CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-07 17:52:46 +01:00
Code Issues Packages Projects Releases Wiki Activity
15,375 Commits 24 Branches 119 Tags
dadb0db8f31c6e9a7bfa11a9efae233fb8c1d500
Commit Graph

174 Commits

Author SHA1 Message Date
reyesj2
b1beb617b3 Logstash should be disabled when Kafka is enabled except when a minion override exists OR node is a standalone 
- Standalone subscribes to Kafka topics via logstash for ingest

Signed-off-by: reyesj2 <94730068+reyesj2@users.noreply.github.com>
 2024-05-22 13:38:09 -04:00
m0duspwnens
d3bd56b131 disable logstash and redis if kafka enabled 2024-04-10 14:13:27 -04:00
m0duspwnens
a0ce46e702 enable/disable logstash in ui 2023-05-10 11:16:03 -04:00
m0duspwnens
98705608a6 Merge remote-tracking branch 'origin/mkrfixes' into ui/logstash 2023-05-04 13:53:55 -04:00
m0duspwnens
082704ce1f logstash jinja for ui 2023-05-04 13:07:07 -04:00
m0duspwnens
b14d33ced8 add logstash jinja for ui changes 2023-05-03 15:22:03 -04:00
Mike Reeves
a5b1660778 Fix firewall changes 2023-05-03 14:12:32 -04:00
Mike Reeves
38629a7676 fix defaults for logstash 2023-05-01 09:55:16 -04:00
Josh Brower
1944d09978 Logstash certs fixup 2023-04-17 11:34:57 -04:00
Josh Brower
cda67b2894 Ded Fleet Node - checkpoint 2023-04-04 16:11:22 -04:00
Josh Brower
af392681e3 Merge remote-tracking branch 'remotes/origin/2.4/dev' into fleet-sa 2023-04-03 07:27:04 -04:00
m0duspwnens
a37f0fd0c0 rename sosbridge to sobridge 2023-02-03 10:07:07 -05:00
Josh Brower
18a54b86f4 More fixes 2023-01-31 14:57:39 -05:00
Josh Brower
29aa6dceed Add logstash 2023-01-27 07:49:21 -05:00
m0duspwnens
6033e9a0de use port_bindings from docker defaults in docker states 2023-01-13 10:15:10 -05:00
m0duspwnens
d4c6834cd0 merge with 2.4/dev 2023-01-06 14:01:58 -05:00
m0duspwnens
24876eecd9 change refs from sosnet to sosbridge 2022-12-22 14:02:40 -05:00
Jason Ertel
0889d49025 Ensure user/pass values are quoted due to symbol chars appearing in the values 2022-12-21 14:00:10 -05:00
Mike Reeves
591616fe5b Add statics to all containers 2022-11-15 11:05:17 -05:00
m0duspwnens
b526532ab6 use global vars in states 2022-10-11 11:57:15 -04:00
Mike Reeves
2bd9dd80e2 Move In Day 2022-09-07 09:06:25 -04:00
Wes Lambert
4fa3749418 Remove bind or ES templates 2022-02-15 18:08:03 +00:00
Jason Ertel
eefcc929c2 Update copyright pattern to match other repos 2022-01-24 10:09:23 -05:00
m0duspwnens
7ebba1f325 use show_changes: False to prevent es pw from being shown when running the state 2022-01-19 12:11:38 -05:00
m0duspwnens
d0b0970353 Merge remote-tracking branch 'remotes/origin/dev' into issue/6469 2021-12-15 17:08:56 -05:00
Mike Reeves
7cd1b1c482 Remove some previous hotfix code 2021-12-15 12:26:53 -05:00
m0duspwnens
ce0a39db4b remove old EXTRAHOSTNAME EXTRAHOSTIP from being set for logstash 2021-12-15 09:43:46 -05:00
m0duspwnens
024860d0ae rename EXTRA_NODES to LOGSTASH_NODES AND REDIS_NODES 2021-12-14 23:43:06 -05:00
m0duspwnens
55b74abcc5 extra_hosts and redis_input for logstash 2021-12-14 18:49:30 -05:00
m0duspwnens
4da017d61c change extra_hosts for docker container 2021-12-14 17:05:30 -05:00
m0duspwnens
d0b6d5bba6 remove so-eval from lists since it doesnt run logstash 2021-12-14 15:33:06 -05:00
m0duspwnens
a31f034f2e remove receiver add node for cacerts and tls-ca-bundle for logstash bind 2021-12-14 15:02:59 -05:00
m0duspwnens
6962e3f9b3 fix logstash certs mapped into container 2021-12-14 14:52:15 -05:00
Jason Ertel
8365b5f140 Strip JndiLookup.class from log4j-core jars, to match Elastic's mitigation approach 2021-12-13 09:02:41 -05:00
Mike Reeves
73ec595baa Update init.sls 2021-12-10 14:10:05 -05:00
Mike Reeves
e48de18480 Update init.sls 2021-12-10 12:00:12 -05:00
m0duspwnens
59464af10c filebeat certs for logstash on so-receiver 2021-12-08 09:41:17 -05:00
m0duspwnens
1ef63f3a23 ssl things for so-receiver 2021-12-08 09:08:46 -05:00
m0duspwnens
e7f43cff5e limit nodes that bind filebeat certs in so-logstash 2021-10-27 10:45:10 -04:00
m0duspwnens
9f6407fcb0 fix dupe ids 2021-10-22 14:26:04 -04:00
m0duspwnens
f61400680d fix dupe ids 2021-10-22 14:22:15 -04:00
m0duspwnens
fed8bfac67 more requires on docker containers 2021-10-22 14:10:59 -04:00
m0duspwnens
0627ca2fc2 use heavynode hostname for certs if heavynode. changes to logstash pipeline for redis if heavynode 2021-07-06 15:32:39 -04:00
weslambert
2f3f04e4ca Change from nodename to host 2021-07-06 14:18:39 -04:00
weslambert
4946f32d88 Add extra_hosts entry for local instance when running as heavy node 2021-07-06 14:14:58 -04:00
Jason Ertel
dd8eb29a18 Continue merge of ECS into Elastic Auth 2021-06-15 09:11:58 -04:00
Mike Reeves
a0a8d12526 Enable SSL and Features 2021-03-04 10:08:28 -05:00
Mike Reeves
4212afe0c9 Add features option back 2021-01-30 19:57:18 -05:00
Mike Reeves
636687ac59 Merge pull request #2702 from Security-Onion-Solutions/essecurity 
SSL with Elastic Basic license. Remove features option.
 2021-01-21 13:57:28 -05:00
Mike Reeves
9408d62c65 Remove features 2021-01-21 13:55:53 -05:00