Merge pull request #10406 from Security-Onion-Solutions/dev

2.3.250
Merge pull request #10405 from Security-Onion-Solutions/2.3.250
2026-01-22 08:01:28 +01:00 · 2023-05-22 15:14:23 -04:00 · 2023-05-22 11:39:40 -04:00 · 2023-05-22 11:37:13 -04:00 · 2023-05-20 08:45:29 -04:00 · 2023-05-19 23:56:39 -04:00
18 changed files with 105 additions and 49 deletions
--- a/1
+++ b/1
@@ -0,0 +1 @@
+
--- a/VERIFY_ISO.md
+++ b/VERIFY_ISO.md
@@ -1,18 +1,18 @@
-### 2.3.220-20230224 ISO image built on 2023/02/24
+### 2.3.250-20230519 ISO image built on 2023/05/19



 ### Download and Verify

-2.3.220-20230224 ISO image:  
-https://download.securityonion.net/file/securityonion/securityonion-2.3.220-20230224.iso
+2.3.250-20230519 ISO image:  
+https://download.securityonion.net/file/securityonion/securityonion-2.3.250-20230519.iso

-MD5: 74CDCE07BC5787567E07C1CAC64DC381  
-SHA1: 8DA0E8541C46CBDCFA0FB9B60F3C95D027D4BB37  
-SHA256: E5EDB011693AC33C40CAB483400F72FAF9615053867FD9C80DDD1AACAD9100B3 
+MD5: EBECF635FB8CFDDD5C0559D01C14E215  
+SHA1: 1C2BD45D080D6D99FD84C120827EA39817FCB078  
+SHA256: 748E9740077BCCAFDC67D15BA2D6A4B0539A29E4527715973E5BDDE5DCF565AD 

 Signature for ISO image:  
-https://github.com/Security-Onion-Solutions/securityonion/raw/master/sigs/securityonion-2.3.220-20230224.iso.sig
+https://github.com/Security-Onion-Solutions/securityonion/raw/master/sigs/securityonion-2.3.250-20230519.iso.sig

 Signing key:  
 https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/master/KEYS  
@@ -26,22 +26,22 @@ wget https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/ma

 Download the signature file for the ISO:  
 ```
-wget https://github.com/Security-Onion-Solutions/securityonion/raw/master/sigs/securityonion-2.3.220-20230224.iso.sig
+wget https://github.com/Security-Onion-Solutions/securityonion/raw/master/sigs/securityonion-2.3.250-20230519.iso.sig
 ```

 Download the ISO image:  
 ```
-wget https://download.securityonion.net/file/securityonion/securityonion-2.3.220-20230224.iso
+wget https://download.securityonion.net/file/securityonion/securityonion-2.3.250-20230519.iso
 ```

 Verify the downloaded ISO image using the signature file:  
 ```
-gpg --verify securityonion-2.3.220-20230224.iso.sig securityonion-2.3.220-20230224.iso
+gpg --verify securityonion-2.3.250-20230519.iso.sig securityonion-2.3.250-20230519.iso
 ```

 The output should show "Good signature" and the Primary key fingerprint should match what's shown below:
 ```
-gpg: Signature made Fri 24 Feb 2023 02:32:08 PM EST using RSA key ID FE507013
+gpg: Signature made Sat 20 May 2023 09:16:02 AM EDT using RSA key ID FE507013
 gpg: Good signature from "Security Onion Solutions, LLC <info@securityonionsolutions.com>"
 gpg: WARNING: This key is not certified with a trusted signature!
 gpg:          There is no indication that the signature belongs to the owner.
