CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-06 09:12:45 +01:00
Code Issues Packages Projects Releases Wiki Activity
15,296 Commits 24 Branches 119 Tags
95d6c93a07d32722fc1bee9e378cd0a512cb5d86
Commit Graph

15296 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Jorge Reyes
95d6c93a07 Merge pull request #13231 from Security-Onion-Solutions/kfeval 2024-06-18 13:15:18 -04:00
reyesj2
911d6dcce1 update kafka output policy only on eligible grid types 
Signed-off-by: reyesj2 <94730068+reyesj2@users.noreply.github.com>
 2024-06-18 12:09:59 -04:00
Doug Burks
5f6a9850eb Merge pull request #13227 from Security-Onion-Solutions/dougburks-patch-1 
FEATURE: Add new Process actions #13226
 2024-06-18 10:57:52 -04:00
Doug Burks
de18bf06c3 FEATURE: Add new Process actions #13226 2024-06-18 10:36:41 -04:00
Jorge Reyes
73473d671d Merge pull request #13222 from Security-Onion-Solutions/reyesj2-patch-3 
update profile
 2024-06-18 09:16:35 -04:00
Josh Brower
3fbab7c3af Merge pull request #13223 from Security-Onion-Solutions/2.4/timeout 
Update defaults
 2024-06-18 08:55:30 -04:00
DefensiveDepth
521cccaed6 Update defaults 2024-06-18 08:43:00 -04:00
reyesj2
35da3408dc update profile 
Signed-off-by: reyesj2 <94730068+reyesj2@users.noreply.github.com>
 2024-06-17 15:53:49 -04:00
Jorge Reyes
c03096e806 Merge pull request #13221 from Security-Onion-Solutions/reyesj2/ksoup 
suppress fleet policy update in soup
 2024-06-17 14:18:34 -04:00
reyesj2
2afc947d6c suppress fleet policy update in soup 
Signed-off-by: reyesj2 <94730068+reyesj2@users.noreply.github.com>
 2024-06-17 14:12:33 -04:00
Doug Burks
076da649cf Merge pull request #13217 from Security-Onion-Solutions/dougburks-patch-1 
FEATURE: Add more links and descriptions to SOC MOTD #13216
 2024-06-17 12:18:29 -04:00
Doug Burks
93ced0959c FEATURE: Add more links and descriptions to SOC MOTD #13216 2024-06-17 09:25:01 -04:00
Doug Burks
6f13fa50bf FEATURE: Add more links and descriptions to SOC MOTD #13216 2024-06-17 09:24:32 -04:00
Doug Burks
3bface12e0 FEATURE: Add more links and descriptions to SOC MOTD #13216 2024-06-17 09:23:14 -04:00
Doug Burks
b584c8e353 FEATURE: Add more links and descriptions to SOC MOTD #13216 2024-06-17 09:13:17 -04:00
Jason Ertel
6caf87df2d Merge pull request #13209 from Security-Onion-Solutions/kfix 
Fix errors on new installs
 2024-06-15 05:09:48 -04:00
reyesj2
4d1f2c2bc1 fix kafka elastic fleet output policy setup 
Signed-off-by: reyesj2 <94730068+reyesj2@users.noreply.github.com>
 2024-06-14 23:04:08 -04:00
reyesj2
0b1175b46c kafka logstash input plugin handle empty brokers list 
Signed-off-by: reyesj2 <94730068+reyesj2@users.noreply.github.com>
 2024-06-14 23:03:36 -04:00
reyesj2
4e50dabc56 refix typos 
Signed-off-by: reyesj2 <94730068+reyesj2@users.noreply.github.com>
 2024-06-14 23:03:06 -04:00
Jason Ertel
ce45a5926a Merge pull request #13207 from Security-Onion-Solutions/kaffix 
Standalone logstash error
 2024-06-14 18:01:35 -04:00
Josh Brower
c540a4f257 Merge pull request #13208 from Security-Onion-Solutions/2.4/ruletemplates 
Update rule templates
 2024-06-14 16:01:26 -04:00
DefensiveDepth
7af94c172f Change spelling 2024-06-14 16:00:22 -04:00
DefensiveDepth
7556587e35 Update rule templates 2024-06-14 15:47:57 -04:00
reyesj2
a0030b27e2 add additional retries to elasticfleet scripts 
Signed-off-by: reyesj2 <94730068+reyesj2@users.noreply.github.com>
 2024-06-14 15:34:40 -04:00
reyesj2
8080e05444 on fresh install kafka nodes pillar may not have populated. Avoiding this by only generating kafka input pipeline when kafka nodes pillar is not empty 
Signed-off-by: reyesj2 <94730068+reyesj2@users.noreply.github.com>
