securityonion

mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-06 09:12:45 +01:00

Author	SHA1	Message	Date
Josh Brower	d89df5f0dd	Merge pull request #15025 from Security-Onion-Solutions/2.4/fixes Parsing fix	2025-09-12 13:44:03 -04:00
DefensiveDepth	f0c1922600	Support endpoint logs with no host.ip field	2025-09-12 13:31:34 -04:00
DefensiveDepth	ab2cdd18ed	Support endpoint logs with no host.ip field	2025-09-12 13:29:43 -04:00
Jorge Reyes	889bb7ddf4	Merge pull request #15024 from Security-Onion-Solutions/reyesj2/pypy fix analyzers and upgrade deps	2025-09-12 11:11:34 -05:00
reyesj2	a959f90d0b	Merge remote-tracking branch 'origin/2.4/dev' into reyesj2/pypy	2025-09-12 11:05:54 -05:00
Jorge Reyes	a54cd004d6	Merge pull request #15013 from Security-Onion-Solutions/reyesj2/kfoutput update kafka output policy	2025-09-12 07:34:54 -05:00
Jorge Reyes	5100032fbd	Merge pull request #15022 from Security-Onion-Solutions/reyesj2/cfqdn-recv receiver custom fqdn	2025-09-11 16:33:41 -05:00
reyesj2	0f235baa7e	receiver custom fqdn	2025-09-11 16:14:43 -05:00
Jorge Reyes	e5660b8c8e	Merge pull request #15020 from Security-Onion-Solutions/reyesj2/essuriroll suricata metadata index rollover 1d -> 30d	2025-09-11 16:03:30 -05:00
reyesj2	588a1b86d1	suricata metadata index rollover 1d -> 30d	2025-09-11 15:46:45 -05:00
Jorge Reyes	46f0afa24b	Merge pull request #15019 from Security-Onion-Solutions/reyesj2/ea-alerter lower filestream fingerprint length	2025-09-11 14:34:46 -05:00
reyesj2	a7651b2734	lower filestream fingerprint length	2025-09-11 14:30:49 -05:00
reyesj2	890f76e45c	avoid delay in log ingest after a forced kafka output policy update	2025-09-10 20:21:11 -05:00
Jorge Reyes	e6eecc93c8	Merge pull request #15012 from Security-Onion-Solutions/reyesj2/ea-alerter add configurable realert threshold per agent	2025-09-10 13:19:21 -05:00
reyesj2	8dc0f8d20e	fix elastic agent ssl unpack error	2025-09-10 12:49:30 -05:00
reyesj2	fbdc0c4705	add configurable realert threshold per agent	2025-09-10 10:56:09 -05:00
Josh Patterson	d1a2b57aa2	Merge pull request #15011 from Security-Onion-Solutions/hideroni don't show sensoroni config changes	2025-09-10 09:15:55 -04:00
Josh Patterson	f5ec1d4b7c	don't show sensoroni config changes	2025-09-10 09:09:02 -04:00
Jorge Reyes	0aa556e375	Merge pull request #15009 from Security-Onion-Solutions/reyesj2/ea-alerter so-elastic-agent-monitor	2025-09-09 17:00:39 -05:00
Josh Patterson	d9e86c15bc	Merge pull request #15010 from Security-Onion-Solutions/vlb2 fix repo files to remove	2025-09-09 17:15:52 -04:00
Josh Patterson	4107fa006f	fix repo files to remove	2025-09-09 16:51:42 -04:00
reyesj2	29980ea958	offline threshold check	2025-09-09 15:39:55 -05:00
reyesj2	8f36d2ec00	update log file name	2025-09-09 15:38:50 -05:00
coreyogburn	10511b8431	Merge pull request #15008 from Security-Onion-Solutions/cogburn/fix-templates Fix Index Patterns	2025-09-09 14:03:36 -06:00