--- a/2
+++ b/2
@@ -1 +1 @@
-2.3.220
+2.3.250
--- a/pillar/zeek/init.sls
+++ b/pillar/zeek/init.sls
@@ -15,6 +15,7 @@ zeek:
    SpoolDir: /nsm/zeek/spool
    CfgDir: /opt/zeek/etc
    CompressLogs: 1
+    ZeekPort: 27760
  local:
    '@load':
      - misc/loaded-scripts
--- a/salt/common/tools/sbin/soup
+++ b/salt/common/tools/sbin/soup
@@ -212,7 +212,7 @@ check_local_mods() {
    if [[ -f $default_file ]]; then
      file_diff=$(diff "$default_file" "$local_file" )
      if [[ ! " ${local_ignore_arr[*]} " =~ " ${local_file} " ]]; then
-        if [[ $(echo "$file_diff" | grep -c "^<") -gt 0 ]]; then
+        if [[ $(echo "$file_diff" | grep -Ec "^[<>]") -gt 0 ]]; then
          local_mod_arr+=( "$local_file" )
        fi
      fi
@@ -554,6 +554,10 @@ preupgrade_changes() {
    [[ "$INSTALLEDVERSION" == 2.3.190 ]] && up_to_2.3.200
    [[ "$INSTALLEDVERSION" == 2.3.200 ]] && up_to_2.3.210
    [[ "$INSTALLEDVERSION" == 2.3.210 ]] && up_to_2.3.220
+    [[ "$INSTALLEDVERSION" == 2.3.220 ]] && up_to_2.3.230
+    [[ "$INSTALLEDVERSION" == 2.3.230 ]] && up_to_2.3.240
+    [[ "$INSTALLEDVERSION" == 2.3.240 ]] && up_to_2.3.250
+    
    true
 }

@@ -580,6 +584,9 @@ postupgrade_changes() {
    [[ "$POSTVERSION" == 2.3.190 ]] && post_to_2.3.200
    [[ "$POSTVERSION" == 2.3.200 ]] && post_to_2.3.210
    [[ "$POSTVERSION" == 2.3.210 ]] && post_to_2.3.220
+    [[ "$POSTVERSION" == 2.3.220 ]] && post_to_2.3.230
+    [[ "$POSTVERSION" == 2.3.230 ]] && post_to_2.3.240
+    [[ "$POSTVERSION" == 2.3.240 ]] && post_to_2.3.250

    true
 }
@@ -713,6 +720,21 @@ post_to_2.3.220() {
  POSTVERSION=2.3.220
 }

+post_to_2.3.230() {
+  echo "Nothing to do for .230"
+  POSTVERSION=2.3.230
+}
+
+post_to_2.3.240() {
+  echo "Nothing to do for .240"
+  POSTVERSION=2.3.240
+}
+
+post_to_2.3.250() {
+  echo "Nothing to do for .250"
+  POSTVERSION=2.3.250
+}
+
 stop_salt_master() {
    # kill all salt jobs across the grid because the hang indefinitely if they are queued and salt-master restarts
    set +e
@@ -1053,6 +1075,21 @@ up_to_2.3.220() {
  INSTALLEDVERSION=2.3.220
 }

+up_to_2.3.230() {
+  echo "Upgrading to 2.3.230"
+  INSTALLEDVERSION=2.3.230
+}
+
+up_to_2.3.240() {
+  echo "Upgrading to 2.3.240"
+  INSTALLEDVERSION=2.3.240
+}
+
+up_to_2.3.250() {
+  echo "Upgrading to 2.3.250"
+  INSTALLEDVERSION=2.3.250
+}
+
 verify_upgradespace() {
  CURRENTSPACE=$(df -BG / | grep -v Avail | awk '{print $4}' | sed 's/.$//')
  if [ "$CURRENTSPACE" -lt "10" ]; then
--- a/salt/curator/files/curator.yml
+++ b/salt/curator/files/curator.yml
@@ -14,22 +14,25 @@
 ---
 # Remember, leave a key empty if there is no value.  None will be a string,
 # not a Python "NoneType"
-client:
-  hosts:
-    - {{elasticsearch}}
-  port: 9200
+elasticsearch:
+  client:
+    hosts:
+      - https://{{elasticsearch}}:9200
+    cloud_id:
+    ca_certs:
+    client_cert:
+    client_key:
+    verify_certs: False
+    request_timeout: 30
+  other_settings:
+    api_key:
+      id:
+      api_key:
+    master_only: False
 {%- if salt['pillar.get']('elasticsearch:auth:enabled') is sameas true %}
