CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-09 18:52:52 +01:00
Code Issues Packages Projects Releases Wiki Activity
16,075 Commits 26 Branches 119 Tags
cdf8943f24eab9b10fc842a14f7c301bc4702f6f
Commit Graph

605 Commits

Author SHA1 Message Date
reyesj2
3b69ff9fc9 integration policy update 2025-02-10 13:16:25 -06:00
Jorge Reyes
abcfe638c9 Merge pull request #14153 from Security-Onion-Solutions/reyesj2/es-integ-tmp 
Reyesj2/es integ tmp
 2025-01-27 14:07:32 -06:00
Joshua Brower
e994f3a220 Fix commits 2025-01-27 14:48:50 -05:00
reyesj2
a373d96c3c run managed_soc_annotations.sls from manager state 2025-01-27 13:45:03 -06:00
reyesj2
5b8f8fb62f add/remove es annotations/defaults automagically 
Signed-off-by: reyesj2 <94730068+reyesj2@users.noreply.github.com>
 2025-01-23 12:47:22 -06:00
reyesj2
76abf37351 Merge remote-tracking branch 'origin/2.4/dev' into foxtrot 2025-01-21 09:03:04 -06:00
reyesj2
1396083b7d use so-elasticsearch-query where possible; simplify suricata.alerts index reroute 
Signed-off-by: reyesj2 <94730068+reyesj2@users.noreply.github.com>
 2025-01-17 13:29:46 -06:00
reyesj2
d35ffef503 merge 2.4/dev 
Signed-off-by: reyesj2 <94730068+reyesj2@users.noreply.github.com>
 2025-01-17 11:23:54 -06:00
reyesj2
01a2e4cd4f check for index existence before attemping rollover 
Signed-off-by: reyesj2 <94730068+reyesj2@users.noreply.github.com>
 2025-01-17 09:27:28 -06:00
reyesj2
d573c0922d add 2.4.111 -> postupgrade check 
Signed-off-by: reyesj2 <94730068+reyesj2@users.noreply.github.com>
 2025-01-16 18:25:06 -06:00
reyesj2
45d3438d18 update ingest pipeline for imported logs 
Signed-off-by: reyesj2 <94730068+reyesj2@users.noreply.github.com>
 2025-01-16 17:33:14 -06:00
reyesj2
a21535b0a2 run elasticsearch state to sync templates 
Signed-off-by: reyesj2 <94730068+reyesj2@users.noreply.github.com>
 2025-01-06 21:33:07 -06:00
Jason Ertel
bd96b5d722 invalidate user sessions when an admin changes the user's password 2025-01-06 17:23:10 -05:00
Mike Reeves
09ef096620 Update soup 2024-12-23 08:27:45 -05:00
Mike Reeves
9c10094914 Fix conflict 2024-12-18 10:19:40 -05:00
defensivedepth
17405b849a Delete uneeded files 2024-12-17 16:01:31 -05:00
Jason Ertel
3bf7870729 Merge pull request #13955 from Security-Onion-Solutions/jertel/wip 
soup corrections
 2024-11-16 21:31:08 -05:00
Jason Ertel
0eebe48492 soup corrections 2024-11-16 21:20:24 -05:00
Jason Ertel
cc44558f40 Merge pull request #13954 from Security-Onion-Solutions/jertel/wip 
revert prev commit
 2024-11-16 12:08:49 -05:00
Jason Ertel
73521dd7a7 revert prev commit 2024-11-16 11:09:44 -05:00
Jason Ertel
b6ab5249f1 Merge pull request #13953 from Security-Onion-Solutions/jertel/wip 
Connect API upgrades
 2024-11-15 14:32:37 -05:00
Jason Ertel
f290e52fbd connect 2024-11-15 14:25:11 -05:00
Josh Patterson
7f96d20eb4 Merge pull request #13944 from Security-Onion-Solutions/saltbootstrap 
