CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-06 09:12:45 +01:00
Code Issues Packages Projects Releases Wiki Activity
15,234 Commits 24 Branches 119 Tags
628893fd5b85da670d7fd4860c00dfe93ae208b5
Commit Graph

15234 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
reyesj2
628893fd5b remove redundant 'kafka_' from annotations & defaults 
Signed-off-by: reyesj2 <94730068+reyesj2@users.noreply.github.com>
 2024-06-11 11:56:21 -04:00
reyesj2
a81e4c3362 remove dash(-) from kafka.id 
Signed-off-by: reyesj2 <94730068+reyesj2@users.noreply.github.com>
 2024-06-11 11:55:17 -04:00
reyesj2
ca7b89c308 Added Kafka reset to SOC UI. Incase of changing an active broker to a controller topics may become unavailable. Resolving this would require manual intervention. This option allows running a reset to start from a clean slate to then configure cluster to desired state before reenabling Kafka as global pipeline. 
Signed-off-by: reyesj2 <94730068+reyesj2@users.noreply.github.com>
 2024-06-11 11:21:13 -04:00
reyesj2
08557ae287 kafka.id field should only be present when metadata for kafka exists 
Signed-off-by: reyesj2 <94730068+reyesj2@users.noreply.github.com>
 2024-06-11 11:01:34 -04:00
reyesj2
824f852ed7 merge 2.4/dev 
Signed-off-by: reyesj2 <94730068+reyesj2@users.noreply.github.com>
 2024-06-10 11:26:23 -04:00
reyesj2
284c1be85f Update Kafka controller(s) via SOC UI 
Signed-off-by: reyesj2 <94730068+reyesj2@users.noreply.github.com>
 2024-06-10 11:08:54 -04:00
Jason Ertel
7ad6baf483 Merge pull request #13171 from Security-Onion-Solutions/jertel/yaml 
correct placement of error check override
 2024-06-08 08:21:20 -04:00
Jason Ertel
f1638faa3a correct placement of error check override 2024-06-08 08:18:34 -04:00
Jason Ertel
dea786abfa Merge pull request #13170 from Security-Onion-Solutions/jertel/yaml 
gracefully handle missing parent key
 2024-06-08 07:49:49 -04:00
Jason Ertel
f96b82b112 gracefully handle missing parent key 2024-06-08 07:44:46 -04:00
Josh Patterson
95fe11c6b4 Merge pull request #13162 from Security-Onion-Solutions/soupmsgq 
fix elastic templates not loading due to global_override phases
 2024-06-07 16:23:03 -04:00
Jason Ertel
f2f688b9b8 Update soup 2024-06-07 16:18:09 -04:00
m0duspwnens
0139e18271 additional description 2024-06-07 16:03:21 -04:00
Mike Reeves
657995d744 Merge pull request #13165 from Security-Onion-Solutions/TOoSmOotH-patch-3 
Update defaults.yaml
 2024-06-07 15:38:01 -04:00
Mike Reeves
4057238185 Update defaults.yaml 2024-06-07 15:33:49 -04:00
coreyogburn
fb07ff65c9 Merge pull request #13164 from Security-Onion-Solutions/cogburn/tls-options 
AdditionalCA and InsecureSkipVerify
 2024-06-07 13:10:45 -06:00
Mike Reeves
dbc56ffee7 Update defaults.yaml 2024-06-07 15:09:09 -04:00
Corey Ogburn
ee696be51d Remove rootCA and insecureSkipVerify from SOC defaults 2024-06-07 13:07:04 -06:00
Corey Ogburn
5d3fd3d389 AdditionalCA and InsecureSkipVerify 
New fields have been added to manager and then duplicated over to SOC's config in the same vein as how proxy was updated earlier this week.

AdditionalCA holds the PEM formatted public keys that should be trusted when making requests. It has been implemented for both Sigma's zip downloads and Sigma and Suricata's repository clones and pulls.

