CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-10 03:02:58 +01:00
Code Issues Packages Projects Releases Wiki Activity
9,467 Commits 26 Branches 119 Tags
b41c5439c61d5439c54adb166a67a4fea75f425c
Commit Graph

124 Commits

Author SHA1 Message Date
m0duspwnens
bd7ef1cc59 fix whitespace control 2021-12-16 09:19:20 -05:00
m0duspwnens
522bc1d2b8 fix loadbalance logic and whitespace for filebeat.yml 2021-12-15 16:21:08 -05:00
m0duspwnens
c490a3be36 move node_data pillar to logstash:nodes, set extra hosts for filebeat docker 2021-12-14 13:32:42 -05:00
m0duspwnens
6518691c55 sort the items 2021-12-13 18:16:25 -05:00
m0duspwnens
067e79894f fix loop for node_data 2021-12-13 16:26:38 -05:00
m0duspwnens
6de2f5bd03 fix node_data 2021-12-13 15:55:09 -05:00
m0duspwnens
8d0872bce5 create node_data pillar from mine data, use node_data pillar for filebeat config 2021-12-13 15:48:30 -05:00
m0duspwnens
86f67198bf loadbalance filebeat if across managers and receivers 2021-12-10 17:43:06 -05:00
William Wernert
dd1769fbef Only check for logscan on manager-type and import 2021-08-05 11:02:09 -04:00
William Wernert
33bd6aed20 Fix logscan pipeline on eval 
* Rename logscan pipeline to logscan.alert
* Add module to indices array in filebeat.yml
 2021-07-30 14:41:15 -04:00
William Wernert
9bf1d3e0c6 Misc fixes 2021-07-16 14:59:44 -04:00
William Wernert
818f912a90 [fix] Remove indent 2021-07-14 10:13:14 -04:00
William Wernert
2b0bca8e55 Merge branch 'dev' into feature/logscan 2021-07-12 14:58:30 -04:00
weslambert
a895270bc8 Allow setting Filebeat logging level in pillar 2021-07-12 10:27:43 -04:00
William Wernert
80525ee736 [wip] Add logscan pipeline 2021-07-08 12:29:50 -04:00
Jason Ertel
2d34208269 Elastic auth: Fun with Salt 2021-06-16 17:52:22 -04:00
Jason Ertel
09fbb045a1 If ES auth disabled ensure user/pass are blank 2021-06-16 09:59:57 -04:00
Jason Ertel
37f4caf536 Make new ECS changes Elastic-auth compatible 2021-06-14 12:13:50 -04:00
Jason Ertel
fca1c6e957 Merge branch 'dev' into kilo 2021-06-14 10:40:04 -04:00
m0duspwnens
f7600af89b dont loop if modules arent defined for the node 2021-06-11 13:52:33 -04:00
Mike Reeves
56eb220ed6 Revert to SO taxonomy for zeek and suricata 2021-06-08 09:52:05 -04:00
Jason Ertel
901242f7e9 remove extra parenthesis 2021-06-02 16:23:45 -04:00
Jason Ertel
20e896cacf Update all configs to pass user/pass to ES 2021-06-02 12:17:15 -04:00
Mike Reeves
34d4eedf67 Remove old modules 2021-05-26 10:11:47 -04:00
m0duspwnens
2aacd5b9b6 so defaults filebeat modules 2021-05-25 16:40:50 -04:00
m0duspwnens
ad67167e97 remove whitespace control 2021-05-11 12:58:21 -04:00
m0duspwnens
4012a8276c add template for module .yml file 2021-05-11 12:22:25 -04:00
Wes Lambert
ee92ba20b0 Add modules path reference 2021-05-06 13:56:39 +00:00
Wes Lambert
1b749cf004 Additional config 2021-05-06 13:55:07 +00:00
Wes Lambert
37929dbd7d Add additional config for Filebeat modules 2021-05-06 13:54:28 +00:00
Mike Reeves
aa66b6226f Add hostname to the listener 2021-04-13 20:22:51 -04:00
Mike Reeves
db7dcd76cd Add hostname to the listener 2021-04-13 20:21:32 -04:00
Mike Reeves
621e5c1cf8 Enable Filebeat Stats 2021-04-13 19:18:10 -04:00
Mike Reeves
18203513ab Update cert location for eval.import 2021-03-10 09:14:14 -05:00
Mike Reeves
4f867e5375 Fix all scripts for ssl elastic 2021-03-03 10:02:23 -05:00
Jason Ertel
58e4205602 Revert "Make filebeat retry forever" 2021-02-03 21:46:29 -05:00
Mike Reeves
55a8f6aa7a Make filebeat retry forever 2021-02-02 16:41:52 -05:00
Wes Lambert
19d22e1f8a Allow for Filebeat queue/output adjustments via pillar 2021-01-21 15:34:54 +00:00
weslambert
6b4af30fc1 Change clean_removed to true cleanup tracking of Zeek logs removed from current 2020-11-18 13:47:32 -05:00
m0duspwnens
10e4248cfc and node that gets filebeat state now can listen for syslog - https://github.com/Security-Onion-Solutions/securityonion/issues/1551 2020-10-19 16:10:20 -04:00
m0duspwnens
79854f111e add 514 tcp listener to filebeat docker and add syslog listener to fb config for manager and manager search - https://github.com/Security-Onion-Solutions/securityonion/issues/1551 2020-10-19 10:27:40 -04:00
Wes Lambert
4fc4913d1e Don't predefine index date for Filebeat ES outputs 2020-10-12 15:44:00 +00:00
Wes Lambert
d8f70397f7 Fix Filebeat config for Wazuh 2020-09-30 14:57:56 +00:00
Mike Reeves
0a0e00866c Upgrade Fun 2020-09-14 14:50:22 -04:00
Mike Reeves
f9e5ea8ba7 Fix SSL for filebeat 2020-08-19 21:12:41 -04:00
m0duspwnens
0f53b4d703 set esheapsize and filebeat config for import node 2020-08-12 10:39:31 -04:00
Mike Reeves
24ed92c9dc minio and change to global 2020-08-04 15:54:03 -04:00
m0duspwnens
e3efaee864 change reference from bro to zeek 2020-07-17 14:41:44 -04:00
Jason Ertel
9dc1151347 Imported logs are sent to so-import index on eval installations 2020-07-14 22:59:42 -04:00
m0duspwnens
13af4cacb0 merge with dev and resolve conflicts 2020-07-10 16:27:10 -04:00