securityonion

mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-06 09:12:45 +01:00

Author	SHA1	Message	Date
m0duspwnens	81fcd68e9b	create and use redis:nodes and elasticsearch:nodes pillars	2024-06-20 16:42:11 -04:00
m0duspwnens	55f8303dc2	remove manager and search pipelines from heavynode	2024-06-17 10:06:43 -04:00
m0duspwnens	8f8698fd02	Merge remote-tracking branch 'origin/2.4/dev' into issue/13073	2024-06-12 10:50:18 -04:00
Josh Patterson	092f716f12	Merge pull request #13189 from Security-Onion-Solutions/soupmsgq remove this \n	2024-06-12 10:41:49 -04:00
m0duspwnens	c38f48c7f2	remove this \n	2024-06-12 10:34:32 -04:00
m0duspwnens	98837bc379	this method does not cause soup to fail	2024-06-12 09:11:02 -04:00
m0duspwnens	0f243bb6ec	Merge remote-tracking branch 'origin/2.4/dev' into issue/13073	2024-06-11 16:33:23 -04:00
m0duspwnens	88fc1bbe32	quotes on vars	2024-06-11 16:32:57 -04:00
m0duspwnens	2ecac38f6d	disable logstash on heavynodes	2024-06-11 13:50:29 -04:00
Josh Brower	e90557d7dc	Merge pull request #13179 from Security-Onion-Solutions/2.4/fixintegritycheck Add new bind - suricata all.rules	2024-06-11 13:08:40 -04:00
Josh Patterson	03335cc015	Merge pull request #13182 from Security-Onion-Solutions/dockerup upgrade docker	2024-06-11 11:08:40 -04:00
DefensiveDepth	08d2a6242d	Add new bind - suricata all.rules	2024-06-11 10:03:33 -04:00
m0duspwnens	4b481bd405	add epoch to docker for oracle	2024-06-11 09:41:58 -04:00
m0duspwnens	0b1e3b2a7f	upgrade docker for focal	2024-06-10 16:24:44 -04:00
m0duspwnens	dbd9873450	upgrade docker for jammy	2024-06-10 16:04:11 -04:00
m0duspwnens	c6d0a17669	docker upgrade debian 12	2024-06-10 15:43:29 -04:00
m0duspwnens	adeab10f6d	upgrade docker and containerd.io for oracle	2024-06-10 12:14:27 -04:00
Jason Ertel	7ad6baf483	Merge pull request #13171 from Security-Onion-Solutions/jertel/yaml correct placement of error check override	2024-06-08 08:21:20 -04:00
Jason Ertel	f1638faa3a	correct placement of error check override	2024-06-08 08:18:34 -04:00
Jason Ertel	dea786abfa	Merge pull request #13170 from Security-Onion-Solutions/jertel/yaml gracefully handle missing parent key	2024-06-08 07:49:49 -04:00
Jason Ertel	f96b82b112	gracefully handle missing parent key	2024-06-08 07:44:46 -04:00
Josh Patterson	95fe11c6b4	Merge pull request #13162 from Security-Onion-Solutions/soupmsgq fix elastic templates not loading due to global_override phases	2024-06-07 16:23:03 -04:00
Jason Ertel	f2f688b9b8	Update soup	2024-06-07 16:18:09 -04:00
m0duspwnens	0139e18271	additional description	2024-06-07 16:03:21 -04:00
Mike Reeves	657995d744	Merge pull request #13165 from Security-Onion-Solutions/TOoSmOotH-patch-3 Update defaults.yaml	2024-06-07 15:38:01 -04:00
Mike Reeves	4057238185	Update defaults.yaml	2024-06-07 15:33:49 -04:00
coreyogburn	fb07ff65c9	Merge pull request #13164 from Security-Onion-Solutions/cogburn/tls-options AdditionalCA and InsecureSkipVerify	2024-06-07 13:10:45 -06:00
Mike Reeves	dbc56ffee7	Update defaults.yaml	2024-06-07 15:09:09 -04:00
Corey Ogburn	ee696be51d	Remove rootCA and insecureSkipVerify from SOC defaults	2024-06-07 13:07:04 -06:00
Corey Ogburn	5d3fd3d389	AdditionalCA and InsecureSkipVerify New fields have been added to manager and then duplicated over to SOC's config in the same vein as how proxy was updated earlier this week. AdditionalCA holds the PEM formatted public keys that should be trusted when making requests. It has been implemented for both Sigma's zip downloads and Sigma and Suricata's repository clones and pulls. InsecureSkipVerify has been added to help our users troubleshoot their configuration. Setting it to true will not verify the cert on outgoing requests. Self signed, missing, or invalid certs will not throw an error.	2024-06-07 12:47:09 -06:00
Corey Ogburn	fa063722e1	RootCA and InsecureSkipVerify New empty settings and their annotations.	2024-06-07 09:10:14 -06:00
m0duspwnens	f5cc35509b	fix output alignment	2024-06-07 11:03:26 -04:00
m0duspwnens	d39c8fae54	format output	2024-06-07 09:01:16 -04:00
m0duspwnens	d3b81babec	check for phases with so-yaml, remove if exists	2024-06-06 16:15:21 -04:00
coreyogburn	f35f6bd4c8	Merge pull request #13154 from Security-Onion-Solutions/cogburn/soc-proxy SOC Proxy Setting	2024-06-06 14:03:16 -06:00
Mike Reeves	d5cfef94a3	Merge pull request #13156 from Security-Onion-Solutions/TOoSmOotH-patch-3	2024-06-06 16:01:22 -04:00
Mike Reeves	f37f5ba97b	Update soc_suricata.yaml	2024-06-06 15:57:58 -04:00
Corey Ogburn	42818a9950	Remove proxy from SOC defaults	2024-06-06 13:28:07 -06:00
Corey Ogburn	e85c3e5b27	SOC Proxy Setting The so_proxy value we build during install is now copied to SOC's config.	2024-06-06 11:55:27 -06:00
m0duspwnens	a39c88c7b4	add set to troubleshoot failure	2024-06-06 12:56:24 -04:00
m0duspwnens	73ebf5256a	Merge remote-tracking branch 'origin/2.4/dev' into soupmsgq	2024-06-06 12:44:45 -04:00
Jason Ertel	6d31cd2a41	Merge pull request #13150 from Security-Onion-Solutions/jertel/yaml add ability to retrieve yaml values via so-yaml.py; improve so-minion id matching	2024-06-06 12:09:03 -04:00
Jason Ertel	5600fed9c4	add ability to retrieve yaml values via so-yaml.py; improve so-minion id matching	2024-06-06 11:56:07 -04:00
m0duspwnens	6920b77b4a	fix msg	2024-06-06 11:00:43 -04:00
m0duspwnens	ccd6b3914c	add final msg queue for soup.	2024-06-06 10:33:55 -04:00
Josh Patterson	33a2c5dcd8	Merge pull request #13141 from Security-Onion-Solutions/sotcprp move so-tcpreplay from common state to sensor state	2024-06-05 09:49:39 -04:00
m0duspwnens	f6a8a21f94	remove space	2024-06-05 08:58:46 -04:00
m0duspwnens	ff5773c837	move so-tcpreplay back to common. return empty string if no sensor.interface pillar	2024-06-05 08:56:32 -04:00
m0duspwnens	66f8084916	Merge remote-tracking branch 'origin/2.4/dev' into sotcprp	2024-06-05 08:32:54 -04:00
m0duspwnens	a2467d0418	move so-tcpreplay to sensor state	2024-06-05 08:24:57 -04:00

1 2 3 4 5 ...

15112 Commits