CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-06 17:22:49 +01:00
Code Issues Packages Projects Releases Wiki Activity
15,453 Commits 24 Branches 119 Tags
d6af3aab6df070b702d84d69ef261620d76e977f
Commit Graph

2469 Commits

Author SHA1 Message Date
Jason Ertel
2e17e93cfe remove unused test parameters from setup 2024-07-22 11:04:45 -04:00
Jason Ertel
7dfb75ba6b remove unused test parameters from setup 2024-07-22 11:02:56 -04:00
reyesj2
4182ff66a0 rearrange kafka pillar, declutters SOC ui 
Signed-off-by: reyesj2 <94730068+reyesj2@users.noreply.github.com>
 2024-07-11 16:37:16 -04:00
reyesj2
d791b23838 Generate new Kafka truststore 
Signed-off-by: reyesj2 <94730068+reyesj2@users.noreply.github.com>
 2024-07-10 11:29:09 -04:00
reyesj2
4e50dabc56 refix typos 
Signed-off-by: reyesj2 <94730068+reyesj2@users.noreply.github.com>
 2024-06-14 23:03:06 -04:00
reyesj2
83412b813f Renamed Kafka pillar 
Signed-off-by: reyesj2 <94730068+reyesj2@users.noreply.github.com>
 2024-06-12 11:19:25 -04:00
reyesj2
b56d497543 Revert a so-setup change. Kafka is not an installable option 
Signed-off-by: reyesj2 <94730068+reyesj2@users.noreply.github.com>
 2024-06-12 11:17:06 -04:00
reyesj2
dd40962288 Revert a whiptail menu change. Kafka is not an install option 
Signed-off-by: reyesj2 <94730068+reyesj2@users.noreply.github.com>
 2024-06-12 11:07:23 -04:00
reyesj2
1fd5165079 Merge remote-tracking branch 'origin/2.4/dev' into reyesj2/kafka 
Signed-off-by: reyesj2 <94730068+reyesj2@users.noreply.github.com>
 2024-05-29 23:37:40 -04:00
m0duspwnens
ea7715f729 use waitforstate var instead. 2024-05-23 10:41:10 -04:00
m0duspwnens
0b9ebefdb6 only show telem status in final whiptail if new deployment 2024-05-23 10:08:23 -04:00
weslambert
3cfd710756 Change tab casing to be consistent with other whiptail prompts 2024-05-22 13:41:32 -04:00
weslambert
6dec9b4cf7 Merge pull request #12986 from Security-Onion-Solutions/fix/old_strelka 
Remove old Strelka configuration for YARA
 2024-05-14 09:27:19 -04:00
m0duspwnens
649f52dac7 create_local_directories in soup too 2024-05-13 10:37:56 -04:00
Jason Ertel
074d063fee tests will retry on any rule import failure 2024-05-09 14:52:58 -04:00
Wes
6ed82d7b29 Remove YARA download in setup 2024-05-09 17:27:46 +00:00
reyesj2
2ad87bf1fe merge 2.4/dev 
Signed-off-by: reyesj2 <94730068+reyesj2@users.noreply.github.com>
 2024-05-08 16:30:45 -04:00
Jason Ertel
8364b2a730 update for testing 2024-05-07 14:30:52 -04:00
Jason Ertel
4ebe070cd8 test regexes for detections 2024-05-06 19:03:12 -04:00
DefensiveDepth
7f12d4c815 Exclude new sigma rules 2024-05-03 15:22:53 -04:00
Josh Patterson
b50789a77c Merge pull request #12928 from Security-Onion-Solutions/orchit 
Orchit
 2024-05-03 15:17:34 -04:00
Doug Burks
6cbbb81cad FEATURE: Add hyperlink to airgap screen in setup #12925 2024-05-03 12:59:41 -04:00
m0duspwnens
442a717d75 orchit 2024-05-03 12:08:57 -04:00
Doug Burks
5fe8c6a95f Update so-whiptail to make installation screen more consistent 2024-05-03 09:38:34 -04:00
reyesj2
e960ae66a3 Merge remote-tracking branch 'remotes/origin/2.4/dev' into reyesj2/kafka 2024-05-02 15:12:27 -04:00
Doug Burks
9a4a85e3ae FEATURE: Lower EVAL memory requirement to 8GB RAM #12896 2024-05-01 07:54:38 -04:00
m0duspwnens
a663bf63c6 set Suricata as default pcap engine for eval 2024-04-29 14:22:04 -04:00
Mike Reeves
b5c5c7857b Merge pull request #12846 from petiepooo/fix/check-srvc-status 
check status before stopping service
 2024-04-25 15:10:42 -04:00
Pete
e53e7768a0 check status before stopping service 
resolves #12811 so-verify detects rare false error

