CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-07 17:52:46 +01:00
Code Issues Packages Projects Releases Wiki Activity
11,149 Commits 24 Branches 119 Tags
c73cd78f0819b7e3b2001c110fb6be1ff379b616
Commit Graph

435 Commits

Author SHA1 Message Date
Wes
44d149b1c3 Allow imported data to use a tag of 'import' 2023-01-24 17:01:52 +00:00
Josh Patterson
3efca0010a Merge pull request #9573 from Security-Onion-Solutions/2.4/firewall 
2.4/firewall
 2023-01-13 12:41:58 -05:00
m0duspwnens
6033e9a0de use port_bindings from docker defaults in docker states 2023-01-13 10:15:10 -05:00
Mike Reeves
66924b63a7 Update 9999_output_redis.conf.jinja 2023-01-11 14:53:16 -05:00
Mike Reeves
bdaed849ea Update 0900_input_redis.conf.jinja 2023-01-11 14:52:32 -05:00
Wes
5d86edeed4 Modify Logstash Elastic Agent output to accomodate for events with and without 'metadata.pipeline' 2023-01-11 13:57:32 +00:00
m0duspwnens
d4c6834cd0 merge with 2.4/dev 2023-01-06 14:01:58 -05:00
Mike Reeves
2e53476a06 Merge pull request #9516 from Security-Onion-Solutions/mkr24 
Add PW auth for Redis
 2023-01-04 14:50:27 -05:00
Mike Reeves
831300b540 Require password auth for redis access 2023-01-04 11:02:40 -05:00
m0duspwnens
24876eecd9 change refs from sosnet to sosbridge 2022-12-22 14:02:40 -05:00
Jason Ertel
0889d49025 Ensure user/pass values are quoted due to symbol chars appearing in the values 2022-12-21 14:00:10 -05:00
Mike Reeves
591616fe5b Add statics to all containers 2022-11-15 11:05:17 -05:00
m0duspwnens
6a17f201a2 changes for backup state 2022-10-12 11:31:42 -04:00
m0duspwnens
b526532ab6 use global vars in states 2022-10-11 11:57:15 -04:00
Wes
1a90eeb1b1 Remove Osquery live query Logstash output configuration 2022-09-15 19:45:28 +00:00
Wes
926a1e0189 Remove Snort output configuration 2022-09-14 14:22:00 +00:00
Wes
ce3ea456b6 Remove flow output configuration 2022-09-14 14:21:21 +00:00
Wes
d1a8b88eb9 Remove postprocess configuration 2022-09-14 14:20:24 +00:00
Wes
e3cd8a9c6a Remove main pipeline configuration 2022-09-14 14:20:08 +00:00
Wes
43f89adbd4 Remove preprocess configuration 2022-09-14 14:19:07 +00:00
Mike Reeves
2bd9dd80e2 Move In Day 2022-09-07 09:06:25 -04:00
Wes Lambert
26698cfd07 Add Logstash output for dedicated Kratos index 2022-07-08 15:55:55 +00:00
m0duspwnens
d8abc0a195 if in dmz_nodes dont add to filebeta 2022-05-11 11:51:18 -04:00
Josh Brower
b35b505f0a Fix pattern matching 2022-04-18 10:39:04 -04:00
Josh Brower
886d69fb38 Compress + Clean ES & Logstash App Logs 2022-04-11 16:09:24 -04:00
Wes Lambert
f613d8ad86 Add RITA Logstash config 2022-03-22 17:36:18 +00:00
Wes Lambert
4fa3749418 Remove bind or ES templates 2022-02-15 18:08:03 +00:00
Wes Lambert
9db1510b0e Initial composable template configuration and base mappings 2022-02-02 02:08:31 +00:00
Jason Ertel
eefcc929c2 Update copyright pattern to match other repos 2022-01-24 10:09:23 -05:00
m0duspwnens
7ebba1f325 use show_changes: False to prevent es pw from being shown when running the state 2022-01-19 12:11:38 -05:00
weslambert
8e2f500b9c Add config option for ECS compatibility (default of disabled) 2022-01-06 11:24:04 -05:00
m0duspwnens
2e4ed8062e simplify wazuh agent ip logic 2021-12-16 11:11:01 -05:00
m0duspwnens
d0b0970353 Merge remote-tracking branch 'remotes/origin/dev' into issue/6469 2021-12-15 17:08:56 -05:00
m0duspwnens
cf2f4bad09 have standalone and managersearch pull from redis nodes 2021-12-15 15:27:23 -05:00
Mike Reeves
7cd1b1c482 Remove some previous hotfix code 2021-12-15 12:26:53 -05:00
m0duspwnens
ce0a39db4b remove old EXTRAHOSTNAME EXTRAHOSTIP from being set for logstash 2021-12-15 09:43:46 -05:00
m0duspwnens
024860d0ae rename EXTRA_NODES to LOGSTASH_NODES AND REDIS_NODES 2021-12-14 23:43:06 -05:00
m0duspwnens
0c6aba16ec fix redis input 2021-12-14 23:42:37 -05:00
m0duspwnens
15b8d80b71 fix host for input_redis 2021-12-14 18:51:43 -05:00
m0duspwnens
55b74abcc5 extra_hosts and redis_input for logstash 2021-12-14 18:49:30 -05:00
m0duspwnens
4da017d61c change extra_hosts for docker container 2021-12-14 17:05:30 -05:00
m0duspwnens
d0b6d5bba6 remove so-eval from lists since it doesnt run logstash 2021-12-14 15:33:06 -05:00
m0duspwnens
a31f034f2e remove receiver add node for cacerts and tls-ca-bundle for logstash bind 2021-12-14 15:02:59 -05:00
m0duspwnens
6962e3f9b3 fix logstash certs mapped into container 2021-12-14 14:52:15 -05:00
Mike Reeves
30344ba0ef Fix conflicts 2021-12-14 10:55:19 -05:00
Jason Ertel
c94d5fa9dc Strip JndiLookup.class from log4j-core jars, to match Elastic's mitigation approach 2021-12-13 09:27:13 -05:00
Jason Ertel
8365b5f140 Strip JndiLookup.class from log4j-core jars, to match Elastic's mitigation approach 2021-12-13 09:02:41 -05:00
Mike Reeves
09253b637e Create jvm.options 2021-12-10 14:12:43 -05:00
Mike Reeves
c81ce48bff Update log4j2.properties 2021-12-10 14:10:35 -05:00
Mike Reeves
73ec595baa Update init.sls 2021-12-10 14:10:05 -05:00