securityonion

mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-06 09:12:45 +01:00

Author	SHA1	Message	Date
reyesj2	890f76e45c	avoid delay in log ingest after a forced kafka output policy update	2025-09-10 20:21:11 -05:00
Jorge Reyes	e6eecc93c8	Merge pull request #15012 from Security-Onion-Solutions/reyesj2/ea-alerter add configurable realert threshold per agent	2025-09-10 13:19:21 -05:00
reyesj2	8dc0f8d20e	fix elastic agent ssl unpack error	2025-09-10 12:49:30 -05:00
reyesj2	fbdc0c4705	add configurable realert threshold per agent	2025-09-10 10:56:09 -05:00
Josh Patterson	d1a2b57aa2	Merge pull request #15011 from Security-Onion-Solutions/hideroni don't show sensoroni config changes	2025-09-10 09:15:55 -04:00
Josh Patterson	f5ec1d4b7c	don't show sensoroni config changes	2025-09-10 09:09:02 -04:00
Jorge Reyes	0aa556e375	Merge pull request #15009 from Security-Onion-Solutions/reyesj2/ea-alerter so-elastic-agent-monitor	2025-09-09 17:00:39 -05:00
Josh Patterson	d9e86c15bc	Merge pull request #15010 from Security-Onion-Solutions/vlb2 fix repo files to remove	2025-09-09 17:15:52 -04:00
Josh Patterson	4107fa006f	fix repo files to remove	2025-09-09 16:51:42 -04:00
reyesj2	29980ea958	offline threshold check	2025-09-09 15:39:55 -05:00
reyesj2	8f36d2ec00	update log file name	2025-09-09 15:38:50 -05:00
coreyogburn	10511b8431	Merge pull request #15008 from Security-Onion-Solutions/cogburn/fix-templates Fix Index Patterns	2025-09-09 14:03:36 -06:00
Corey Ogburn	2535ae953d	Fix Index Patterns so-assistant-chat and so-assistant-session both had templates with a trailing dash that prevented the pattern from applying to the name of the indices.	2025-09-09 14:00:01 -06:00
coreyogburn	2f68cd7483	Merge pull request #14991 from Security-Onion-Solutions/cogburn/wip-module Cogburn/wip module	2025-09-09 10:32:06 -06:00
reyesj2	6655276410	force update to kafka-fleet-output-policy	2025-09-08 21:13:29 -05:00
reyesj2	9f7bcb0f7d	add --force flag to so-kafka-fleet-output-policy & default to using fleet secret storage for client key	2025-09-08 21:13:11 -05:00
Corey Ogburn	aa43177d8c	Fix Setting Name enabledInSoc => enabled	2025-09-08 09:13:25 -06:00
Matthew Wright	12959d114c	added threshold config fields for assistant	2025-09-08 09:13:25 -06:00
reyesj2	855b489c4b	datastream	2025-09-08 09:13:24 -06:00
Corey Ogburn	673f9cb544	Responding to Feedback	2025-09-08 09:13:24 -06:00
Corey Ogburn	0a3ff47008	Cleanup Annotations Removed fields no longer need annotations.	2025-09-08 09:13:24 -06:00
Corey Ogburn	834e34128d	Non-dev URL	2025-09-08 09:13:23 -06:00
Corey Ogburn	73776f8d11	Cleaning up New ES Indexes	2025-09-08 09:13:23 -06:00
Corey Ogburn	120e61e45c	ClientParams Removed investigation prompt from module settings and moved to client settings, added enabledInSoc.	2025-09-08 09:13:23 -06:00
Corey Ogburn	fc2d450de0	Update Settings The apiKey will be built off of the license rather than a new setting. The model is hardcoded for now at the AI Gateway level. We're going to use the investigationPrompt as a trigger for the feature being visible in the UI but by default will be blank for now.	2025-09-08 09:13:22 -06:00
Corey Ogburn	cea4eaf081	Updated Assistant Mapping	2025-09-08 09:13:22 -06:00
Corey Ogburn	b1753f86f9	New Message Structure	2025-09-08 09:13:22 -06:00
Corey Ogburn	6323fbf46b	Content Object	2025-09-08 09:13:21 -06:00
Corey Ogburn	ba601c39b3	Rough Go at New Mappings/Settings	2025-09-08 09:13:21 -06:00
Corey Ogburn	ec27517bdd	New Config Values New config values with annotations and defaults. Updated Nginx config to allow streaming requests to not be buffered on the way to the client.	2025-09-08 09:13:08 -06:00
Josh Brower	624ec3c93e	Merge pull request #15003 from Security-Onion-Solutions/fix/wording Make it clear that Fleet Nodes will need to be reinstalled	2025-09-08 09:10:43 -04:00
Josh Brower	f318a84c18	Update so-elastic-fleet-reset	2025-09-08 09:03:33 -04:00
Josh Patterson	8cca58dba9	Merge pull request #14998 from Security-Onion-Solutions/vlb2 manager do hypervisor things	2025-09-05 17:13:37 -04:00
Jason Ertel	6c196ea61a	Merge branch '2.4/dev' into vlb2	2025-09-05 17:11:10 -04:00
Josh Patterson	207572f2f9	remove debug added to fail_setup	2025-09-05 14:16:03 -04:00
Josh Patterson	4afc986f48	firewall and logstash pipeline for managerhype	2025-09-05 13:14:47 -04:00
Jorge Reyes	ba5d140d4b	Merge pull request #14996 from Security-Onion-Solutions/reyesj2/ea-alerter so-elastic-agent-monitor	2025-09-05 10:41:59 -05:00
reyesj2	348f9dcaec	prevent multiple script instances using file lock	2025-09-05 10:01:24 -05:00
reyesj2	915b9e7bd7	use logrotate	2025-09-05 09:22:44 -05:00
reyesj2	dfec29d18e	custom kquery	2025-09-04 15:37:28 -05:00
Josh Patterson	38ef4a6046	pass pillar properly	2025-09-04 11:02:27 -04:00
Josh Patterson	a007fa6505	Merge remote-tracking branch 'origin/2.4/dev' into vlb2	2025-09-03 09:52:49 -04:00
reyesj2	1a32a0897c	Merge remote-tracking branch 'origin/2.4/dev' into reyesj2/ea-alerter	2025-09-02 17:11:21 -05:00
reyesj2	e26310d172	elastic agent offline alerter Signed-off-by: reyesj2 <94730068+reyesj2@users.noreply.github.com>	2025-09-02 17:00:03 -05:00
coreyogburn	c7cdb0b466	Merge pull request #14986 from Security-Onion-Solutions/cogburn/internal-reverse Move EnableReverseLookup	2025-09-02 15:25:19 -06:00
Corey Ogburn	df0b484b45	More Descriptive Description Include instructions for how to add local lookups and a help link.	2025-09-02 15:07:13 -06:00
Corey Ogburn	2181cddf49	Move EnableReverseLookup Move EnableReverseLookup and it's annotation from ClientParams to ServerConfig.	2025-09-02 14:09:55 -06:00
Jorge Reyes	a2b6968cef	Merge pull request #14975 from Security-Onion-Solutions/reyesj2/es8186 ES 8.18.6 upgrade	2025-09-02 10:14:33 -05:00
Josh Patterson	285fbc2783	Merge remote-tracking branch 'origin/2.4/dev' into vlb2	2025-09-02 09:23:24 -04:00
Josh Patterson	94c5a1fd98	Merge pull request #14980 from Security-Onion-Solutions/mikebond Mikebond	2025-08-29 11:08:17 -04:00

... 3 4 5 6 7 ...

17263 Commits