CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-07 17:52:46 +01:00
Code Issues Packages Projects Releases Wiki Activity
17,157 Commits 24 Branches 119 Tags
e9af46a8cbddba5e17d292d2776067c3523f2b51
Commit Graph

409 Commits

Author SHA1 Message Date
Wes
409612ff1f Add script to upgrade integrations 2024-09-11 14:56:57 +00:00
m0duspwnens
8702d95434 only elasticsearch image uses es version 2024-09-09 16:38:38 -04:00
m0duspwnens
2e379dd29c fix line delete causing issues sourcing so-common and es agent grid upgrade 2024-09-06 10:44:35 -04:00
m0duspwnens
df14cbad44 fix calls to get_elastic_agent_vars 2024-09-04 17:43:49 -04:00
m0duspwnens
72f3eaa8f6 should not have changed this, so changing it back 2024-09-04 16:42:19 -04:00
Josh Patterson
71f6b44c0c Merge pull request #13607 from Security-Onion-Solutions/esver 
use Elasticsearch version for some containers
 2024-09-04 13:30:07 -04:00
weslambert
af80a78406 Update pipeline version 2024-08-27 13:08:35 -04:00
DefensiveDepth
b952728b2c Fix policy load 2024-08-26 15:57:21 -04:00
DefensiveDepth
c575e02fbb Use correct name 2024-08-23 13:52:20 -04:00
DefensiveDepth
e86fce692c Merge remote-tracking branch 'origin/2.4/dev' into 2.4/soupchanges 2024-08-23 11:44:39 -04:00
DefensiveDepth
0a5725a62e Refactor for Elastic Upgrade 2024-08-23 11:36:47 -04:00
m0duspwnens
cd9c9a25d3 reference elastic versions from defaults 2024-08-21 11:25:56 -04:00
DefensiveDepth
f01825166d Update Fleet Server policy 2024-08-21 08:31:37 -04:00
DefensiveDepth
07f8bda27e Update agent 2024-08-20 15:23:31 -04:00
DefensiveDepth
e3ecc9d4be Directly manage the Fleet Server integration config 2024-08-20 15:06:16 -04:00
DefensiveDepth
ca209ed54c Disable auto-upgrade 2024-08-20 09:14:08 -04:00
weslambert
f182833a8d Add tenable_io 2024-08-15 23:03:32 -04:00
weslambert
3fa6c72620 Fix name change 2024-07-30 15:45:55 -04:00
weslambert
6831b72804 Fix fleet setup 2024-07-30 14:46:00 -04:00
weslambert
9594e4115c Elastic 8.14.3 2024-07-30 12:47:56 -04:00
weslambert
201e14f287 Elastic 8.14.3 2024-07-30 12:46:42 -04:00
weslambert
fe1824aedd Revert "Elastic 8.14.2" 2024-07-15 11:28:59 -04:00
weslambert
4d499be1a8 Change name 2024-07-02 08:47:29 -04:00
DefensiveDepth
92a847e3bd Fix Fleet setup 2024-06-27 11:48:54 -04:00
weslambert
847638442b Elastic 8.14.1 2024-06-27 10:48:28 -04:00
weslambert
feee80cad9 Revert back to 8.10.4 2024-06-27 09:01:55 -04:00
weslambert
abdfbba32a Elastic 8.14.1 2024-06-26 14:06:24 -04:00
reyesj2
911d6dcce1 update kafka output policy only on eligible grid types 
Signed-off-by: reyesj2 <94730068+reyesj2@users.noreply.github.com>
 2024-06-18 12:09:59 -04:00
DefensiveDepth
521cccaed6 Update defaults 2024-06-18 08:43:00 -04:00
reyesj2
4d1f2c2bc1 fix kafka elastic fleet output policy setup 
Signed-off-by: reyesj2 <94730068+reyesj2@users.noreply.github.com>
 2024-06-14 23:04:08 -04:00
reyesj2
