CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2026-04-08 22:01:50 +02:00
Code Issues Packages Projects Releases Wiki Activity
17,968 Commits 31 Branches 125 Tags
acc9b8062e75808bb8678e2b42aa33514ee46083
Commit Graph

17968 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Mike Reeves
acc9b8062e Remove Strelka container infrastructure 
Removes all Strelka container salt states and infrastructure references,
replaced by the native fileanalyze module in sensoroni.

Removed:
- salt/strelka/ directory (all container states, configs, tools)
- Docker container definitions for 6 Strelka containers
- Firewall rules for strelka_frontend
- Container references in containers.map.jinja
- top.sls and allowed_states references to strelka/strelka.manager
- so-minion add_strelka_to_minion() function and call sites
- so-deny strelka_frontend entry
- Logstash strelka bind mount
- Logrotate strelka config
- Telegraf strelka file monitoring
- so-sensor-clean strelka cleanup
- so-image-common strelka container images

Kept (still needed):
- Elasticsearch index/ingest pipeline (ingests fileanalyze output)
- Elastic agent/fleet log collection config
- SOC strelkaengine (YARA rule management)
- Kibana saved objects (dashboards)
 2026-04-06 14:57:22 -04:00
Mike Reeves
c6c538363d Add fileanalyze module salt configuration 
Adds sensoroni agent configuration for the new fileanalyze module
that replaces the Strelka file analysis containers:
- defaults.yaml: default config values (watchDirs, concurrency, dedup, etc.)
- sensoroni.json: Jinja2 template to render module config when enabled
- soc_sensoroni.yaml: SOC config schema with descriptions for all settings
 2026-04-06 14:12:48 -04:00
Mike Reeves
88de246ce3 Merge pull request #15725 from Security-Onion-Solutions/3/main 
License Link to dev
 2026-04-06 10:59:22 -04:00
Mike Reeves
3643b57167 Merge pull request #15724 from Security-Onion-Solutions/TOoSmOotH-patch-2 
Fix JA4+ license link in soc_zeek.yaml
 2026-04-06 10:24:04 -04:00
Mike Reeves
5b3ca98b80 Fix JA4+ license link in soc_zeek.yaml 
Updated the license link in the JA4+ fingerprinting description.
 2026-04-06 10:12:37 -04:00
Jason Ertel
76f4ccf8c8 Merge pull request #15705 from Security-Onion-Solutions/3/main 
Merge pr/workflow changes back to dev
 2026-04-01 10:57:34 -04:00
Jason Ertel
2a37ad82b2 Merge pull request #15704 from Security-Onion-Solutions/jertel/mainpr 
pr/workflow changes
 2026-04-01 10:55:57 -04:00
Jason Ertel
80540da52f pr/workflow changes 2026-04-01 10:48:47 -04:00
Jason Ertel
e4ba3d6a2a pr/workflow changes 2026-04-01 10:47:59 -04:00
Mike Reeves
3dec6986b6 Merge pull request #15702 from Security-Onion-Solutions/3/main 
soup fix
 2026-03-31 15:12:01 -04:00
Mike Reeves
bbfb58ea4e Merge pull request #15701 from Security-Onion-Solutions/TOoSmOotH-patch-1 
Update SOUP_BRANCH to use 3/main instead of 2.4/main
 2026-03-31 15:09:34 -04:00
Mike Reeves
c91deb97b1 Update SOUP_BRANCH to use 3/main instead of 2.4/main 2026-03-31 15:07:23 -04:00
Mike Reeves
ff45e5ebc6 Merge pull request #15699 from Security-Onion-Solutions/TOoSmOotH-patch-4 
Version Bump
 2026-03-31 13:55:55 -04:00
Mike Reeves
1e2b51eae6 Add version 3.1.0 to discussion template options 2026-03-31 13:53:00 -04:00
Mike Reeves
58d332ea94 Bump version from 3.0.0 to 3.1.0 2026-03-31 13:52:07 -04:00
Mike Reeves
dcc67b9b8f Merge pull request #15696 from Security-Onion-Solutions/3/dev 
3.0.0
3.0.0-20260331 		2026-03-31 13:47:03 -04:00
Mike Reeves
cd886dd0f9 Merge pull request #15698 from Security-Onion-Solutions/merge-main-into-dev 
Merge 3/main into 3/dev
 2026-03-31 09:49:36 -04:00
Mike Reeves
37a6e28a6c Merge remote-tracking branch 'origin/3/dev' into merge-main-into-dev 2026-03-31 09:48:06 -04:00
Mike Reeves
434a2e7866 Merge pull request #15695 from Security-Onion-Solutions/3.0.0 
