CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2026-04-25 14:07:49 +02:00
Code Issues Packages Projects Releases Wiki Activity
7,827 Commits 40 Branches 125 Tags
9c2ead16cc3bc7a53b5c59f99c64860f2ff97e64
Commit Graph

4500 Commits

Author SHA1 Message Date
Jason Ertel b294cee278 Remove passwords from soctopus templates since these are the basis for elastalert rules, which will use the user/pass at the elastalert global config level 2021-06-17 15:53:07 -04:00
Jason Ertel afe7ddb480 Remove passwords from soctopus templates since these are the basis for elastalert rules, which will use the user/pass at the elastalert global config level 2021-06-17 15:51:53 -04:00
Jason Ertel 98526af82a Merge pull request #4558 from Security-Onion-Solutions/kilo 
Lock so-user to avoid two processes from overwriting eachother
 2021-06-17 15:23:42 -04:00
Jason Ertel 0cb4562254 Lock so-user to avoid two processes from overwriting eachother 2021-06-17 15:19:39 -04:00
m0duspwnens 63b120e9e2 use just curl for elastic in soup 2021-06-17 14:56:05 -04:00
m0duspwnens d587120613 set ELASTICCUURL default as curl 2021-06-17 14:42:04 -04:00
Josh Patterson 79aad225a4 Merge pull request #4552 from Security-Onion-Solutions/kilo 
Kilo
 2021-06-17 09:38:41 -04:00
m0duspwnens 8cd2bc7c13 adding so-eval to ES_INCLUDED_NODES 2021-06-17 09:37:21 -04:00
m0duspwnens 2a5198cae4 change perms to resolve error about module-setup.yml being 660 2021-06-17 08:49:21 -04:00
Jason Ertel b8c463db82 Merge pull request #4551 from Security-Onion-Solutions/kilo 
Fix require statement
 2021-06-16 21:49:47 -04:00
Jason Ertel 059b016c62 Fix require statement 2021-06-16 21:48:31 -04:00
Jason Ertel f1429632d2 Merge pull request #4549 from Security-Onion-Solutions/kilo 
Elastic auth: Fun with Salt
 2021-06-16 17:57:58 -04:00
Jason Ertel 2d34208269 Elastic auth: Fun with Salt 2021-06-16 17:52:22 -04:00
Jason Ertel 36c9054744 Merge pull request #4547 from Security-Onion-Solutions/kilo 
Kilo
 2021-06-16 14:55:27 -04:00
William Wernert 703988b376 Fix merge issue in soup 2021-06-16 14:28:20 -04:00
Jason Ertel fefd2677fb Only include so-common if available. It only is used for requiring root, but since this script is needed before common is installed, we can safely assume that it's being run as root already (during the install) 2021-06-16 14:26:26 -04:00
Jason Ertel a323aeb8fa Allow so-elastic-auth to run before common even though the script has dependency on a common-provided script (benign error). This is needed first since common will need to know if auth is enabled 2021-06-16 14:23:58 -04:00
Jason Ertel edac99e5a9 Merge pull request #4546 from Security-Onion-Solutions/kilo 
Accept either 200 or 401 instead of wasting 3 minutes waiting for thi…
 2021-06-16 11:41:23 -04:00
Jason Ertel dd14235e31 Accept either 200 or 401 instead of wasting 3 minutes waiting for this to timeout 2021-06-16 11:39:21 -04:00
Jason Ertel 15eadd4f89 Merge pull request #4545 from Security-Onion-Solutions/kilo 
Merge kilo to dev for additional ES Auth changes
 2021-06-16 11:04:39 -04:00
Jason Ertel 09fbb045a1 If ES auth disabled ensure user/pass are blank 2021-06-16 09:59:57 -04:00
m0duspwnens ebea9a7198 remove space 2021-06-16 08:07:28 -04:00
m0duspwnens ad9441bb60 prevent suricata state from running on manager and managersearch https://github.com/Security-Onion-Solutions/securityonion/issues/2977 2021-06-16 08:06:26 -04:00
Jason Ertel 989f9dce42 Ensure sqlite.db exists before querying it; Execute so-elastic-auth after common state has been applied and redirect output to setup log 2021-06-15 16:57:13 -04:00
Jason Ertel b95437347e Upgrade ES to 7.13.2 2021-06-15 12:50:57 -04:00
Jason Ertel dd8eb29a18 Continue merge of ECS into Elastic Auth 2021-06-15 09:11:58 -04:00
Jason Ertel 3891ca2929 Use correct mode param to file.recurse 2021-06-14 15:46:25 -04:00
Jason Ertel 62187807f0 Specify elastic creds for playbook alert templates 2021-06-14 14:08:14 -04:00
Jason Ertel 37f4caf536 Make new ECS changes Elastic-auth compatible 2021-06-14 12:13:50 -04:00
Jason Ertel fca1c6e957 Merge branch 'dev' into kilo 2021-06-14 10:40:04 -04:00
m0duspwnens fd5d540c78 update roles that include es state 2021-06-14 10:00:19 -04:00
m0duspwnens d2069dc5f2 update roles that include es state 2021-06-14 09:58:50 -04:00
m0duspwnens 5941332d49 fix two bugs 2021-06-14 08:51:29 -04:00
m0duspwnens f7600af89b dont loop if modules arent defined for the node 2021-06-11 13:52:33 -04:00
Josh Patterson c2339c84e7 Merge branch 'dev' into hotfix/soup_salt 2021-06-10 15:48:00 -04:00
Jason Ertel 7205c5cb7b Provide timestamp as arg to SOC PCAP pivots 2021-06-10 15:21:03 -04:00
Mike Reeves a2e1b1de3a Merge pull request #4484 from Security-Onion-Solutions/pipeline 
Pipeline
 2021-06-10 13:41:14 -04:00
m0duspwnens e64059bd7b remove unneeded function 2021-06-10 09:31:10 -04:00
m0duspwnens 46b1de97f5 change function name 2021-06-10 09:30:03 -04:00
Mike Reeves 12d4d4a4f7 Dynamix Pipelines take 2 2021-06-10 09:19:15 -04:00
Jason Ertel 89a02383b8 Correct cronjob path issue for sysctl; suppress diff outputs from users/roles files; suppress salt state output during user sync 2021-06-09 16:31:32 -04:00
Mike Reeves 7fba904f75 Dynamix Pipelines take 1 2021-06-09 15:32:39 -04:00
Mike Reeves 1c7741fdbe Add templates for SO logs 2021-06-09 12:38:19 -04:00
Mike Reeves 4c90a0ed7e Add templates for SO logs 2021-06-09 12:04:32 -04:00
m0duspwnens a82b174826 perform the repo changes for any upgrade 2021-06-09 11:53:10 -04:00
Mike Reeves 579ff8c0b4 Add verbosity to checkin 2021-06-09 11:40:17 -04:00
Mike Reeves 264080546c Add log path 2021-06-09 11:37:27 -04:00
Jason Ertel a0c65e2333 Ensure elastic minions also update their auth files 2021-06-09 09:38:50 -04:00
Jason Ertel dd73ad544c Rename PATH var to avoid collision with OS PATH var; wrapped password var in quotes to support spaces in Fleet/TheHive passwords 2021-06-09 09:06:29 -04:00
Mike Reeves 88eea03f97 Revert to SO taxonomy for zeek and suricata 2021-06-08 13:36:50 -04:00