Commit Graph

  • c332cd777c remove import/heavynode artifact caused by kafka cert not existing but being bound in docker. (empty dir created) reyesj2 2024-06-24 08:50:37 -04:00
  • 9fce85c988 Merge pull request #13245 from Security-Onion-Solutions/proxysoup Mike Reeves 2024-06-21 16:13:02 -04:00
  • 6141c7a849 Merge pull request #13246 from Security-Onion-Solutions/fix/detections_license_none weslambert 2024-06-21 15:59:09 -04:00
  • bf91030204 Add option for detections without license weslambert 2024-06-21 15:33:11 -04:00
  • 9577c3f59d Make soup use reposync from the repo Mike Reeves 2024-06-21 15:24:54 -04:00
  • 77dedc575e Make soup use reposync from the repo Mike Reeves 2024-06-21 15:20:07 -04:00
  • 0295b8d658 Make soup use reposync from the repo Mike Reeves 2024-06-21 15:11:23 -04:00
  • 6a9d78fa7c Make soup use reposync from the repo Mike Reeves 2024-06-21 15:10:44 -04:00
  • b84521cdd2 Make soup use reposync from the repo Mike Reeves 2024-06-21 14:49:16 -04:00
  • ff4679ec08 Make soup use reposync from the repo Mike Reeves 2024-06-21 14:45:06 -04:00
  • c5ce7102e8 Make soup use reposync from the repo Mike Reeves 2024-06-21 14:41:27 -04:00
  • 229cb1e9ef Merge branch '2.4/main' of github.com:Security-Onion-Solutions/securityonion into 2.4/main Mike Reeves 2024-06-21 14:06:51 -04:00
  • 70c001e22b Update so-repo-sync Mike Reeves 2024-06-21 13:37:36 -04:00
  • f1dc22a200 Merge pull request #13244 from Security-Onion-Solutions/TOoSmOotH-patch-4 Mike Reeves 2024-06-21 12:36:17 -04:00
  • aae1b69093 Update soc_manager.yaml Mike Reeves 2024-06-21 12:35:01 -04:00
  • 469ca44016 fix maps m0duspwnens 2024-06-20 16:53:12 -04:00
  • 81fcd68e9b create and use redis:nodes and elasticsearch:nodes pillars m0duspwnens 2024-06-20 16:42:11 -04:00
  • 8781419b4a Merge pull request #13242 from Security-Onion-Solutions/annotupd Jorge Reyes 2024-06-20 16:18:40 -04:00
  • 2eea671857 more precise wording in kafka annotation reyesj2 2024-06-20 16:16:55 -04:00
  • 73acfbf864 update kafka annotations reyesj2 2024-06-20 16:02:45 -04:00
  • ae0e994461 Merge pull request #13239 from Security-Onion-Solutions/dougburks-patch-1 Doug Burks 2024-06-20 10:12:06 -04:00
  • 07b9011636 Update defaults.yaml to put Process actions in logical order Doug Burks 2024-06-20 10:09:27 -04:00
  • bc2b3b7f8f Merge pull request #13236 from Security-Onion-Solutions/mwright/licenseDropdown Matthew Wright 2024-06-18 18:05:15 -04:00
  • ea02a2b868 Added license presets to defaults.yaml file unknown 2024-06-18 16:52:00 -04:00
  • ba3a6cbe87 Merge pull request #13234 from Security-Onion-Solutions/reyesj2-patch-4 Jorge Reyes 2024-06-18 15:55:32 -04:00
  • 268dcbe00b update receiver node allowed states reyesj2 2024-06-18 15:44:51 -04:00
  • 6be97f13d0 Merge pull request #13233 from Security-Onion-Solutions/minefunc Josh Patterson 2024-06-18 13:58:35 -04:00
  • 95d6c93a07 Merge pull request #13231 from Security-Onion-Solutions/kfeval Jorge Reyes 2024-06-18 13:15:18 -04:00
  • a2bb220043 fix x509 mine_function m0duspwnens 2024-06-18 12:33:33 -04:00