3.0.0
 2026-03-31 09:33:34 -04:00
Mike Reeves
79707db6ee 3.0.0 2026-03-31 09:17:08 -04:00
Josh Brower
0707507412 Merge pull request #15694 from Security-Onion-Solutions/fixpath 
Remove hardcoded index
 2026-03-30 12:47:55 -04:00
Josh Brower
c7e865aa1c Remove hardcoded index 2026-03-30 12:42:48 -04:00
Josh Brower
a89db79854 Merge pull request #15691 from Security-Onion-Solutions/jertel/wip 
revisit workflows
 2026-03-27 16:24:30 -04:00
Jason Ertel
812f65eee8 revisit workflows 2026-03-27 16:11:31 -04:00
Josh Patterson
cfa530ba9c Merge pull request #15690 from Security-Onion-Solutions/delta 
ensure bool sliders soc
 2026-03-27 15:19:30 -04:00
Josh Patterson
922c008b11 ensure bool sliders soc 2026-03-27 15:02:54 -04:00
Mike Reeves
ea30749512 Merge pull request #15676 from Security-Onion-Solutions/TOoSmOotH-patch-3 
Make AI adapter settings visible
 2026-03-26 09:43:58 -04:00
Mike Reeves
0a55592d7e Make AI adapter settings visible 
Changed 'advanced' field from True to False for AI adapters and available models.
 2026-03-26 09:37:39 -04:00
Josh Brower
115ca2c41d Merge pull request #15672 from Security-Onion-Solutions/yaracomments 
update yara template
 2026-03-24 15:59:48 -04:00
Josh Brower
9e53bd3f2d update yara template 2026-03-24 15:56:26 -04:00
Josh Brower
d4f1078f84 Merge pull request #15669 from Security-Onion-Solutions/lowercasefix 
Lowercase network transport
 2026-03-24 11:30:13 -04:00
Josh Brower
1f9bf45b66 Lowercase network transport 2026-03-24 11:24:59 -04:00
Mike Reeves
271de757e7 Merge pull request #15667 from Security-Onion-Solutions/TOoSmOotH-patch-1 
Enable clean option for Zeek configuration
 2026-03-24 09:56:03 -04:00
Mike Reeves
d4ac352b5a Enable clean option for Zeek configuration 2026-03-24 09:54:49 -04:00
Jorge Reyes
afcef1d0e7 Merge pull request #15661 from Security-Onion-Solutions/reyesj2-361 
update stig profile v1r3
 2026-03-23 18:09:33 -05:00
Josh Patterson
91b164b728 Merge pull request #15665 from Security-Onion-Solutions/delta 
allow negation in suricata address-group vars
 2026-03-23 17:34:21 -04:00
Josh Patterson
6a4501241d allow negation in suricata address-group vars 2026-03-23 17:24:12 -04:00
Josh Brower
c6978f9037 Merge pull request #15663 from Security-Onion-Solutions/fix/idh-skins 
Remove hardcoded path
 2026-03-23 16:30:51 -04:00
Josh Brower
7300513636 Remove hardcoded path 2026-03-23 16:26:56 -04:00
Jorge Reyes
fb7b73c601 Merge pull request #15662 from Security-Onion-Solutions/reyesj2-patch-1 
exclude oscap profile from gitleaks
 2026-03-23 14:23:24 -05:00
Jorge Reyes
f2b6d59c65 exclude oscap profile from gitleaks 2026-03-23 14:17:39 -05:00
reyesj2
67162357a3 update stig profile v1r3 2026-03-23 14:04:48 -05:00
Jason Ertel
8ea97e4af3 Merge pull request #15658 from Security-Onion-Solutions/jertel/wip 
do not attempt to redirect to a source map after login
 2026-03-23 09:55:31 -04:00
Jason Ertel
2f9a2e15b3 do not attempt to redirect to a source map after login 2026-03-23 09:48:06 -04:00
Josh Brower
a4fcf4ddf2 Merge pull request #15656 from Security-Onion-Solutions/zeek-websocket 
Add support for websockets
 2026-03-23 08:21:08 -04:00
Josh Brower
165e69cd11 Add support for websockets 2026-03-23 07:52:36 -04:00
Josh Patterson
07580c3afd Merge pull request #15653 from Security-Onion-Solutions/delta 
add yes/no to true/false conversion for suricata to soup postupgrade
 2026-03-20 16:16:29 -04:00
Josh Patterson
f0f9de4b44 add status updates for pillar conversions 2026-03-20 16:12:10 -04:00
Josh Patterson
e857a8487a convert suricata pillar data yes/no to true/false 2026-03-20 15:35:44 -04:00
Josh Patterson
fa4bf218d5 Merge pull request #15652 from Security-Onion-Solutions/delta 
Enabled / Disabled Buttons for SOC Grid Configuration
 2026-03-20 09:19:55 -04:00