CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2026-06-13 05:39:18 +02:00
Code Issues Packages Projects Releases Wiki Activity
18,296 Commits 33 Branches 127 Tags
b1273573ed33712613795e2f401bdf9376a90679
Commit Graph

139 Commits

Author SHA1 Message Date
Josh Patterson 6c42c419e2 Serialize ILM policy-load output with flock to stop interleaving 
A single printf per block was not actually one write() call, so
concurrent jobs still occasionally interleaved their label and response
lines. Hold an flock around just the printf (curl still runs in
parallel) so each policy's block prints intact, keeping live
completion-order streaming.
 2026-06-11 15:42:41 -04:00
Josh Patterson 07d3b148b5 fix output 2026-06-11 13:37:26 -04:00
Josh Patterson 780d9faf0d Parallelize so-elasticsearch-ilm-policy-load PUTs 
Run the ~300 ILM policy PUTs concurrently (bounded to 10 in flight via a
throttle gate) instead of one serial curl per policy. Adds a put_policy
helper and waits for all background jobs before exiting. Preserves policy
parity; only the scheduling changes. Drops the dead empty sid cookie arg
(falls back to basic auth from curl.config as before).
 2026-06-11 12:08:32 -04:00
reyesj2 22f869734e add check for files before attempting to use file pattern to load templates 2026-04-22 23:11:31 -05:00
reyesj2 16a4a42faf check for addon-index templates dir before attempting to load addon index templates 2026-04-14 19:26:37 -05:00
reyesj2 dd40e44530 show when addon integrations are already loaded 2026-04-13 12:36:42 -05:00
reyesj2 29e13b2c0b elasticsearch ilm policy load script 2026-04-13 10:00:17 -05:00
reyesj2 abcad9fde0 addon statefile 2026-04-12 00:36:30 -05:00
reyesj2 a43947cca5 elasticsearch template load script -- for addon index templates 2026-04-12 00:23:26 -05:00
reyesj2 b0584a4dc5 only append "-mappings" to component template names as needed 2026-04-11 15:22:50 -05:00
reyesj2 6298397534 rework elasticsearch template load script -- for core templates 2026-04-11 04:40:47 -05:00
Josh Patterson a192455fae Merge remote-tracking branch 'origin/2.4/dev' into bravo 2026-01-19 17:17:58 -05:00
reyesj2 596bc178df ensure docker cp command follows container symlinks 2026-01-15 15:18:18 -06:00
Josh Patterson 3bc552ef38 Merge remote-tracking branch 'origin/2.4/dev' into bravo 2026-01-08 17:15:48 -05:00
Josh Patterson 1887d2c0e9 update heavynode pattern 2026-01-08 17:15:00 -05:00
reyesj2 7977a020ac elasticsearch 9.0.8 2025-12-16 16:03:47 -06:00
Jorge Reyes 4a49f9d004 Merge branch '2.4/dev' into reyesj2/retention 2025-11-06 14:29:08 -06:00
reyesj2 1eb4b5379a show 30d scheduled deletions or 7d scheduled deletions depending on what historical data is available 2025-11-06 14:25:25 -06:00
reyesj2 35c7fc06d7 fix bug showing duplicate backing indices in recommendations 2025-11-06 14:24:58 -06:00
reyesj2 b69d453a68 typo 2025-11-06 14:24:29 -06:00
reyesj2 1aa871ec94 small fixes 2025-11-05 17:55:57 -06:00
reyesj2 2fb41c8d65 elasticsearch retention estimate 2025-10-29 14:24:43 -05:00
Jorge Reyes cdb7f0602c Merge pull request #14889 from Security-Onion-Solutions/reyesj2-es-helper 
only show data nodes in disk usage output
 2025-07-29 14:45:30 -05:00
reyesj2 07305d8799 only show data nodes in disk usage output 2025-07-29 14:15:43 -05:00
reyesj2 fbf5bafae7 set 2m timeout 2025-07-28 15:17:04 -05:00
reyesj2 d49cd3cb85 increased timeout for so-elasticsearch-roles-load from default of 30s 2025-07-28 15:14:12 -05:00
reyesj2 0b1f2252ee elasticsearch troubleshoot script 2025-07-17 13:27:54 -05:00
reyesj2 b9d813cef2 typo 2025-07-08 18:26:46 -05:00
reyesj2 d4f0cbcb67 changes for 'generic' integrations with no compoent templates assigned. Default to using the logs-filestream.generic@package componet template 2025-07-08 15:23:46 -05:00
reyesj2 d240fca721 remove usage of temp file 2025-06-03 08:45:04 -05:00
reyesj2 4d6171bde6 rename script 
Signed-off-by: reyesj2 <94730068+reyesj2@users.noreply.github.com>
 2025-06-03 07:32:12 -05:00
reyesj2 6238a5b3ed tighten up search timeframe 2025-06-02 16:31:26 -05:00
reyesj2 061600fa7a shebang line 2025-06-02 15:55:46 -05:00
reyesj2 1b89cc6818 so-elasticsearch-index-growth script 2025-06-02 15:41:03 -05:00
Doug Burks bf38055a6c add echo to end of so-elasticsearch-ilm-stop 2025-05-30 11:41:50 -04:00
Doug Burks 90b8d6b2f7 add echo to end of so-elasticsearch-ilm-start 2025-05-30 11:41:11 -04:00
Doug Burks 45d541d4f2 FIX: so-elasticsearch-ilm-start needs shebang #14688 2025-05-30 09:55:53 -04:00
weslambert aacd715379 Retry after 1 second 2024-09-25 13:07:01 -04:00
weslambert 50ae37c160 Check if running during soup 2024-09-25 08:25:20 -04:00
m0duspwnens df14cbad44 fix calls to get_elastic_agent_vars 2024-09-04 17:43:49 -04:00
weslambert dd09f5b153 Add so-soc-logs 2024-08-26 10:32:27 -04:00
weslambert d7e3e134a5 Check Elasticsearch for template 2024-08-22 10:33:13 -04:00
weslambert 2a024039bf Merge pull request #13528 from Security-Onion-Solutions/fix/detections_alerts_ilm 
Create detections.alerts ILM policy with corresponding name
 2024-08-21 14:50:10 -04:00
weslambert 88ea60df2a Fix name 2024-08-21 14:38:57 -04:00
weslambert c1b7232a88 Fix for detections-alerts 2024-08-21 14:38:29 -04:00
weslambert 4108e67178 Check for endpoint package 2024-08-21 14:22:28 -04:00
weslambert 5f74b1b730 Update column number because of changes to API 2024-08-15 08:26:56 -04:00
Doug Burks ab63d5dbdb Update so-elasticsearch-cluster-space-used for changes in _cat/allocation API 2024-08-15 08:01:22 -04:00
weslambert d833bd0d55 Elastic 8.14.3 2024-07-30 12:45:25 -04:00
weslambert c60b14e2e7 Merge branch '2.4/dev' into foxtrot 2024-07-30 08:52:48 -04:00