CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2026-05-06 19:38:51 +02:00
Code Issues Packages Projects Releases Wiki Activity
18,036 Commits 51 Branches 125 Tags
7d07f3c8fe1f1d7317aa4ac4bb7d4d345ccd158d
Commit Graph

121 Commits

Author SHA1 Message Date
Mike Reeves 868cd11874 Add so-postgres Salt states and integration wiring 
Phase 1 of the PostgreSQL central data platform:
- Salt states: init, enabled, disabled, config, ssl, auth, sostatus
- TLS via SO CA-signed certs with postgresql.conf template
- Two-tier auth: postgres superuser + so_postgres application user
- Firewall restricts port 5432 to manager-only (HA-ready)
- Wired into top.sls, pillar/top.sls, allowed_states, firewall
  containers map, docker defaults, CA signing policies, and setup
  scripts for all manager-type roles
 2026-04-08 10:58:52 -04:00
Josh Patterson cceaebe350 remove restriction of mmap locked on suricata ulimits 2026-03-19 09:42:39 -04:00
Josh Patterson db81834e06 fix indentation to match prior indentation 2026-03-18 15:44:49 -04:00
Josh Patterson 0814f34f0e don't define zeek nofile, already uses docker default 2026-03-18 13:13:06 -04:00
Josh Patterson 74ad2990a7 Merge remote-tracking branch 'origin/3/dev' into delta 2026-03-18 13:05:02 -04:00
Josh Patterson 057ec6f0f1 ensure valid ulimit names 2026-03-18 12:49:46 -04:00
Josh Patterson cacae12ba3 remove .jinja from daemon.json 2026-03-18 11:08:33 -04:00
Josh Patterson e19e83bebb allow user defined ulimits 2026-03-18 10:38:15 -04:00
Doug Burks 930985b770 update helpLink references for new documentation 2026-03-18 09:46:45 -04:00
Josh Patterson 00986dc2fd Merge remote-tracking branch 'origin/delta' into customulimit 2026-03-17 16:04:09 -04:00
Josh Patterson d60bef1371 add spft/hard ulimits 2026-03-17 16:00:09 -04:00
Mike Reeves 2d97dfc8a1 Add customizable ulimit settings for all Docker containers 
Add ulimits as a configurable advanced setting for every container,
allowing customization through the web UI. Move hardcoded ulimits
from elasticsearch and zeek into defaults.yaml and fix elasticsearch
ulimits that were incorrectly nested under the environment key.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-03-17 15:10:42 -04:00
Josh Patterson d6263812a6 move daemon.json to docker/files 2026-03-17 15:09:09 -04:00
Josh Patterson ef7d1771ab DOCKER TO DOCKERMERGED 2026-03-17 15:08:10 -04:00
Josh Patterson 4dc377c99f DOCKER to DOCKERMERGED 2026-03-17 15:06:06 -04:00
Mike Reeves afc14ec29d Remove non-Oracle Linux 9 support from salt states 
Simplifies salt states, map files, and modules to only support
Oracle Linux 9, removing all Debian/Ubuntu/CentOS/Rocky/AlmaLinux/RHEL
conditional branches.
 2026-03-16 16:58:39 -04:00
Jason Ertel 71839bc87f remove steno 2026-03-06 15:45:36 -05:00
Josh Patterson 8cc8a63a4e upgrade docker 2026-02-20 07:59:07 -05:00
Josh Patterson b349d27e8c upgrade docker 2026-02-19 17:12:39 -05:00
Josh Patterson d0018c9333 upgrade docker 2026-02-18 15:52:37 -05:00
Josh Patterson 32819c8635 upgrade docker 2026-02-18 14:20:17 -05:00
Josh Patterson ba62a8c10c need to restart docker service if ca changes 2025-12-12 18:50:22 -05:00
Josh Patterson 9960db200c Merge remote-tracking branch 'origin/2.4/dev' into bravo 2025-12-11 17:30:43 -05:00
Josh Patterson b9ff1704b0 the great ssl refactor 2025-12-11 17:30:06 -05:00
DefensiveDepth a77157391c remove idstools 2025-09-17 10:42:05 -04:00
reyesj2 96c56297ce external access via user/pass 2025-04-09 22:08:13 -05:00
Mike Reeves e4db2f4819 Update defaults.yaml 2024-12-10 17:19:15 -05:00
Jason Ertel 5e6dd2e8b3 connect 2024-10-23 16:49:02 -04:00
Jason Ertel 1537b69457 connect wip 2024-10-17 11:25:40 -04:00
Jason Ertel 523ff66389 connect work 2024-10-16 13:44:01 -04:00
m0duspwnens 2394488c92 update docker 27.2.0-1 and containerd.io 1.7.21 2024-09-04 09:38:17 -04:00
reyesj2 2bc53f9868 Merge remote-tracking branch 'remotes/origin/2.4/dev' into reyesj2/kafka 2024-06-12 12:36:58 -04:00
m0duspwnens 4b481bd405 add epoch to docker for oracle 2024-06-11 09:41:58 -04:00
m0duspwnens 0b1e3b2a7f upgrade docker for focal 2024-06-10 16:24:44 -04:00
m0duspwnens dbd9873450 upgrade docker for jammy 2024-06-10 16:04:11 -04:00
m0duspwnens c6d0a17669 docker upgrade debian 12 2024-06-10 15:43:29 -04:00
m0duspwnens adeab10f6d upgrade docker and containerd.io for oracle 2024-06-10 12:14:27 -04:00
reyesj2 dff609d829 Add basic read-only metric collection from Kafka 
Signed-off-by: reyesj2 <94730068+reyesj2@users.noreply.github.com>
 2024-05-08 16:13:09 -04:00
reyesj2 e960ae66a3 Merge remote-tracking branch 'remotes/origin/2.4/dev' into reyesj2/kafka 2024-05-02 15:12:27 -04:00
m0duspwnens 73b5bb1a75 add memlock to so-suricata container 2024-04-24 15:35:17 -04:00
m0duspwnens 18f95e867f port 9093 for kafka docker 2024-04-03 10:24:53 -04:00
m0duspwnens e25bc8efe4 Merge remote-tracking branch 'origin/reyesj2/kafka' into kaffytaffy 2024-04-02 13:36:47 -04:00
DefensiveDepth d7ecad4333 Initial cut to remove Playbook and deps 2024-03-25 19:42:31 -04:00
reyesj2 446f1ffdf5 merge 2.4/dev 
Signed-off-by: reyesj2 <94730068+reyesj2@users.noreply.github.com>
 2024-03-25 13:55:48 -04:00
m0duspwnens ae32ac40c2 add fleet node nginx to docker annotations 2024-01-31 16:28:45 -05:00
m0duspwnens 2f03248612 use different nginx defaults for so-fleet node hosting artifacts 2024-01-31 16:25:09 -05:00
Wes d203aec44a Remove Curator 2023-12-08 19:37:06 +00:00
reyesj2 8cf29682bb Update to merge in 2.4/dev 
Signed-off-by: reyesj2 <94730068+reyesj2@users.noreply.github.com>
 2023-11-29 13:41:23 -05:00
reyesj2 86dc7cc804 Kafka init 
Signed-off-by: reyesj2 <94730068+reyesj2@users.noreply.github.com>
 2023-11-29 13:34:25 -05:00
m0duspwnens c3cde61202 docker service watches and requires the intca 2023-10-18 15:01:26 -04:00