CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-19 07:23:06 +01:00
Code Issues Packages Projects Releases Wiki Activity
16,874 Commits 18 Branches 120 Tags
f303363a735057196c98a809e1a66e81eaefa209
Commit Graph

119 Commits

Author SHA1 Message Date
reyesj2
8a57b79b77 make package installs go in groups of 25 or less 2025-07-10 15:52:59 -05:00
reyesj2
fa6f4100dd ensure elasticsearch is up 2025-07-09 14:48:15 -05:00
reyesj2
3fb703cd22 check if generic template exists in installed component templates before defaulting to logs-filestream.generic@package 2025-07-09 11:59:25 -05:00
reyesj2
d4f0cbcb67 changes for 'generic' integrations with no compoent templates assigned. Default to using the logs-filestream.generic@package componet template 2025-07-08 15:23:46 -05:00
Josh Brower
a0aafb7c51 Cleanup 2025-05-09 10:29:23 -04:00
Josh Patterson
61f8b251f0 cp to mv 2025-05-09 09:25:46 -04:00
Josh Patterson
75dd04c398 fix file permissions for download 2025-05-09 09:21:30 -04:00
Josh Brower
42ba778740 Only upgrade node agents for local stack version 2025-05-07 16:08:47 -04:00
Josh Patterson
1931de2e52 copy so_agent-installers to nsm for nginx 2025-05-05 12:40:56 -04:00
reyesj2
559190aee3 upgrade integrations if they aren't in an agent policy 2025-04-22 09:38:22 -05:00
reyesj2
8c4cf0ba08 keep hard failure 2025-04-22 07:29:12 -05:00
reyesj2
e17fea849a continue loop after encountering error with first 2025-04-21 20:32:42 -05:00
reyesj2
166e4e0ebc make bool 2025-04-21 15:51:36 -05:00
reyesj2
4b7478654f run optional integrations script so packages get installed. Hold updates unless auto_update_integrations is set 2025-04-21 14:29:37 -05:00
reyesj2
c89adce3a1 default disable automatic upgrades for optional integration packages & policies 2025-04-21 10:48:18 -05:00
reyesj2
5498673fc3 group events in 10s and remove deprecated output configuration option 2025-04-10 09:46:37 -05:00
reyesj2
17edc06987 allow installing integrations that require an elastic license 2025-02-24 14:45:43 -06:00
Joshua Brower
95fe212202 Rework for MSI 2025-02-05 09:29:45 -05:00
defensivedepth
5b9f6b2d52 fix path 2024-12-02 14:42:56 -05:00
defensivedepth
aade3db80d Generate MSI 2024-11-28 07:00:23 -05:00
m0duspwnens
2e379dd29c fix line delete causing issues sourcing so-common and es agent grid upgrade 2024-09-06 10:44:35 -04:00
m0duspwnens
df14cbad44 fix calls to get_elastic_agent_vars 2024-09-04 17:43:49 -04:00
m0duspwnens
72f3eaa8f6 should not have changed this, so changing it back 2024-09-04 16:42:19 -04:00
Josh Patterson
71f6b44c0c Merge pull request #13607 from Security-Onion-Solutions/esver 
use Elasticsearch version for some containers
 2024-09-04 13:30:07 -04:00
DefensiveDepth
c575e02fbb Use correct name 2024-08-23 13:52:20 -04:00
m0duspwnens
cd9c9a25d3 reference elastic versions from defaults 2024-08-21 11:25:56 -04:00
DefensiveDepth
e3ecc9d4be Directly manage the Fleet Server integration config 2024-08-20 15:06:16 -04:00
weslambert
6831b72804 Fix fleet setup 2024-07-30 14:46:00 -04:00
weslambert
fe1824aedd Revert "Elastic 8.14.2" 2024-07-15 11:28:59 -04:00
DefensiveDepth
92a847e3bd Fix Fleet setup 2024-06-27 11:48:54 -04:00
reyesj2
911d6dcce1 update kafka output policy only on eligible grid types 
Signed-off-by: reyesj2 <94730068+reyesj2@users.noreply.github.com>
 2024-06-18 12:09:59 -04:00
DefensiveDepth
521cccaed6 Update defaults 2024-06-18 08:43:00 -04:00
reyesj2
4d1f2c2bc1 fix kafka elastic fleet output policy setup 
Signed-off-by: reyesj2 <94730068+reyesj2@users.noreply.github.com>
 2024-06-14 23:04:08 -04:00
reyesj2
fb1d4fdd3c update license 
Signed-off-by: reyesj2 <94730068+reyesj2@users.noreply.github.com>
 2024-06-04 12:33:51 -04:00
reyesj2
1fd5165079 Merge remote-tracking branch 'origin/2.4/dev' into reyesj2/kafka 
Signed-off-by: reyesj2 <94730068+reyesj2@users.noreply.github.com>
 2024-05-29 23:37:40 -04:00
m0duspwnens
6af0308482 add a newline 2024-05-15 16:26:44 -04:00
reyesj2
de9f6425f9 Automatically switch between Kafka output policy and logstash output policy when globals.pipeline changes 
Signed-off-by: reyesj2 <94730068+reyesj2@users.noreply.github.com>
 2024-05-02 12:13:46 -04:00
reyesj2
47ced60243 Create new Kafka output policy using salt 
Signed-off-by: reyesj2 <94730068+reyesj2@users.noreply.github.com>
 2024-05-01 14:49:51 -04:00
reyesj2
cef9bb1487 Dynamically create Kafka topics based on event.module from elastic agent logs eg. zeek-topic. Depends on Kafka brokers having auto.create.topics.enable set to true 
Signed-off-by: reyesj2 <94730068+reyesj2@users.noreply.github.com>
 2024-05-01 09:16:13 -04:00
reyesj2
bb49944b96 Setup elastic fleet rollover from logstash -> kafka output policy 
Signed-off-by: reyesj2 <94730068+reyesj2@users.noreply.github.com>
 2024-04-30 16:47:40 -04:00
reyesj2
fcc4050f86 Add id to grid-kafka fleet output policy 
Signed-off-by: reyesj2 <94730068+reyesj2@users.noreply.github.com>
 2024-04-30 12:59:53 -04:00
reyesj2
9c83a52c6d Add Kafka output to elastic-fleet setup. Includes separating topics by event.module with fallback to default-logs if no event.module is specified or doesn't match processors 
Signed-off-by: reyesj2 <94730068+reyesj2@users.noreply.github.com>
 2024-04-30 12:01:31 -04:00
Josh Brower
f28f269bb1 Fix FIM 2024-03-04 07:38:32 -05:00
Josh Brower
feabb7c51f Merge remote-tracking branch 'origin/2.4/dev' into feature/fleet-artifacts 2024-02-10 10:57:46 -05:00
Josh Brower
654602bf80 Fixup shell 2024-02-09 09:30:18 -05:00
Josh Brower
683abf0179 Rework naming 2024-02-08 13:24:25 -05:00
Josh Brower
e090518b59 Refactor script 2024-02-01 09:46:53 -05:00
Josh Brower
0d08bb0a91 Finalize script 2024-01-29 11:37:28 -05:00
Josh Brower
afa98fa147 update artifacts URL automatically 2024-01-28 14:20:52 -05:00
Josh Brower
03f140161c Check Kibana API not Web 2024-01-11 12:30:23 -05:00