CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-07 09:42:46 +01:00
Code Issues Packages Projects Releases Wiki Activity
9,354 Commits 24 Branches 119 Tags
c80adc04304d8d94e9a6ee349f145a6945c69ddc
Commit Graph

5563 Commits

Author SHA1 Message Date
m0duspwnens
c80adc0430 mount repo dir in container same as defined on host 2022-01-26 13:42:56 -05:00
weslambert
e77648c475 Merge pull request #6994 from Security-Onion-Solutions/feature/dtc 
Additional DTC changes
 2022-01-26 12:22:48 -05:00
Jason Ertel
c2636036ee Merge pull request #6995 from Security-Onion-Solutions/kilo 
store related event data as a flattened object blob
 2022-01-26 12:21:02 -05:00
Wes Lambert
e10749a495 Additional changes to template to accomodate default fields and keyword subfield 2022-01-26 17:16:29 +00:00
Jason Ertel
ed9b74dc33 store related event data as a flattened object blob 2022-01-26 12:16:05 -05:00
m0duspwnens
dd00e3babc use .get since repo may not exist 2022-01-25 13:18:21 -05:00
m0duspwnens
5d2b3992e2 dont need to set ES_PATH_REPO 2022-01-25 13:11:53 -05:00
m0duspwnens
7b6eeac03f dnt mount under /repo in the container 2022-01-25 13:08:46 -05:00
m0duspwnens
00e17d5c78 put repos in /repo in es container 2022-01-25 13:03:54 -05:00
m0duspwnens
a17e1aa87a 930 for group 2022-01-25 13:00:04 -05:00
m0duspwnens
4423e93880 prevent path.repo from being put in elasticsearch.yml if the symlink doesnt exist 2022-01-25 12:57:05 -05:00
m0duspwnens
e62de2934c fix test for es repo 2022-01-25 12:24:03 -05:00
m0duspwnens
a92e2a917b change repos to repo 2022-01-25 10:53:28 -05:00
m0duspwnens
a72f12c4c7 add path.repo mount if symlink exists 2022-01-25 10:50:00 -05:00
Josh Patterson
9a45a9799b Merge pull request #6974 from Security-Onion-Solutions/issue/6599 
https://github.com/Security-Onion-Solutions/securityonion/issues/6599
 2022-01-25 09:11:33 -05:00
weslambert
ba52bd3835 Update template with syntax fixes 2022-01-25 08:56:03 -05:00
m0duspwnens
edd8709cdd remove export LC_CTYPE="en_US.UTF-8" from soup 2022-01-24 19:42:56 -05:00
m0duspwnens
d6fc436d49 copy files to default salt base 2022-01-24 19:30:34 -05:00
m0duspwnens
82e2b2b611 dont escape raw and endraw 2022-01-24 17:03:25 -05:00
m0duspwnens
d083338350 adding --local 2022-01-24 16:46:29 -05:00
m0duspwnens
e3f1b456e6 add raw end raw back 2022-01-24 16:09:15 -05:00
m0duspwnens
268e07e2a2 remove jinja from soup scripts 2022-01-24 15:49:55 -05:00
Jason Ertel
4ab7a6a079 Merge pull request #6967 from Security-Onion-Solutions/kilo 
Copyright year and format update
 2022-01-24 10:39:31 -05:00
Jason Ertel
eefcc929c2 Update copyright pattern to match other repos 2022-01-24 10:09:23 -05:00
Jason Ertel
a4d2807fbb Switch to httpcase for consistency 2022-01-24 09:45:07 -05:00
Jason Ertel
7c22f46a55 Update copyright year for 2022 2022-01-24 09:35:29 -05:00
m0duspwnens
9e5fb458b4 update saltstack repo location for securityonioncache.repo / managerupdates=1 2022-01-21 14:38:42 -05:00
weslambert
f7a4cc20f2 Update so-common-template.json.jinja 2022-01-21 12:36:38 -05:00
m0duspwnens
281e5d9b25 remove salt.enable_higstate state 2022-01-21 08:09:04 -05:00
m0duspwnens
baa93301b5 enable cron at the end of soup 2022-01-20 16:53:33 -05:00
m0duspwnens
00d0eb1ce5 fix setting var 2022-01-20 16:37:33 -05:00
m0duspwnens
01cb505338 start cron and enable highstate if soup exits on error 2022-01-20 16:31:01 -05:00
m0duspwnens
e1757926cf start cron and reenable highstate on soup exit 2022-01-20 15:26:03 -05:00
weslambert
d1efa71c57 Remove dynamic keyword template to prevent field conflicts with mappings defined in common template 2022-01-20 12:34:32 -05:00
Josh Patterson
c57b2d005e Merge pull request #6933 from Security-Onion-Solutions/issue/6810 
quote ES_PASS in SOCtopus.conf and remove % from random pw
 2022-01-20 10:57:56 -05:00
m0duspwnens
9b2459d8ba quote ES_PASS in SOCtopus.conf and remove % from random pw 2022-01-20 10:52:48 -05:00
weslambert
e137ad60c5 Disable dynamic mapping and increase order to reduce potential field conflicts 2022-01-20 09:44:41 -05:00
m0duspwnens
fc65f7bb84 Merge remote-tracking branch 'remotes/origin/dev' into issue/6810 2022-01-19 15:35:28 -05:00
Jason Ertel
dc44a91398 Prefix all SO fields to avoid potential conflicts with future ECS changes 2022-01-19 14:26:22 -05:00
m0duspwnens
7ebba1f325 use show_changes: False to prevent es pw from being shown when running the state 2022-01-19 12:11:38 -05:00
m0duspwnens
f8ac37c101 Merge remote-tracking branch 'remotes/origin/dev' into issue/6810 2022-01-19 11:57:37 -05:00
m0duspwnens
4d078046d6 quote ES_PASS due to new characters in random string for elasticsearch:auth pw generation 2022-01-19 11:55:25 -05:00
Jason Ertel
d7ba1cedff remove unused fields object from related case schema 2022-01-19 08:39:21 -05:00
m0duspwnens
a2ed9a86ff remove influixdb salt state files and update patch files for influxdb salt modules/state 2022-01-18 11:33:36 -05:00
Josh Brower
c4babf22d6 FleetDM - Disable Vuln Proc Feature 2022-01-18 10:38:55 -05:00
Mike Reeves
2e4e59bbe8 Elastic 7.16.3 2022-01-18 09:42:06 -05:00
m0duspwnens
87999453f2 Merge remote-tracking branch 'remotes/origin/dev' into issue/6810 2022-01-18 09:13:10 -05:00
m0duspwnens
3bd26f05d4 account for salt 3004 adding new chars to random.get_str 2022-01-14 18:02:18 -05:00
m0duspwnens
a46a740170 account for salt 3004 adding new chars to random.get_str 2022-01-14 17:23:29 -05:00
weslambert
c512351dd6 Add mapping for scan.exiftool and scan.pe.sections.entropy 2022-01-14 17:01:13 -05:00