CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-30 04:43:14 +01:00
Code Issues Packages Projects Releases Wiki Activity
15,429 Commits 20 Branches 120 Tags
91b2e7d400ccbd0116bb887c58ff521fd05d80c2
Commit Graph

9730 Commits

Author SHA1 Message Date
m0duspwnens
91b2e7d400 Merge remote-tracking branch 'origin/2.4/dev' into silsll 2024-07-16 14:06:56 -04:00
m0duspwnens
34c3a58efe add cold policy 2024-07-16 14:03:48 -04:00
Josh Patterson
a867557f54 Merge pull request #13353 from Security-Onion-Solutions/fci 
fix custom indices
 2024-07-16 13:18:11 -04:00
m0duspwnens
b814f32e0a fix custom indices 2024-07-16 12:39:30 -04:00
Corey Ogburn
d0565baaa3 New Config Values for Detections Bulk Indexer 
`maxScrollSize` defines the "page size" of each scroll request.

`bulkIndexerWorkerCount` defines how many worker threads a bulk indexer should use. 0 or fewer indicates that 1 thread per CPU core should be used.
 2024-07-15 14:43:47 -06:00
Doug Burks
3991c7b5fe FEATURE: Add new action to SOC Actions list to allow users to more easily add their own actions #13346 2024-07-15 15:52:00 -04:00
weslambert
bf07d56da6 Merge pull request #13341 from Security-Onion-Solutions/revert-13323-fix/agent_pipeline 
Revert "Change pipeline version for agent"
 2024-07-15 11:38:56 -04:00
weslambert
cdbffa2323 Merge pull request #13342 from Security-Onion-Solutions/revert-13316-foxtrot 
Revert "Elastic 8.14.2"
 2024-07-15 11:38:48 -04:00
Josh Patterson
55469ebd24 Merge pull request #13340 from Security-Onion-Solutions/surianno 
force var to be list of string
 2024-07-15 11:34:00 -04:00
weslambert
4e81860a13 Revert "Change pipeline version for agent" 2024-07-15 11:33:52 -04:00
m0duspwnens
a23789287e force var to be list of string 2024-07-15 11:29:47 -04:00
weslambert
fe1824aedd Revert "Elastic 8.14.2" 2024-07-15 11:28:59 -04:00
Jorge Reyes
e58b2c45dd Merge pull request #13335 from Security-Onion-Solutions/reyesj2/kgz 
FIX: Kafka configuration updates
 2024-07-12 15:55:43 -04:00
reyesj2
5d322ebc0b Allow searchnodes to run kafka.ssl state for kafka-logstash cert generation 
Signed-off-by: reyesj2 <94730068+reyesj2@users.noreply.github.com>
 2024-07-12 14:45:11 -04:00
reyesj2
7ea8d5efd0 Remove redis input pipeline from searchnodes when global pipeline is Kafka 
Signed-off-by: reyesj2 <94730068+reyesj2@users.noreply.github.com>
 2024-07-12 14:44:10 -04:00
reyesj2
4182ff66a0 rearrange kafka pillar, declutters SOC ui 
Signed-off-by: reyesj2 <94730068+reyesj2@users.noreply.github.com>
 2024-07-11 16:37:16 -04:00
reyesj2
ff29d9ca51 Update log-check to ignore kafka data directories 
Signed-off-by: reyesj2 <94730068+reyesj2@users.noreply.github.com>
 2024-07-11 10:23:51 -04:00
reyesj2
4a88dedcb8 Fixin kafka.ssl state and include name for kafka_user 
Signed-off-by: reyesj2 <94730068+reyesj2@users.noreply.github.com>
 2024-07-10 16:18:46 -04:00
reyesj2
cfe5c1d76a remove elasticsearch.ca from receiver allowed_states. Replaced by generated kafka trust 
