CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-09 18:52:52 +01:00
Code Issues Packages Projects Releases Wiki Activity
6,168 Commits 26 Branches 119 Tags
f1781b1fde6104e38bcc322079b56738186a40d5
Commit Graph

6168 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
William Wernert
f1781b1fde [fix] Set timeout for scripts (15s, 3x default 5s) 2021-01-22 12:15:29 -05:00
Jason Ertel
537f7529f8 Increase Kibana wait from 3 minutes to 15 minutes due to the longer init time needed for Kibana to start (because of the recent ES changes) 2021-01-22 10:09:15 -05:00
Mike Reeves
636687ac59 Merge pull request #2702 from Security-Onion-Solutions/essecurity 
SSL with Elastic Basic license. Remove features option.
 2021-01-21 13:57:28 -05:00
Mike Reeves
9408d62c65 Remove features 2021-01-21 13:55:53 -05:00
Mike Reeves
f85ecf254e Fix dupe 2021-01-21 13:21:08 -05:00
Mike Reeves
9f984036c5 Use the internmediate cert 2021-01-21 13:00:46 -05:00
Mike Reeves
b0914fa604 try .p12 2021-01-21 12:46:00 -05:00
Mike Reeves
9759990233 Switch to java key store 2021-01-21 12:29:45 -05:00
Mike Reeves
bb523c44e6 Enable features temporarily 2021-01-21 12:19:41 -05:00
Mike Reeves
013b706ce4 Enable http ssl 2021-01-21 12:13:23 -05:00
weslambert
583b65e952 Fix syntax 2021-01-21 11:52:23 -05:00
Mike Reeves
84b75a38a3 Fix error in init.sls for ES 2021-01-21 11:21:04 -05:00
Mike Reeves
6de70ec820 Update docker mappings for ES 2021-01-21 11:12:12 -05:00
weslambert
d6043d091b Merge pull request #2701 from Security-Onion-Solutions/feature/filebeat_events 
Allow for Filebeat queue/output adjustments via pillar
 2021-01-21 10:36:33 -05:00
Wes Lambert
19d22e1f8a Allow for Filebeat queue/output adjustments via pillar 2021-01-21 15:34:54 +00:00
Mike Reeves
35c741ae63 Turn on Xpack SSL 2021-01-21 09:49:31 -05:00
weslambert
a99246c600 Merge pull request #2698 from Security-Onion-Solutions/fix/reserved_ports 
Fix/reserved ports
 2021-01-21 08:39:35 -05:00
Wes Lambert
0039877779 Check for port availability for Wazuh and Strelka 2021-01-21 13:29:09 +00:00
Wes Lambert
9a91674688 Add reserved ports file for sysctl 2021-01-21 13:18:22 +00:00
Wes Lambert
74e315841a Modify common to reserve Docker proxy ports 2021-01-21 13:17:16 +00:00
Josh Patterson
516634ef8d Merge pull request #2691 from Security-Onion-Solutions/issue/2679 
Issue/2679
 2021-01-20 17:41:43 -05:00
m0duspwnens
18217ba38b change so-searchnode role to so-node https://github.com/Security-Onion-Solutions/securityonion/issues/2679 2021-01-20 17:40:02 -05:00
m0duspwnens
6e756b3586 allow heathcheck state for standalone and heavynode 2021-01-20 17:34:53 -05:00
Josh Patterson
e7e6243399 Merge pull request #2689 from Security-Onion-Solutions/issue/2679 
Issue/2679
 2021-01-20 15:14:38 -05:00
m0duspwnens
18278a97ac fix salt top formatting 2021-01-20 15:13:55 -05:00
m0duspwnens
b693373d8d change how we allow or disallow states to be run https://github.com/Security-Onion-Solutions/securityonion/issues/2679 2021-01-20 15:09:53 -05:00
Jason Ertel
58f922aac3 Skip image pull if so-tcpreplay image already exists and is current 2021-01-20 11:17:10 -05:00
m0duspwnens
b1c5b83fd5 removing old search node logic and managersensor from salt top 2021-01-20 09:53:42 -05:00
m0duspwnens
caaa8cc764 add schedule state to fleet node so it gets highstate schedule 2021-01-20 09:46:49 -05:00
Jason Ertel
71e0014115 Wrap parenthesis around correlation filter to allow additional filtering 2021-01-19 17:51:23 -05:00
William Wernert
8023e79020 [fix] Don't remove answer file when checking version on manager, file does not yet exist 2021-01-19 11:28:33 -05:00
William Wernert
650008e1e6 [fix] Replace leftover /root/install_opt strings with variable 2021-01-19 11:20:53 -05:00
Jason Ertel
d91913e58e Redirect tcpreplay warnings to dev null when running so-test 2021-01-18 21:42:50 -05:00
Mike Reeves
12aa4033b6 Fix soup in case airgap is in the hostname 2021-01-18 18:08:34 -05:00
Jason Ertel
a795f0a487 Correct airgap IPs; Remove auto tcpreplay during post-setup phase 2021-01-16 12:01:49 -05:00
Jason Ertel
2006677a22 Add default customization file (Blank) 2021-01-15 20:08:27 -05:00
William Wernert
32839f8a53 [feat] Various input validation changes + fixes 
* Keep invalid input in subsequent prompts
* Remove useless placeholder values
* Only set PROCS variable once
* Make input collection loops more consistent
 2021-01-15 18:05:29 -05:00
Jason Ertel
0af6afa216 Add method for making adjustments to the SOC UI 2021-01-15 16:26:06 -05:00
William Wernert
8cb836a17a [fix] Don't preset HOSTNAME var, interferes with automation 2021-01-15 16:22:07 -05:00
William Wernert
432d231a0e [fix] Don't use set -e since we depend on non-zero exit codes for this function 2021-01-15 13:52:10 -05:00
William Wernert
9726ff9ce6 [fix] Correct logic for verbose flag 2021-01-15 13:39:12 -05:00
Mike Reeves
9cf63545bc Merge pull request #2640 from Masaya-A/influxdb/strengthen 
Disable weak cipher suites from influxdb
 2021-01-15 10:50:21 -05:00
William Wernert
e440f6c44a [fix] Set variables used by sensor pillar before generating the pillar 2021-01-15 10:29:51 -05:00
William Wernert
ed129bcf1f [fix] Add verbose flag so that so-monitor-add only sees necessary information 2021-01-15 09:25:04 -05:00
William Wernert
f4de5e28bf [fix] Padding 3->4 spaces, don't use lookup_pillar before salt is installed 2021-01-15 08:57:14 -05:00
Jason Ertel
07b5f1d23e Rename functions to avoid naming conflict with setup vars 2021-01-15 08:55:30 -05:00
William Wernert
0f6805823e [fix] Add spacing to whiptail menu + preset err 2021-01-15 08:35:37 -05:00
Masaya-A
0d93b15a63 Disable weak cipher suites from influxdb 
The default config of influxdb enables use of some weak cipher suites such as RC4 and 3DES(SWEET32).
To disable them, a list of enabled ciphers added into influxdb.conf.
 2021-01-15 11:47:04 +09:00
William Wernert
dbe22f901d [fix] Add jinja raw block to so-common 2021-01-14 14:54:37 -05:00
William Wernert
ebc5a4314a [feat] Add salt logs to log rotation config 2021-01-14 13:43:00 -05:00