Commit Graph

11 Commits

Author SHA1 Message Date
Mike Reeves
4bb61d999d Merge pull request #15628 from Security-Onion-Solutions/zeekload
Add salt states for custom Zeek package loading
2026-03-17 13:40:14 -04:00
Mike Reeves
e0e0e3e97b Exclude README from zkg sync 2026-03-17 13:36:56 -04:00
Mike Reeves
6b039b3f94 Consolidate zkg directory creation into file.recurse with makedirs 2026-03-17 13:36:03 -04:00
Mike Reeves
e6ee7dac7c Add salt states for custom Zeek package loading
Create /opt/so/conf/zeek/zkg directory and sync custom packages
from the manager via file.recurse. Bind mount the directory into
the so-zeek container so the entrypoint can install packages on
startup.
2026-03-17 13:22:59 -04:00
Mike Reeves
6809497730 Add SOC UI toggle for JA4+ fingerprinting in Zeek
JA4 (BSD licensed) remains always enabled, but JA4+ variants (JA4S,
JA4D, JA4H, JA4L, JA4SSH, JA4T, JA4TS, JA4X) require a FoxIO license
and are now toggleable via the SOC UI. The toggle includes a license
agreement warning and defaults to disabled.
2026-03-17 09:35:31 -04:00
Josh Patterson
18c0f197b2 suricata bpf 2025-11-10 13:28:19 -05:00
reyesj2
a19b99268d don't create unused zeek home directory 2025-08-12 15:44:50 -05:00
Mike Reeves
93024738d3 Update config.sls 2025-07-21 10:57:45 -04:00
m0duspwnens
dfe707ab64 fix issue/11610 2023-10-24 17:26:39 -04:00
m0duspwnens
5d50dbb69e enabled/disable zeek 2023-05-08 10:12:32 -04:00
m0duspwnens
a97fa9675b enable/disable zeek in ui 2023-05-05 16:33:59 -04:00