Jorge Reyes
fd29fdd975
Merge pull request #15438 from Security-Onion-Solutions/reyesj2-patch-13
...
ensure exclude_files excludes log rotation pattern
2026-01-29 11:45:08 -06:00
reyesj2
2de98b1397
ensure exclude_files excludes log rotation pattern
2026-01-29 11:06:24 -06:00
Jorge Reyes
1d57c02608
Merge pull request #15436 from Security-Onion-Solutions/reyesj2-patch-13
2026-01-28 15:36:50 -06:00
reyesj2
ebeeb91297
run fleet ssl state in fleet.config to ensure all required certs are created before so-elastic-fleet-setup runs
2026-01-28 15:23:38 -06:00
Jorge Reyes
6282beb6bd
Merge pull request #15435 from Security-Onion-Solutions/reyesj2/patch-ea-grid-upgrade
...
include all so-grid-nodes_* policies in automatic EA upgrades
2026-01-28 14:22:19 -06:00
reyesj2
1c06bddb09
include all so-grid-nodes_* policies in automatic EA upgrades
2026-01-28 11:01:57 -06:00
Jorge Reyes
36f8c490c8
Merge pull request #15418 from Security-Onion-Solutions/reyesj2-patch-11
...
update heavynode's elastic-agent standalone policy
2026-01-28 08:11:02 -06:00
Jorge Reyes
94c1a641d8
Merge pull request #15424 from Security-Onion-Solutions/reyesj2-patch-5
...
update redis log file path
2026-01-28 08:10:47 -06:00
reyesj2
057131dce7
disable redis on heavynodes -- no longer in use
2026-01-27 16:39:07 -06:00
reyesj2
e5226b50ed
disable logstash metrics collection on nodes not running logstash + fleet nodes
2026-01-27 16:37:23 -06:00
reyesj2
ff4ec69f7c
remove redis log collection on heavynodes (disabled)
2026-01-27 16:28:06 -06:00
reyesj2
4ad6136d98
update redis log file path
2026-01-27 14:23:22 -06:00
Jorge Reyes
006c17bdca
Merge pull request #15420 from Security-Onion-Solutions/reyesj2-patch-12
...
exclude known error
2026-01-27 13:41:23 -06:00
reyesj2
6b1939b827
exclude known issues with 3 integrations
2026-01-27 12:59:17 -06:00
reyesj2
2038227308
remove reference to .fleet_final_pipeline-1
...
- configure global@custom ingest pipeline to run .fleet_final_pipeline-1 when available (heavynodes do not have this pipeline).
- Update global@custom pipeline to remove error message related to sending EA logs through logstash (https://github.com/elastic/kibana/issues/183959 )
2026-01-26 14:01:58 -06:00
reyesj2
950852d673
update heavynode standalone elastic agent policy
2026-01-26 13:57:19 -06:00
reyesj2
8900f9ade3
collect elasticsearch logs on heavynodes via fleet managed elastic agent
2026-01-26 13:51:58 -06:00
reyesj2
8cf0d59560
remove block of elasticsearch-logs integration on heavynodes
2026-01-26 12:48:15 -06:00
reyesj2
a78e0b0871
only create /opt/so/state/eaintegrations.txt when all policies have been created/updated successfully
2026-01-26 12:26:21 -06:00
reyesj2
32f030f6f6
formatting
2026-01-26 12:24:31 -06:00
Jorge Reyes
b0d87b49c6
Merge pull request #15414 from Security-Onion-Solutions/reyesj2/patch-falsepos
2026-01-23 17:20:56 -06:00
reyesj2
55b3fa389e
no dates
2026-01-23 16:33:22 -06:00
reyesj2
b3ae716929
ignore kratos file mapping error
2026-01-23 16:31:30 -06:00
reyesj2
5d0c187497
format json
2026-01-23 14:45:31 -06:00
Jorge Reyes
30d8cf5a6c
Merge pull request #15412 from Security-Onion-Solutions/reyesj2-patch-9
...