a0030b27e2 add additional retries to elasticfleet scripts 
Signed-off-by: reyesj2 <94730068+reyesj2@users.noreply.github.com>
 2024-06-14 15:34:40 -04:00
reyesj2
fb1d4fdd3c update license 
Signed-off-by: reyesj2 <94730068+reyesj2@users.noreply.github.com>
 2024-06-04 12:33:51 -04:00
reyesj2
1fd5165079 Merge remote-tracking branch 'origin/2.4/dev' into reyesj2/kafka 
Signed-off-by: reyesj2 <94730068+reyesj2@users.noreply.github.com>
 2024-05-29 23:37:40 -04:00
m0duspwnens
6af0308482 add a newline 2024-05-15 16:26:44 -04:00
reyesj2
2ad87bf1fe merge 2.4/dev 
Signed-off-by: reyesj2 <94730068+reyesj2@users.noreply.github.com>
 2024-05-08 16:30:45 -04:00
weslambert
2e70d157e2 Add ref 2024-05-07 11:13:51 -04:00
reyesj2
e960ae66a3 Merge remote-tracking branch 'remotes/origin/2.4/dev' into reyesj2/kafka 2024-05-02 15:12:27 -04:00
reyesj2
de9f6425f9 Automatically switch between Kafka output policy and logstash output policy when globals.pipeline changes 
Signed-off-by: reyesj2 <94730068+reyesj2@users.noreply.github.com>
 2024-05-02 12:13:46 -04:00
reyesj2
47ced60243 Create new Kafka output policy using salt 
Signed-off-by: reyesj2 <94730068+reyesj2@users.noreply.github.com>
 2024-05-01 14:49:51 -04:00
reyesj2
cef9bb1487 Dynamically create Kafka topics based on event.module from elastic agent logs eg. zeek-topic. Depends on Kafka brokers having auto.create.topics.enable set to true 
Signed-off-by: reyesj2 <94730068+reyesj2@users.noreply.github.com>
 2024-05-01 09:16:13 -04:00
reyesj2
bb49944b96 Setup elastic fleet rollover from logstash -> kafka output policy 
Signed-off-by: reyesj2 <94730068+reyesj2@users.noreply.github.com>
 2024-04-30 16:47:40 -04:00
reyesj2
fcc4050f86 Add id to grid-kafka fleet output policy 
Signed-off-by: reyesj2 <94730068+reyesj2@users.noreply.github.com>
 2024-04-30 12:59:53 -04:00
reyesj2
9c83a52c6d Add Kafka output to elastic-fleet setup. Includes separating topics by event.module with fallback to default-logs if no event.module is specified or doesn't match processors 
Signed-off-by: reyesj2 <94730068+reyesj2@users.noreply.github.com>
 2024-04-30 12:01:31 -04:00
DefensiveDepth
3c3ed8b5c5 Add runtime status logs 2024-04-24 16:33:47 -04:00
reyesj2
55cf90f477 merge 2.4/dev 
Signed-off-by: reyesj2 <94730068+reyesj2@users.noreply.github.com>
 2024-04-11 14:44:59 -04:00
reyesj2
2ab9cbba61 Update wording for Kismet poll interval annotation 
Signed-off-by: reyesj2 <94730068+reyesj2@users.noreply.github.com>
 2024-04-10 16:12:22 -04:00
DefensiveDepth
376efab40c Ship Defender logs 2024-04-08 14:01:38 -04:00
reyesj2
000d15a53c Kismet integration: TODO Elasticsearch mappings 
Signed-off-by: reyesj2 <94730068+reyesj2@users.noreply.github.com>
 2024-03-29 13:56:01 -04:00
weslambert
bed42208b1 Add journald integration 2024-03-05 09:49:55 -05:00
Josh Brower
f28f269bb1 Fix FIM 2024-03-04 07:38:32 -05:00