CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-15 21:52:47 +01:00
Code Issues Packages Projects Releases Wiki Activity
17,025 Commits 28 Branches 119 Tags
f5ec1d4b7c4fce5f04ca18b1c807f555fee7f448
Commit Graph

10893 Commits

Author SHA1 Message Date
Josh Patterson
f5ec1d4b7c don't show sensoroni config changes 2025-09-10 09:09:02 -04:00
Jorge Reyes
0aa556e375 Merge pull request #15009 from Security-Onion-Solutions/reyesj2/ea-alerter 
so-elastic-agent-monitor
 2025-09-09 17:00:39 -05:00
Josh Patterson
d9e86c15bc Merge pull request #15010 from Security-Onion-Solutions/vlb2 
fix repo files to remove
 2025-09-09 17:15:52 -04:00
Josh Patterson
4107fa006f fix repo files to remove 2025-09-09 16:51:42 -04:00
reyesj2
29980ea958 offline threshold check 2025-09-09 15:39:55 -05:00
reyesj2
8f36d2ec00 update log file name 2025-09-09 15:38:50 -05:00
Corey Ogburn
2535ae953d Fix Index Patterns 
so-assistant-chat and so-assistant-session both had templates with a trailing dash that prevented the pattern from applying to the name of the indices.
 2025-09-09 14:00:01 -06:00
Corey Ogburn
aa43177d8c Fix Setting Name 
enabledInSoc => enabled
 2025-09-08 09:13:25 -06:00
Matthew Wright
12959d114c added threshold config fields for assistant 2025-09-08 09:13:25 -06:00
reyesj2
855b489c4b datastream 2025-09-08 09:13:24 -06:00
Corey Ogburn
673f9cb544 Responding to Feedback 2025-09-08 09:13:24 -06:00
Corey Ogburn
0a3ff47008 Cleanup Annotations 
Removed fields no longer need annotations.
 2025-09-08 09:13:24 -06:00
Corey Ogburn
834e34128d Non-dev URL 2025-09-08 09:13:23 -06:00
Corey Ogburn
73776f8d11 Cleaning up New ES Indexes 2025-09-08 09:13:23 -06:00
Corey Ogburn
120e61e45c ClientParams 
Removed investigation prompt from module settings and moved to client settings, added enabledInSoc.
 2025-09-08 09:13:23 -06:00
Corey Ogburn
fc2d450de0 Update Settings 
The apiKey will be built off of the license rather than a new setting. The model is hardcoded for now at the AI Gateway level. We're going to use the investigationPrompt as a trigger for the feature being visible in the UI but by default will be blank for now.
 2025-09-08 09:13:22 -06:00
Corey Ogburn
cea4eaf081 Updated Assistant Mapping 2025-09-08 09:13:22 -06:00
Corey Ogburn
b1753f86f9 New Message Structure 2025-09-08 09:13:22 -06:00
Corey Ogburn
6323fbf46b Content Object 2025-09-08 09:13:21 -06:00
Corey Ogburn
ba601c39b3 Rough Go at New Mappings/Settings 2025-09-08 09:13:21 -06:00
Corey Ogburn
ec27517bdd New Config Values 
New config values with annotations and defaults.

Updated Nginx config to allow streaming requests to not be buffered on the way to the client.
 2025-09-08 09:13:08 -06:00
Josh Brower
f318a84c18 Update so-elastic-fleet-reset 2025-09-08 09:03:33 -04:00
Jason Ertel
6c196ea61a Merge branch '2.4/dev' into vlb2 2025-09-05 17:11:10 -04:00
Josh Patterson
4afc986f48 firewall and logstash pipeline for managerhype 2025-09-05 13:14:47 -04:00
reyesj2
348f9dcaec prevent multiple script instances using file lock 2025-09-05 10:01:24 -05:00
reyesj2
915b9e7bd7 use logrotate 2025-09-05 09:22:44 -05:00
reyesj2
dfec29d18e custom kquery 2025-09-04 15:37:28 -05:00
Josh Patterson
a007fa6505 Merge remote-tracking branch 'origin/2.4/dev' into vlb2 2025-09-03 09:52:49 -04:00
reyesj2
1a32a0897c Merge remote-tracking branch 'origin/2.4/dev' into reyesj2/ea-alerter 2025-09-02 17:11:21 -05:00
reyesj2
e26310d172 elastic agent offline alerter 
Signed-off-by: reyesj2 <94730068+reyesj2@users.noreply.github.com>
 2025-09-02 17:00:03 -05:00
Corey Ogburn
df0b484b45 More Descriptive Description 
Include instructions for how to add local lookups and a help link.
 2025-09-02 15:07:13 -06:00
Corey Ogburn
2181cddf49 Move EnableReverseLookup 
Move EnableReverseLookup and it's annotation from ClientParams to ServerConfig.
 2025-09-02 14:09:55 -06:00
Jorge Reyes
a2b6968cef Merge pull request #14975 from Security-Onion-Solutions/reyesj2/es8186 
ES 8.18.6 upgrade
 2025-09-02 10:14:33 -05:00
Josh Patterson
285fbc2783 Merge remote-tracking branch 'origin/2.4/dev' into vlb2 2025-09-02 09:23:24 -04:00
Mike Reeves
19362fe5e5 Update so-combine-bond 2025-08-29 11:06:25 -04:00
Josh Patterson
a7a81e9825 always manage script, only run it if bond0 exists 2025-08-29 11:05:42 -04:00
Josh Patterson
f51cd008f2 only manage bond script if bond0 exists 2025-08-29 10:04:56 -04:00
reyesj2
a5675a79fe es 8.18.6 pipeline upd 2025-08-28 19:45:17 -05:00
reyesj2
1ea7b3c09f es 8.18.6 2025-08-28 18:27:56 -05:00
Jorge Reyes
d9127a288f Merge pull request #14957 from Security-Onion-Solutions/reyesj2-patch-6 
enable additional fleetnode state
 2025-08-28 14:19:03 -05:00
Josh Patterson
ebb78bc9bd Merge remote-tracking branch 'origin/2.4/dev' into vlb2 2025-08-28 09:21:33 -04:00
Mike Reeves
153a99a002 Merge pull request #14971 from Security-Onion-Solutions/mikebond 
and nic channel customization
 2025-08-27 18:42:18 -04:00
Josh Patterson
0858160be2 support for modifying nic channels 2025-08-27 14:51:57 -04:00
Mike Reeves
ccd79c814d Add script for bond0 channels 2025-08-27 09:53:37 -04:00
Josh Patterson
ac2c044a94 Merge remote-tracking branch 'origin/2.4/dev' into vlb2 2025-08-26 14:55:06 -04:00
Josh Patterson
e10d00d114 support for managerhype 2025-08-26 14:54:37 -04:00
Josh Patterson
cbdd369a18 ensure x509 in mine 2025-08-25 08:39:55 -04:00
Jason Ertel
304985b61e Merge pull request #14959 from Security-Onion-Solutions/jertel/wip 
rpt
 2025-08-22 16:55:45 -04:00
Corey Ogburn
d99857002d Improved Label 
The underlying field is called "rulesetName" but for playbook repos we're not talking about rulesets. Improved the label for user experience.
 2025-08-22 13:18:22 -06:00
Corey Ogburn
2a6c74917e Ruleset Name UiElement 
Add a missing UiElement so all the repo fields are represented in the UI.
 2025-08-22 13:00:17 -06:00