missing updates to variables
2026-01-22 17:01:53 -06:00
Jorge Reyes
07dbdb9f8f
Merge pull request #15411 from Security-Onion-Solutions/reyesj2-patch-10
...
add retries to so-resources repo pull
2026-01-22 17:01:35 -06:00
reyesj2
b4c8f7924a
missing updates to variables
2026-01-22 16:49:20 -06:00
reyesj2
809422c517
add retries to so-resources repo pull
2026-01-22 16:39:19 -06:00
Jorge Reyes
bb7593a53a
Merge pull request #15410 from Security-Onion-Solutions/reyesj2-patch-9
...
fix auto soup - check for compatible versions and fallback to a known…
2026-01-22 16:36:40 -06:00
reyesj2
8e3ba8900f
fix auto soup - check for compatible versions and fallback to a known good value as needed
2026-01-22 16:12:21 -06:00
Jorge Reyes
005ec87248
Merge pull request #15408 from Security-Onion-Solutions/reyesj2-patch-7
...
fix kafka state
2026-01-21 12:58:58 -06:00
reyesj2
4c6ff0641b
fix kafka state
2026-01-21 12:47:58 -06:00
Jorge Reyes
3e242913e9
Merge pull request #15407 from Security-Onion-Solutions/reyesj2-patch-6
...
more better
2026-01-20 15:31:44 -06:00
reyesj2
ba68e3c9bd
more better
2026-01-20 15:30:19 -06:00
Josh Patterson
e1199a91b9
Merge pull request #15406 from Security-Onion-Solutions/bravo
...
fix include
2026-01-20 16:29:49 -05:00
Josh Patterson
d381248e30
fix include
2026-01-20 16:27:37 -05:00
Jorge Reyes
f4f0218cae
Merge pull request #15404 from Security-Onion-Solutions/reyesj2-patch-6
...
reinstall agent on grid nodes when service wasn't cleanly removed. eg…
2026-01-20 13:34:55 -06:00
Josh Patterson
7a38e52b01
Merge pull request #15405 from Security-Onion-Solutions/bravo
...
create dir if nonexistent
2026-01-20 14:34:16 -05:00
Josh Patterson
959fd55e32
create dir if nonexistent
2026-01-20 14:30:11 -05:00
reyesj2
a8e218a9ff
reinstall agent on grid nodes when service wasn't cleanly removed. eg. manually deleting /opt/Elastic/Agent/
2026-01-20 12:37:06 -06:00
Josh Patterson
3f5cd46d7d
Merge pull request #15402 from Security-Onion-Solutions/bravo
...
allow logstash.ssl for eval and import. fix soup create_ca_pillar
2026-01-20 12:08:45 -05:00
Josh Patterson
627f0c2bcc
allow logstash.ssl state for so-import
2026-01-20 11:58:31 -05:00
Josh Patterson
f6bde3eb04
remove double logging
2026-01-20 11:56:31 -05:00
Josh Patterson
f6e95c17a0
need to create_ca_pillar for 210 not 220
2026-01-20 11:55:57 -05:00
Josh Patterson
1234cbd04b
allow logstash.ssl on so-eval
2026-01-20 09:30:32 -05:00
Josh Patterson
fd5b93542e
Merge pull request #15400 from Security-Onion-Solutions/bravo
...
break out ssl state
2026-01-19 17:21:07 -05:00
Josh Patterson
a192455fae
Merge remote-tracking branch 'origin/2.4/dev' into bravo
2026-01-19 17:17:58 -05:00
Josh Patterson
66f17e95aa
Merge pull request #15397 from Security-Onion-Solutions/fstes
...
Fstes
2026-01-16 18:38:06 -05:00
Josh Patterson
6f4b96b61b
removing time logging changes
2026-01-16 18:31:45 -05:00
Josh Patterson
9905d23976
inform which state is being applied
2026-01-16 18:27:24 -05:00