InsecureSkipVerify has been added to help our users troubleshoot their configuration. Setting it to true will not verify the cert on outgoing requests. Self signed, missing, or invalid certs will not throw an error.
 2024-06-07 12:47:09 -06:00
Corey Ogburn
fa063722e1 RootCA and InsecureSkipVerify 
New empty settings and their annotations.
 2024-06-07 09:10:14 -06:00
m0duspwnens
f5cc35509b fix output alignment 2024-06-07 11:03:26 -04:00
m0duspwnens
d39c8fae54 format output 2024-06-07 09:01:16 -04:00
m0duspwnens
d3b81babec check for phases with so-yaml, remove if exists 2024-06-06 16:15:21 -04:00
coreyogburn
f35f6bd4c8 Merge pull request #13154 from Security-Onion-Solutions/cogburn/soc-proxy 
SOC Proxy Setting
 2024-06-06 14:03:16 -06:00
Mike Reeves
d5cfef94a3 Merge pull request #13156 from Security-Onion-Solutions/TOoSmOotH-patch-3 2024-06-06 16:01:22 -04:00
Mike Reeves
f37f5ba97b Update soc_suricata.yaml 2024-06-06 15:57:58 -04:00
Corey Ogburn
42818a9950 Remove proxy from SOC defaults 2024-06-06 13:28:07 -06:00
Corey Ogburn
e85c3e5b27 SOC Proxy Setting 
The so_proxy value we build during install is now copied to SOC's config.
 2024-06-06 11:55:27 -06:00
m0duspwnens
a39c88c7b4 add set to troubleshoot failure 2024-06-06 12:56:24 -04:00
m0duspwnens
73ebf5256a Merge remote-tracking branch 'origin/2.4/dev' into soupmsgq 2024-06-06 12:44:45 -04:00
Jason Ertel
6d31cd2a41 Merge pull request #13150 from Security-Onion-Solutions/jertel/yaml 
add ability to retrieve yaml values via so-yaml.py; improve so-minion id matching
 2024-06-06 12:09:03 -04:00
Jason Ertel
5600fed9c4 add ability to retrieve yaml values via so-yaml.py; improve so-minion id matching 2024-06-06 11:56:07 -04:00
m0duspwnens
6920b77b4a fix msg 2024-06-06 11:00:43 -04:00
m0duspwnens
ccd6b3914c add final msg queue for soup. 2024-06-06 10:33:55 -04:00
reyesj2
c4723263a4 Remove unused kafka reactor 
Signed-off-by: reyesj2 <94730068+reyesj2@users.noreply.github.com>
 2024-06-06 08:59:17 -04:00
reyesj2
4581a46529 Merge remote-tracking branch 'remotes/origin/2.4/dev' into reyesj2/kafka 2024-06-05 20:47:41 -04:00
Josh Patterson
33a2c5dcd8 Merge pull request #13141 from Security-Onion-Solutions/sotcprp 
move so-tcpreplay from common state to sensor state
 2024-06-05 09:49:39 -04:00
m0duspwnens
f6a8a21f94 remove space 2024-06-05 08:58:46 -04:00
m0duspwnens
ff5773c837 move so-tcpreplay back to common. return empty string if no sensor.interface pillar 2024-06-05 08:56:32 -04:00
m0duspwnens
66f8084916 Merge remote-tracking branch 'origin/2.4/dev' into sotcprp 2024-06-05 08:32:54 -04:00
m0duspwnens
a2467d0418 move so-tcpreplay to sensor state 2024-06-05 08:24:57 -04:00
reyesj2
3b0339a9b3 create kafka.id from kafka {partition}-{offset}-{timestamp} for tracking event 
Signed-off-by: reyesj2 <94730068+reyesj2@users.noreply.github.com>
 2024-06-04 14:27:52 -04:00
reyesj2
fb1d4fdd3c update license 
Signed-off-by: reyesj2 <94730068+reyesj2@users.noreply.github.com>
 2024-06-04 12:33:51 -04:00
Josh Patterson
56a16539ae Merge pull request #13134 from Security-Onion-Solutions/sotcprp 
so-tcpreplay now runs if manager is offline
 2024-06-04 10:43:33 -04:00
m0duspwnens
c0b2cf7388 add the curlys 2024-06-04 10:28:21 -04:00
reyesj2
d9c58d9333 update receiver pillar access 
Signed-off-by: reyesj2 <94730068+reyesj2@users.noreply.github.com>
 2024-06-04 08:33:45 -04:00
Josh Patterson
ef3a52468f Merge pull request #13129 from Security-Onion-Solutions/salt3006.8 
salt 3006.6
 2024-06-03 15:29:19 -04:00
m0duspwnens
c88b731793 revert to 3006.6 2024-06-03 15:27:08 -04:00
reyesj2
2e85a28c02 Remove so-kafka-clusterid script, created during soup 
Signed-off-by: reyesj2 <94730068+reyesj2@users.noreply.github.com>
 2024-06-02 18:25:59 -04:00
weslambert
964fef1aab Merge pull request #13117 from Security-Onion-Solutions/fix/items_and_lists 
Add templates for .items and .lists indices
 2024-05-31 16:34:29 -04:00