-  username: "{{ ES_USER }}"
-  password: "{{ ES_PASS }}"
+    username: "{{ ES_USER }}"
+    password: "{{ ES_PASS }}"
 {%- endif %}
-  url_prefix:
-  use_ssl: True
-  certificate:
-  client_cert:
-  client_key:
-  ssl_no_validate: True
-  timeout: 30
-  master_only: False

 logging:
  loglevel: INFO
--- a/salt/curator/init.sls
+++ b/salt/curator/init.sls
@@ -139,6 +139,8 @@ so-curator:
      - file: actionconfs
      - file: curconf
      - file: curlogdir
+    - watch:
+      - file: curconf
  {% else %}
    - force: True
  {% endif %}
--- a/salt/elasticsearch/files/ingest/suricata.dns
+++ b/salt/elasticsearch/files/ingest/suricata.dns
@@ -1,21 +1,21 @@
 {
  "description" : "suricata.dns",
  "processors" : [
-    { "rename": 	{ "field": "message2.proto", 		"target_field": "network.transport",		"ignore_missing": true 	} },
-    { "rename": 	{ "field": "message2.app_proto", 	"target_field": "network.protocol",		"ignore_missing": true 	} },
-    { "rename": 	{ "field": "message2.dns.type", 	"target_field": "dns.query.type",		"ignore_missing": true 	} },
-    { "rename": 	{ "field": "message2.dns.tx_id",	"target_field": "dns.id",			"ignore_missing": true 	} },
-    { "rename": 	{ "field": "message2.dns.version", 	"target_field": "dns.version",			"ignore_missing": true 	} },
-    { "rename": 	{ "field": "message2.dns.rrname", 	"target_field": "dns.query.name",		"ignore_missing": true 	} },
-    { "rename": 	{ "field": "message2.dns.rrtype", 	"target_field": "dns.query.type_name",		"ignore_missing": true 	} },
-    { "rename": 	{ "field": "message2.dns.flags", 	"target_field": "dns.flags",			"ignore_missing": true 	} },
-    { "rename": 	{ "field": "message2.dns.qr", 		"target_field": "dns.qr",			"ignore_missing": true 	} },
-    { "rename": 	{ "field": "message2.dns.rd", 		"target_field": "dns.recursion.desired",	"ignore_missing": true 	} },
-    { "rename": 	{ "field": "message2.dns.ra", 		"target_field": "dns.recursion.available",	"ignore_missing": true 	} },
-    { "rename": 	{ "field": "message2.dns.rcode", 	"target_field": "dns.response.code_name",	"ignore_missing": true 	} },
-    { "rename": 	{ "field": "message2.grouped.A", 	"target_field": "dns.answers.data",		"ignore_missing": true 	} },
-    { "rename": 	{ "field": "message2.grouped.CNAME", 	"target_field": "dns.answers.name",		"ignore_missing": true 	} },
-    { "pipeline": 	{ "if": "ctx.dns.query?.name != null && ctx.dns.query.name.contains('.')", "name": "dns.tld"			} },
-    { "pipeline": { "name": "common" } }
+    { "rename": 	{ "field": "message2.proto", 			"target_field": "network.transport",		"ignore_missing": true 	} },
+    { "rename": 	{ "field": "message2.app_proto", 		"target_field": "network.protocol",		"ignore_missing": true 	} },
+    { "rename": 	{ "field": "message2.dns.type", 		"target_field": "dns.query.type",		"ignore_missing": true 	} },
+    { "rename": 	{ "field": "message2.dns.tx_id",		"target_field": "dns.id",			"ignore_missing": true 	} },
+    { "rename": 	{ "field": "message2.dns.version", 		"target_field": "dns.version",			"ignore_missing": true 	} },