 2024-06-14 14:17:26 -04:00
Josh Brower
af11879545 Merge pull request #13205 from Security-Onion-Solutions/2.4/customsuricatasources 
Initial support for custom suricata urls and local rulesets
 2024-06-14 13:50:06 -04:00
DefensiveDepth
c89f1c9d95 remove multiline 2024-06-14 13:48:55 -04:00
DefensiveDepth
b7ac599a42 set to empty 2024-06-14 13:21:36 -04:00
DefensiveDepth
8363877c66 move to custom rules 2024-06-14 12:41:44 -04:00
DefensiveDepth
4bcb4b5b9c removed unneeded import 2024-06-14 09:32:34 -04:00
DefensiveDepth
68302e14b9 add to defaults and tweaks 2024-06-14 09:28:23 -04:00
DefensiveDepth
c1abc7a7f1 Update description 2024-06-14 08:51:34 -04:00
DefensiveDepth
484717d57d initial support for custom suricata urls and local rulesets 2024-06-14 08:42:10 -04:00
Jorge Reyes
b91c608fcf Merge pull request #13204 from Security-Onion-Solutions/kaffix 
Only comment out so-kafka from so-status when it exists & only run en…
 2024-06-13 15:54:50 -04:00
reyesj2
8f8ece2b34 Only comment out so-kafka from so-status when it exists & only run ensure_default_pipeline when Kafka is configured 
Signed-off-by: reyesj2 <94730068+reyesj2@users.noreply.github.com>
 2024-06-13 15:50:34 -04:00
Jorge Reyes
9b5c1c01e9 Merge pull request #13200 from Security-Onion-Solutions/kafka/fix 2024-06-13 12:26:57 -04:00
reyesj2
816a1d446e Generate kafka-logstash cert on standalone,manager,managersearch in addition to searchnodes. 
Signed-off-by: reyesj2 <94730068+reyesj2@users.noreply.github.com>
 2024-06-13 12:18:13 -04:00
reyesj2
19bfd5beca fix kafka nodeid assignment to increment correctly 
Signed-off-by: reyesj2 <94730068+reyesj2@users.noreply.github.com>
 2024-06-13 12:16:39 -04:00
Jorge Reyes
9ac7e051b3 Merge pull request #13190 from Security-Onion-Solutions/reyesj2/kafka 
Initial Kafka support
 2024-06-13 09:42:59 -04:00
reyesj2
80b1d51f76 wrong location for global.pipeline check 
Signed-off-by: reyesj2 <94730068+reyesj2@users.noreply.github.com>
 2024-06-13 08:50:53 -04:00
Doug Burks
6340ebb36d Merge pull request #13197 from Security-Onion-Solutions/dougburks-patch-1 
Update DOWNLOAD_AND_VERIFY_ISO.md
 2024-06-12 16:49:21 -04:00
Doug Burks
70721afa51 Update DOWNLOAD_AND_VERIFY_ISO.md 2024-06-12 16:47:26 -04:00
reyesj2
9c31622598 telegraft should only include jolokia config when Kafka is set as the global.pipeline 
Signed-off-by: reyesj2 <94730068+reyesj2@users.noreply.github.com>
 2024-06-12 15:42:00 -04:00
reyesj2
f372b0907b Use kafka:password for kafka certs 
Signed-off-by: reyesj2 <94730068+reyesj2@users.noreply.github.com>
 2024-06-12 15:41:10 -04:00
coreyogburn
fac96e0b08 Merge pull request #13183 from Security-Onion-Solutions/cogburn/cleanup-config 
Fix unnecessary escaping
 2024-06-12 11:57:31 -06:00
reyesj2
2bc53f9868 Merge remote-tracking branch 'remotes/origin/2.4/dev' into reyesj2/kafka 2024-06-12 12:36:58 -04:00
reyesj2
e8106befe9 Append '-securityonion' to all Security Onion related Kafka topics. Adjust logstash to ingest all topics ending in '-securityonion' to avoid having to manually list topic names 
Signed-off-by: reyesj2 <94730068+reyesj2@users.noreply.github.com>
 2024-06-12 12:05:16 -04:00
reyesj2
83412b813f Renamed Kafka pillar 
Signed-off-by: reyesj2 <94730068+reyesj2@users.noreply.github.com>
 2024-06-12 11:19:25 -04:00
reyesj2
b56d497543 Revert a so-setup change. Kafka is not an installable option 
Signed-off-by: reyesj2 <94730068+reyesj2@users.noreply.github.com>
 2024-06-12 11:17:06 -04:00
reyesj2
dd40962288 Revert a whiptail menu change. Kafka is not an install option 
Signed-off-by: reyesj2 <94730068+reyesj2@users.noreply.github.com>
 2024-06-12 11:07:23 -04:00