CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-06 17:22:49 +01:00
Code Issues Packages Projects Releases Wiki Activity
15,588 Commits 24 Branches 119 Tags
dd09f5b153a615b8d086f1cd39e85048d1d37b1d
Commit Graph

1131 Commits

Author SHA1 Message Date
weslambert
dd09f5b153 Add so-soc-logs 2024-08-26 10:32:27 -04:00
Jorge Reyes
1c6f5126db Merge pull request #13546 from Security-Onion-Solutions/reyesj2/kfano 
set kafka.id in common ingest pipeline
 2024-08-23 09:50:08 -04:00
reyesj2
1ec5e3bf2a add kafka.id to common ingest pipeline 
Signed-off-by: reyesj2 <94730068+reyesj2@users.noreply.github.com>
 2024-08-23 09:47:21 -04:00
weslambert
d7e3e134a5 Check Elasticsearch for template 2024-08-22 10:33:13 -04:00
weslambert
2a024039bf Merge pull request #13528 from Security-Onion-Solutions/fix/detections_alerts_ilm 
Create detections.alerts ILM policy with corresponding name
 2024-08-21 14:50:10 -04:00
weslambert
212cc478de Change back to so 2024-08-21 14:39:24 -04:00
weslambert
88ea60df2a Fix name 2024-08-21 14:38:57 -04:00
weslambert
c1b7232a88 Fix for detections-alerts 2024-08-21 14:38:29 -04:00
weslambert
4108e67178 Check for endpoint package 2024-08-21 14:22:28 -04:00
weslambert
4afac201b9 Change ILM policy name 2024-08-21 13:25:26 -04:00
weslambert
dc197f6a5c Add tenable settings 2024-08-15 23:06:53 -04:00
weslambert
61ab1f1ef2 Add tenable_io templates 2024-08-15 23:03:07 -04:00
weslambert
5f74b1b730 Update column number because of changes to API 2024-08-15 08:26:56 -04:00
Doug Burks
ab63d5dbdb Update so-elasticsearch-cluster-space-used for changes in _cat/allocation API 2024-08-15 08:01:22 -04:00
weslambert
49d2ac2b13 Change name for system component 2024-07-31 16:17:57 -04:00
Wes
9264a03dbc Add custom system component 2024-07-31 17:03:26 +00:00
Wes
fb2a42a9af Use custom system component 2024-07-31 17:02:45 +00:00
weslambert
bae348bef7 Change version 2024-07-30 16:44:44 -04:00
weslambert
0453f51e64 Actually ignore missing templates 2024-07-30 12:54:07 -04:00
weslambert
d833bd0d55 Elastic 8.14.3 2024-07-30 12:45:25 -04:00
weslambert
46eeb014af Add metrics settings 2024-07-30 12:39:50 -04:00
weslambert
c60b14e2e7 Merge branch '2.4/dev' into foxtrot 2024-07-30 08:52:48 -04:00
Corey Ogburn
20f915f649 so-detection refresh_interval => 1s 
Speeds up the refresh_interval so bulk indexing a single rule does not wait 30s.
 2024-07-25 12:53:04 -06:00
Wes
c55fa6dc6a Fix pattern for pipelines 2024-07-23 17:48:32 +00:00
Wes
17f37750e5 Remove onchanges condition 2024-07-23 16:46:18 +00:00
Wes
e789c17bc3 Add global@custom pipeline file 2024-07-23 16:37:37 +00:00
Wes
6f44d39b18 Remove Fleet final pipeline file 2024-07-23 16:37:03 +00:00
Wes
dd85249781 Remove Fleet final pipeline 2024-07-23 16:36:41 +00:00
Wes
2d0de87530 Add component templates for Fleet metrics 2024-07-17 15:19:46 +00:00
m0duspwnens
6d18177f98 only include global phases if defined in default for that index 2024-07-17 10:16:11 -04:00
m0duspwnens
72ad49ed12 add policy for so-lists and so-items 2024-07-16 14:36:06 -04:00
m0duspwnens
91b2e7d400 Merge remote-tracking branch 'origin/2.4/dev' into silsll 2024-07-16 14:06:56 -04:00
m0duspwnens
34c3a58efe add cold policy 2024-07-16 14:03:48 -04:00
Josh Patterson
a867557f54 Merge pull request #13353 from Security-Onion-Solutions/fci 
fix custom indices
 2024-07-16 13:18:11 -04:00
m0duspwnens
b814f32e0a fix custom indices 2024-07-16 12:39:30 -04:00
weslambert
bf07d56da6 Merge pull request #13341 from Security-Onion-Solutions/revert-13323-fix/agent_pipeline 
Revert "Change pipeline version for agent"
 2024-07-15 11:38:56 -04:00
weslambert
4e81860a13 Revert "Change pipeline version for agent" 2024-07-15 11:33:52 -04:00
weslambert
fe1824aedd Revert "Elastic 8.14.2" 2024-07-15 11:28:59 -04:00
weslambert
d432019ad9 Change version from 1.13.1 to 1.20.0 2024-07-10 12:48:08 -04:00
weslambert
0db0754ee5 Merge pull request #13316 from Security-Onion-Solutions/foxtrot 
Elastic 8.14.2
 2024-07-10 08:53:03 -04:00
Wes
1f5a990b1e Remove lines that aren't needed right now 2024-07-09 18:32:06 +00:00
Wes
669f68ad88 Fleet metric annotations 2024-07-09 15:39:59 +00:00
weslambert
8615e5d5ea Move enabled and index_clean back to the top 2024-07-08 16:50:06 -04:00
weslambert
745b6775f1 Change name for ILM 2024-07-02 09:05:35 -04:00
Wes
1b47d5c622 Changes for Elastic 8.14.1 2024-07-01 15:16:58 +00:00
Wes
32d7927a49 Template changes for Elastic 8.14.1 2024-07-01 15:16:06 +00:00
m0duspwnens
50f0c43212 merge dev 2024-06-26 12:33:32 -04:00
m0duspwnens
81fcd68e9b create and use redis:nodes and elasticsearch:nodes pillars 2024-06-20 16:42:11 -04:00
reyesj2
a81e4c3362 remove dash(-) from kafka.id 
Signed-off-by: reyesj2 <94730068+reyesj2@users.noreply.github.com>
 2024-06-11 11:55:17 -04:00
reyesj2
08557ae287 kafka.id field should only be present when metadata for kafka exists 
Signed-off-by: reyesj2 <94730068+reyesj2@users.noreply.github.com>
 2024-06-11 11:01:34 -04:00