William Wernert
|
62971d8c15
|
Add Fleet custom hostname to end summary
|
2021-10-22 11:57:47 -04:00 |
|
William Wernert
|
352e30f9e1
|
Add CUSTOM_FLEET_HOSTNAME to subjectAltName of fleet.key
Resolves #4319
|
2021-10-22 11:16:29 -04:00 |
|
William Wernert
|
f374dcbb58
|
Check for IP environment variable in so-allow and so-deny
|
2021-10-21 13:54:06 -04:00 |
|
William Wernert
|
15fe7512b7
|
Install lxml during setup and in common state
|
2021-10-21 10:49:41 -04:00 |
|
William Wernert
|
0beeeb94bf
|
Actually add new so-allow script
|
2021-10-21 10:48:17 -04:00 |
|
William Wernert
|
387d4d6ad5
|
Add so-deny script + rewrite so-allow to match so-deny
|
2021-10-20 16:44:57 -04:00 |
|
William Wernert
|
adf6cb4b3c
|
Merge branch 'dev' into foxtrot
|
2021-10-20 16:44:50 -04:00 |
|
William Wernert
|
0ed2ce0766
|
Fix validation.sh tests
|
2021-10-20 16:44:09 -04:00 |
|
William Wernert
|
b5cb47e066
|
Fix sbin perms
|
2021-10-20 16:43:55 -04:00 |
|
Josh Patterson
|
8061508330
|
Merge pull request #5961 from Security-Onion-Solutions/issue/5960
Issue/5960
|
2021-10-20 16:08:50 -04:00 |
|
m0duspwnens
|
adffb11800
|
fix redis port
|
2021-10-20 15:39:21 -04:00 |
|
m0duspwnens
|
8619af59cc
|
servers to list format
|
2021-10-20 15:02:33 -04:00 |
|
m0duspwnens
|
7ecfb55b70
|
fix pillar call
|
2021-10-20 14:50:50 -04:00 |
|
m0duspwnens
|
b496810b63
|
add redis and logstash input plugins to telegraf
|
2021-10-20 14:46:47 -04:00 |
|
Mike Reeves
|
e1ad02c28d
|
Merge pull request #5949 from Security-Onion-Solutions/kilo
Fix Docker-created corruption of SOC user roles file
|
2021-10-19 18:37:37 -04:00 |
|
Jason Ertel
|
2f8bb5a2a6
|
Fix Docker-created corruption of SOC user roles file
|
2021-10-19 16:04:10 -04:00 |
|
weslambert
|
6f3e441bf7
|
Merge pull request #5945 from Security-Onion-Solutions/fix/soc_index_pattern
Remove space to allow pattern(s) to be correctly interpreted
|
2021-10-19 13:05:40 -04:00 |
|
Mike Reeves
|
7f1585dcc0
|
Merge pull request #5942 from Security-Onion-Solutions/tunesteno
Fix Steno Math for PL
|
2021-10-19 13:03:50 -04:00 |
|
weslambert
|
9453ed7fa1
|
Remove space to allow pattern(s) to be correctly interpreted
|
2021-10-19 13:01:40 -04:00 |
|
Mike Reeves
|
64f25961b0
|
Fix Steno Math for PL
|
2021-10-19 11:15:58 -04:00 |
|
Mike Reeves
|
b9a3d3a6a9
|
Fix Steno Math for PL
|
2021-10-19 11:14:02 -04:00 |
|
Mike Reeves
|
00e5b54dda
|
Merge pull request #5911 from Security-Onion-Solutions/tunesteno
Add Steno Tuning Options
|
2021-10-18 09:01:14 -04:00 |
|
Mike Reeves
|
4016b416ec
|
Merge pull request #5923 from Security-Onion-Solutions/kilo
Upgrade to ES 7.15.1
|
2021-10-16 09:15:06 -04:00 |
|
weslambert
|
7590728a0b
|
Merge pull request #5915 from Security-Onion-Solutions/feature/ti_module
Add TI module
|
2021-10-15 17:17:33 -04:00 |
|
weslambert
|
bb36fc1ed8
|
Add TI module defaults
|
2021-10-15 17:16:38 -04:00 |
|
weslambert
|
d0a6dafc8b
|
Add TI module
|
2021-10-15 17:09:59 -04:00 |
|
Mike Reeves
|
