026-03-24 11:30:13 -04:00
Josh Brower	1f9bf45b66	Lowercase network transport	2026-03-24 11:24:59 -04:00
Mike Reeves	271de757e7	Merge pull request #15667 from Security-Onion-Solutions/TOoSmOotH-patch-1 Enable clean option for Zeek configuration	2026-03-24 09:56:03 -04:00
Mike Reeves	d4ac352b5a	Enable clean option for Zeek configuration	2026-03-24 09:54:49 -04:00
Jorge Reyes	afcef1d0e7	Merge pull request #15661 from Security-Onion-Solutions/reyesj2-361 update stig profile v1r3	2026-03-23 18:09:33 -05:00
Josh Patterson	91b164b728	Merge pull request #15665 from Security-Onion-Solutions/delta allow negation in suricata address-group vars	2026-03-23 17:34:21 -04:00
Josh Patterson	6a4501241d	allow negation in suricata address-group vars	2026-03-23 17:24:12 -04:00
Josh Brower	c6978f9037	Merge pull request #15663 from Security-Onion-Solutions/fix/idh-skins Remove hardcoded path	2026-03-23 16:30:51 -04:00
Josh Brower	7300513636	Remove hardcoded path	2026-03-23 16:26:56 -04:00
Jorge Reyes	fb7b73c601	Merge pull request #15662 from Security-Onion-Solutions/reyesj2-patch-1 exclude oscap profile from gitleaks	2026-03-23 14:23:24 -05:00
Jorge Reyes	f2b6d59c65	exclude oscap profile from gitleaks	2026-03-23 14:17:39 -05:00
reyesj2	67162357a3	update stig profile v1r3	2026-03-23 14:04:48 -05:00
Jason Ertel	8ea97e4af3	Merge pull request #15658 from Security-Onion-Solutions/jertel/wip do not attempt to redirect to a source map after login	2026-03-23 09:55:31 -04:00

1 2 3 4 5 ...

17975 Commits