CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2026-04-25 14:07:49 +02:00
Code Issues Packages Projects Releases Wiki Activity
13,897 Commits 40 Branches 125 Tags
85649da2cb02fdf0212ce023662dff38c08c9519
Commit Graph

962 Commits

Author SHA1 Message Date
weslambert 02baa18502 Add metrics 2023-11-08 22:41:24 -05:00
weslambert e39edab00d Exclude osquery and display failed name 2023-11-08 20:55:08 -05:00
weslambert acb6e84248 Don't load index template if component template doesn't exist 2023-11-08 20:34:08 -05:00
Jason Ertel 32079a7bce Merge pull request #11734 from Security-Onion-Solutions/fix/elastic_scripts 
Improve error handling and add retry logic
 2023-11-08 12:19:00 -05:00
Jason Ertel d256be3eb3 allow template loads to partially succeed only on the initial attempt 2023-11-08 10:32:11 -05:00
Wes 653fda124f Check expected with retry 2023-11-08 13:02:17 +00:00
Wes b46e86c39b Extend index template loading to 60 attempts and a total of ~5 minutes 2023-11-08 02:29:09 +00:00
Wes de9f9549af Extend template loading to 24 attempts and a total of ~2 minutes 2023-11-07 23:55:03 +00:00
weslambert 749e22e4b9 Fix if statement 2023-11-07 17:29:38 -05:00
weslambert 69ec1987af Fix if statement 2023-11-07 17:28:37 -05:00
Wes 570624da7e Remove RETURN_CODE 2023-11-07 21:09:29 +00:00
Wes 7772657b4b Remove RETURN_CODE 2023-11-07 21:06:35 +00:00
Wes 1676c84f9c Use the retry function so-elasticsearch-query 2023-11-07 19:56:50 +00:00
weslambert 1dcca0bfd3 Change pipeline to 1.13.1 2023-11-07 12:17:51 -05:00
Wes 0b4a246ddb State file changes and retry logic 2023-11-07 16:44:42 +00:00
weslambert cce80eb2fb Change pipeline to 1.8.0 2023-11-07 09:02:48 -05:00
Wes c30a0d5b5b Better error handling and state file management 2023-11-06 14:29:01 +00:00
Wes 74eda68d84 Exit if unable to communicate with Elasticsearch 2023-11-06 13:16:35 +00:00
Mike Reeves 3d8663db66 Update soc_elasticsearch.yaml 2023-11-03 11:29:45 -04:00
Wes 5bfef3f527 Add checkpoint and vsphere templates 2023-11-02 21:10:01 +00:00
weslambert 51e7861757 Don't source so-elastic-fleet-common if not there 2023-11-02 16:41:34 -04:00
Wes ae45d40eca Add Sublime Platform ingest pipeline 2023-11-01 13:34:30 +00:00
weslambert c354924b68 Add import roles 2023-10-31 10:05:29 -04:00
weslambert ed6473a34b Add roles for eval mode 2023-10-30 20:41:49 -04:00
weslambert 76dd6f07ab Remove policy for OSQuery manager indices 2023-10-27 17:26:33 -04:00
weslambert c955f9210a Remove policy for Cases indices 2023-10-27 17:24:27 -04:00
Mike Reeves 25f1a0251f Annotation changes for warm node 2023-10-27 09:08:07 -04:00
Mike Reeves 87494f64c7 Annotation changes for warm node 2023-10-27 09:06:12 -04:00
Mike Reeves ce1858fe05 Annotation changes for warm node 2023-10-27 09:02:39 -04:00
Mike Reeves 9fc3a73035 Annotation changes for warm node 2023-10-27 08:58:08 -04:00
Mike Reeves b37e38e3c3 Update defaults.yaml 2023-10-26 16:03:58 -04:00
Mike Reeves 2e0100fd35 Update defaults.yaml 2023-10-26 12:37:55 -04:00
Wes 891ea997e7 Add lifecycle policies and warm settings 2023-10-26 12:25:37 +00:00
Mike Reeves 01810a782c Annotation changes for warm node 2023-10-25 16:46:30 -04:00
Mike Reeves 6d6292714f Annotation changes for warm node 2023-10-25 16:21:47 -04:00
Mike Reeves 88fb7d06e6 Annotation changes for warm node 2023-10-25 16:20:28 -04:00
Josh Patterson 39abe19cfd Update config.map.jinja 2023-10-25 16:17:06 -04:00
Josh Patterson 807b40019f Update soc_elasticsearch.yaml 2023-10-25 16:16:48 -04:00
Josh Patterson 5f168a33ed Update defaults.yaml 2023-10-25 16:16:01 -04:00
Mike Reeves d1170cb69f Update soc_elasticsearch.yaml 2023-10-25 16:05:20 -04:00
m0duspwnens 19fdc9319b fix role update 2023-10-25 15:58:26 -04:00
Josh Patterson af4b34801f Update defaults.yaml 2023-10-25 15:48:27 -04:00
Josh Patterson 1ae8896a05 Update config.map.jinja 2023-10-25 15:47:40 -04:00
Mike Reeves 6fb0c5dbfe Annotation changes for warm node 2023-10-25 15:37:36 -04:00
Mike Reeves a887551dad Annotation changes for warm node 2023-10-25 15:22:47 -04:00
weslambert 660020cc76 Parse pkt_src for Suricata logs 2023-10-23 15:45:41 -04:00
Wes 28b7a24cc1 Add templates for integrations 2023-10-18 20:36:04 +00:00
Wes 0bba68769b Make scan.pe.image_version type of 'float' 2023-09-26 14:05:12 +00:00
Wes 2e0ea3f374 Set final pipeline 2023-09-19 13:33:12 +00:00
Wes 508260bd46 Use event.created for timestamp 2023-09-19 13:32:03 +00:00