Commit Graph

  • 9032d7d7bc any suricata.alert with event.imported: true remains in logs-import-so reyesj2 2025-01-16 18:48:31 -06:00
  • d573c0922d add 2.4.111 -> postupgrade check reyesj2 2025-01-16 18:25:06 -06:00
  • 45d3438d18 update ingest pipeline for imported logs reyesj2 2025-01-16 17:33:14 -06:00
  • 4cc3691489 give all nodes access to soc license pillar file m0duspwnens 2025-01-16 17:51:39 -05:00
  • 24eadf2507 add libvirt state to highstate for hypervisor. update allowed_states for libvirt m0duspwnens 2025-01-16 17:46:20 -05:00
  • a274bfb744 license note m0duspwnens 2025-01-16 17:45:07 -05:00
  • 2277c792b9 update feature error logging in so-minion m0duspwnens 2025-01-16 17:13:36 -05:00
  • 61f5614ac9 added logging and error handling so-minion m0duspwnens 2025-01-16 16:57:36 -05:00
  • 6367aed62a reactor needs to match runner function parameter structure m0duspwnens 2025-01-16 14:59:11 -05:00
  • 739f592061 remove old line of code m0duspwnens 2025-01-16 14:06:01 -05:00
  • 116c2b73c1 update gitignore m0duspwnens 2025-01-16 11:16:34 -05:00
  • 58be7ae5db rename from coreol9 or coreol9Small to sool9 m0duspwnens 2025-01-16 11:16:20 -05:00
  • 0e0fb885d2 hypervisor highstate after image creation, not when key accepted m0duspwnens 2025-01-16 11:13:36 -05:00
  • e8546b82f8 default image: sool9. cloud-init add local repo m0duspwnens 2025-01-16 08:43:46 -05:00
  • 837fbab96d minimize packages installed on manager for hyper m0duspwnens 2025-01-15 17:00:06 -05:00
  • cbd2d88000 sync the runners m0duspwnens 2025-01-15 16:59:39 -05:00
  • 6c80fd0e18 Merge pull request #14116 from Security-Onion-Solutions/reyesj2-patch-8 Jorge Reyes 2025-01-15 14:23:40 -06:00
  • 01ac1cdcca check features and allowed/states m0duspwnens 2025-01-15 14:13:12 -05:00
  • b3b7fb8f29 add null check and move tag lookup to .contains() in global@custom reyesj2 2025-01-15 12:16:11 -06:00
  • d101fda423 Merge branch '2.4/dev' into jertel/wip Jason Ertel 2025-01-15 11:06:05 -05:00
  • b1d523a4e6 Merge pull request #14113 from Security-Onion-Solutions/reyesj2/es-integ-tmp Jorge Reyes 2025-01-14 15:26:33 -06:00
  • dab56f0882 update fleet-optional-integrations-load reyesj2 2025-01-14 15:24:59 -06:00
  • 161e8a6c21 ssh config for manager. dont need to create soqemussh user on manager m0duspwnens 2025-01-14 16:21:17 -05:00
  • 2e3c1adc63 runner to setup manager for first hypervisor m0duspwnens 2025-01-14 16:20:21 -05:00
  • 846f2485db Merge pull request #14111 from Security-Onion-Solutions/reyesj2-patch-1 Jorge Reyes 2025-01-14 08:26:43 -06:00
  • 107ca38268 fix http query for "includes" function Jorge Reyes 2025-01-14 08:24:07 -06:00
  • 35547b476f update http query Jorge Reyes 2025-01-14 08:13:27 -06:00
  • ad765200c3 Merge pull request #14105 from Security-Onion-Solutions/reyesj2/moarzeekparse Jorge Reyes 2025-01-13 11:37:21 -06:00
  • 4618256442 include okta-mappings in so-logs-okta.system index template reyesj2 2025-01-13 11:32:27 -06:00
  • 323ef1d5d6 add missing lifecycle name to trend_micro_vision_one indices reyesj2 2025-01-13 09:29:22 -06:00
  • a5b1648b68 add missing lifecycle name to crowdstrike indices reyesj2 2025-01-13 09:26:16 -06:00
  • 14c920a258 fix hidden ldap menu subtitle reyesj2 2025-01-13 09:23:32 -06:00
  • 4f92b7ced1 add support for cloudflare_logpush integration reyesj2 2025-01-13 09:23:05 -06:00