+    { "rename": 	{ "field": "message2.dns.rrname", 		"target_field": "dns.query.name",		"ignore_missing": true 	} },
+    { "rename": 	{ "field": "message2.dns.rrtype", 		"target_field": "dns.query.type_name",		"ignore_missing": true 	} },
+    { "rename": 	{ "field": "message2.dns.flags", 		"target_field": "dns.flags",			"ignore_missing": true 	} },
+    { "rename": 	{ "field": "message2.dns.qr", 			"target_field": "dns.qr",			"ignore_missing": true 	} },
+    { "rename": 	{ "field": "message2.dns.rd", 			"target_field": "dns.recursion.desired",	"ignore_missing": true 	} },
+    { "rename": 	{ "field": "message2.dns.ra", 			"target_field": "dns.recursion.available",	"ignore_missing": true 	} },
+    { "rename": 	{ "field": "message2.dns.rcode", 		"target_field": "dns.response.code_name",	"ignore_missing": true 	} },
+    { "rename":		{ "field": "message2.dns.grouped.A", 		"target_field": "dns.answers.data",		"ignore_missing": true 	} },
+    { "rename":		{ "field": "message2.dns.grouped.CNAME",	"target_field": "dns.answers.name",		"ignore_missing": true 	} },
+    { "pipeline":	{ "if": "ctx.dns.query?.name != null && ctx.dns.query.name.contains('.')", "name": "dns.tld"				} },
+    { "pipeline": 	{ "name": "common"													} }
  ]
 }
--- a/salt/kibana/bin/so-kibana-config-load
+++ b/salt/kibana/bin/so-kibana-config-load
@@ -59,7 +59,7 @@ update() {

    IFS=$'\r\n' GLOBIGNORE='*' command eval  'LINES=($(cat $1))'
    for i in "${LINES[@]}"; do
-      RESPONSE=$({{ ELASTICCURL }} -X PUT "localhost:5601/api/saved_objects/config/8.6.2" -H 'kbn-xsrf: true' -H 'Content-Type: application/json' -d " $i ")
+      RESPONSE=$({{ ELASTICCURL }} -X PUT "localhost:5601/api/saved_objects/config/8.7.1" -H 'kbn-xsrf: true' -H 'Content-Type: application/json' -d " $i ")
      echo $RESPONSE; if [[ "$RESPONSE" != *"\"success\":true"* ]] && [[ "$RESPONSE" != *"updated_at"* ]] ; then RETURN_CODE=1;fi
    done
 
--- a/salt/kibana/files/config_saved_objects.ndjson
+++ b/salt/kibana/files/config_saved_objects.ndjson
@@ -1 +1 @@
-{"attributes": {"buildNum": 39457,"defaultIndex": "2289a0c0-6970-11ea-a0cd-ffa0f6a1bc29","defaultRoute": "/app/dashboards#/view/a8411b30-6d03-11ea-b301-3d6c35840645","discover:sampleSize": 100,"theme:darkMode": true,"timepicker:timeDefaults": "{\n  \"from\": \"now-24h\",\n  \"to\": \"now\"\n}"},"coreMigrationVersion": "8.6.2","id": "8.6.2","migrationVersion": {"config": "7.13.0"},"references": [],"type": "config","updated_at": "2021-10-10T10:10:10.105Z","version": "WzI5NzUsMl0="}
+{"attributes": {"buildNum": 39457,"defaultIndex": "2289a0c0-6970-11ea-a0cd-ffa0f6a1bc29","defaultRoute": "/app/dashboards#/view/a8411b30-6d03-11ea-b301-3d6c35840645","discover:sampleSize": 100,"theme:darkMode": true,"timepicker:timeDefaults": "{\n  \"from\": \"now-24h\",\n  \"to\": \"now\"\n}"},"coreMigrationVersion": "8.7.1","id": "8.7.1","migrationVersion": {"config": "7.13.0"},"references": [],"type": "config","updated_at": "2021-10-10T10:10:10.105Z","version": "WzI5NzUsMl0="}
--- a/salt/kibana/files/saved_objects.ndjson
