CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-17 22:42:51 +01:00
Code Issues Packages Projects Releases Wiki Activity
14,673 Commits 18 Branches 120 Tags
86b984001d4088eb24449f522ded6c6ebc616f37
Commit Graph

14673 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
m0duspwnens
86b984001d annotations and enable/disable from ui 2024-04-10 10:39:06 -04:00
m0duspwnens
fa7f8104c8 Merge remote-tracking branch 'origin/reyesj2/kafka' into kaffytaffy 2024-04-09 11:13:02 -04:00
m0duspwnens
bd5fe43285 jinja config files 2024-04-09 11:07:53 -04:00
m0duspwnens
d38051e806 fix client and server properties formatting 2024-04-09 10:36:37 -04:00
m0duspwnens
daa5342986 items not keys in for loop 2024-04-09 10:22:05 -04:00
m0duspwnens
c48436ccbf fix dict update 2024-04-09 10:19:17 -04:00
m0duspwnens
7aa00faa6c fix var 2024-04-09 09:31:54 -04:00
m0duspwnens
6217a7b9a9 add defaults and jijafy kafka config 2024-04-09 09:27:21 -04:00
reyesj2
d67ebabc95 Remove logstash output to kafka pipeline. Add additional topics for searchnodes to ingest and add partition/offset info to event 
Signed-off-by: reyesj2 <94730068+reyesj2@users.noreply.github.com>
 2024-04-08 16:38:03 -04:00
reyesj2
65274e89d7 Add client_id to logstash pipeline. To identify which searchnode is pulling messages 
Signed-off-by: reyesj2 <94730068+reyesj2@users.noreply.github.com>
 2024-04-05 15:38:00 -04:00
reyesj2
721e04f793 initial logstash input from kafka over ssl 
Signed-off-by: reyesj2 <94730068+reyesj2@users.noreply.github.com>
 2024-04-05 13:37:14 -04:00
reyesj2
433309ef1a Generate kafka cluster id if it doesn't exist 
Signed-off-by: reyesj2 <94730068+reyesj2@users.noreply.github.com>
 2024-04-05 09:35:12 -04:00
reyesj2
735cfb4c29 Autogenerate kafka topics when a message it sent to non-existing topic 
Signed-off-by: reyesj2 <94730068+reyesj2@users.noreply.github.com>
 2024-04-04 16:45:58 -04:00
reyesj2
6202090836 Merge remote-tracking branch 'origin/kaffytaffy' into reyesj2/kafka 2024-04-04 16:27:06 -04:00
reyesj2
436cbc1f06 Add kafka signing_policy for client/server auth. Add kafka-client cert on manager so manager can interact with kafka using its own cert 
Signed-off-by: reyesj2 <94730068+reyesj2@users.noreply.github.com>
 2024-04-04 16:21:29 -04:00
reyesj2
40b08d737c Generate kafka keystore on changes to kafka.key 
Signed-off-by: reyesj2 <94730068+reyesj2@users.noreply.github.com>
 2024-04-04 16:16:53 -04:00
m0duspwnens
4c5b42b898 restart container on server config changes 2024-04-04 15:47:01 -04:00
m0duspwnens
7a6b72ebac add so-kafka to manager for firewall 2024-04-04 15:46:11 -04:00
m0duspwnens
1b8584d4bb allow manager to manager on kafka ports 2024-04-03 15:36:35 -04:00
reyesj2
13105c4ab3 Generate certs for use with elasticfleet kafka output policy 
Signed-off-by: reyesj2 <94730068+reyesj2@users.noreply.github.com>
 2024-04-03 14:34:07 -04:00
reyesj2
dc27bbb01d Set kafka heap size. To be later configured from SOC 
Signed-off-by: reyesj2 <94730068+reyesj2@users.noreply.github.com>
 2024-04-03 14:30:52 -04:00
m0duspwnens
b863060df1 kafka broker and listener on 0.0.0.0 2024-04-03 11:05:24 -04:00
m0duspwnens
18f95e867f port 9093 for kafka docker 2024-04-03 10:24:53 -04:00
m0duspwnens
ed6137a76a allow sensor and searchnode to connect to manager kafka ports 2024-04-03 10:24:10 -04:00
m0duspwnens
