CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-06 09:12:45 +01:00
Code Issues Packages Projects Releases Wiki Activity
9,801 Commits 24 Branches 119 Tags
eda7a8d7ea9fe9750742ef6e5783028ceb4e0418
Commit Graph

9801 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Doug Burks
eda7a8d7ea FIX: Update telegraf influxdbsize.sh to collect influxdb size from influxdb_size.log #7468 2022-03-18 13:15:43 -04:00
Doug Burks
f7dc5588ae FIX: Update common init.sls to create cron job to write influxdb size for telegraf #7468 2022-03-18 13:13:46 -04:00
Doug Burks
c13994994b FIX: Update telegraf init.sls to run telegraf as non-root #7468 2022-03-18 13:11:56 -04:00
Josh Patterson
949365c636 Merge pull request #7602 from Security-Onion-Solutions/issue/7601 
prevent so-setup iso from running on ubuntu
 2022-03-17 11:37:53 -04:00
m0duspwnens
a896348743 prevent so-setup iso from running on ubuntu - https://github.com/Security-Onion-Solutions/securityonion/issues/7601 2022-03-17 11:31:16 -04:00
Josh Brower
5b9c82a434 Merge pull request #7494 from Security-Onion-Solutions/fix/fleetdm-custom-hostname 
Force regen of ssl cert
 2022-03-16 15:17:05 -04:00
Doug Burks
50477071b8 Merge pull request #7588 from Security-Onion-Solutions/fix/prevent-multiple-instances 
FIX: Prevent multiple instances of so-sensor-clean and so-playbook-sync #6622
 2022-03-16 13:54:00 -04:00
Doug Burks
e65f2a5513 FIX: Prevent multiple instances of so-sensor-clean #6622 2022-03-16 13:28:39 -04:00
Doug Burks
e56f90d83c FIX: Prevent multiple instances of so-playbook-sync #6622 2022-03-16 13:27:37 -04:00
weslambert
aaded58131 Merge pull request #7565 from Security-Onion-Solutions/fix/es_template_fix 
Custom ES template fixes
 2022-03-15 11:09:46 -04:00
Doug Burks
9bf0265cea Merge pull request #7566 from Security-Onion-Solutions/feature/hunt-soc-auth 
FEATURE: Add new Hunt query for SOC logins #7327
 2022-03-15 10:58:40 -04:00
Mike Reeves
e01c1398d5 Merge pull request #7564 from Security-Onion-Solutions/removethehive 
Removethehive
 2022-03-15 10:56:08 -04:00
Wes Lambert
42d6c3a956 Replace Elastic connection check using ELASTICCURL with so-elasticsearch-query 2022-03-15 14:55:04 +00:00
Doug Burks
eec44a6b02 Add a SOC Auth query to hunt.queries.json 2022-03-15 10:38:46 -04:00
Doug Burks
d1e1887e36 Add support for Kratos audit logs in hunt.eventfields.json 2022-03-15 10:37:58 -04:00
Wes Lambert
5f56c7a261 Replace ELASTICCURL with so-elasticsearch-query 2022-03-15 14:32:00 +00:00
weslambert
d46620ea2a Merge pull request #7561 from Security-Onion-Solutions/es_template_map_fix 
Custom ES Template Fixes
 2022-03-15 10:01:42 -04:00
Jason Ertel
408f9d6695 Update .gitleaks.toml 2022-03-15 09:53:27 -04:00
Jason Ertel
b810f14428 Update .gitleaks.toml 2022-03-15 09:53:11 -04:00
Jason Ertel
cec9cba40e Create .gitleaks.toml 2022-03-15 09:47:57 -04:00
Jason Ertel
8ebeeb497f add configuration to override leak detector defaults 2022-03-15 09:43:09 -04:00
Mike Reeves
9c80ff4f65 Remove hive from more files 2022-03-15 09:37:58 -04:00
Mike Reeves
81f0aa58b8 Remove hive from more files 2022-03-15 08:28:03 -04:00
Doug Burks
63cef4daff Merge pull request #7557 from Security-Onion-Solutions/dougburks-patch-1 
FIX: surilogcompress cron job not running
 2022-03-15 07:41:05 -04:00
Doug Burks
db4f138a78 FIX: surilogcompress cron job not running 
The suricata user was originally created with `/opt/so/conf/suricata` as its home directory. I think at some point we changed permissions on `/opt/so/conf` and at that point the `surilogcompress` cron job stopped working. Changing the home directory to `/nsm/suricata` works on all of my PROD systems (including Ubuntu and CentOS).