a9f6c84d7c
|
Add Steno Tuning Options
|
2021-10-15 14:17:54 -04:00 |
|
weslambert
|
6f1f7d2a63
|
Merge pull request #5905 from Security-Onion-Solutions/feature/soc_es_index_pattern
Allow setting ES index patterns for SOC in pillar
|
2021-10-15 13:28:04 -04:00 |
|
Jason Ertel
|
8de8d58155
|
Upgrade to ES 7.15.1
|
2021-10-15 13:27:08 -04:00 |
|
Wes Lambert
|
8feeff97b5
|
Add EG index pattern during setup (if enabled)
|
2021-10-15 16:19:19 +00:00 |
|
Wes Lambert
|
032373187c
|
Allow setting ES index patterns for SOC in pillar
|
2021-10-15 16:02:53 +00:00 |
|
William Wernert
|
db2b70f655
|
Merge pull request #5900 from Security-Onion-Solutions/foxtrot
Replace rather than append to Kibana misc log
|
2021-10-15 10:27:25 -04:00 |
|
Jason Ertel
|
1800ec4570
|
Upgrade to Elastalert 2 v2.2.2
|
2021-10-15 09:25:44 -04:00 |
|
Mike Reeves
|
8a5960c220
|
Merge pull request #5896 from Security-Onion-Solutions/kilo
|
2021-10-14 18:05:33 -04:00 |
|
Jason Ertel
|
9797a15218
|
Fix issue with 'so-user delete' resetting all user roles - note that this function is not technically supported or published since it's not intended for production use
|
2021-10-14 17:23:18 -04:00 |
|
William Wernert
|
c7b15a9b1f
|
Replace rather than append to Kibana misc log
|
2021-10-14 15:13:55 -04:00 |
|
William Wernert
|
cba97802fe
|
Fix indent
|
2021-10-14 15:13:34 -04:00 |
|
William Wernert
|
025256aeaf
|
Merge pull request #5890 from Security-Onion-Solutions/foxtrot
Misc setup changes
|
2021-10-14 14:55:24 -04:00 |
|
weslambert
|
490f7eaf81
|
Merge pull request #5886 from Security-Onion-Solutions/feature/eg_pivot
Add EG pivot
|
2021-10-14 14:49:38 -04:00 |
|
Wes Lambert
|
f1fafa015e
|
Add EG to list of groups to include 127.0.0.1
|
2021-10-14 16:27:28 +00:00 |
|
Wes Lambert
|
6cdc214582
|
Add pillar in setup and change name of EG variable
|
2021-10-14 15:33:37 +00:00 |
|
Wes Lambert
|
15049f44b9
|
Add EG pivot
|
2021-10-14 15:15:23 +00:00 |
|
Doug Burks
|
42a642b85c
|
Merge pull request #5873 from petiepooo/enh-rediscount-tty
featreq: remove tty flag in redis-count script
|
2021-10-14 10:07:07 -04:00 |
|
weslambert
|
3b45e68ead
|
Merge pull request #5885 from Security-Onion-Solutions/feature/jinjafy_soc_actions
Allow SOC actions to use Jinja
|
2021-10-14 10:03:12 -04:00 |
|
Wes Lambert
|
5ee0ea3fe7
|
Allow SOC actions to use Jinja
|
2021-10-14 13:59:55 +00:00 |
|
weslambert
|
55c60f485c
|
Merge pull request #5884 from Security-Onion-Solutions/feature/hl_eg
Add EG firewall allowance via setup
|
2021-10-14 09:55:07 -04:00 |
|
Wes Lambert
|
78e88e0765
|
Add EG firewall allowance via setup
|
2021-10-13 21:42:54 +00:00 |
|
Wes Lambert
|
a9b250c0f4
|
Add EG firewall config
|
2021-10-13 21:37:59 +00:00 |
|
weslambert
|
f9001654bb
|
Merge pull request #5871 from Security-Onion-Solutions/feature/hl_eg
Initial EG stuff
|
2021-10-13 15:07:03 -04:00 |
|
Wes Lambert
|
2a504a061b
|
Add Curator action files for EG indices
|
2021-10-13 18:40:34 +00:00 |
|