CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-06 17:22:49 +01:00
Code Issues Packages Projects Releases Wiki Activity
13,887 Commits 24 Branches 119 Tags
aeb09b16dbb2f8fc8e81b8eb974e070b1f09e0a6
Commit Graph

962 Commits

Author SHA1 Message Date
weslambert
02baa18502 Add metrics 2023-11-08 22:41:24 -05:00
weslambert
e39edab00d Exclude osquery and display failed name 2023-11-08 20:55:08 -05:00
weslambert
acb6e84248 Don't load index template if component template doesn't exist 2023-11-08 20:34:08 -05:00
Jason Ertel
32079a7bce Merge pull request #11734 from Security-Onion-Solutions/fix/elastic_scripts 
Improve error handling and add retry logic
 2023-11-08 12:19:00 -05:00
Jason Ertel
d256be3eb3 allow template loads to partially succeed only on the initial attempt 2023-11-08 10:32:11 -05:00
Wes
653fda124f Check expected with retry 2023-11-08 13:02:17 +00:00
Wes
b46e86c39b Extend index template loading to 60 attempts and a total of ~5 minutes 2023-11-08 02:29:09 +00:00
Wes
de9f9549af Extend template loading to 24 attempts and a total of ~2 minutes 2023-11-07 23:55:03 +00:00
weslambert
749e22e4b9 Fix if statement 2023-11-07 17:29:38 -05:00
weslambert
69ec1987af Fix if statement 2023-11-07 17:28:37 -05:00
Wes
570624da7e Remove RETURN_CODE 2023-11-07 21:09:29 +00:00
Wes
7772657b4b Remove RETURN_CODE 2023-11-07 21:06:35 +00:00
Wes
1676c84f9c Use the retry function so-elasticsearch-query 2023-11-07 19:56:50 +00:00
weslambert
1dcca0bfd3 Change pipeline to 1.13.1 2023-11-07 12:17:51 -05:00
Wes
0b4a246ddb State file changes and retry logic 2023-11-07 16:44:42 +00:00
weslambert
cce80eb2fb Change pipeline to 1.8.0 2023-11-07 09:02:48 -05:00
Wes
c30a0d5b5b Better error handling and state file management 2023-11-06 14:29:01 +00:00
Wes
74eda68d84 Exit if unable to communicate with Elasticsearch 2023-11-06 13:16:35 +00:00
Mike Reeves
3d8663db66 Update soc_elasticsearch.yaml 2023-11-03 11:29:45 -04:00
Wes
5bfef3f527 Add checkpoint and vsphere templates 2023-11-02 21:10:01 +00:00
weslambert
51e7861757 Don't source so-elastic-fleet-common if not there 2023-11-02 16:41:34 -04:00
Wes
ae45d40eca Add Sublime Platform ingest pipeline 2023-11-01 13:34:30 +00:00
weslambert
c354924b68 Add import roles 2023-10-31 10:05:29 -04:00
weslambert
ed6473a34b Add roles for eval mode 2023-10-30 20:41:49 -04:00
weslambert
76dd6f07ab Remove policy for OSQuery manager indices 2023-10-27 17:26:33 -04:00
weslambert
c955f9210a Remove policy for Cases indices 2023-10-27 17:24:27 -04:00
Mike Reeves
25f1a0251f Annotation changes for warm node 2023-10-27 09:08:07 -04:00
Mike Reeves
87494f64c7 Annotation changes for warm node 2023-10-27 09:06:12 -04:00
Mike Reeves
ce1858fe05 Annotation changes for warm node 2023-10-27 09:02:39 -04:00
Mike Reeves
9fc3a73035 Annotation changes for warm node 2023-10-27 08:58:08 -04:00
Mike Reeves
b37e38e3c3 Update defaults.yaml 2023-10-26 16:03:58 -04:00
Mike Reeves
2e0100fd35 Update defaults.yaml 2023-10-26 12:37:55 -04:00
Wes
891ea997e7 Add lifecycle policies and warm settings 2023-10-26 12:25:37 +00:00
Mike Reeves
01810a782c Annotation changes for warm node 2023-10-25 16:46:30 -04:00
Mike Reeves
6d6292714f Annotation changes for warm node 2023-10-25 16:21:47 -04:00
Mike Reeves
88fb7d06e6 Annotation changes for warm node 2023-10-25 16:20:28 -04:00
Josh Patterson
39abe19cfd Update config.map.jinja 2023-10-25 16:17:06 -04:00
Josh Patterson
807b40019f Update soc_elasticsearch.yaml 2023-10-25 16:16:48 -04:00
Josh Patterson
5f168a33ed Update defaults.yaml 2023-10-25 16:16:01 -04:00
Mike Reeves
d1170cb69f Update soc_elasticsearch.yaml 2023-10-25 16:05:20 -04:00
m0duspwnens
19fdc9319b fix role update 2023-10-25 15:58:26 -04:00
Josh Patterson
af4b34801f Update defaults.yaml 2023-10-25 15:48:27 -04:00
Josh Patterson
1ae8896a05 Update config.map.jinja 2023-10-25 15:47:40 -04:00
Mike Reeves
6fb0c5dbfe Annotation changes for warm node 2023-10-25 15:37:36 -04:00
Mike Reeves
a887551dad Annotation changes for warm node 2023-10-25 15:22:47 -04:00
weslambert
660020cc76 Parse pkt_src for Suricata logs 2023-10-23 15:45:41 -04:00
Wes
28b7a24cc1 Add templates for integrations 2023-10-18 20:36:04 +00:00
Wes
0bba68769b Make scan.pe.image_version type of 'float' 2023-09-26 14:05:12 +00:00
Wes
2e0ea3f374 Set final pipeline 2023-09-19 13:33:12 +00:00
Wes
508260bd46 Use event.created for timestamp 2023-09-19 13:32:03 +00:00