CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-07 09:42:46 +01:00
Code Issues Packages Projects Releases Wiki Activity
11,149 Commits 24 Branches 119 Tags
c73cd78f0819b7e3b2001c110fb6be1ff379b616
Commit Graph

6736 Commits

Author SHA1 Message Date
weslambert
c73cd78f08 Merge pull request #9643 from Security-Onion-Solutions/2.4/dev 
Merge Dev
 2023-01-25 16:59:47 -05:00
Wes
5c58cda872 Move certificate configuration outside of conditional logic 2023-01-25 19:29:50 +00:00
Mike Reeves
31f591a098 Merge pull request #9635 from Security-Onion-Solutions/mkr24 
Ubuntu support changes
 2023-01-25 13:34:44 -05:00
Wes
c3717dae67 Add Elastic Fleet firewall configuration for Import Mode 2023-01-25 18:27:00 +00:00
Mike Reeves
704d99e757 Salt for Ubuntu 2023-01-25 11:50:19 -05:00
Mike Reeves
9243b01cbb Salt for Ubuntu 2023-01-25 11:44:22 -05:00
Jason Ertel
c9f18891b2 Merge pull request #9639 from Security-Onion-Solutions/kilo 
auto extract source/dest IP on case related event attachments; improve so-verify stream to console
 2023-01-25 11:37:16 -05:00
Wes
86a925e1c7 Download Elastic Agent images for Import Mode 2023-01-25 16:09:12 +00:00
Wes
838beabae5 Add missing single quote for Elastic Agent Elasticsearch output 2023-01-25 15:58:06 +00:00
Wes
c46b5e734b Add 'elastic-fleet' to the list of allowed states for Import Mode 2023-01-25 14:38:23 +00:00
Wes
1414b75e01 Allow 'elastic-fleet' state to be applied for Import Mode 2023-01-25 14:07:25 +00:00
Wes
506baa854d Configure Elasticsearch output if running Import Mode 2023-01-25 13:52:54 +00:00
weslambert
c9f458e1e2 Set event.dataset for all Kratos logs to 'access' for now 2023-01-25 08:19:50 -05:00
weslambert
7bf9d77962 Rename Kratos data stream 2023-01-25 08:18:21 -05:00
Mike Reeves
161881efbb Salt for Ubuntu 2023-01-24 16:25:26 -05:00
Jason Ertel
7b1f867ac3 Add defaults for auto extracted observables 2023-01-24 13:17:50 -05:00
Wes
4b9c92c53d Set RITA event.dataset value explicitly 2023-01-24 18:00:34 +00:00
Wes
38ead7cb82 Remove import tag for now 2023-01-24 17:58:19 +00:00
Wes
44d149b1c3 Allow imported data to use a tag of 'import' 2023-01-24 17:01:52 +00:00
Wes
1e5377c78a Condense RITA integration policies, add ICS tags, and improve output readability 2023-01-24 16:56:20 +00:00
Jason Ertel
b0709e93fa test workflow 2023-01-24 10:50:52 -05:00
Jason Ertel
ec2e923530 Add proper spacing between headers and content 2023-01-24 10:28:39 -05:00
weslambert
7e0e5071d9 Merge pull request #9627 from Security-Onion-Solutions/fix/elastic_agent_integration_improvements 
Elastic Agent Integration Improvements
 2023-01-24 10:10:01 -05:00
Wes
7b4d8a47f0 Add copyright header to 'so-elastic-fleet-*' scripts 2023-01-24 15:07:00 +00:00
Josh Patterson
095ca29aca Merge pull request #9626 from Security-Onion-Solutions/2.4/firewall 
change MASTER to MANAGER in so-minion
 2023-01-24 09:46:17 -05:00
Wes
f19cf75311 Change how event.dataset is determined for Suricata events 2023-01-24 14:45:00 +00:00
m0duspwnens
ee98e0684e change MASTER to MANAGER 2023-01-24 09:44:01 -05:00
Josh Patterson
b797e356b4 Merge pull request #9624 from Security-Onion-Solutions/2.4/firewall 
remove filebeat and redis(commented out) from telegraf config
 2023-01-24 09:01:59 -05:00
m0duspwnens
88107fe0df remove filebeat and redis(commented out) from telegraf config 2023-01-24 08:59:51 -05:00
Wes
51692ac66c Update index pattern in various template definitions to match new data stream naming convention 2023-01-23 21:52:44 +00:00
Wes
40c6b380df Update Import and Zeek integration policies; also update Zeek ingest node pipelines to set event.dataset. 2023-01-23 21:44:46 +00:00
Wes
d342f3c4b8 Add 'so-elastic-fleet-integration-policy-bulk-delete' to perform bulk deletion of integration policies 2023-01-23 21:38:13 +00:00
Josh Patterson
a503632f30 Merge pull request #9620 from Security-Onion-Solutions/2.4/firewall 
2.4/firewall
 2023-01-23 15:56:53 -05:00
Jason Ertel
5da1b03d9b Merge pull request #9619 from Security-Onion-Solutions/kilo 
switch MySQL 8 to use native password for playbook compat; fix so-verify mail inspection
 2023-01-23 15:14:00 -05:00
Jason Ertel
5a016312f6 switch MySQL 8 to use native password to avoid playbook incompatibility 2023-01-23 14:53:39 -05:00
m0duspwnens
90a224793e merge with 2.4dev and fix conflict 2023-01-23 14:49:32 -05:00
m0duspwnens
22fbb953ea create cronjob to run highstate after setup 2023-01-23 14:46:26 -05:00
Josh Patterson
1039e77550 Merge pull request #9617 from Security-Onion-Solutions/2.4/firewall 
allow elastic agent on sensors to connect to managers
 2023-01-23 13:19:49 -05:00
Josh Brower
d3cb57bba2 Rerun the playbook state 2023-01-23 08:16:28 -05:00
m0duspwnens
a1fa4e3ef2 revert reload_modules since bugged 2023-01-20 15:43:57 -05:00
Josh Brower
1ab8c712e4 remove exit condition 2023-01-20 15:17:04 -05:00
Wes
739c174898 Add scripts for starting, stopping, and restarting Sensoroni 2023-01-19 21:50:10 +00:00
Jason Ertel
79fb5dc525 prevent false success occurring when deleting the grafana dashboard 2023-01-19 14:19:55 -05:00
Jason Ertel
85b5d1b317 Merge branch '2.4/dev' into kilo 2023-01-19 12:53:36 -05:00
Josh Brower
027c83b5ea Merge pull request #9601 from Security-Onion-Solutions/disablecontainer 
Fixup
 2023-01-19 11:47:04 -05:00
Josh Brower
4369d2385b Temp disable Elastic Registry Repo 2023-01-19 11:45:13 -05:00
Jason Ertel
35835edf96 Merge branch '2.4/dev' into kilo 2023-01-19 11:04:32 -05:00
weslambert
7d3f6121eb Remove default "logs-*" template settings for now 2023-01-19 10:29:10 -05:00
Jason Ertel
05c7999df3 merge 2023-01-19 10:06:58 -05:00
Jason Ertel
05a6d702b0 Add logic to determine if setup succeeded and provide relevant output 2023-01-19 10:03:03 -05:00