CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2026-01-24 00:43:28 +01:00
Code Issues Packages Projects Releases Wiki Activity
17,589 Commits 23 Branches 121 Tags
d381248e30ac655e8dfd9d91c11ff4155328a8bf
Commit Graph

443 Commits

Author SHA1 Message Date
Josh Patterson
a192455fae Merge remote-tracking branch 'origin/2.4/dev' into bravo 2026-01-19 17:17:58 -05:00
Josh Patterson
66f17e95aa Merge pull request #15397 from Security-Onion-Solutions/fstes 
Fstes
 2026-01-16 18:38:06 -05:00
Josh Patterson
9905d23976 inform which state is being applied 2026-01-16 18:27:24 -05:00
Josh Patterson
074158b495 discard so-elasticsearch-templates-load running again during setup 2026-01-16 17:42:00 -05:00
Josh Patterson
82d5115b3f rerun so-elasticsearch-templates-load during setup 2026-01-16 16:43:10 -05:00
Jorge Reyes
6eda7932e8 Merge pull request #15394 from Security-Onion-Solutions/reyesj2/elastic9-filestream 
remove usage of deprecated 'logs' integration in favor of 'filestream'
 2026-01-16 13:19:15 -06:00
reyesj2
2133ada3a1 add additional retries within scripts before salt re-runs the entire script 2026-01-16 13:09:08 -06:00
Josh Patterson
00fbc1c259 add back individual signing policies 2026-01-12 09:25:15 -05:00
Josh Patterson
3bc552ef38 Merge remote-tracking branch 'origin/2.4/dev' into bravo 2026-01-08 17:15:48 -05:00
reyesj2
e9341ee8d3 remove usage of deprecated 'logs' integration in favor of 'filestream' 2025-12-24 10:40:23 -06:00
reyesj2
b61885add5 Fix Kafka output policy - singular topic key 2025-12-17 16:03:12 -06:00
reyesj2
7977a020ac elasticsearch 9.0.8 2025-12-16 16:03:47 -06:00
Josh Patterson
9960db200c Merge remote-tracking branch 'origin/2.4/dev' into bravo 2025-12-11 17:30:43 -05:00
Josh Patterson
b9ff1704b0 the great ssl refactor 2025-12-11 17:30:06 -05:00
reyesj2
8477420911 logstash adv config state file 2025-12-03 20:10:06 -06:00
reyesj2
877444ac29 cert update is a forced update 2025-12-02 15:16:59 -06:00
reyesj2
b0d9426f1b automated cert update for kafka fleet output policy 2025-12-02 15:11:00 -06:00
reyesj2
18accae47e annotation typo 2025-12-02 15:10:29 -06:00
reyesj2
45a8c0acd1 merge 2.4/dev 2025-12-02 11:16:08 -06:00
Jorge Reyes
6fbed2dd9f Merge pull request #15264 from Security-Onion-Solutions/reyesj2-patch-2 
add force & certs flag to update fleet certs as needed
 2025-12-01 11:11:25 -06:00
reyesj2
edf3c9464f add --certs flag to update certs. Used with --force, to ensure certs are updated even if hosts update isn't needed 2025-11-25 16:16:19 -06:00
reyesj2
90638f7a43 Merge branch 'reyesj2/advea' into reyesj2/advilm 2025-11-21 14:25:28 -06:00
reyesj2
1fb00c8eb6 update so-elastic-fleet-outputs-update to use advanced output options when set, else empty "". Also trigger update_logstash_outputs() when hash of config_yaml has changed 2025-11-21 14:22:42 -06:00
reyesj2
4490ea7635 format EA logstash output adv config items 2025-11-21 14:21:17 -06:00
reyesj2
bce7a20d8b soc configurable EA logstash output adv settings 2025-11-21 14:19:51 -06:00
reyesj2
b52dd53e29 advanced ilm actions 2025-11-19 13:24:55 -06:00
reyesj2
45b4b1d963 ingest zeek analyzer.log + update dpd dashboard with analyzer tag 2025-11-14 15:47:29 -06:00
Josh Patterson
ccb8ffd6eb Update install_agent_grid.sls 2025-11-03 17:05:48 -05:00
reyesj2
5a8ea57a1b move off of cmd.script with args \ 
https://github.com/saltstack/salt/issues/68298
 2025-11-03 15:31:14 -06:00
reyesj2
2baf2478da add additional elasticsearch log output in json format for elasticsearch log integration to parse 2025-10-14 12:47:03 -05:00
Jorge Reyes
23e25fa2d7 Merge pull request #15111 from Security-Onion-Solutions/reyesj2/es-8188 
UPGRADE: ES 8.18.8
 2025-10-07 14:03:45 -05:00
reyesj2
7af95317db es upgrade 8.18.8 pipeline updates 2025-10-06 16:23:22 -05:00
reyesj2
9fd1b9aec1 make sure to pass in variables to json_string.. 2025-10-02 16:38:47 -05:00
reyesj2
c8a3603577 update logstash fleet output policy 2025-10-02 14:47:38 -05:00
reyesj2
e9af46a8cb less strict exits for fleet configuration 2025-09-30 14:28:42 -05:00
reyesj2
8e5fa9576c create disabled so-manager_elasticsearch output policy first, update it then verify it is the only active output 2025-09-26 11:32:25 -05:00
Jorge Reyes
23e12811a1 make sure fleet-default-output is not set as either default output policy 2025-09-25 09:51:32 -05:00
reyesj2
138849d258 more typos 2025-09-18 17:33:42 -05:00
reyesj2
87281efc24 typo 2025-09-18 16:41:33 -05:00
reyesj2
878a3f8962 flip logic to check there aren't two default policies and fleet-default-output is disabled 2025-09-18 16:05:34 -05:00
reyesj2
336ca0dbbd typos 2025-09-18 15:42:25 -05:00
reyesj2
cd5483623b update import/eval fleet output config -- try to prevent corrupt dual 'default' output polices from having a successful installation 2025-09-18 14:33:34 -05:00
reyesj2
faa112eddf update last so-elastic-fleet-common functions 2025-09-18 12:18:16 -05:00
reyesj2
f663f22628 elastic_fleet_integration_id 2025-09-18 10:27:54 -05:00
reyesj2
8b07ff453d elastic_fleet_integration_policy_package_version 2025-09-18 10:21:07 -05:00
reyesj2
24a0fa3f6d add fleet_api wrapper for curl retries 2025-09-18 10:15:57 -05:00
reyesj2
a5011b398d add err check and retries to elastic_fleet_integration_policy_package_name and associated scripts 2025-09-18 09:39:56 -05:00
reyesj2
5b70398c0a add error check & retries to elastic_fleet_integration_policy_names and associated scripts 2025-09-17 15:35:20 -05:00
reyesj2
f3aaee1e41 update elastic_fleet_agent_policy_ids scripts already check rc 2025-09-17 14:59:41 -05:00
reyesj2
d0e875928d add error checking and retries for elastic_fleet_installed_packages & associated script 2025-09-17 14:59:13 -05:00