CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-07 17:52:46 +01:00
Code Issues Packages Projects Releases Wiki Activity
16,884 Commits 24 Branches 119 Tags
e8c25d157fd55c200704030d7c5ded9eb7a714d1
Commit Graph

369 Commits

Author SHA1 Message Date
reyesj2
e8c25d157f drop empty ip fields when its a opencanary startup log (1001) to prevent elasticsearch doc ingest error 2025-07-23 15:52:50 -05:00
reyesj2
2e5682f11c 8.18.4 import evtx pipelines 2025-07-23 09:53:04 -05:00
reyesj2
4728b96c51 add a retry to so-elastic-fleet-integration-upgrade when response isn't what was expected that way the error message isn't throwin into sosetup / soup log 2025-07-22 16:16:28 -05:00
reyesj2
8a57b79b77 make package installs go in groups of 25 or less 2025-07-10 15:52:59 -05:00
reyesj2
a4e8e7ea53 update syslog-tcp-514 policy 2025-07-10 13:12:26 -05:00
reyesj2
95ba327eb3 cribl metrics template rename 2025-07-10 11:08:46 -05:00
reyesj2
d846fe55e1 typos 2025-07-09 15:40:36 -05:00
Jorge Reyes
3b2942651e Update salt/elasticfleet/files/integrations/elastic-defend/elastic-defend-endpoints.json 2025-07-09 15:14:24 -05:00
reyesj2
fa6f4100dd ensure elasticsearch is up 2025-07-09 14:48:15 -05:00
reyesj2
33e2d18aa7 endpoint policy update 2025-07-09 13:59:01 -05:00
reyesj2
a03764d956 additional weird integration 2025-07-09 12:34:53 -05:00
reyesj2
3fb703cd22 check if generic template exists in installed component templates before defaulting to logs-filestream.generic@package 2025-07-09 11:59:25 -05:00
reyesj2
bef2fa9e8d 8.18.3 pipeline updates 2025-07-08 16:09:16 -05:00
reyesj2
d4f0cbcb67 changes for 'generic' integrations with no compoent templates assigned. Default to using the logs-filestream.generic@package componet template 2025-07-08 15:23:46 -05:00
Josh Patterson
b0a8191f59 Merge remote-tracking branch 'origin/2.4/dev' into vlb2 2025-05-19 10:02:26 -04:00
Josh Brower
a0aafb7c51 Cleanup 2025-05-09 10:29:23 -04:00
Josh Patterson
61f8b251f0 cp to mv 2025-05-09 09:25:46 -04:00
Josh Patterson
75dd04c398 fix file permissions for download 2025-05-09 09:21:30 -04:00
Josh Brower
42ba778740 Only upgrade node agents for local stack version 2025-05-07 16:08:47 -04:00
Josh Patterson
8c37a4454c merge and fix conflicts 2025-05-06 11:55:42 -04:00
Josh Patterson
1931de2e52 copy so_agent-installers to nsm for nginx 2025-05-05 12:40:56 -04:00
Josh Patterson
ed80c4e13b Merge remote-tracking branch 'origin/2.4/dev' into vlb2 2025-04-23 15:42:04 -04:00
reyesj2
559190aee3 upgrade integrations if they aren't in an agent policy 2025-04-22 09:38:22 -05:00
reyesj2
8c4cf0ba08 keep hard failure 2025-04-22 07:29:12 -05:00
reyesj2
e17fea849a continue loop after encountering error with first 2025-04-21 20:32:42 -05:00
reyesj2
166e4e0ebc make bool 2025-04-21 15:51:36 -05:00
reyesj2
4b7478654f run optional integrations script so packages get installed. Hold updates unless auto_update_integrations is set 2025-04-21 14:29:37 -05:00
reyesj2
4e6c707067 Merge branch '2.4/dev' of github.com:Security-Onion-Solutions/securityonion into reyesj2/fix-14516 2025-04-21 10:48:25 -05:00
reyesj2
c89adce3a1 default disable automatic upgrades for optional integration packages & policies 2025-04-21 10:48:18 -05:00
Josh Brower
5fd7bf311d Add fallback 2025-04-15 13:57:55 -04:00
Josh Brower
152fdaa7bb Support Kratos user.name lookup 2025-04-15 11:40:43 -04:00
Josh Patterson
21bb325157 Merge remote-tracking branch 'origin/2.4/dev' into vlb2 2025-04-14 08:22:42 -04:00
Jorge Reyes
c11a10638b Merge pull request #14528 from Security-Onion-Solutions/reyesj2-patch-4 
external access to kafka topics via user/pass auth
 2025-04-11 10:52:40 -05:00
Josh Brower
4cdfb6e3eb Fix comma 2025-04-11 07:49:35 -04:00
Josh Brower
f94c81a041 Extract log level and drop INFO level 2025-04-11 07:45:12 -04:00
reyesj2
5498673fc3 group events in 10s and remove deprecated output configuration option 2025-04-10 09:46:37 -05:00
Josh Patterson
f9bf4e4130 Merge remote-tracking branch 'origin/2.4/dev' into vlb2 2025-03-27 11:26:32 -04:00
reyesj2
844283cc38 get more results 2025-03-21 14:55:52 -05:00
Josh Patterson
44a5b3b1e5 MANAGERHYPE setup is now complete! 2025-03-12 21:05:04 -04:00
Jorge Reyes
f35930317b Merge pull request #14336 from Security-Onion-Solutions/reyesj2-patch-2 
ES 8.17.3
 2025-03-04 15:36:59 -06:00
reyesj2
11dc004811 ES 8.17.3 2025-03-04 14:24:38 -06:00
Jason Ertel
85450693a2 Merge branch '2.4/dev' into jertel/wip 2025-03-04 10:55:29 -05:00
Jason Ertel
0047246cf2 reduce stdout verbosity 2025-03-04 10:55:12 -05:00
reyesj2
17edc06987 allow installing integrations that require an elastic license 2025-02-24 14:45:43 -06:00
Jorge Reyes
fc12b1f09b Merge pull request #14272 from Security-Onion-Solutions/reyesj2-patch-1 
ES 8.17.2 pipeline version updates
 2025-02-20 17:32:20 -06:00
reyesj2
69b559fb26 ES 8.17.2 pipeline version updates 2025-02-20 17:11:28 -06:00
Josh Brower
c6d72d31cb Update Elastic Defend JSON 2025-02-19 16:16:38 -05:00
Jorge Reyes
a3dba9b566 Merge pull request #14255 from Security-Onion-Solutions/foxtrot 
ES 8.17.1
 2025-02-18 14:58:46 -06:00
reyesj2
21ed1439e2 update udp integration policy 2025-02-18 10:40:18 -06:00
reyesj2
3530bff320 always update package components state file to ensure index templates are created with any available integration components 2025-02-17 12:29:27 -06:00