+++ b/salt/kibana/files/saved_objects.ndjson
--- a/salt/sensoroni/files/analyzers/whoislookup/requirements.txt
+++ b/salt/sensoroni/files/analyzers/whoislookup/requirements.txt
@@ -1 +1,2 @@
+requests==2.27.1
 whoisit>=2.5.3
--- a/salt/strelka/defaults.yaml
+++ b/salt/strelka/defaults.yaml
@@ -17,3 +17,5 @@ strelka:
    - gen_susp_xor.yar
    - gen_webshells_ext_vars.yar
    - configured_vulns_ext_vars.yar
+    - expl_outlook_cve_2023_23397.yar
+    - gen_mal_3cx_compromise_mar23.yar
--- a/setup/so-functions
+++ b/setup/so-functions
@@ -1123,8 +1123,17 @@ create_repo() {
 }

 detect_cloud() {
-  echo "Testing if setup is running on a cloud instance..." | tee -a "$setup_log"
-  if ( curl --fail -s -m 5 http://169.254.169.254/latest/meta-data/instance-id > /dev/null ) || ( dmidecode -s bios-vendor | grep -q Google > /dev/null) || [ -f /var/log/waagent.log ]; then export is_cloud="true"; fi
+	echo "Testing if setup is running on a cloud instance..." | tee -a "$setup_log"
+	if dmidecode -s bios-version | grep -q amazon || \
+		dmidecode -s bios-vendor | grep -q Amazon || \
+		dmidecode -s bios-vendor | grep -q Google || \
+		[ -f /var/log/waagent.log ]; then 
+
+		echo "Detected a cloud installation." | tee -a "$setup_log"
+		export is_cloud="true"
+	else
+		echo "This does not appear to be a cloud installation." | tee -a "$setup_log"
+	fi
 }

 detect_os() {
--- a/sigs/securityonion-2.3.220-20230301.iso.sig
+++ b/sigs/securityonion-2.3.220-20230301.iso.sig
--- a/sigs/securityonion-2.3.230-20230417.iso.sig
+++ b/sigs/securityonion-2.3.230-20230417.iso.sig
--- a/sigs/securityonion-2.3.240-20230426.iso.sig
+++ b/sigs/securityonion-2.3.240-20230426.iso.sig
--- a/sigs/securityonion-2.3.250-20230519.iso.sig
+++ b/sigs/securityonion-2.3.250-20230519.iso.sig
Author	SHA1	Message	Date
Mike Reeves	c949101d0f	Merge pull request #10406 from Security-Onion-Solutions/dev 2.3.250	2023-05-22 15:14:23 -04:00
Mike Reeves	7c1f19b91f	Merge pull request #10405 from Security-Onion-Solutions/2.3.250 2.3.250	2023-05-22 11:39:40 -04:00
Mike Reeves	598d6b025e	2.3.250	2023-05-22 11:37:13 -04:00
Jason Ertel	4d0d0714a5	Merge pull request #10401 from Security-Onion-Solutions/jertel/fixwhoisit use the same requests version that's already packaged with the analyzer	2023-05-20 08:45:29 -04:00
Jason Ertel	cb0c078955	use the same requests version that's already packaged with the analyzer	2023-05-19 23:56:39 -04:00
Jason Ertel	aa426244bf	Merge pull request #10394 from Security-Onion-Solutions/jertel/fixwhoisit fix lib dependency issue with whoisit	2023-05-19 14:34:32 -04:00
Jason Ertel	97b2ae8d82	fix lib dependency issue with whoisit	2023-05-19 14:23:12 -04:00
Doug Burks	7047125759	Merge pull request #10386 from Security-Onion-Solutions/2.3/elastic-8.7.1 UPGRADE: Elastic 8.7.1 #10269	2023-05-18 15:27:10 -04:00
Doug Burks	43f73abd4d	Update so-kibana-config-load	2023-05-18 15:18:27 -04:00
Doug Burks	51a8684850	Update config_saved_objects.ndjson	2023-05-18 15:17:36 -04:00
Doug Burks	b3c5239787	Merge pull request #10333 from Security-Onion-Solutions/dougburks-patch-1 Update soup for 2.3.250	2023-05-11 08:28:53 -04:00
