CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-24 09:53:12 +01:00
Code Issues Packages Projects Releases Wiki Activity
7,642 Commits 19 Branches 120 Tags
8cd2bc7c13cce240cab39441edd99f4329b5bb1f
Commit Graph

4385 Commits

Author SHA1 Message Date
m0duspwnens
8cd2bc7c13 adding so-eval to ES_INCLUDED_NODES 2021-06-17 09:37:21 -04:00
m0duspwnens
2a5198cae4 change perms to resolve error about module-setup.yml being 660 2021-06-17 08:49:21 -04:00
Jason Ertel
059b016c62 Fix require statement 2021-06-16 21:48:31 -04:00
Jason Ertel
2d34208269 Elastic auth: Fun with Salt 2021-06-16 17:52:22 -04:00
Jason Ertel
fefd2677fb Only include so-common if available. It only is used for requiring root, but since this script is needed before common is installed, we can safely assume that it's being run as root already (during the install) 2021-06-16 14:26:26 -04:00
Jason Ertel
a323aeb8fa Allow so-elastic-auth to run before common even though the script has dependency on a common-provided script (benign error). This is needed first since common will need to know if auth is enabled 2021-06-16 14:23:58 -04:00
Jason Ertel
dd14235e31 Accept either 200 or 401 instead of wasting 3 minutes waiting for this to timeout 2021-06-16 11:39:21 -04:00
Jason Ertel
09fbb045a1 If ES auth disabled ensure user/pass are blank 2021-06-16 09:59:57 -04:00
Jason Ertel
989f9dce42 Ensure sqlite.db exists before querying it; Execute so-elastic-auth after common state has been applied and redirect output to setup log 2021-06-15 16:57:13 -04:00
Jason Ertel
b95437347e Upgrade ES to 7.13.2 2021-06-15 12:50:57 -04:00
Jason Ertel
dd8eb29a18 Continue merge of ECS into Elastic Auth 2021-06-15 09:11:58 -04:00
Jason Ertel
3891ca2929 Use correct mode param to file.recurse 2021-06-14 15:46:25 -04:00
Jason Ertel
62187807f0 Specify elastic creds for playbook alert templates 2021-06-14 14:08:14 -04:00
Jason Ertel
37f4caf536 Make new ECS changes Elastic-auth compatible 2021-06-14 12:13:50 -04:00
Jason Ertel
fca1c6e957 Merge branch 'dev' into kilo 2021-06-14 10:40:04 -04:00
m0duspwnens
fd5d540c78 update roles that include es state 2021-06-14 10:00:19 -04:00
m0duspwnens
d2069dc5f2 update roles that include es state 2021-06-14 09:58:50 -04:00
m0duspwnens
5941332d49 fix two bugs 2021-06-14 08:51:29 -04:00
m0duspwnens
f7600af89b dont loop if modules arent defined for the node 2021-06-11 13:52:33 -04:00
Josh Patterson
c2339c84e7 Merge branch 'dev' into hotfix/soup_salt 2021-06-10 15:48:00 -04:00
Jason Ertel
7205c5cb7b Provide timestamp as arg to SOC PCAP pivots 2021-06-10 15:21:03 -04:00
Mike Reeves
a2e1b1de3a Merge pull request #4484 from Security-Onion-Solutions/pipeline 
Pipeline
 2021-06-10 13:41:14 -04:00
m0duspwnens
e64059bd7b remove unneeded function 2021-06-10 09:31:10 -04:00
m0duspwnens
46b1de97f5 change function name 2021-06-10 09:30:03 -04:00
Mike Reeves
12d4d4a4f7 Dynamix Pipelines take 2 2021-06-10 09:19:15 -04:00
Jason Ertel
89a02383b8 Correct cronjob path issue for sysctl; suppress diff outputs from users/roles files; suppress salt state output during user sync 2021-06-09 16:31:32 -04:00
Mike Reeves
7fba904f75 Dynamix Pipelines take 1 2021-06-09 15:32:39 -04:00
Mike Reeves
1c7741fdbe Add templates for SO logs 2021-06-09 12:38:19 -04:00
Mike Reeves
4c90a0ed7e Add templates for SO logs 2021-06-09 12:04:32 -04:00
m0duspwnens
a82b174826 perform the repo changes for any upgrade 2021-06-09 11:53:10 -04:00
Mike Reeves
579ff8c0b4 Add verbosity to checkin 2021-06-09 11:40:17 -04:00
Mike Reeves
264080546c Add log path 2021-06-09 11:37:27 -04:00
Jason Ertel
a0c65e2333 Ensure elastic minions also update their auth files 2021-06-09 09:38:50 -04:00
Jason Ertel
dd73ad544c Rename PATH var to avoid collision with OS PATH var; wrapped password var in quotes to support spaces in Fleet/TheHive passwords 2021-06-09 09:06:29 -04:00
Mike Reeves
88eea03f97 Revert to SO taxonomy for zeek and suricata 2021-06-08 13:36:50 -04:00
Mike Reeves
a959ec1eb1 Revert to SO taxonomy for zeek and suricata 2021-06-08 13:23:31 -04:00
Mike Reeves
3e138cbc6d Revert to SO taxonomy for zeek and suricata 2021-06-08 13:14:46 -04:00
Jason Ertel
9b61723194 Merge branch 'dev' into kilo 2021-06-08 11:04:09 -04:00
Jason Ertel
d2381b0209 Ensure empty/aborted users/roles files do not get copied onto final filenames 2021-06-08 11:03:56 -04:00
Mike Reeves
4972f69dd6 Merge remote-tracking branch 'remotes/origin/dev' into pipeline 2021-06-08 11:03:14 -04:00
Mike Reeves
56eb220ed6 Revert to SO taxonomy for zeek and suricata 2021-06-08 09:52:05 -04:00
Jason Ertel
343c47d67a Add so-elasticsearch-query tool 2021-06-07 17:26:07 -04:00
Jason Ertel
e53f2217ec Add so-elasticsearch-query tool 2021-06-07 17:24:22 -04:00
William Wernert
9f2adfb67a Merge branch 'master' into merge_2.3.52 
# Conflicts:
#	VERSION
 2021-06-07 14:08:17 -04:00
Jason Ertel
fdab17a3b9 Due to dir ownership restrictions need to run crossthestreams and eval as root 2021-06-06 16:36:35 -04:00
Jason Ertel
bebba7d280 Switch ownership of curl config to socore 2021-06-06 07:43:53 -04:00
Jason Ertel
11b2b2a893 Switch ownership of curl config to socore 2021-06-06 05:42:34 -04:00
Jason Ertel
ba29b5e036 Do not apply salt state if already applying a state 2021-06-04 21:56:41 -04:00
Jason Ertel
e22421ec99 Refactor users/roles management via salt due to Salt's clobbering of the inode which breaks Docker mounts 2021-06-04 20:01:30 -04:00
Jason Ertel
416b38fc71 Use cronjob to ensure user synchronization 2021-06-04 11:24:58 -04:00