If salt is uninstalled during call to so-setup where it detects a previous install, the "Failed" keyword from "systemctl stop $service" causes so-verify to falsely detect an installation error.  This might happen if the user removes the salt packages between calls to so-setup, or if upgrading from Ubuntu 20.04 to 22.04 then installing 2.4.xx on top of a 2.3.xx installation.

The fix is to wrap the call to stop the service in a check if the service is running.

This ignores the setting of pid var, as the next use of pid is within a while loop that will not execute for the same reason the systemctl stop call was not launched in the background.
 2024-04-23 21:24:39 +00:00
reyesj2
a6ff92b099 Note to remove so-kafka-clusterid. Update soup and setup to generate needed kafka pillar values 
Signed-off-by: reyesj2 <94730068+reyesj2@users.noreply.github.com>
 2024-04-12 12:11:18 -04:00
reyesj2
af29ae1968 Merge kaffytaffy 
Signed-off-by: reyesj2 <94730068+reyesj2@users.noreply.github.com>
 2024-04-12 11:43:46 -04:00
m0duspwnens
0ed9894b7e create kratos local pillar dirs during setup 2024-04-12 11:19:46 -04:00
reyesj2
3955587372 Use global.pipeline for redis / kafka states 
Signed-off-by: reyesj2 <94730068+reyesj2@users.noreply.github.com>
 2024-04-11 16:20:09 -04:00
reyesj2
ca7253a589 Run kafka-clusterid script when pillar values are missing 
Signed-off-by: reyesj2 <94730068+reyesj2@users.noreply.github.com>
 2024-04-11 15:38:03 -04:00
reyesj2
af53dcda1b Remove references to kafkanode 
Signed-off-by: reyesj2 <94730068+reyesj2@users.noreply.github.com>
 2024-04-11 15:32:00 -04:00
m0duspwnens
e9e61ea2d8 Merge remote-tracking branch 'origin/2.4/dev' into kaffytaffy 2024-04-10 13:14:13 -04:00
Jason Ertel
6046848ee7 skip telemetry summary in airgap mode 2024-04-04 10:25:32 -04:00
Jason Ertel
7c64fc8c05 do not prompt about telemetry on airgap installs 2024-04-03 18:08:42 -04:00
Jason Ertel
941a841da0 fix link 2024-04-03 14:41:57 -04:00
Jason Ertel
2b8a051525 fix link 2024-04-03 14:30:09 -04:00
m0duspwnens
c9bf1c86c6 Merge remote-tracking branch 'origin/reyesj2/kafka' into kaffytaffy 2024-04-02 16:40:47 -04:00
m0duspwnens
e25bc8efe4 Merge remote-tracking branch 'origin/reyesj2/kafka' into kaffytaffy 2024-04-02 13:36:47 -04:00
reyesj2
26abe90671 Removed duplicate kafka setup 
Signed-off-by: reyesj2 <94730068+reyesj2@users.noreply.github.com>
 2024-04-02 12:19:46 -04:00
Jason Ertel
ff777560ac limit col size 2024-04-01 10:35:15 -04:00
Jason Ertel
2c68fd6311 limit col size 2024-04-01 10:32:54 -04:00
Jason Ertel
c1bf710e46 limit col size 2024-04-01 10:32:25 -04:00
Jason Ertel
3aea2dec85 analytics 2024-04-01 09:50:18 -04:00
DefensiveDepth
d7ecad4333 Initial cut to remove Playbook and deps 2024-03-25 19:42:31 -04:00
reyesj2
446f1ffdf5 merge 2.4/dev 
Signed-off-by: reyesj2 <94730068+reyesj2@users.noreply.github.com>
 2024-03-25 13:55:48 -04:00
Doug Burks
9c6f3f4808 FIX: Specify that static IP address is recommended #12643 2024-03-22 13:41:44 -04:00