Corey Ogburn	2535ae953d	Fix Index Patterns so-assistant-chat and so-assistant-session both had templates with a trailing dash that prevented the pattern from applying to the name of the indices.	2025-09-09 14:00:01 -06:00
coreyogburn	2f68cd7483	Merge pull request #14991 from Security-Onion-Solutions/cogburn/wip-module Cogburn/wip module	2025-09-09 10:32:06 -06:00
reyesj2	6655276410	force update to kafka-fleet-output-policy	2025-09-08 21:13:29 -05:00
reyesj2	9f7bcb0f7d	add --force flag to so-kafka-fleet-output-policy & default to using fleet secret storage for client key	2025-09-08 21:13:11 -05:00
Corey Ogburn	aa43177d8c	Fix Setting Name enabledInSoc => enabled	2025-09-08 09:13:25 -06:00
Matthew Wright	12959d114c	added threshold config fields for assistant	2025-09-08 09:13:25 -06:00
reyesj2	855b489c4b	datastream	2025-09-08 09:13:24 -06:00
Corey Ogburn	673f9cb544	Responding to Feedback	2025-09-08 09:13:24 -06:00
Corey Ogburn	0a3ff47008	Cleanup Annotations Removed fields no longer need annotations.	2025-09-08 09:13:24 -06:00
Corey Ogburn	834e34128d	Non-dev URL	2025-09-08 09:13:23 -06:00
Corey Ogburn	73776f8d11	Cleaning up New ES Indexes	2025-09-08 09:13:23 -06:00
Corey Ogburn	120e61e45c	ClientParams Removed investigation prompt from module settings and moved to client settings, added enabledInSoc.	2025-09-08 09:13:23 -06:00
Corey Ogburn	fc2d450de0	Update Settings The apiKey will be built off of the license rather than a new setting. The model is hardcoded for now at the AI Gateway level. We're going to use the investigationPrompt as a trigger for the feature being visible in the UI but by default will be blank for now.	2025-09-08 09:13:22 -06:00
Corey Ogburn	cea4eaf081	Updated Assistant Mapping	2025-09-08 09:13:22 -06:00
Corey Ogburn	b1753f86f9	New Message Structure	2025-09-08 09:13:22 -06:00
Corey Ogburn	6323fbf46b	Content Object	2025-09-08 09:13:21 -06:00
Corey Ogburn	ba601c39b3	Rough Go at New Mappings/Settings	2025-09-08 09:13:21 -06:00
Corey Ogburn	ec27517bdd	New Config Values New config values with annotations and defaults. Updated Nginx config to allow streaming requests to not be buffered on the way to the client.	2025-09-08 09:13:08 -06:00
Josh Brower	624ec3c93e	Merge pull request #15003 from Security-Onion-Solutions/fix/wording Make it clear that Fleet Nodes will need to be reinstalled	2025-09-08 09:10:43 -04:00
Josh Brower	f318a84c18	Update so-elastic-fleet-reset	2025-09-08 09:03:33 -04:00
Josh Patterson	8cca58dba9	Merge pull request #14998 from Security-Onion-Solutions/vlb2 manager do hypervisor things	2025-09-05 17:13:37 -04:00
Jason Ertel	6c196ea61a	Merge branch '2.4/dev' into vlb2	2025-09-05 17:11:10 -04:00
Josh Patterson	207572f2f9	remove debug added to fail_setup	2025-09-05 14:16:03 -04:00
Josh Patterson	4afc986f48	firewall and logstash pipeline for managerhype	2025-09-05 13:14:47 -04:00
Jorge Reyes	ba5d140d4b	Merge pull request #14996 from Security-Onion-Solutions/reyesj2/ea-alerter so-elastic-agent-monitor	2025-09-05 10:41:59 -05:00
reyesj2	348f9dcaec	prevent multiple script instances using file lock	2025-09-05 10:01:24 -05:00

1 2 3 4 5 ...

17070 Commits