Doug Burks	0f562279ee	Update soup for 2.3.250	2023-05-11 07:26:58 -04:00
weslambert	834f45c0f2	Merge pull request #10286 from Security-Onion-Solutions/fix/strelka_ignore_yara_rules Ignore "expl_outlook_cve_2023_23397.yar" and "gen_mal_3cx_compromise_mar23.yar" since they are causing problems with YARA compilation	2023-05-08 11:58:11 -04:00
weslambert	d4cf9efeca	Merge pull request #10303 from Security-Onion-Solutions/fix/kibana_pivot_to_pcap_url Surround _id field in double quotes to prevent errors associated with values beginning with a hyphen	2023-05-08 11:55:22 -04:00
Doug Burks	c620983b4a	Merge pull request #10299 from Security-Onion-Solutions/dougburks-patch-1 FIX: Improve soup's local file modification logic #8972	2023-05-08 09:47:49 -04:00
Wes	ed19c139ea	Surround _id field in double quotes to prevent errors associated with values beginning with a hyphen	2023-05-08 13:44:36 +00:00
Doug Burks	af85c6261b	FIX: Improve soup's local file modification logic #8972	2023-05-08 09:41:26 -04:00
weslambert	e9f58269cd	Ignore "expl_outlook_cve_2023_23397.yar" and "gen_mal_3cx_compromise_mar23.yar" since they are causing problems with YARA compilation	2023-05-04 16:13:59 -04:00
Jason Ertel	208c3d96e9	Merge pull request #10266 from Security-Onion-Solutions/jertel/aws more detection improvements	2023-05-02 08:17:13 -04:00
Jason Ertel	1e888a5d9e	more detection improvements	2023-05-02 07:56:11 -04:00
Jason Ertel	f7ae8d449e	Merge pull request #10259 from Security-Onion-Solutions/jertel/simplifycd simplify cloud detection	2023-05-01 11:33:26 -04:00
Jason Ertel	195274bb11	Merge branch 'dev' into jertel/simplifycd	2023-05-01 11:29:39 -04:00
Jason Ertel	a0ac1d2274	simplify cloud detection	2023-05-01 11:04:43 -04:00
Mike Reeves	3dd39c7f59	Merge pull request #10234 from Security-Onion-Solutions/TOoSmOotH-patch-2 Update VERSION	2023-04-26 14:41:04 -04:00
Mike Reeves	ba846bbf35	Update VERSION	2023-04-26 14:39:31 -04:00
Mike Reeves	0baf8e9471	Merge pull request #10227 from Security-Onion-Solutions/dev 2.3.240	2023-04-26 14:31:56 -04:00
Mike Reeves	e30fec7af0	Merge pull request #10226 from Security-Onion-Solutions/2.3.240 2.3.240	2023-04-26 09:58:18 -04:00
Mike Reeves	884f5cd3a6	2.3.240	2023-04-26 09:55:19 -04:00
Jason Ertel	11babd2f1c	Merge pull request #10221 from Security-Onion-Solutions/jertel/imdsv2to timeout more quickly on aws imdsv2 detection	2023-04-26 07:59:13 -04:00
Jason Ertel	b440ab5c02	timeout more quickly on aws imdsv2 detection	2023-04-26 07:57:23 -04:00
Jason Ertel	91d667c3ad	Merge pull request #10200 from Security-Onion-Solutions/jertel/imdsv2_23 Detect cloud install on forced imdsv2 instances	2023-04-25 09:46:39 -04:00
Jason Ertel	f04c01b28c	Merge pull request #10204 from Security-Onion-Solutions/jertel/2.3.240_soup soup update for 2.3.240	2023-04-25 09:46:28 -04:00
Jason Ertel	71ab8ddf1d	soup update for 2.3.240	2023-04-25 09:42:14 -04:00
Jason Ertel	f1f79d55dc	Detect cloud install on forced imdsv2 instances	2023-04-24 16:26:23 -04:00
