CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-07 09:42:46 +01:00
Code Issues Packages Projects Releases Wiki Activity
16,315 Commits 24 Branches 119 Tags
e0a3b51ca27643e83794eec16ce6907573bc8e21
Commit Graph

325 Commits

Author SHA1 Message Date
Jorge Reyes
fc12b1f09b Merge pull request #14272 from Security-Onion-Solutions/reyesj2-patch-1 
ES 8.17.2 pipeline version updates
 2025-02-20 17:32:20 -06:00
reyesj2
69b559fb26 ES 8.17.2 pipeline version updates 2025-02-20 17:11:28 -06:00
Josh Brower
c6d72d31cb Update Elastic Defend JSON 2025-02-19 16:16:38 -05:00
Jorge Reyes
a3dba9b566 Merge pull request #14255 from Security-Onion-Solutions/foxtrot 
ES 8.17.1
 2025-02-18 14:58:46 -06:00
reyesj2
21ed1439e2 update udp integration policy 2025-02-18 10:40:18 -06:00
reyesj2
3530bff320 always update package components state file to ensure index templates are created with any available integration components 2025-02-17 12:29:27 -06:00
Joshua Brower
95fe212202 Rework for MSI 2025-02-05 09:29:45 -05:00
Jorge Reyes
8828a3049d Merge pull request #14155 from Security-Onion-Solutions/reyesj2/es-integ-tmp 
add additional weird_integration
 2025-01-27 16:36:17 -06:00
reyesj2
d74b69d84d add additional weird_integration 2025-01-27 16:34:33 -06:00
Joshua Brower
49ab0751c0 Remove uneeded import 2025-01-27 15:01:21 -05:00
reyesj2
38b0276458 remove reference to deleted file 2025-01-27 13:45:18 -06:00
Josh Brower
97a3f130c8 Update Elastic 2025-01-23 15:32:39 -05:00
Josh Brower
9738ef382c Upgrade Elastic to 8.17.1 2025-01-23 08:12:02 -05:00
reyesj2
81ac1ebc08 fixes merging local pillar /global overrides for generated index templates 2025-01-22 13:12:09 -06:00
reyesj2
6331298eac remove individual <integration>@custom mappings. Moved over to so-fleet_integrations.ip_mappings-1 2025-01-21 10:49:54 -06:00
reyesj2
dab56f0882 update fleet-optional-integrations-load 
Signed-off-by: reyesj2 <94730068+reyesj2@users.noreply.github.com>
 2025-01-14 15:24:59 -06:00
reyesj2
4f92b7ced1 add support for cloudflare_logpush integration 2025-01-13 09:23:05 -06:00
reyesj2
3d3f0460fa move addon integration script run to elasticfleet state 
Signed-off-by: reyesj2 <94730068+reyesj2@users.noreply.github.com>
 2025-01-06 14:42:16 -06:00
reyesj2
9fe3f6042f Remove individual integrations ip mappings component template. Replaced with global mappings 
Signed-off-by: reyesj2 <94730068+reyesj2@users.noreply.github.com>
 2025-01-06 10:44:22 -06:00
reyesj2
cdd4a1ff1f fixes addon integration map file 
Signed-off-by: reyesj2 <94730068+reyesj2@users.noreply.github.com>
 2025-01-03 16:06:22 -06:00
reyesj2
ecf094f684 WIP: support all es fleet integrations 
Signed-off-by: reyesj2 <94730068+reyesj2@users.noreply.github.com>
 2024-12-26 16:18:04 -06:00
reyesj2
157185c370 add ti_opencti integration support 2024-12-18 11:33:49 -06:00
reyesj2
9bc20c26bb Merge branch '2.4/dev' of github.com:Security-Onion-Solutions/securityonion into reyesj2/es-integ-tmp 2024-12-06 14:29:25 -06:00
reyesj2
e3b7d82a8f remove all non-core integrations from elasticfleet:packages pillar 2024-12-03 08:56:56 -06:00
defensivedepth
5b9f6b2d52 fix path 2024-12-02 14:42:56 -05:00
defensivedepth
aade3db80d Generate MSI 2024-11-28 07:00:23 -05:00
reyesj2
44ec237447 additional integration support - cisco secure email gateway - rapid7 threat command 
Signed-off-by: reyesj2 <94730068+reyesj2@users.noreply.github.com>
 2024-11-15 11:39:01 -06:00
Jason Ertel
57a9992a3d Merge branch '2.4/dev' into jertel/wip 2024-11-11 10:06:44 -05:00
defensivedepth
5406a263d5 Add local custom template 2024-10-29 19:42:06 -04:00
defensivedepth
4c5099d429 Initial support for local lookup 2024-10-29 10:27:54 -04:00
m0duspwnens
ca793966a8 set retry and interval to remove state warning 2024-10-24 10:32:42 -04:00
Jorge Reyes
cf95af66c6 Revert "Add support for cybereason integration" 2024-10-21 15:23:05 -04:00
reyesj2
8b11019712 Add support for cybereason integration 
Signed-off-by: reyesj2 <94730068+reyesj2@users.noreply.github.com>
 2024-10-18 11:56:47 -04:00
reyesj2
322199358d add support for trendmicro integration 
Signed-off-by: reyesj2 <94730068+reyesj2@users.noreply.github.com>
 2024-10-16 16:45:46 -04:00
Jason Ertel
647f057714 Merge branch '2.4/dev' into jertel/wip 2024-10-16 13:44:20 -04:00
Jason Ertel
523ff66389 connect work 2024-10-16 13:44:01 -04:00
weslambert
c58ed45cf0 Use ID instead of name 2024-10-08 10:55:16 -04:00
weslambert
69857b6b5c Use ID instead of name 2024-10-08 10:54:54 -04:00
m0duspwnens
20127e6b1d hard-reset to the remote revision 2024-10-01 15:09:53 -04:00
m0duspwnens
24817a3919 user socore 2024-10-01 09:21:56 -04:00
defensivedepth
d2397c3c1c Refactor cron logic 2024-09-24 13:03:51 -04:00
defensivedepth
0a74a53254 Remove cron if disabled 2024-09-24 12:38:49 -04:00
defensivedepth
5286739414 Disable by default 2024-09-24 10:51:52 -04:00
defensivedepth
5cc8198302 Fix permissions 2024-09-23 16:32:42 -04:00
defensivedepth
2a890a35a0 Update format 2024-09-23 13:48:12 -04:00
defensivedepth
219cb5e044 Merge remote-tracking branch 'origin/2.4/dev' into 2.4/defend-filters 2024-09-23 13:03:32 -04:00
defensivedepth
ef003ffbb5 Refactor 2024-09-23 12:55:07 -04:00
defensivedepth
074cc8e6ff Initial commit 2024-09-20 11:58:21 -04:00
Jason Ertel
0566f46d5b Clarify enabled settings 2024-09-16 10:41:01 -04:00
Jason Ertel
e0c499645d Clarify enabled settings 2024-09-16 10:12:09 -04:00