CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-06 09:12:45 +01:00
Code Issues Packages Projects Releases Wiki Activity
17,451 Commits 24 Branches 119 Tags
c4a70b540ebe17a99efd388c53094656bccf4cdf
Commit Graph

216 Commits

Author SHA1 Message Date
Josh Patterson
44a5b3b1e5 MANAGERHYPE setup is now complete! 2025-03-12 21:05:04 -04:00
reyesj2
8e1edd1d91 split Kafka ssl from ssl/init. Certs won't be generated until Kafka is enabled. Also runs some clean up for old Kafka certs 
Signed-off-by: reyesj2 <94730068+reyesj2@users.noreply.github.com>
 2024-07-10 11:32:43 -04:00
reyesj2
816a1d446e Generate kafka-logstash cert on standalone,manager,managersearch in addition to searchnodes. 
Signed-off-by: reyesj2 <94730068+reyesj2@users.noreply.github.com>
 2024-06-13 12:18:13 -04:00
reyesj2
f372b0907b Use kafka:password for kafka certs 
Signed-off-by: reyesj2 <94730068+reyesj2@users.noreply.github.com>
 2024-06-12 15:41:10 -04:00
reyesj2
e164d15ec6 Generate different Kafka certs for different SO nodetypes 
Signed-off-by: reyesj2 <94730068+reyesj2@users.noreply.github.com>
 2024-05-01 13:02:47 -04:00
reyesj2
36573d6005 Update kafka cert permissions 
Signed-off-by: reyesj2 <94730068+reyesj2@users.noreply.github.com>
 2024-04-23 16:45:36 -04:00
reyesj2
af29ae1968 Merge kaffytaffy 
Signed-off-by: reyesj2 <94730068+reyesj2@users.noreply.github.com>
 2024-04-12 11:43:46 -04:00
m0duspwnens
a54a72c269 move kafka_cluster_id to kafka:cluster_id 2024-04-12 11:19:20 -04:00
reyesj2
af53dcda1b Remove references to kafkanode 
Signed-off-by: reyesj2 <94730068+reyesj2@users.noreply.github.com>
 2024-04-11 15:32:00 -04:00
reyesj2
721e04f793 initial logstash input from kafka over ssl 
Signed-off-by: reyesj2 <94730068+reyesj2@users.noreply.github.com>
 2024-04-05 13:37:14 -04:00
reyesj2
436cbc1f06 Add kafka signing_policy for client/server auth. Add kafka-client cert on manager so manager can interact with kafka using its own cert 
Signed-off-by: reyesj2 <94730068+reyesj2@users.noreply.github.com>
 2024-04-04 16:21:29 -04:00
reyesj2
13105c4ab3 Generate certs for use with elasticfleet kafka output policy 
Signed-off-by: reyesj2 <94730068+reyesj2@users.noreply.github.com>
 2024-04-03 14:34:07 -04:00
reyesj2
446f1ffdf5 merge 2.4/dev 
Signed-off-by: reyesj2 <94730068+reyesj2@users.noreply.github.com>
 2024-03-25 13:55:48 -04:00
Pete
1192dbd530 also remove intca symlink 
The symlink is created in init.sls; it should be removed here.
 2024-01-31 09:01:56 -05:00
reyesj2
86dc7cc804 Kafka init 
Signed-off-by: reyesj2 <94730068+reyesj2@users.noreply.github.com>
 2023-11-29 13:34:25 -05:00
Jason Ertel
f4be5641da cert work 2023-08-23 20:49:37 -04:00
Jason Ertel
4484e2d031 cert work 2023-08-23 18:16:49 -04:00
Jason Ertel
b8dc9ea560 cert work 2023-08-23 17:50:08 -04:00
Jason Ertel
8a751e097d cert path refactor 2023-08-23 14:32:05 -04:00
Josh Brower
6784bdcb54 Fix certs for Rec & Heavy 2023-08-20 15:46:07 -04:00
Josh Brower
e844cf11db Move base_url to cert SAN 2023-08-09 16:38:27 -04:00
Josh Brower
1bc7bbc76e Refactor custom_fqdn 2023-08-02 20:02:37 -04:00
Josh Brower
ab28cee7cf Allow multiple Custom Fleet FQDN 2023-08-02 17:45:37 -04:00
Josh Brower
8c16feb772 Rename Fleet pipelines 2023-07-09 12:22:55 -04:00
Josh Brower
ce1f363424 Allow base_url 2023-07-08 13:30:19 -04:00
Josh Brower
e8860a7d2c Fix perms 2023-07-08 09:04:55 -04:00
Josh Brower
beb26596fd Merge remote-tracking branch 'origin/2.4/dev' into 2.4/fleetautogen 2023-07-07 19:12:47 -04:00
Josh Brower
ff3bb11fbb Elastic Fleet Certs Refactor 2023-07-07 16:44:16 -04:00
m0duspwnens
12c82d2812 bits deprecation to keysize 2023-07-06 10:49:32 -04:00
m0duspwnens
b49a296276 we can remove the unless in ssl state since x509_v2 is patched 2023-07-06 09:44:58 -04:00
m0duspwnens
cd1db36c13 add back unless in ssl state 2023-06-29 15:26:16 -04:00
m0duspwnens
34db6fb823 dont need the unless for ssl since using x509v2 now 2023-06-28 15:06:13 -04:00
m0duspwnens
be028aa23e define ca_server for nginx.ssl 2023-06-28 10:58:13 -04:00
m0duspwnens
12cce111db custom crt and key for nginx 2023-06-28 10:28:50 -04:00
Mike Reeves
cb8faf7c5f Fix the rest of the analyst entries 2023-06-26 16:14:04 -04:00
m0duspwnens
469390696e 2.4 receiver changes 2023-06-15 11:04:16 -04:00
m0duspwnens
c49b134122 move so-catrust 2023-05-15 16:43:47 -04:00
m0duspwnens
6320528263 move so-catrust 2023-05-15 14:08:30 -04:00
m0duspwnens
6909d3ed14 move cacertz and capemz to ssl state 2023-05-09 12:16:18 -04:00
Josh Brower
1ab72e9288 Fix cert gen 2023-04-19 10:23:13 -04:00
Josh Brower
36c96c4beb Remove dep vars 2023-04-19 10:02:24 -04:00
Josh Brower
d79ad53daf Merge pull request #10153 from Security-Onion-Solutions/fleet-sa 
FEATURE: Dedicated Fleet Node
 2023-04-19 09:12:30 -04:00
Josh Brower
8cccaef664 mkdirs as needed 2023-04-17 12:28:07 -04:00
Josh Brower
1944d09978 Logstash certs fixup 2023-04-17 11:34:57 -04:00
Josh Brower
a7d282b412 Firewall fixup 2023-04-15 18:33:44 -04:00
m0duspwnens
d83266c546 remove unrecognized keyword arguments 2023-04-04 09:58:44 -04:00
m0duspwnens
6039a1430e x509 changes for salt 3006 2023-04-04 08:55:10 -04:00
Josh Brower
af392681e3 Merge remote-tracking branch 'remotes/origin/2.4/dev' into fleet-sa 2023-04-03 07:27:04 -04:00
Mike Reeves
4944365341 Change the salt dir for elastic fleet 2023-03-17 11:02:02 -04:00
Mike Reeves
12398bdf24 add m2crypto 2023-02-17 13:34:21 -05:00