CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-06 09:12:45 +01:00
Code Issues Packages Projects Releases Wiki Activity
11,044 Commits 24 Branches 119 Tags
f6a765addcf8a383f17b24b72a33b0de09b5a1dd
Commit Graph

160 Commits

Author SHA1 Message Date
Josh Brower
7a9cb6d110 Initial support - IDH Node 2022-02-07 16:49:11 -05:00
Josh Patterson
a02fb37493 Update init.sls 2022-02-02 09:18:02 -05:00
m0duspwnens
e63f35a223 change to test 2022-01-27 15:19:33 -05:00
m0duspwnens
1337af9d69 more dupes 2022-01-26 11:07:06 -05:00
m0duspwnens
a0e493a186 remove dupe ids 2022-01-26 10:50:35 -05:00
m0duspwnens
a43fb293fc remove role logic 2022-01-26 10:26:52 -05:00
m0duspwnens
8aa002b82e add states to remove ca and ssl keys and certs and call them during reinstall. 2022-01-26 09:33:19 -05:00
m0duspwnens
487ac24306 revert back to getting ca from mine 2021-12-28 11:16:01 -05:00
m0duspwnens
f2adcf4ca5 ensure /etc/pki is created and simplify ca logic for non manager in ssl state 2021-12-28 10:41:57 -05:00
m0duspwnens
a46a876ec6 add managersearch to list 2021-12-16 13:48:41 -05:00
m0duspwnens
841b91e052 exclude elasticsearch and managerssl keys and certs from receiver 2021-12-14 16:05:47 -05:00
m0duspwnens
d94496bb90 remove minio_key and add missing endif 2021-12-09 13:24:20 -05:00
m0duspwnens
c2a952796c Merge remote-tracking branch 'remotes/origin/sans' into issue/6469 2021-12-09 13:13:18 -05:00
Mike Reeves
b92cbb01b3 SSL modifications 2021-12-09 13:13:01 -05:00
m0duspwnens
ecc8594d44 prevent so-receiver from getting extra keys/certs 2021-12-08 13:32:56 -05:00
m0duspwnens
59464af10c filebeat certs for logstash on so-receiver 2021-12-08 09:41:17 -05:00
m0duspwnens
1ef63f3a23 ssl things for so-receiver 2021-12-08 09:08:46 -05:00
Dustin Lee
8a394380cb add subjectAltName to filebeat.crt 
IP SAN is required for Endgame integration w/Logstash when DNS resolution is unavailable
 2021-11-30 16:24:08 -05:00
Mike Reeves
731bbabe4c Update init.sls 2021-11-15 17:00:34 -05:00
Mike Reeves
eefc9cfcb6 Enable Subject Alt Name for registry 2021-11-08 16:50:43 -05:00
William Wernert
a5cba5ecf8 Merge branch 'dev' into foxtrot 2021-10-29 10:01:46 -04:00
m0duspwnens
d7e5377a44 more requires 2021-10-22 16:46:45 -04:00
m0duspwnens
9f6407fcb0 fix dupe ids 2021-10-22 14:26:04 -04:00
m0duspwnens
f61400680d fix dupe ids 2021-10-22 14:22:15 -04:00
m0duspwnens
fed8bfac67 more requires on docker containers 2021-10-22 14:10:59 -04:00
William Wernert
352e30f9e1 Add CUSTOM_FLEET_HOSTNAME to subjectAltName of fleet.key 
Resolves #4319
 2021-10-22 11:16:29 -04:00
m0duspwnens
f93c6146f5 docker binds requires 2021-10-21 15:24:55 -04:00
Mike Reeves
481ffb1cda Fix Grain 2021-09-20 18:12:18 -04:00
Mike Reeves
50b78681f2 Ubuntu 20.04 Support 2021-09-20 17:24:47 -04:00
m0duspwnens
9c2ead16cc common name changes, allow cert to be managed regardless of expire date for heavy node 2021-07-07 10:22:37 -04:00
m0duspwnens
0627ca2fc2 use heavynode hostname for certs if heavynode. changes to logstash pipeline for redis if heavynode 2021-07-06 15:32:39 -04:00
weslambert
ce0b064972 Add conditional for heavynode for redis and elasticsearch 2021-07-06 14:21:29 -04:00
m0duspwnens
d9cb018a7d merge with dev, resolve conflicts 2021-04-28 10:19:01 -04:00
m0duspwnens
1d8e065902 fix salt retries - https://github.com/Security-Onion-Solutions/securityonion/issues/3948 2021-04-22 08:35:50 -04:00
m0duspwnens
3b74d987c1 fix retry in ca state. add subjectAltName to influxdb.crt 2021-03-11 10:49:15 -05:00
m0duspwnens
8fc1656939 fix timeouts / retries in ssl state 2021-03-11 09:24:57 -05:00
m0duspwnens
e6ecd609cc change timeouts to 30s 2021-01-29 13:44:11 -05:00
m0duspwnens
0936dbdb1c add timeouts and retries to ca/ssl states 2021-01-28 11:40:31 -05:00
m0duspwnens
b693373d8d change how we allow or disallow states to be run https://github.com/Security-Onion-Solutions/securityonion/issues/2679 2021-01-20 15:09:53 -05:00
William Wernert
15347d1209 [fix] More condition changes for Helix 2020-12-15 15:08:33 -05:00
m0duspwnens
e7abbf19af fix templates not applying to searchnode. so-searchnode role doesnt exists searchnodes are so-node role 2020-10-08 11:17:26 -04:00
m0duspwnens
40f6fed2a5 add so-fleet so standalone fleet gets the redis pki 2020-09-18 13:40:27 -04:00
m0duspwnens
09cc8ae1fb fail the state if it isnt in top 2020-09-09 16:48:50 -04:00
m0duspwnens
01c9f7b2ae merge with dev and resolve conflicts 2020-09-09 16:23:36 -04:00
m0duspwnens
7facff2b7d change from cmd.run to cp.get_file_str 2020-09-09 10:34:53 -04:00
Doug Burks
f8ebed43d7 fix spacing 2020-09-07 04:45:26 -04:00
Doug Burks
f5916e26a2 read ca.crt from filesystem when possible 2020-09-07 04:42:11 -04:00
m0duspwnens
a229ae82ce only allow state to run if it is in top for the node 2020-09-02 16:15:52 -04:00
Mike Reeves
2fce138d95 Change it to grains.host instead of grains.id 2020-08-19 21:26:27 -04:00
Mike Reeves
ccc2ed4478 don't create symlinks if a heavy node 2020-08-19 21:18:57 -04:00