CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2026-01-16 21:21:31 +01:00
Code Issues Packages Projects Releases Wiki Activity
16,959 Commits 24 Branches 121 Tags
d16dfcf4e8d6060bd8cd3501bfb7200fb53fd29b
Commit Graph

10851 Commits

Author SHA1 Message Date
Corey Ogburn
11fb33fdeb Add RulesetName to Rule Repos 
Fill in `rulesetName` in the rules repos of the ElastAlert and Strelka engines. These will act as an example to anybody adding their repos to these lists. The field is not required, but helps avoid collisions when managing repos as the value is used for the folder name. When not present, the final folder of the repo url is used as the rulesetName and as the folder name on disk.

Note that rulesetNames including a `/` will create extra folders in the path but the rulesetName will contain the slash, i.e. `rulesetName="joesecurity/sigma-rules"` will create the nested structure of `reposFolder/joesecurity/sigma-rules" containing the contents of the repo. All rules imported from this repo will have the ruleset of `joesecurity/sigma-rules`.
 2025-05-19 14:19:56 -06:00
Josh Brower
58f4db95ea Create playbooks dir 2025-05-19 15:31:50 -04:00
Josh Brower
b55cb257b6 Add parsing for Playbook 2025-05-19 13:25:27 -04:00
Josh Patterson
b0a8191f59 Merge remote-tracking branch 'origin/2.4/dev' into vlb2 2025-05-19 10:02:26 -04:00
Josh Patterson
28aedcf50b remove vm map example 2025-05-19 09:58:43 -04:00
Josh Patterson
6988f03ebc setup bridge and fix salt before first highstate for hypervisors 2025-05-16 14:24:07 -04:00
reyesj2
870a9ff80c dedup 2025-05-16 10:24:09 -05:00
reyesj2
689db57f5f logstash isn't running on receivers or manager when kafka is the global.pipeline 2025-05-16 10:05:38 -05:00
Josh Brower
df103b3dca Spacing 2025-05-14 16:36:59 -04:00
Josh Brower
0542c77137 Remove wip config 2025-05-14 16:35:09 -04:00
Josh Brower
9022dc24fb Add Parsing for Playbooks 2025-05-14 13:19:50 -06:00
Corey Ogburn
78b7068638 Playbook Settings 
Map a folder from the manager's soc config folder to soc's sensoroni folder for storing the playbook repo.

Added playbook module section with default values.
 2025-05-14 13:19:49 -06:00
Mike Reeves
5c8460fd26 Update soup 2025-05-14 13:47:26 -04:00
Mike Reeves
69e90e1e70 Update soup 
Souper Duper!
 2025-05-14 13:41:08 -04:00
Jason Ertel
8c5ea19d3c Merge pull request #14619 from Security-Onion-Solutions/jertel/wip 
improve consistency
 2025-05-14 09:31:56 -04:00
Jason Ertel
82562f89f6 improve consistency 2025-05-14 09:23:35 -04:00
Josh Brower
a0aafb7c51 Cleanup 2025-05-09 10:29:23 -04:00
Josh Patterson
61f8b251f0 cp to mv 2025-05-09 09:25:46 -04:00
Josh Patterson
75dd04c398 fix file permissions for download 2025-05-09 09:21:30 -04:00
Josh Brower
daad99a0b6 Regen installers 2025-05-09 08:17:46 -04:00
Jason Ertel
fdeee45d3f Merge pull request #14605 from Security-Onion-Solutions/jertel/wip 
more analyzer dep updates
 2025-05-08 15:57:08 -04:00
Jason Ertel
7fe9e2cbfd more analyzer dep updates 2025-05-08 15:53:16 -04:00
Jorge Reyes
74d557a5e0 Merge pull request #14603 from Security-Onion-Solutions/reyesj2/fix-14602 
add null check
 2025-05-08 08:34:53 -05:00
Doug Burks
a8cb18bb2e Update defaults.yaml to replace remaining instances of identity_id with user.name 2025-05-08 09:09:26 -04:00
reyesj2
e1d31c895e add null check 2025-05-07 21:25:30 -05:00
Josh Brower
42ba778740 Only upgrade node agents for local stack version 2025-05-07 16:08:47 -04:00
Josh Brower
d47a798645 Show user.name instead of id 2025-05-07 11:17:00 -04:00
Josh Patterson
9e0f13cce5 no longer need to create hypervisor pillar directory 2025-05-07 09:01:22 -04:00
Jason Ertel
68ea229a1c Merge pull request #14595 from Security-Onion-Solutions/jertel/wip 
update default actions for subgrid support
 2025-05-06 14:35:01 -04:00
Jason Ertel
1ecf2b29fc update default actions for subgrid support 2025-05-06 13:56:16 -04:00
Josh Patterson
8c37a4454c merge and fix conflicts 2025-05-06 11:55:42 -04:00
Josh Patterson
ef436026d5 info to debug. remove old reactors 2025-05-06 11:51:59 -04:00
Josh Patterson
a595bc4b31 info to debug log level 2025-05-06 10:13:02 -04:00
Jorge Reyes
8a321e3f15 Merge pull request #14593 from Security-Onion-Solutions/reyesj2/feat-254 
missing globals.is_manager swap
 2025-05-06 09:01:58 -05:00
reyesj2
b4214f73f4 typo 2025-05-06 09:01:22 -05:00
reyesj2
b9da7eb35b missing globals.is_manager swap 2025-05-06 08:58:47 -05:00
Jorge Reyes
d6139d0f19 Merge pull request #14580 from Security-Onion-Solutions/reyesj2/feat-254 
collect es index sizes
 2025-05-06 08:39:16 -05:00
Josh Patterson
1931de2e52 copy so_agent-installers to nsm for nginx 2025-05-05 12:40:56 -04:00
Josh Patterson
f988af52f6 check master status after highstate incase master service restart 2025-05-02 15:41:21 -04:00
reyesj2
fd02950864 use globals.is_manager 2025-05-02 13:36:28 -05:00
Josh Patterson
a167e5e520 fix whitespace for multiple hypervisors 2025-05-02 11:32:03 -04:00
Josh Patterson
26d7ceebb2 libvirt.images requires scripts from hypervisor state 2025-05-02 11:30:35 -04:00
Mike Reeves
92d8985f3c enable the delete on heavynodes 2025-05-02 08:52:57 -04:00
Jason Ertel
c34914c8de update deps 2025-05-02 08:19:54 -04:00
Jason Ertel
be4df48742 deps update 2025-05-01 15:44:34 -04:00
Jason Ertel
86eab6fda2 dep updates 2025-05-01 15:31:26 -04:00
Jason Ertel
5d2bed950e update analyser deps for py 3.13 2025-05-01 11:16:58 -04:00
Josh Patterson
e5c0f8a46c allow for dhcp4 2025-04-30 16:09:57 -04:00
reyesj2
044d230158 get 200 from es before collecting metrics 2025-04-30 13:05:36 -05:00
Josh Patterson
5965459423 Merge remote-tracking branch 'origin/2.4/dev' into vlb2 2025-04-30 13:11:12 -04:00