Mike Reeves	db1bd16758	Merge pull request #10142 from Security-Onion-Solutions/TOoSmOotH-patch-1 Update VERSION	2023-04-17 10:56:59 -04:00
Mike Reeves	ef73834d58	Update VERSION	2023-04-17 10:55:38 -04:00
Mike Reeves	3891548d6d	Merge pull request #10141 from Security-Onion-Solutions/dev 2.3.230 Release	2023-04-17 10:47:32 -04:00
Mike Reeves	9d6ed8b9b2	Merge pull request #10140 from Security-Onion-Solutions/2.3.230 2.3.230	2023-04-17 10:26:59 -04:00
Mike Reeves	ef92815a08	2.3.230	2023-04-17 10:22:39 -04:00
Doug Burks	19b5cdcb0e	Merge pull request #10119 from Security-Onion-Solutions/2.3/fix-suricata-dns FIX: Suricata DNS A and CNAME parsing #10117	2023-04-13 11:00:13 -04:00
Doug Burks	272b345892	FIX: Suricata DNS A and CNAME parsing #10117	2023-04-13 10:52:37 -04:00
Mike Reeves	7fad9d60ef	Merge pull request #10113 from Security-Onion-Solutions/TOoSmOotH-patch-4 Update init.sls	2023-04-12 10:32:43 -04:00
Mike Reeves	46fc62b8dc	Update init.sls	2023-04-12 10:29:54 -04:00
Doug Burks	ca9a93a4b0	Merge pull request #9998 from Security-Onion-Solutions/dougburks-patch-1 Update soup for 2.3.230	2023-03-24 12:38:39 -04:00
Doug Burks	aa2e18fca9	Update soup for 2.3.230	2023-03-24 12:31:51 -04:00
Mike Reeves	7e4ce7b81d	Merge pull request #9877 from Security-Onion-Solutions/TOoSmOotH-patch-3 Update HOTFIX	2023-03-01 16:37:14 -05:00
Mike Reeves	e5c0058dd1	Update HOTFIX	2023-03-01 16:36:08 -05:00
Mike Reeves	07c5b541a3	Merge pull request #9876 from Security-Onion-Solutions/master Master to Dev	2023-03-01 16:35:48 -05:00
Mike Reeves	b756b8ea32	Merge pull request #9873 from Security-Onion-Solutions/hotfix/2.3.220 Hotfix/2.3.220	2023-03-01 16:32:49 -05:00
Mike Reeves	5b46e57ae1	Merge pull request #9875 from Security-Onion-Solutions/hotfix23220 Hotfix for 2.3.220	2023-03-01 16:14:26 -05:00
Mike Reeves	924009afb8	Hotfix for 2.3.220	2023-03-01 16:11:38 -05:00
Mike Reeves	8f5bacc510	Merge pull request #9874 from Security-Onion-Solutions/TOoSmOotH-patch-3 Update init.sls	2023-03-01 14:52:04 -05:00
Mike Reeves	d5e48a7eca	Update init.sls	2023-03-01 14:50:55 -05:00
Mike Reeves	6346a92f0f	Merge pull request #9872 from Security-Onion-Solutions/hotfix23220 Hotfix for 2.3.220	2023-03-01 14:20:47 -05:00
Mike Reeves	13a566a9a2	Hotfix for 2.3.220	2023-03-01 14:19:04 -05:00
Mike Reeves	063c6599d8	Hotfix for 2.3.220	2023-03-01 14:17:22 -05:00
weslambert	9fb315c99d	Merge pull request #9870 from Security-Onion-Solutions/fix/curator_configuration_update_8.0.x Update Curator configuration to align with requirements for Curator 8.0.x	2023-03-01 10:19:32 -05:00
Wes	6e0891e586	Update Curator configuration to align with requirements for Curator 8.0.x	2023-03-01 15:16:52 +00:00
Mike Reeves	3a96d59899	Merge pull request #9869 from Security-Onion-Solutions/TOoSmOotH-patch-2 Update HOTFIX	2023-03-01 10:10:47 -05:00
Mike Reeves	5fa945956e	Update HOTFIX	2023-03-01 10:09:19 -05:00
Mike Reeves	b0aab96cf5	Merge pull request #9858 from Security-Onion-Solutions/TOoSmOotH-patch-1 Update VERSION	2023-02-27 09:40:39 -05:00
Mike Reeves	11def72790	Update VERSION	2023-02-27 09:39:52 -05:00
@@ -1 +1 @@
 .3.220
 .3.250