CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-07 17:52:46 +01:00
Code Issues Packages Projects Releases Wiki Activity
17,078 Commits 24 Branches 119 Tags
5da3fed1cec5a4865a837f29cf3663749017fac2
Commit Graph

382 Commits

Author SHA1 Message Date
Jorge Reyes
4d24c57903 Merge pull request #15028 from Security-Onion-Solutions/reyesj2/ea-alerter 
agent monitor template & dataset name update
 2025-09-12 14:45:20 -05:00
reyesj2
0606c0a454 agent monitor template & dataset name update 2025-09-12 14:26:22 -05:00
Jorge Reyes
a54cd004d6 Merge pull request #15013 from Security-Onion-Solutions/reyesj2/kfoutput 
update kafka output policy
 2025-09-12 07:34:54 -05:00
reyesj2
a7651b2734 lower filestream fingerprint length 2025-09-11 14:30:49 -05:00
reyesj2
890f76e45c avoid delay in log ingest after a forced kafka output policy update 2025-09-10 20:21:11 -05:00
reyesj2
8dc0f8d20e fix elastic agent ssl unpack error 2025-09-10 12:49:30 -05:00
reyesj2
8f36d2ec00 update log file name 2025-09-09 15:38:50 -05:00
reyesj2
9f7bcb0f7d add --force flag to so-kafka-fleet-output-policy & default to using fleet secret storage for client key 2025-09-08 21:13:11 -05:00
reyesj2
dfec29d18e custom kquery 2025-09-04 15:37:28 -05:00
reyesj2
1a32a0897c Merge remote-tracking branch 'origin/2.4/dev' into reyesj2/ea-alerter 2025-09-02 17:11:21 -05:00
reyesj2
e26310d172 elastic agent offline alerter 
Signed-off-by: reyesj2 <94730068+reyesj2@users.noreply.github.com>
 2025-09-02 17:00:03 -05:00
reyesj2
a5675a79fe es 8.18.6 pipeline upd 2025-08-28 19:45:17 -05:00
reyesj2
c1a5c2b2d1 set elasticfleet aritifact registry artifact file permissions 2025-08-12 14:39:35 -05:00
reyesj2
e8c25d157f drop empty ip fields when its a opencanary startup log (1001) to prevent elasticsearch doc ingest error 2025-07-23 15:52:50 -05:00
reyesj2
2e5682f11c 8.18.4 import evtx pipelines 2025-07-23 09:53:04 -05:00
reyesj2
4728b96c51 add a retry to so-elastic-fleet-integration-upgrade when response isn't what was expected that way the error message isn't throwin into sosetup / soup log 2025-07-22 16:16:28 -05:00
reyesj2
8a57b79b77 make package installs go in groups of 25 or less 2025-07-10 15:52:59 -05:00
reyesj2
a4e8e7ea53 update syslog-tcp-514 policy 2025-07-10 13:12:26 -05:00
reyesj2
95ba327eb3 cribl metrics template rename 2025-07-10 11:08:46 -05:00
reyesj2
d846fe55e1 typos 2025-07-09 15:40:36 -05:00
Jorge Reyes
3b2942651e Update salt/elasticfleet/files/integrations/elastic-defend/elastic-defend-endpoints.json 2025-07-09 15:14:24 -05:00
reyesj2
fa6f4100dd ensure elasticsearch is up 2025-07-09 14:48:15 -05:00
reyesj2
33e2d18aa7 endpoint policy update 2025-07-09 13:59:01 -05:00
reyesj2
a03764d956 additional weird integration 2025-07-09 12:34:53 -05:00
reyesj2
3fb703cd22 check if generic template exists in installed component templates before defaulting to logs-filestream.generic@package 2025-07-09 11:59:25 -05:00
reyesj2
bef2fa9e8d 8.18.3 pipeline updates 2025-07-08 16:09:16 -05:00
reyesj2
d4f0cbcb67 changes for 'generic' integrations with no compoent templates assigned. Default to using the logs-filestream.generic@package componet template 2025-07-08 15:23:46 -05:00
Josh Patterson
b0a8191f59 Merge remote-tracking branch 'origin/2.4/dev' into vlb2 2025-05-19 10:02:26 -04:00
Josh Brower
a0aafb7c51 Cleanup 2025-05-09 10:29:23 -04:00
Josh Patterson
61f8b251f0 cp to mv 2025-05-09 09:25:46 -04:00
Josh Patterson
75dd04c398 fix file permissions for download 2025-05-09 09:21:30 -04:00
Josh Brower
42ba778740 Only upgrade node agents for local stack version 2025-05-07 16:08:47 -04:00
Josh Patterson
8c37a4454c merge and fix conflicts 2025-05-06 11:55:42 -04:00
Josh Patterson
1931de2e52 copy so_agent-installers to nsm for nginx 2025-05-05 12:40:56 -04:00
Josh Patterson
ed80c4e13b Merge remote-tracking branch 'origin/2.4/dev' into vlb2 2025-04-23 15:42:04 -04:00
reyesj2
559190aee3 upgrade integrations if they aren't in an agent policy 2025-04-22 09:38:22 -05:00
reyesj2
8c4cf0ba08 keep hard failure 2025-04-22 07:29:12 -05:00
reyesj2
e17fea849a continue loop after encountering error with first 2025-04-21 20:32:42 -05:00
reyesj2
166e4e0ebc make bool 2025-04-21 15:51:36 -05:00
reyesj2
4b7478654f run optional integrations script so packages get installed. Hold updates unless auto_update_integrations is set 2025-04-21 14:29:37 -05:00
reyesj2
4e6c707067 Merge branch '2.4/dev' of github.com:Security-Onion-Solutions/securityonion into reyesj2/fix-14516 2025-04-21 10:48:25 -05:00
reyesj2
c89adce3a1 default disable automatic upgrades for optional integration packages & policies 2025-04-21 10:48:18 -05:00
Josh Brower
5fd7bf311d Add fallback 2025-04-15 13:57:55 -04:00
Josh Brower
152fdaa7bb Support Kratos user.name lookup 2025-04-15 11:40:43 -04:00
Josh Patterson
21bb325157 Merge remote-tracking branch 'origin/2.4/dev' into vlb2 2025-04-14 08:22:42 -04:00
Jorge Reyes
c11a10638b Merge pull request #14528 from Security-Onion-Solutions/reyesj2-patch-4 
external access to kafka topics via user/pass auth
 2025-04-11 10:52:40 -05:00
Josh Brower
4cdfb6e3eb Fix comma 2025-04-11 07:49:35 -04:00
Josh Brower
f94c81a041 Extract log level and drop INFO level 2025-04-11 07:45:12 -04:00
reyesj2
5498673fc3 group events in 10s and remove deprecated output configuration option 2025-04-10 09:46:37 -05:00
Josh Patterson
f9bf4e4130 Merge remote-tracking branch 'origin/2.4/dev' into vlb2 2025-03-27 11:26:32 -04:00