11194 Commits

This Branch

This Branch

All Branches

Author	SHA1	Message	Date
weslambert	fa9e62a816	Merge pull request #9665 from Security-Onion-Solutions/fix/elastic_agent_integration_policy_import_suricata_event.category ... Change event.category from 'file' to 'network' in Import Suricata integration policy	2023-01-27 12:03:34 -05:00
weslambert	e47f64bd04	Change event.category from 'file' to 'network'	2023-01-27 12:00:30 -05:00
weslambert	6d2f379ba5	Merge pull request #9664 from Security-Onion-Solutions/fix/elastic_agent_integration_policies_zeek_exclude_files ... Update Zeek file exclusions and add a minor output formatting change	2023-01-27 11:58:19 -05:00
weslambert	f49627cec1	Update Zeek file exclusions and add a minor output formatting change	2023-01-27 11:47:14 -05:00
weslambert	5ab3d1e8f1	Merge pull request #9663 from Security-Onion-Solutions/fix/elastic_agent_integration_policy_zeek_import_ics_tag ... Change 'pipeline' to 'import.file' so that ICS tag conditional is applied to the correct field	2023-01-27 11:34:28 -05:00
weslambert	6b251a2596	Change 'pipeline' to 'import.file' so that ICS tag conditional is applied to the correct field	2023-01-27 11:30:06 -05:00
weslambert	5468aa82b0	Merge pull request #9662 from Security-Onion-Solutions/fix/elasticsearch_ingest_pipeline_event.dataset_rename ... Change event.dataset value for zeek.files and zeek.tunnels ingest pipelines	2023-01-27 11:19:45 -05:00
weslambert	2772b03dca	Change event.dataset value from 'tunnels' to 'tunnel'	2023-01-27 11:03:49 -05:00
weslambert	716ec7f936	Change event.dataset value from 'files' to 'file'	2023-01-27 11:02:44 -05:00
Doug Burks	83aad48e3a	Merge pull request #9657 from Security-Onion-Solutions/2.4/elastic-8.6.1 ... UPGRADE: Elastic 8.6.1 #9594 (2.4)	2023-01-26 16:24:42 -05:00
Doug Burks	86ca51ff99	Update to Elastic 8.6.1	2023-01-26 16:18:06 -05:00
Doug Burks	a27fc5c768	Update to Elastic 8.6.1	2023-01-26 16:17:36 -05:00
weslambert	27b1f1bd07	Merge pull request #9654 from Security-Onion-Solutions/fix/logstash_cleanup ... FIX: Logstash Pipeline Cleanup	2023-01-26 13:19:50 -05:00
Wes	e4271043c6	Remove unnecessary Logstash pipelines	2023-01-26 18:05:14 +00:00
Wes	b3123f7895	Remove unnecessary Logstash pipelines from the pillar	2023-01-26 17:57:07 +00:00
Mike Reeves	282d0f88db	Merge pull request #9652 from Security-Onion-Solutions/TOoSmOotH-patch-2 ... Update so-verify	2023-01-26 12:33:46 -05:00
Mike Reeves	25a6eba166	Update so-verify	2023-01-26 12:30:35 -05:00
weslambert	a8d2631d75	Merge pull request #9650 from Security-Onion-Solutions/fix/elastic_agent_add_import_mode ... Elastic Agent - Import Mode	2023-01-26 11:33:20 -05:00
Josh Patterson	881c8337a3	Merge pull request #9641 from Security-Onion-Solutions/2.4/firewall ... 2.4/firewall	2023-01-26 11:21:30 -05:00
Wes	b381c5424e	Remove extra whitespace after 'so-elastic-agent-builder' line in 'so-image-common'	2023-01-26 16:13:23 +00:00
Mike Reeves	a9919e7547	Merge pull request #9648 from Security-Onion-Solutions/mkr24 ... Enable Proxy Support	2023-01-26 11:12:35 -05:00
