CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2026-04-27 23:18:08 +02:00
Code Issues Packages Projects Releases Wiki Activity
6,141 Commits 41 Branches 125 Tags
6de70ec820fe971d8ded31ad1e3af57ab6dfde96
Commit Graph

6141 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Jason Ertel bdbc637852 Stop SOC prior to opening the firewall for analysts, this ensures no outside requests can be processed prior to the server rebooting 2021-01-06 14:37:27 -05:00
Jason Ertel 10d04f760d Use manager internal IP for intra-service comms 2021-01-06 14:37:26 -05:00
Jason Ertel ebb0e615b9 Fix script typo to correctly run the so-test 2021-01-06 14:37:26 -05:00
Jason Ertel f20feabda2 Reboot to ensure thehive falls in line before kicking off the test 2021-01-06 14:37:26 -05:00
Jason Ertel 9b40318bfe Ensure so-test is logged 2021-01-06 14:37:26 -05:00
Jason Ertel fc44474519 Add eval automation 2021-01-06 14:37:26 -05:00
Jason Ertel 229657f7d2 Use AMI's public IP for external access 2021-01-06 14:37:26 -05:00
Jason Ertel fb28faa4e3 Monitor interface will not always be bond0 - pull correct value from pillar; Replay test data after automated test installations complete. 2021-01-06 14:37:26 -05:00
weslambert 36ae09ac4a Merge pull request #2545 from Security-Onion-Solutions/fix/wazuh_port_reservation 
Reserve port for Wazuh API and check if port is already in use
 2021-01-06 11:49:23 -05:00
weslambert 55344725e7 Merge pull request #2544 from Security-Onion-Solutions/fix/winlog_timestamp 
Set @timestamp to winlog.systemTime
 2021-01-06 11:49:01 -05:00
Wes Lambert 875908dc90 Set @timestamp to winlog.systemTime 2021-01-06 16:47:35 +00:00
Wes Lambert f2b677bfcb Reserve port for Wazuh API and check if port is already in use 2021-01-06 15:52:10 +00:00
m0duspwnens 48f81d9ac6 reduce setting ssh commands down to 1 function and 1 function call 2021-01-06 08:58:33 -05:00
m0duspwnens 94fd79cd28 originally had sshpass package install reveresed, fixed it here 2021-01-06 08:51:33 -05:00
m0duspwnens aecc0c025e fix comment 2021-01-06 08:49:08 -05:00
m0duspwnens 91ad7f26bf no longer need to pass $automated to compare_versions 2021-01-06 08:45:33 -05:00
m0duspwnens 749b21e684 make sure ssh commands get set whether automated install or not 2021-01-05 14:12:43 -05:00
Mike Reeves 1154b533d6 Remove ERSPAN so log doesn't show a warning 2021-01-05 13:56:56 -05:00
m0duspwnens 0f9bf9deb6 make sshcmd, scpcmd, ssh_copy_id_cmd global to so-functions; 2021-01-05 13:49:51 -05:00
m0duspwnens c93dfa7b33 hardcode automation pw 2021-01-05 11:47:22 -05:00
m0duspwnens 81c4d879eb first round of testing for automated testing ssh/scp 2021-01-05 10:26:19 -05:00
Mike Reeves dc429494ac Merge pull request #2370 from Masaya-A/improve/yum 
Make yum removing unneeded packages
 2021-01-05 09:26:04 -05:00
William Wernert 294601ff64 [feat] Reorder network-only prompt 2021-01-04 16:40:16 -05:00
weslambert 707528d7e8 Merge pull request #2530 from Security-Onion-Solutions/fix/strelka_cron_2 
Remove multiple old so-yara-update cron jobs, if needed
 2021-01-04 16:30:22 -05:00
weslambert c1e245043e Remove multiple old so-yara-update cron jobs, if needed 2021-01-04 16:29:32 -05:00
William Wernert f94e421f4e [fix] Fix automation compatibility 2021-01-04 14:46:48 -05:00
William Wernert 9d674d6d3a [feat] Add so-monitor-add script 2021-01-04 13:35:14 -05:00
William Wernert 7bfac1e8df [fix] Don't prompt to only set up network and then skip if network was previously configured 2021-01-04 11:58:25 -05:00
William Wernert 65c3849c7b Merge pull request #2527 from Security-Onion-Solutions/feature/setup 
Feature/setup
 2021-01-04 11:41:07 -05:00
William Wernert f8c7413b15 [fix] Move is_iso variable assignment up 2021-01-04 10:37:07 -05:00
weslambert e51f60f7fa Merge pull request #2521 from Security-Onion-Solutions/fix/strelka_rule_cron 
Remove old Strelka cron job
 2021-01-04 10:19:50 -05:00
weslambert 535820bfa7 Remove old Strelka cron job 2021-01-04 10:18:32 -05:00
William Wernert 0fa001ed92 [fix] Add more logic to network-only process 2021-01-04 09:27:22 -05:00
William Wernert a714d36b99 [fix] Remove condition for stopping SOC, since the parent condition covers what's tested 2021-01-02 21:03:15 -05:00
Jason Ertel 455da7ec5d Only stop SOC if is_manager or is_import 2020-12-31 15:09:22 -05:00
Jason Ertel 4b244645ba so-fleet-setup doesn't need an interactive terminal to run, remove 'it' 2020-12-31 10:52:59 -05:00
Jason Ertel 6b81419d38 tcpreplay doesn't need an interactive terminal to run, remove 'it' 2020-12-30 22:02:19 -05:00
Jason Ertel e167bfed20 Redirect tcpreplay init output to file 2020-12-30 18:48:56 -05:00
Jason Ertel df305c49a6 Stop SOC prior to opening the firewall for analysts, this ensures no outside requests can be processed prior to the server rebooting 2020-12-30 16:33:46 -05:00
William Wernert 3f3fe78322 [fix] Correct reversed logic 2020-12-30 14:01:20 -05:00
Jason Ertel 13f0ddabfc Use manager internal IP for intra-service comms 2020-12-30 12:02:42 -05:00
Jason Ertel 19d14cf277 Fix script typo to correctly run the so-test 2020-12-30 10:31:04 -05:00
Jason Ertel a49ddfb887 Reboot to ensure thehive falls in line before kicking off the test 2020-12-29 20:42:50 -05:00
Jason Ertel 827a571db8 Ensure so-test is logged 2020-12-29 17:25:53 -05:00
Jason Ertel 989e2b8b78 Add eval automation 2020-12-29 16:15:10 -05:00
William Wernert 0a57b78900 [feat] Add option to set up only network on an iso 2020-12-29 12:52:21 -05:00
Jason Ertel 74dd2187fb Use AMI's public IP for external access 2020-12-29 11:16:57 -05:00
Jason Ertel ea5e25c4a5 Monitor interface will not always be bond0 - pull correct value from pillar; Replay test data after automated test installations complete. 2020-12-29 10:34:31 -05:00
William Wernert afe40fe87b Merge pull request #2478 from Security-Onion-Solutions/feature/wait-for-apt 
Feature/wait for apt
 2020-12-28 18:29:20 -05:00
William Wernert e9a6155e44 Merge branch 'dev' into feature/wait-for-apt 2020-12-28 18:26:38 -05:00