CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-07 17:52:46 +01:00
Code Issues Packages Projects Releases Wiki Activity
6,410 Commits 24 Branches 119 Tags
6ed1cc3875a57b9d760cbbab853e02d03a1818d8
Commit Graph

981 Commits

Author SHA1 Message Date
Mike Reeves
6ed1cc3875 Add Soup Functions 2021-02-22 14:02:37 -05:00
Mike Reeves
d5069d12cf Merge pull request #3071 from Security-Onion-Solutions/delta 
Add acng to import installs for consistency
 2021-02-22 11:34:23 -05:00
Jason Ertel
747d62dae5 Add acng to import installs for consistency 2021-02-22 09:44:24 -05:00
Josh Brower
5ca3dc492c Merge pull request #3061 from Security-Onion-Solutions/foxtrot 
Fix Playbook Fields & Mappings
 2021-02-21 09:40:59 -05:00
Josh Brower
046cc0fbb0 Merge pull request #3052 from Security-Onion-Solutions/feature/sigma-tweaks 
Feature/sigma tweaks
 2021-02-19 15:16:34 -05:00
Josh Brower
8c69e19419 Add sigma refresh script 2021-02-19 15:14:37 -05:00
Josh Brower
2a324eac32 Add sigma refresh script 2021-02-19 15:12:55 -05:00
Jason Ertel
faa78c0e26 Salt doesn't like a name starting with a non alpha-numeric char. Switch back to long if/then format 2021-02-18 14:51:09 -05:00
Jason Ertel
6f7bc650a0 Apply reserved ports if the existing file is 0 bytes 2021-02-18 11:20:13 -05:00
m0duspwnens
7a595df5b6 strelka logrotate - https://github.com/Security-Onion-Solutions/securityonion/issues/2736 2021-02-17 11:17:41 -05:00
m0duspwnens
2b07d89b5a error: /opt/so/conf/sensor-rotate.conf:8 unknown option 'endscript' -- ignoring line 2021-02-17 11:01:18 -05:00
m0duspwnens
e6ae1af85f test rotating strelka log at 100k 2021-02-17 10:47:06 -05:00
m0duspwnens
7099ed4bf5 delete many backup files 2021-02-16 11:55:49 -05:00
m0duspwnens
1ccc5480e1 remove oldest backup 2021-02-16 11:40:45 -05:00
Mike Reeves
5043b970ef Fix tar syntax 2021-02-06 19:14:44 -05:00
Mike Reeves
a3ca84db66 Fix backupdir name state 2021-02-06 15:32:42 -05:00
Mike Reeves
bf79c92456 Lock down Backups folder permissions 2021-02-05 22:31:08 -05:00
Mike Reeves
8f97973fac Lock down Backups folder permissions 2021-02-05 22:17:31 -05:00
Jason Ertel
e427f8178d Implement locking to so-firewall script 2021-02-04 16:06:11 -05:00
Jason Ertel
a13b31fbcc Merge branch 'dev' into automation/ami 2021-02-04 16:05:39 -05:00
Jason Ertel
6b54a29ac7 Remove 'new user' references from so-user 2021-02-03 15:23:58 -05:00
William Wernert
8d01b87ab5 Merge branch 'dev' into foxtrot 2021-02-01 13:56:33 -05:00
William Wernert
daebe90b6e [fix] fix retry command handling 
* use eval "$cmd" to handle strings correctly
* add-apt-repo doesn't need dpkg lock so don't use retry for those lines
 2021-02-01 12:06:19 -05:00
William Wernert
44617fdddf [fix] Run command being retried within quotes 2021-02-01 11:28:28 -05:00
William Wernert
36ce389202 Remove wait_for_apt, use common retry function to run apt commands 2021-02-01 10:55:14 -05:00
Mike Reeves
18f2c7b482 Raid Setup for Appliances 2021-01-29 16:03:18 -05:00
Jason Ertel
2926527ad0 Place sig keys in same dir as other sig files 2021-01-29 13:21:58 -05:00
Jason Ertel
73909c4dea Place sig keys in same dir as other sig files 2021-01-29 13:00:56 -05:00
Jason Ertel
c055427e40 Add support for image key/sig retries 2021-01-29 11:18:06 -05:00
William Wernert
f5c044e3e3 [fix] Log directory fixes 
* The playbook log dir is owned by the socore group, so we can use `su root socore`
* Addresses https://github.com/Security-Onion-Solutions/securityonion/pull/2681#issuecomment-767761670
---
* influxdb runs as root, so we can set the log directory permissions to 755 for this service
 2021-01-26 16:07:34 -05:00
Mike Reeves
3b1cea94d1 Merge branch 'dev' into telegraf3 2021-01-25 19:36:49 -05:00
Mike Reeves
4ef38f8d04 Add EPS and RAID status collection for telegraf 2021-01-25 19:14:46 -05:00
m0duspwnens
944817732b grep for the scrip to be running https://github.com/Security-Onion-Solutions/securityonion/issues/2722 2021-01-25 15:22:04 -05:00
William Wernert
59a4b148bc Merge branch 'dev' into logrotate-fix 2021-01-22 15:20:55 -05:00
William Wernert
2159914742 Merge pull request #2708 from Security-Onion-Solutions/bugfix/telegraf-zombie-procs 
Bugfix/telegraf zombie procs
 2021-01-22 15:20:09 -05:00
Jason Ertel
47d69bbc9e Move from quay.io to ghcr.io 2021-01-22 13:53:49 -05:00
William Wernert
7273c8a066 [fix] Also rotate stenographer log as per #2681 2021-01-22 12:46:21 -05:00
Masaya-A
f156106e57 Update salt/common/files/log-rotate.conf 
Co-authored-by: William Wernert <william.wernert@gmail.com>
 2021-01-22 09:29:08 +09:00
Wes Lambert
9a91674688 Add reserved ports file for sysctl 2021-01-21 13:18:22 +00:00
Wes Lambert
74e315841a Modify common to reserve Docker proxy ports 2021-01-21 13:17:16 +00:00
Josh Patterson
e7e6243399 Merge pull request #2689 from Security-Onion-Solutions/issue/2679 
Issue/2679
 2021-01-20 15:14:38 -05:00
m0duspwnens
b693373d8d change how we allow or disallow states to be run https://github.com/Security-Onion-Solutions/securityonion/issues/2679 2021-01-20 15:09:53 -05:00
Jason Ertel
58f922aac3 Skip image pull if so-tcpreplay image already exists and is current 2021-01-20 11:17:10 -05:00
Masaya-A
d53945888c Add sensoroni dir 2021-01-20 14:54:55 +09:00
Masaya-A
d3d11ff67b Delete some directories 
Delete some directories that should not be handled by common-rotate.
 2021-01-20 13:42:20 +09:00
Masaya-A
b2b221fa46 Specify the file name for Suricata 
stats.log will be rotated by surirotate
 2021-01-20 13:20:04 +09:00
Masaya-A
e20891ac44 Fix spacing 2021-01-20 13:10:33 +09:00
Masaya-A
8cca792a8f To avoid lots of "[stenoloss.sh] <defunct>" 2021-01-20 12:16:17 +09:00
Masaya-A
5dad143c42 Need full path in order to work on cron 2021-01-20 12:14:09 +09:00
Jason Ertel
d91913e58e Redirect tcpreplay warnings to dev null when running so-test 2021-01-18 21:42:50 -05:00