Signed-off-by: reyesj2 <94730068+reyesj2@users.noreply.github.com>
 2024-07-10 13:24:02 -04:00
weslambert
d432019ad9 Change version from 1.13.1 to 1.20.0 2024-07-10 12:48:08 -04:00
reyesj2
0d8fd42be3 update pillarwatch engine 
Signed-off-by: reyesj2 <94730068+reyesj2@users.noreply.github.com>
 2024-07-10 11:37:07 -04:00
reyesj2
d5faf535c3 Only interact with logstash configuration when Kafka pipeline is enabled otherwise leave it default 
Signed-off-by: reyesj2 <94730068+reyesj2@users.noreply.github.com>
 2024-07-10 11:36:44 -04:00
reyesj2
8e1edd1d91 split Kafka ssl from ssl/init. Certs won't be generated until Kafka is enabled. Also runs some clean up for old Kafka certs 
Signed-off-by: reyesj2 <94730068+reyesj2@users.noreply.github.com>
 2024-07-10 11:32:43 -04:00
reyesj2
d791b23838 Generate new Kafka truststore 
Signed-off-by: reyesj2 <94730068+reyesj2@users.noreply.github.com>
 2024-07-10 11:29:09 -04:00
weslambert
0db0754ee5 Merge pull request #13316 from Security-Onion-Solutions/foxtrot 
Elastic 8.14.2
 2024-07-10 08:53:03 -04:00
Wes
1f5a990b1e Remove lines that aren't needed right now 2024-07-09 18:32:06 +00:00
Doug Burks
dfd8ac3626 FIX: Update SOC MOTD #13320 2024-07-09 12:55:58 -04:00
Wes
669f68ad88 Fleet metric annotations 2024-07-09 15:39:59 +00:00
Doug Burks
24e945eee4 FIX: Update MOTD #13317 2024-07-09 10:06:16 -04:00
weslambert
8615e5d5ea Move enabled and index_clean back to the top 2024-07-08 16:50:06 -04:00
weslambert
6a396ec1aa Fix accidental double quote removal 2024-07-08 11:44:27 -04:00
weslambert
9504f0885a Elastic 8.14.2 2024-07-08 09:49:07 -04:00
weslambert
ef59678441 Elastic 8.14.2 2024-07-08 09:48:12 -04:00
weslambert
c6f6811f47 Elastic 8.14.2 2024-07-08 09:47:34 -04:00
Mike Reeves
40b7999786 Delete salt/manager/tools/sbin/so-user-list 2024-07-02 14:36:51 -04:00
Mike Reeves
69be03f86a Delete salt/manager/tools/sbin/so-user-enable 2024-07-02 14:36:36 -04:00
Mike Reeves
8dc8092241 Delete salt/manager/tools/sbin/so-user-disable 2024-07-02 14:36:02 -04:00
Mike Reeves
578c6c567f Delete old user commands 2024-07-02 14:34:45 -04:00
weslambert
745b6775f1 Change name for ILM 2024-07-02 09:05:35 -04:00
weslambert
4d499be1a8 Change name 2024-07-02 08:47:29 -04:00
Wes
1b47d5c622 Changes for Elastic 8.14.1 2024-07-01 15:16:58 +00:00
Wes
32d7927a49 Template changes for Elastic 8.14.1 2024-07-01 15:16:06 +00:00
reyesj2
9d725f2b0b fix rule update 
Signed-off-by: reyesj2 <94730068+reyesj2@users.noreply.github.com>
 2024-06-28 13:45:50 -04:00
DefensiveDepth
92a847e3bd Fix Fleet setup 2024-06-27 11:48:54 -04:00
weslambert
7716f4aff8 Elastic 8.14.1 2024-06-27 10:49:52 -04:00
weslambert
8eb6dcc5b7 Elastic 8.14.1 2024-06-27 10:49:06 -04:00
weslambert
847638442b Elastic 8.14.1 2024-06-27 10:48:28 -04:00
weslambert
5743189eef Elastic 8.14.1 2024-06-27 10:47:46 -04:00
m0duspwnens
bfe8a3a01b Merge remote-tracking branch 'origin/2.4/dev' into issue/13073 2024-06-27 09:20:12 -04:00
weslambert
222ebbdec1 Revert back to 8.10.4 2024-06-27 09:05:29 -04:00