c3f02a698e add kafka nodes as extra hosts for the container 2024-04-03 10:23:36 -04:00
m0duspwnens
db106f8ca1 listen on 0.0.0.0 for CONTROLLER 2024-04-03 10:22:47 -04:00
m0duspwnens
8e47cc73a5 kafka.nodes pillar to lf 2024-04-03 08:54:17 -04:00
m0duspwnens
639bf05081 add so-manager to kafka.nodes pillar 2024-04-03 08:52:26 -04:00
m0duspwnens
4e142e0212 put alphabetical 2024-04-02 16:47:35 -04:00
m0duspwnens
c9bf1c86c6 Merge remote-tracking branch 'origin/reyesj2/kafka' into kaffytaffy 2024-04-02 16:40:47 -04:00
reyesj2
82830c8173 Fix typos and fix error related to elasticsearch saltstate being called from logstash state. Logstash will be removed from kafkanodes in future 
Signed-off-by: reyesj2 <94730068+reyesj2@users.noreply.github.com>
 2024-04-02 16:37:39 -04:00
reyesj2
7f5741c43b Fix kafka storage setup 
Signed-off-by: reyesj2 <94730068+reyesj2@users.noreply.github.com>
 2024-04-02 16:36:22 -04:00
reyesj2
643d4831c1 CRLF -> LF 
Signed-off-by: reyesj2 <94730068+reyesj2@users.noreply.github.com>
 2024-04-02 16:35:14 -04:00
reyesj2
b032eed22a Update kafka to use manager docker registry 
Signed-off-by: reyesj2 <94730068+reyesj2@users.noreply.github.com>
 2024-04-02 16:34:06 -04:00
reyesj2
1b49c8540e Fix kafka keystore script 
Signed-off-by: reyesj2 <94730068+reyesj2@users.noreply.github.com>
 2024-04-02 16:32:15 -04:00
m0duspwnens
f7534a0ae3 make manager download so-kafka container 2024-04-02 16:01:12 -04:00
m0duspwnens
780ad9eb10 add kafka to manager nodes 2024-04-02 15:50:25 -04:00
m0duspwnens
e25bc8efe4 Merge remote-tracking branch 'origin/reyesj2/kafka' into kaffytaffy 2024-04-02 13:36:47 -04:00
reyesj2
26abe90671 Removed duplicate kafka setup 
Signed-off-by: reyesj2 <94730068+reyesj2@users.noreply.github.com>
 2024-04-02 12:19:46 -04:00
Doug Burks
23a6c4adb6 Merge pull request #12725 from Security-Onion-Solutions/dougburks-patch-1 
FEATURE: Add Events table columns for event.module strelka #12716
 2024-04-02 10:54:15 -04:00
Doug Burks
2f03cbf115 FEATURE: Add Events table columns for event.module strelka #12716 2024-04-02 10:42:20 -04:00
Doug Burks
a678a5a416 Merge pull request #12724 from Security-Onion-Solutions/dougburks-patch-1 
FEATURE: Add Events table columns for event.module strelka #12716
 2024-04-02 10:15:20 -04:00
Doug Burks
b2b54ccf60 FEATURE: Add Events table columns for event.module strelka #12716 2024-04-02 10:11:16 -04:00
Doug Burks
55e71c867c Merge pull request #12723 from Security-Onion-Solutions/dougburks-patch-1 
FEATURE: Add Events table columns for event.module playbook #12703
 2024-04-02 10:04:21 -04:00
Doug Burks
6c2437f8ef FEATURE: Add Events table columns for event.module playbook #12703 2024-04-02 09:55:56 -04:00
Doug Burks
261f2cbaf7 Merge pull request #12722 from Security-Onion-Solutions/dougburks-patch-1 
FEATURE: Add Events table columns for event.module strelka #12716
 2024-04-02 09:43:15 -04:00
Doug Burks
505eeea66a Update defaults.yaml 2024-04-02 09:39:54 -04:00
Josh Brower
1001aa665d Merge pull request #12720 from Security-Onion-Solutions/2.4/detections-defaults 
Add default columns
 2024-04-02 09:21:06 -04:00
DefensiveDepth
7f488422b0 Add default columns 2024-04-02 09:13:27 -04:00
coreyogburn
65f6b7022c Merge pull request #12702 from Security-Onion-Solutions/cogburn/yaml-fix 
Correct YAML
 2024-03-29 15:59:34 -06:00