update bootstrap-salt
 2024-11-14 10:25:16 -05:00
m0duspwnens
b1ddaa7211 support installing specified version for rhel variants. remove bootstrap -x python3 since not needed 2024-11-14 09:07:41 -05:00
Jorge Reyes
ff00ddeb3c Merge pull request #13935 from Security-Onion-Solutions/ilm-detection 2024-11-13 15:07:29 -06:00
reyesj2
f3a88de0c3 so-(case/detection)history uses same ilm policy as so-(case/detection) 
Signed-off-by: reyesj2 <94730068+reyesj2@users.noreply.github.com>
 2024-11-12 16:28:01 -06:00
Jorge Reyes
4e0b5569dc Merge pull request #13933 from Security-Onion-Solutions/ilm-detection 
add ilm and update managed index settings
 2024-11-12 15:22:05 -06:00
reyesj2
a4d763c1e5 use curl vs es query to force PUT request 
Signed-off-by: reyesj2 <94730068+reyesj2@users.noreply.github.com>
 2024-11-12 14:50:04 -06:00
reyesj2
aaf9f53695 update soup; check for index before applying new index setting 
Signed-off-by: reyesj2 <94730068+reyesj2@users.noreply.github.com>
 2024-11-11 22:40:06 -06:00
reyesj2
ce9bd18947 no error when versionlock dir exists after re-running soup 
Signed-off-by: reyesj2 <94730068+reyesj2@users.noreply.github.com>
 2024-11-11 14:59:42 -06:00
reyesj2
43f7989d73 () 
Signed-off-by: reyesj2 <94730068+reyesj2@users.noreply.github.com>
 2024-11-11 14:47:17 -06:00
reyesj2
6dbe0645e5 use auto_expand_replica, configure ilm for so-case* & so-detection* 
Signed-off-by: reyesj2 <94730068+reyesj2@users.noreply.github.com>
 2024-11-11 13:51:48 -06:00
Jason Ertel
57a9992a3d Merge branch '2.4/dev' into jertel/wip 2024-11-11 10:06:44 -05:00
Josh Patterson
b3ce624fff Merge pull request #13921 from Security-Onion-Solutions/reposynccron 
only enable repo sync cron if OEL
 2024-11-08 16:16:48 -05:00
m0duspwnens
ee4405e75e only enable repo sync cron if OEL 2024-11-08 16:13:44 -05:00
defensivedepth
28d468dd41 Merge remote-tracking branch 'origin/2.4/dev' into 2.4/templaterepos 2024-11-07 07:25:01 -05:00
Jason Ertel
e8ab7bce0c connect 2024-11-04 10:49:30 -05:00
Jason Ertel
7442ffc7d8 connect 2024-11-01 16:37:24 -04:00
Jason Ertel
25479ca71f connect 2024-11-01 16:29:04 -04:00
Jason Ertel
c9f6b5206a connect 2024-11-01 16:18:40 -04:00
Jason Ertel
755cfb4e13 connect 2024-11-01 15:47:33 -04:00
Jason Ertel
fb73517fc1 connect 2024-11-01 15:43:26 -04:00
Jason Ertel
825dbb36dd connect 2024-11-01 15:37:59 -04:00
Jason Ertel
cd2e5bf2d0 rename role 2024-10-31 17:20:44 -04:00
Jason Ertel
520c9d8d51 rename role 2024-10-31 16:42:42 -04:00
Jason Ertel
370b117938 rename role 2024-10-31 16:39:45 -04:00
defensivedepth
6b468eaed3 rm eaintegration state file 2024-10-30 16:52:44 -04:00
Jason Ertel
a146153ee9 switch to json 2024-10-30 12:44:01 -04:00
defensivedepth
c509dab5f1 Use socore user 2024-10-30 11:03:14 -04:00
defensivedepth
5406a263d5 Add local custom template 2024-10-29 19:42:06 -04:00