  • 5ec2006c9e Merge pull request #14102 from Security-Onion-Solutions/2.4/nav-airgap Josh Brower 2025-01-10 16:20:18 -05:00
  • dcdf31eee8 Fix folder perm Joshua Brower 2025-01-10 16:15:17 -05:00
  • 3ab1b907e4 subgrid config annotations Jason Ertel 2025-01-10 13:45:42 -05:00
  • e60a1e4357 zeek ldap & ldap_search parsing reyesj2 2025-01-09 16:06:10 -06:00
  • 776afa4a36 setup items on manager when hypervisor joins the grid m0duspwnens 2025-01-09 16:32:41 -05:00
  • 3cac19d498 createvm script without setting network in base domain m0duspwnens 2025-01-09 16:31:51 -05:00
  • 2ba8a87c9d add directory where qcow2 images will be distributed from m0duspwnens 2025-01-09 16:20:56 -05:00
  • d677dc51de add comment about reactors required by salt-master m0duspwnens 2025-01-09 16:19:23 -05:00
  • ebbfcd169c add pkg required for so-qcow2-modify-network m0duspwnens 2025-01-09 16:17:50 -05:00
  • 574d2994d1 use cmd.run instead of cmd.script to resolve issue 64962 m0duspwnens 2025-01-09 16:16:59 -05:00
  • ecc5d64584 move logge def to global m0duspwnens 2025-01-09 16:14:57 -05:00
  • 6888682f92 add comments for raid scripts m0duspwnens 2025-01-09 16:14:01 -05:00
  • 0197cdb33d fix bridge forwarding on hypervisors bridge m0duspwnens 2025-01-09 16:12:33 -05:00
  • 2de1f0464f Merge pull request #14091 from Security-Onion-Solutions/2.4/nav-airgap Josh Brower 2025-01-09 11:59:50 -05:00
  • bcb92b63e3 Move json files to container image Joshua Brower 2025-01-09 10:58:40 -05:00
  • 412397fa7b Merge pull request #14089 from Security-Onion-Solutions/reyesj2/moarzeekparse Jorge Reyes 2025-01-08 17:45:14 -06:00
  • 0e87351a9c add zeek.quic mappings reyesj2 2025-01-08 16:18:53 -06:00
  • 71f4150c27 Merge pull request #14013 from Security-Onion-Solutions/2.4/navigator Josh Brower 2025-01-07 13:34:19 -05:00
  • a2caf7425d Add config options Joshua Brower 2025-01-07 13:22:14 -05:00
  • 6fa11a38ef Update defaults Joshua Brower 2025-01-07 13:14:50 -05:00
  • e3f75215b6 Merge remote-tracking branch 'origin/2.4/dev' into 2.4/navigator Joshua Brower 2025-01-07 13:06:49 -05:00
  • 06983948b0 Merge pull request #14078 from Security-Onion-Solutions/reyesj2/es-integ-tmp Jorge Reyes 2025-01-06 21:34:07 -06:00
  • a21535b0a2 run elasticsearch state to sync templates reyesj2 2025-01-06 21:33:07 -06:00
  • d14b6e6d7d Merge pull request #14077 from Security-Onion-Solutions/jertel/wip Jason Ertel 2025-01-06 17:26:56 -05:00
  • bd96b5d722 invalidate user sessions when an admin changes the user's password Jason Ertel 2025-01-06 17:23:10 -05:00
  • b431fb1e49 Merge pull request #14075 from Security-Onion-Solutions/reyesj2/es-integ-tmp Jorge Reyes 2025-01-06 15:18:05 -06:00
  • b97619b8f9 Merge remote-tracking branch 'origin/2.4/dev' into reyesj2/es-integ-tmp reyesj2 2025-01-06 14:44:35 -06:00
  • 3d3f0460fa move addon integration script run to elasticfleet state reyesj2 2025-01-06 14:42:16 -06:00
  • 37d67ee9d0 Merge pull request #14073 from Security-Onion-Solutions/reyesj2/es-integ-tmp Jorge Reyes 2025-01-06 11:23:27 -06:00
  • 0d49dee46e update version to foxtrot reyesj2 2025-01-06 11:22:51 -06:00
  • 9fe3f6042f Remove individual integrations ip mappings component template. Replaced with global mappings reyesj2 2025-01-06 10:44:22 -06:00
  • cdd4a1ff1f fixes addon integration map file reyesj2 2025-01-03 16:06:22 -06:00
  • 8408a53b82 Merge remote-tracking branch 'origin/2.4/dev' into 2.4/navigator Josh Brower 2025-01-02 16:13:34 -05:00