Wes	f1db1bc273	Ensure Kratos events are sent to a data stream instead of an index	2023-01-26 16:12:06 +00:00
Wes	7d68ef0e8b	Add Elastic Agent and Fleet to firewall configuration for Import Mode	2023-01-26 16:07:31 +00:00
Wes	43ffcb1d63	Allow setup to set up Elastic Fleet for Import Mode	2023-01-26 16:05:16 +00:00
Wes	8051fc70eb	Temporarily disable the loading of the RITA package policy	2023-01-26 16:03:59 +00:00
Wes	a9a119f1ab	Add Elasticsearch output to 'so-elastic-fleet-setup' for Import Mode	2023-01-26 16:02:27 +00:00
Wes	6a803dfe35	Add Elastic Fleet to top file configuration for Import Mode	2023-01-26 16:01:03 +00:00
Wes	1fb6cf7bfe	Add Elastic Fleet to allowed states for Import Mode	2023-01-26 15:59:49 +00:00
m0duspwnens	1d2f491084	Merge remote-tracking branch 'remotes/origin/2.4/dev' into 2.4/firewall	2023-01-26 10:49:00 -05:00
m0duspwnens	aafbdf6afc	adjust retry and timeout for wait_for_influxdb	2023-01-26 10:12:37 -05:00
Mike Reeves	2456aac311	Proxy Stuff	2023-01-26 09:57:44 -05:00
m0duspwnens	08750154b4	add missing quotes in check_web_pass	2023-01-26 09:11:28 -05:00
Mike Reeves	9e146184d6	Proxy Stuff	2023-01-25 17:43:02 -05:00
Mike Reeves	c57d390bac	Proxy Stuff	2023-01-25 17:40:40 -05:00
weslambert	211b87e7ae	Merge pull request #9644 from Security-Onion-Solutions/revert-9640-fix/elastic_agent_import_mode ... Revert "Elastic Agent and Fleet - Import Mode"	2023-01-25 17:23:27 -05:00
weslambert	6ee66a34bc	Revert "Elastic Agent and Fleet - Import Mode"	2023-01-25 17:12:03 -05:00
weslambert	6785e0ec9e	Merge pull request #9640 from Security-Onion-Solutions/fix/elastic_agent_import_mode ... Elastic Agent and Fleet - Import Mode	2023-01-25 17:01:33 -05:00
weslambert	c73cd78f08	Merge pull request #9643 from Security-Onion-Solutions/2.4/dev ... Merge Dev	2023-01-25 16:59:47 -05:00
m0duspwnens	790aa6b684	add logstash pillar items for minions	2023-01-25 15:18:56 -05:00
Wes	5c58cda872	Move certificate configuration outside of conditional logic	2023-01-25 19:29:50 +00:00
m0duspwnens	b7a5937dc1	add soc_logstash and adv_logstash to nodes in pillar/top	2023-01-25 14:04:36 -05:00
Mike Reeves	31f591a098	Merge pull request #9635 from Security-Onion-Solutions/mkr24 ... Ubuntu support changes	2023-01-25 13:34:44 -05:00
Wes	c3717dae67	Add Elastic Fleet firewall configuration for Import Mode	2023-01-25 18:27:00 +00:00
Mike Reeves	498301b111	Salt for Ubuntu	2023-01-25 12:00:19 -05:00
Mike Reeves	704d99e757	Salt for Ubuntu	2023-01-25 11:50:19 -05:00
Mike Reeves	9243b01cbb	Salt for Ubuntu	2023-01-25 11:44:22 -05:00
Jason Ertel	c9f18891b2	Merge pull request #9639 from Security-Onion-Solutions/kilo ... auto extract source/dest IP on case related event attachments; improve so-verify stream to console	2023-01-25 11:37:16 -05:00
Wes	86a925e1c7	Download Elastic Agent images for Import Mode	2023-01-25 16:09:12 +00:00
Jason Ertel	31d7e05c45	refactor so-verify to ensure output streams to console	2023-01-25 10:59:50 -05:00
Wes	838beabae5	Add missing single quote for Elastic Agent Elasticsearch output	2023-01-25 15:58:06 +00:00