CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-07 09:42:46 +01:00
Code Issues Packages Projects Releases Wiki Activity
16,874 Commits 24 Branches 119 Tags
f303363a735057196c98a809e1a66e81eaefa209
Commit Graph

16874 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Jorge Reyes
d9790b04f6 Merge pull request #14676 from Security-Onion-Solutions/reyesj2/fixsystemtime 
fix system integration time overwrite and delete unused ingest pipeline
 2025-06-03 14:01:42 -05:00
Jorge Reyes
88fa04b0f6 Merge pull request #14698 from Security-Onion-Solutions/reyesj2/esidxinfo 
add so-elasticsearch-index-growth
 2025-06-03 09:37:54 -05:00
reyesj2
d240fca721 remove usage of temp file 2025-06-03 08:45:04 -05:00
reyesj2
4d6171bde6 rename script 
Signed-off-by: reyesj2 <94730068+reyesj2@users.noreply.github.com>
 2025-06-03 07:32:12 -05:00
reyesj2
6238a5b3ed tighten up search timeframe 2025-06-02 16:31:26 -05:00
reyesj2
061600fa7a shebang line 2025-06-02 15:55:46 -05:00
reyesj2
1b89cc6818 so-elasticsearch-index-growth script 2025-06-02 15:41:03 -05:00
Josh Patterson
6e1e617124 Merge remote-tracking branch 'origin/2.4/dev' into vlb2 2025-06-02 14:06:00 -04:00
Josh Brower
7f8bf850a2 Merge pull request #14697 from Security-Onion-Solutions/2.4/playbook-updates 
Use Stable branch
 2025-06-02 13:13:43 -04:00
Josh Brower
0277891392 Use Stable branch 2025-06-02 13:10:13 -04:00
Josh Patterson
08d99a3890 remove unneeded files 2025-05-30 12:50:59 -04:00
Doug Burks
773606d876 Merge pull request #14691 from Security-Onion-Solutions/dougburks-patch-1 
add echo to end of so-elasticsearch-ilm-start and so-elasticsearch-ilm-stop
 2025-05-30 12:03:32 -04:00
Doug Burks
bf38055a6c add echo to end of so-elasticsearch-ilm-stop 2025-05-30 11:41:50 -04:00
Doug Burks
90b8d6b2f7 add echo to end of so-elasticsearch-ilm-start 2025-05-30 11:41:11 -04:00
Doug Burks
2d78fa1a41 Merge pull request #14689 from Security-Onion-Solutions/dougburks-patch-1 
FIX: so-elasticsearch-ilm-start needs shebang #14688
 2025-05-30 09:58:18 -04:00
Doug Burks
45d541d4f2 FIX: so-elasticsearch-ilm-start needs shebang #14688 2025-05-30 09:55:53 -04:00
Josh Patterson
b3c48674c5 Merge remote-tracking branch 'origin/2.4/dev' into vlb2 2025-05-30 09:52:14 -04:00
Doug Burks
8d42739030 Merge pull request #14687 from Security-Onion-Solutions/dougburks-patch-1 
FIX: so-suricata-testrule should disable pcap logging #14685
 2025-05-30 09:26:37 -04:00
Doug Burks
27358137f2 FIX: so-suricata-testrule should disable pcap logging #14685 2025-05-30 09:24:41 -04:00
Doug Burks
a54b9ddbe4 Merge pull request #14683 from Security-Onion-Solutions/dougburks-patch-1 
FIX: Improve annotation for Elasticsearch index deletion #14682
 2025-05-29 15:26:35 -04:00
Doug Burks
58936b31d5 FIX: Improve annotation for Elasticsearch index deletion #14682 2025-05-29 15:19:21 -04:00
reyesj2
fcdacc3b0d fix system integration time overwrite and delete unused ingest pipeline 2025-05-29 12:21:28 -05:00
Josh Patterson
40531dd919 add LSHOSTNAME option to so-minion. use -L in sominion_setup reactor 2025-05-29 12:22:52 -04:00
Josh Patterson
05dfce62fb corrections to allowed_states 2025-05-28 13:34:17 -04:00
Jorge Reyes
9df9cc2247 Merge pull request #14668 from Security-Onion-Solutions/reyesj2-patch-1 
use zeek network.community_id when available
