CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-24 18:03:10 +01:00
Code Issues Packages Projects Releases Wiki Activity
6,134 Commits 19 Branches 120 Tags
a795f0a4877f0704069f5a28a34b6c00bed889e0
Commit Graph

3486 Commits

Author SHA1 Message Date
Jason Ertel
2006677a22 Add default customization file (Blank) 2021-01-15 20:08:27 -05:00
Jason Ertel
0af6afa216 Add method for making adjustments to the SOC UI 2021-01-15 16:26:06 -05:00
William Wernert
432d231a0e [fix] Don't use set -e since we depend on non-zero exit codes for this function 2021-01-15 13:52:10 -05:00
William Wernert
9726ff9ce6 [fix] Correct logic for verbose flag 2021-01-15 13:39:12 -05:00
Mike Reeves
9cf63545bc Merge pull request #2640 from Masaya-A/influxdb/strengthen 
Disable weak cipher suites from influxdb
 2021-01-15 10:50:21 -05:00
William Wernert
ed129bcf1f [fix] Add verbose flag so that so-monitor-add only sees necessary information 2021-01-15 09:25:04 -05:00
Jason Ertel
07b5f1d23e Rename functions to avoid naming conflict with setup vars 2021-01-15 08:55:30 -05:00
Masaya-A
0d93b15a63 Disable weak cipher suites from influxdb 
The default config of influxdb enables use of some weak cipher suites such as RC4 and 3DES(SWEET32).
To disable them, a list of enabled ciphers added into influxdb.conf.
 2021-01-15 11:47:04 +09:00
William Wernert
dbe22f901d [fix] Add jinja raw block to so-common 2021-01-14 14:54:37 -05:00
William Wernert
ebc5a4314a [feat] Add salt logs to log rotation config 2021-01-14 13:43:00 -05:00
William Wernert
0db439df1e Merge branch 'dev' into feature/setup 2021-01-14 13:06:32 -05:00
William Wernert
82c7832d60 [fix] Fix indent in valid_hostname 2021-01-14 12:58:21 -05:00
Jason Ertel
9d0dca05b1 Adjusted logic on so-tcpreplay to handle init for standalone/eval nodes 2021-01-13 22:29:58 -05:00
Jason Ertel
ea1ab75072 Refactored so-common node type checks for improved readability; Updated so-tcpreplay to support distributed grids 2021-01-13 12:42:54 -05:00
William Wernert
4dc3a6aa35 [refactor] Standardize list inputs to comma separated 2021-01-13 11:36:20 -05:00
m0duspwnens
df590bfd23 pillarize disk freespace for steno https://github.com/Security-Onion-Solutions/securityonion/issues/2095 2021-01-13 11:09:38 -05:00
Mike Reeves
2950779d91 Fix stralka rule update 2021-01-13 09:57:12 -05:00
m0duspwnens
225ed1c14a change suriloss and zeekloss to be more similar code style 2021-01-12 16:39:19 -05:00
William Wernert
332c6877b8 [fix] Add extra arg to printf instead of using echo 2021-01-12 11:01:25 -05:00
William Wernert
ef7a934b9d [feat] Add functions for input validation 2021-01-12 11:01:04 -05:00
m0duspwnens
6ea1a83afe resolve some issues with the zeekloss script https://github.com/Security-Onion-Solutions/securityonion/issues/2590 2021-01-11 14:10:08 -05:00
Jason Ertel
bc8e200919 Continued retry implementation for salt-key acceptance; improve timestamp coverage in setup 2021-01-10 02:34:46 -05:00
Jason Ertel
63047b4b85 Add retry logic around salt key acceptance during setup 2021-01-10 00:57:43 -05:00
Josh Patterson
d2848b9985 Merge pull request #2561 from Security-Onion-Solutions/automation/so-status 
add description for exit code 99
 2021-01-07 11:24:14 -05:00
m0duspwnens
83e7493691 add description for exit code 99 2021-01-07 11:23:39 -05:00
Josh Patterson
d287dd2412 Merge pull request #2557 from Security-Onion-Solutions/automation/so-status 
Automation/so status
 2021-01-07 09:07:12 -05:00
m0duspwnens
a5735e6654 return 99 if setup is running 2021-01-06 20:14:42 -05:00
m0duspwnens
ae7c0a26be add a quiet mode to so-status for automation testing 2021-01-06 18:46:21 -05:00
Wes Lambert
7f64d57111 Reserve port for Wazuh API and check if port is already in use 2021-01-06 14:37:28 -05:00
Wes Lambert
e7db1a99bd Set @timestamp to winlog.systemTime 2021-01-06 14:37:28 -05:00
Mike Reeves
7d25e8a08b Remove ERSPAN so log doesn't show a warning 2021-01-06 14:37:28 -05:00
Masaya-A
d37023e0f5 Make yum removing unneeded packages 
Reference: https://www.stigviewer.com/stig/red_hat_enterprise_linux_7/2020-09-03/finding/V-204452
 2021-01-06 14:37:28 -05:00
weslambert
c864cc607f Remove multiple old so-yara-update cron jobs, if needed 2021-01-06 14:37:27 -05:00
weslambert
958635b012 Remove old Strelka cron job 2021-01-06 14:37:27 -05:00
Jason Ertel
7dcd934269 so-fleet-setup doesn't need an interactive terminal to run, remove 'it' 2021-01-06 14:37:27 -05:00
Jason Ertel
bedbd39b82 tcpreplay doesn't need an interactive terminal to run, remove 'it' 2021-01-06 14:37:27 -05:00
Jason Ertel
7d97e3590c Redirect tcpreplay init output to file 2021-01-06 14:37:27 -05:00
Jason Ertel
10d04f760d Use manager internal IP for intra-service comms 2021-01-06 14:37:26 -05:00
Jason Ertel
fb28faa4e3 Monitor interface will not always be bond0 - pull correct value from pillar; Replay test data after automated test installations complete. 2021-01-06 14:37:26 -05:00
weslambert
36ae09ac4a Merge pull request #2545 from Security-Onion-Solutions/fix/wazuh_port_reservation 
Reserve port for Wazuh API and check if port is already in use
 2021-01-06 11:49:23 -05:00
Wes Lambert
875908dc90 Set @timestamp to winlog.systemTime 2021-01-06 16:47:35 +00:00
Wes Lambert
f2b677bfcb Reserve port for Wazuh API and check if port is already in use 2021-01-06 15:52:10 +00:00
Mike Reeves
1154b533d6 Remove ERSPAN so log doesn't show a warning 2021-01-05 13:56:56 -05:00
Mike Reeves
dc429494ac Merge pull request #2370 from Masaya-A/improve/yum 
Make yum removing unneeded packages
 2021-01-05 09:26:04 -05:00
weslambert
c1e245043e Remove multiple old so-yara-update cron jobs, if needed 2021-01-04 16:29:32 -05:00
William Wernert
9d674d6d3a [feat] Add so-monitor-add script 2021-01-04 13:35:14 -05:00
weslambert
535820bfa7 Remove old Strelka cron job 2021-01-04 10:18:32 -05:00
Jason Ertel
4b244645ba so-fleet-setup doesn't need an interactive terminal to run, remove 'it' 2020-12-31 10:52:59 -05:00
Jason Ertel
6b81419d38 tcpreplay doesn't need an interactive terminal to run, remove 'it' 2020-12-30 22:02:19 -05:00
Jason Ertel
e167bfed20 Redirect tcpreplay init output to file 2020-12-30 18:48:56 -05:00