  • 5969e9accc Merge pull request #14060 from Security-Onion-Solutions/reyesj2/zeekquic Jorge Reyes 2025-01-02 08:13:33 -06:00
  • 927b618ec9 Update Zeek QUIC dashboard, add Hunt query, add quic.server.name as column in Events table Doug Burks 2025-01-02 06:57:56 -05:00
  • 9f83853922 Zeek QUIC support reyesj2 2024-12-31 13:44:20 -06:00
  • ecf094f684 WIP: support all es fleet integrations reyesj2 2024-12-26 16:18:04 -06:00
  • 8f5634d958 Merge pull request #14048 from Security-Onion-Solutions/2.4/sigmaHashes Josh Brower 2024-12-23 15:49:35 -05:00
  • 7237b8971e Refactor pipeline for hash changes defensivedepth 2024-12-23 15:41:13 -05:00
  • 33239219cb Merge pull request #14046 from Security-Onion-Solutions/TOoSmOotH-patch-1 Mike Reeves 2024-12-23 08:34:01 -05:00
  • 09ef096620 Update soup Mike Reeves 2024-12-23 08:27:45 -05:00
  • 3c59858f70 improvements to createvm m0duspwnens 2024-12-20 11:42:53 -05:00
  • 6f0161e9da script to create base domain m0duspwnens 2024-12-19 17:36:48 -05:00
  • 6c19a4c68a Merge pull request #14043 from Security-Onion-Solutions/jertel/wip Jason Ertel 2024-12-19 15:01:25 -05:00
  • b8afef1ee4 cloud installs should use the local docker registry data Jason Ertel 2024-12-19 14:56:40 -05:00
  • f2bd735f51 another script to create raid m0duspwnens 2024-12-19 10:13:05 -05:00
  • 7a8fd8c3e5 handle salt-cloud package m0duspwnens 2024-12-19 10:12:29 -05:00
  • b24aa2f797 fix destroying virbr0 m0duspwnens 2024-12-19 10:11:54 -05:00
  • b3436415dc merge 2.4/dev reyesj2 2024-12-18 14:13:25 -06:00
  • 16a819ff4f Merge pull request #14041 from Security-Onion-Solutions/reyesj2/opencti Jorge Reyes 2024-12-18 12:12:03 -06:00
  • 157185c370 add ti_opencti integration support reyesj2 2024-12-18 11:33:49 -06:00
  • ace6c5c9e4 Merge pull request #14039 from Security-Onion-Solutions/docsfix Mike Reeves 2024-12-18 11:42:42 -05:00
  • 4a4c8eace2 Update 2-4.yml Mike Reeves 2024-12-18 10:36:15 -05:00
  • 8183dcf363 Merge pull request #14038 from Security-Onion-Solutions/TOoSmOotH-patch-1 Jason Ertel 2024-12-18 10:38:42 -05:00
  • d4f1772d2e Update 2-4.yml Mike Reeves 2024-12-18 10:36:15 -05:00
  • dc1c7d8bd2 Merge pull request #14036 from Security-Onion-Solutions/merger Jason Ertel 2024-12-18 10:25:42 -05:00
  • 9c10094914 Fix conflict Mike Reeves 2024-12-18 10:19:40 -05:00
  • 72fed8d6a7 Merge branch '2.4/dev' of github.com:Security-Onion-Solutions/securityonion into 2.4/dev Mike Reeves 2024-12-18 10:17:04 -05:00
  • ec90adc6d9 Merge branch '2.4/main' of github.com:Security-Onion-Solutions/securityonion into 2.4/main Mike Reeves 2024-12-18 10:16:50 -05:00
  • 93f3171a63 Merge pull request #14031 from Security-Onion-Solutions/patch/2.4.111 2.4.111-20241217 Mike Reeves 2024-12-18 10:05:48 -05:00
  • 7d4c6b1174 Merge branch 'patch/2.4.111' of https://github.com/Security-Onion-Solutions/securityonion into patch/2.4.111 Mike Reeves 2024-12-18 09:29:08 -05:00
  • 3e04bfbd21 2.4.111 Mike Reeves 2024-12-18 09:27:55 -05:00
  • c6ebebc4d0 Merge pull request #14033 from Security-Onion-Solutions/patchfix Josh Brower 2024-12-17 16:05:13 -05:00
  • 17405b849a Delete uneeded files defensivedepth 2024-12-17 16:01:31 -05:00
  • 897e8f6883 2.4.111 Mike Reeves 2024-12-17 13:03:52 -05:00
  • 5e4f1fc279 only run fix ldap when lief installed m0duspwnens 2024-12-16 10:23:14 -05:00
  • e779d180f9 work around libvirt issue. add raid scripts m0duspwnens 2024-12-13 16:03:17 -05:00