CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-07 17:52:46 +01:00
Code Issues Packages Projects Releases Wiki Activity
10,665 Commits 24 Branches 119 Tags
bf5df1ac51a5bcd19e41a7f1ad5fde87b82275c5
Commit Graph

423 Commits

Author SHA1 Message Date
m0duspwnens
6a17f201a2 changes for backup state 2022-10-12 11:31:42 -04:00
m0duspwnens
b526532ab6 use global vars in states 2022-10-11 11:57:15 -04:00
Wes
1a90eeb1b1 Remove Osquery live query Logstash output configuration 2022-09-15 19:45:28 +00:00
Wes
926a1e0189 Remove Snort output configuration 2022-09-14 14:22:00 +00:00
Wes
ce3ea456b6 Remove flow output configuration 2022-09-14 14:21:21 +00:00
Wes
d1a8b88eb9 Remove postprocess configuration 2022-09-14 14:20:24 +00:00
Wes
e3cd8a9c6a Remove main pipeline configuration 2022-09-14 14:20:08 +00:00
Wes
43f89adbd4 Remove preprocess configuration 2022-09-14 14:19:07 +00:00
Mike Reeves
2bd9dd80e2 Move In Day 2022-09-07 09:06:25 -04:00
Wes Lambert
26698cfd07 Add Logstash output for dedicated Kratos index 2022-07-08 15:55:55 +00:00
m0duspwnens
d8abc0a195 if in dmz_nodes dont add to filebeta 2022-05-11 11:51:18 -04:00
Josh Brower
b35b505f0a Fix pattern matching 2022-04-18 10:39:04 -04:00
Josh Brower
886d69fb38 Compress + Clean ES & Logstash App Logs 2022-04-11 16:09:24 -04:00
Wes Lambert
f613d8ad86 Add RITA Logstash config 2022-03-22 17:36:18 +00:00
Wes Lambert
4fa3749418 Remove bind or ES templates 2022-02-15 18:08:03 +00:00
Wes Lambert
9db1510b0e Initial composable template configuration and base mappings 2022-02-02 02:08:31 +00:00
Jason Ertel
eefcc929c2 Update copyright pattern to match other repos 2022-01-24 10:09:23 -05:00
m0duspwnens
7ebba1f325 use show_changes: False to prevent es pw from being shown when running the state 2022-01-19 12:11:38 -05:00
weslambert
8e2f500b9c Add config option for ECS compatibility (default of disabled) 2022-01-06 11:24:04 -05:00
m0duspwnens
2e4ed8062e simplify wazuh agent ip logic 2021-12-16 11:11:01 -05:00
m0duspwnens
d0b0970353 Merge remote-tracking branch 'remotes/origin/dev' into issue/6469 2021-12-15 17:08:56 -05:00
m0duspwnens
cf2f4bad09 have standalone and managersearch pull from redis nodes 2021-12-15 15:27:23 -05:00
Mike Reeves
7cd1b1c482 Remove some previous hotfix code 2021-12-15 12:26:53 -05:00
m0duspwnens
ce0a39db4b remove old EXTRAHOSTNAME EXTRAHOSTIP from being set for logstash 2021-12-15 09:43:46 -05:00
m0duspwnens
024860d0ae rename EXTRA_NODES to LOGSTASH_NODES AND REDIS_NODES 2021-12-14 23:43:06 -05:00
m0duspwnens
0c6aba16ec fix redis input 2021-12-14 23:42:37 -05:00
m0duspwnens
15b8d80b71 fix host for input_redis 2021-12-14 18:51:43 -05:00
m0duspwnens
55b74abcc5 extra_hosts and redis_input for logstash 2021-12-14 18:49:30 -05:00
m0duspwnens
4da017d61c change extra_hosts for docker container 2021-12-14 17:05:30 -05:00
m0duspwnens
d0b6d5bba6 remove so-eval from lists since it doesnt run logstash 2021-12-14 15:33:06 -05:00
m0duspwnens
a31f034f2e remove receiver add node for cacerts and tls-ca-bundle for logstash bind 2021-12-14 15:02:59 -05:00
m0duspwnens
6962e3f9b3 fix logstash certs mapped into container 2021-12-14 14:52:15 -05:00
Mike Reeves
30344ba0ef Fix conflicts 2021-12-14 10:55:19 -05:00
Jason Ertel
c94d5fa9dc Strip JndiLookup.class from log4j-core jars, to match Elastic's mitigation approach 2021-12-13 09:27:13 -05:00
Jason Ertel
8365b5f140 Strip JndiLookup.class from log4j-core jars, to match Elastic's mitigation approach 2021-12-13 09:02:41 -05:00
Mike Reeves
09253b637e Create jvm.options 2021-12-10 14:12:43 -05:00
Mike Reeves
c81ce48bff Update log4j2.properties 2021-12-10 14:10:35 -05:00
Mike Reeves
73ec595baa Update init.sls 2021-12-10 14:10:05 -05:00
Mike Reeves
45346b6318 Update log4j2.properties 2021-12-10 12:01:39 -05:00
Mike Reeves
e48de18480 Update init.sls 2021-12-10 12:00:12 -05:00
Josh Brower
656ea974dc Use id for doc id if it exists 2021-12-09 09:16:58 -05:00
m0duspwnens
59464af10c filebeat certs for logstash on so-receiver 2021-12-08 09:41:17 -05:00
m0duspwnens
1ef63f3a23 ssl things for so-receiver 2021-12-08 09:08:46 -05:00
m0duspwnens
96666ab307 add receiver node 2021-12-07 10:19:32 -05:00
m0duspwnens
e7f43cff5e limit nodes that bind filebeat certs in so-logstash 2021-10-27 10:45:10 -04:00
m0duspwnens
0c679b62b2 Merge remote-tracking branch 'remotes/origin/dev' into issue/5955 2021-10-25 16:29:41 -04:00
weslambert
3be0d05eea Update field removal based on HTTP input changes 2021-10-25 13:16:30 -04:00
weslambert
7fa43a276a Rename default headers and host for HTTP input 2021-10-25 13:15:20 -04:00
m0duspwnens
9f6407fcb0 fix dupe ids 2021-10-22 14:26:04 -04:00
m0duspwnens
f61400680d fix dupe ids 2021-10-22 14:22:15 -04:00