For more information, please see:
https://github.com/Security-Onion-Solutions/securityonion/issues/7133
 2022-03-15 07:10:02 -04:00
Mike Reeves
b5b60af16f Remove hive from so-user 2022-03-14 15:06:07 -04:00
Mike Reeves
b83fec6fd2 More hive remova 2022-03-14 14:51:39 -04:00
Mike Reeves
ff30f572d7 Remove thehive from image common 2022-03-14 10:40:41 -04:00
Mike Reeves
95195c07fc Disable hive in automation files 2022-03-14 10:36:23 -04:00
Jason Ertel
16f673d956 Merge pull request #7541 from Security-Onion-Solutions/kilo 
Add assignee field to case list
 2022-03-14 08:49:46 -04:00
Jason Ertel
5a28725def Add assignee to case list 2022-03-14 08:45:28 -04:00
Wes Lambert
ba24f75893 Fix index typo 2022-03-11 18:11:16 +00:00
Wes Lambert
70ed20f691 Add new sls file for custom ES index templates 2022-03-11 18:07:23 +00:00
Wes Lambert
d12ff503c2 Chage role loading verbiage 2022-03-11 16:23:19 +00:00
Wes Lambert
dc258cf043 Load custom component templates in so-elasticsearch-templates-load 2022-03-11 16:22:55 +00:00
Wes Lambert
8e43a6e571 Don't generate index template if index_template definition is not present in pillar 2022-03-11 16:22:06 +00:00
m0duspwnens
e1e8a20e11 make sure values exist in data structure 2022-03-10 17:09:00 -05:00
Josh Brower
f0e44827a5 rm extra line 2022-03-10 08:48:46 -05:00
Josh Brower
814e16ba95 Force regen of ssl cert 2022-03-10 08:47:26 -05:00
Mike Reeves
7ca06df66f Merge pull request #7484 from Security-Onion-Solutions/TOoSmOotH-patch-1 
Update VERSION
 2022-03-09 14:50:52 -05:00
Mike Reeves
6f15acd2f9 Update VERSION 2022-03-09 14:50:14 -05:00
Mike Reeves
3725130128 Merge pull request #7481 from Security-Onion-Solutions/dev 
2.3.110
2.3.110-20220309 		2022-03-09 14:44:40 -05:00
Mike Reeves
2c66fa1883 Merge pull request #7482 from Security-Onion-Solutions/kilo 
Merge master with .100 hotfix #3 into dev
 2022-03-09 12:24:04 -05:00
Jason Ertel
61a3155dfa merge from master 2022-03-09 12:22:24 -05:00
Mike Reeves
99f25deb80 Merge pull request #7480 from Security-Onion-Solutions/2.3.110rel 
2.3.110
 2022-03-09 12:16:31 -05:00
Mike Reeves
0cb628f565 2.3.110 2022-03-09 12:12:32 -05:00
weslambert
262e68cb75 Merge pull request #7469 from Security-Onion-Solutions/fix/kibana_config_load_template 
Add .template extension to ensure we are loading the template and not the resultant file
 2022-03-08 21:12:29 -05:00
weslambert
c83b63d0d8 Add .template extension to load template file 2022-03-08 20:53:16 -05:00
weslambert
8d9ddf5f1b Add .template extension to load template 2022-03-08 20:52:13 -05:00
weslambert
8115da358f Add .template extension to load template file 2022-03-08 20:51:50 -05:00