 2025-05-28 12:15:18 -05:00
Jorge Reyes
d3ee5ed7b8 use zeek network.community_id when available 2025-05-28 09:20:41 -05:00
Josh Patterson
502e1e1f1b Merge remote-tracking branch 'origin/2.4/dev' into vlb2 2025-05-23 15:55:21 -04:00
Josh Patterson
e5b12ecdb9 need to allow for pw removal 2025-05-23 12:44:42 -04:00
Josh Patterson
be5e41227f rename step 2025-05-23 11:41:45 -04:00
Josh Patterson
08f208cd38 ensure bootstrap-salt is updated for salt-cloud installs 2025-05-22 15:37:34 -04:00
Jason Ertel
db08ac9022 Merge pull request #14651 from Security-Onion-Solutions/jertel/mhf 
Backport Hotfix to dev
 2025-05-22 13:44:36 -04:00
Jason Ertel
ad5a27f991 clear out hf 2025-05-22 13:39:59 -04:00
Mike Reeves
07ec302267 Merge pull request #14650 from Security-Onion-Solutions/hotfix/2.4.150 
Hotfix 2.4.150
2.4.150-20250522 		2025-05-22 13:35:33 -04:00
Mike Reeves
112704e340 Merge pull request #14649 from Security-Onion-Solutions/hf24150 
2.4.150 Hotfix
 2025-05-22 13:25:50 -04:00
Mike Reeves
e6753440f8 2.4.150 Hotfix 2025-05-22 13:18:13 -04:00
Josh Patterson
18d899a7f9 add so-docker-prune from hotfix/2.4.150 2025-05-22 09:29:51 -04:00
Josh Patterson
b2650da057 Merge remote-tracking branch 'origin/2.4/dev' into vlb2 2025-05-22 09:10:20 -04:00
Josh Patterson
31df0b5d7d create vm pillar files 2025-05-22 09:10:09 -04:00
Josh Patterson
a430a47a30 fix allowed_states check 2025-05-21 14:45:34 -04:00
Mike Reeves
00f811ce31 Merge pull request #14646 from Security-Onion-Solutions/hotfix4150 
Update HOTFIX
 2025-05-21 14:38:00 -04:00
Mike Reeves
ddd023c69a Update so-docker-prune 2025-05-21 13:47:45 -04:00
Mike Reeves
2911025c0c Update HOTFIX 2025-05-21 13:45:32 -04:00
Josh Brower
2e8ab648fd Merge pull request #14643 from Security-Onion-Solutions/2.4/parsingfix 
Tighten parsing
 2025-05-21 12:08:10 -04:00
Josh Brower
b753d40861 Tighten parsing 2025-05-20 17:06:11 -04:00
Josh Patterson
a32aac7111 apply salt.cloud.config when hypervisor joins 2025-05-20 13:38:24 -04:00
Josh Brower
2fff6232c1 Merge pull request #14638 from Security-Onion-Solutions/2.4/playbooks-parsing 
Add parsing for Playbook
 2025-05-19 18:06:05 -04:00
coreyogburn
f751c82e1c Merge pull request #14639 from Security-Onion-Solutions/cogburn/ruleset-name 
Add RulesetName to Rule Repos
 2025-05-19 15:40:02 -06:00
Corey Ogburn
39f74fe547 Use the new JSON object editor for RulesRepos config entries 2025-05-19 15:38:45 -06:00
Corey Ogburn
11fb33fdeb Add RulesetName to Rule Repos 
Fill in `rulesetName` in the rules repos of the ElastAlert and Strelka engines. These will act as an example to anybody adding their repos to these lists. The field is not required, but helps avoid collisions when managing repos as the value is used for the folder name. When not present, the final folder of the repo url is used as the rulesetName and as the folder name on disk.

Note that rulesetNames including a `/` will create extra folders in the path but the rulesetName will contain the slash, i.e. `rulesetName="joesecurity/sigma-rules"` will create the nested structure of `reposFolder/joesecurity/sigma-rules" containing the contents of the repo. All rules imported from this repo will have the ruleset of `joesecurity/sigma-rules`.
 2025-05-19 14:19:56 -06:00
Josh Brower
58f4db95ea Create playbooks dir 2025-05-19 15:31:50 -04:00