  • 911d6dcce1 update kafka output policy only on eligible grid types reyesj2 2024-06-18 12:09:59 -04:00
  • 5f6a9850eb Merge pull request #13227 from Security-Onion-Solutions/dougburks-patch-1 Doug Burks 2024-06-18 10:57:52 -04:00
  • de18bf06c3 FEATURE: Add new Process actions #13226 Doug Burks 2024-06-18 10:36:41 -04:00
  • 73473d671d Merge pull request #13222 from Security-Onion-Solutions/reyesj2-patch-3 Jorge Reyes 2024-06-18 09:16:35 -04:00
  • 3fbab7c3af Merge pull request #13223 from Security-Onion-Solutions/2.4/timeout Josh Brower 2024-06-18 08:55:30 -04:00
  • 521cccaed6 Update defaults DefensiveDepth 2024-06-18 08:43:00 -04:00
  • 35da3408dc update profile reyesj2 2024-06-17 15:53:49 -04:00
  • c03096e806 Merge pull request #13221 from Security-Onion-Solutions/reyesj2/ksoup Jorge Reyes 2024-06-17 14:18:34 -04:00
  • 2afc947d6c suppress fleet policy update in soup reyesj2 2024-06-17 14:12:33 -04:00
  • 076da649cf Merge pull request #13217 from Security-Onion-Solutions/dougburks-patch-1 Doug Burks 2024-06-17 12:18:29 -04:00
  • 55f8303dc2 remove manager and search pipelines from heavynode m0duspwnens 2024-06-17 10:06:43 -04:00
  • 93ced0959c FEATURE: Add more links and descriptions to SOC MOTD #13216 Doug Burks 2024-06-17 09:25:01 -04:00
  • 6f13fa50bf FEATURE: Add more links and descriptions to SOC MOTD #13216 Doug Burks 2024-06-17 09:24:32 -04:00
  • 3bface12e0 FEATURE: Add more links and descriptions to SOC MOTD #13216 Doug Burks 2024-06-17 09:23:14 -04:00
  • b584c8e353 FEATURE: Add more links and descriptions to SOC MOTD #13216 Doug Burks 2024-06-17 09:13:17 -04:00
  • 6caf87df2d Merge pull request #13209 from Security-Onion-Solutions/kfix Jason Ertel 2024-06-15 05:09:48 -04:00
  • 4d1f2c2bc1 fix kafka elastic fleet output policy setup reyesj2 2024-06-14 23:04:08 -04:00
  • 0b1175b46c kafka logstash input plugin handle empty brokers list reyesj2 2024-06-14 23:03:36 -04:00
  • 4e50dabc56 refix typos reyesj2 2024-06-14 23:03:06 -04:00
  • ce45a5926a Merge pull request #13207 from Security-Onion-Solutions/kaffix Jason Ertel 2024-06-14 18:01:35 -04:00
  • c540a4f257 Merge pull request #13208 from Security-Onion-Solutions/2.4/ruletemplates Josh Brower 2024-06-14 16:01:26 -04:00
  • 7af94c172f Change spelling DefensiveDepth 2024-06-14 16:00:22 -04:00
  • 7556587e35 Update rule templates DefensiveDepth 2024-06-14 15:47:57 -04:00
  • a0030b27e2 add additional retries to elasticfleet scripts reyesj2 2024-06-14 15:34:40 -04:00
  • 8080e05444 on fresh install kafka nodes pillar may not have populated. Avoiding this by only generating kafka input pipeline when kafka nodes pillar is not empty reyesj2 2024-06-14 14:17:26 -04:00
  • af11879545 Merge pull request #13205 from Security-Onion-Solutions/2.4/customsuricatasources Josh Brower 2024-06-14 13:50:06 -04:00
  • c89f1c9d95 remove multiline DefensiveDepth 2024-06-14 13:48:55 -04:00
  • b7ac599a42 set to empty DefensiveDepth 2024-06-14 13:21:36 -04:00
  • 8363877c66 move to custom rules DefensiveDepth 2024-06-14 12:41:44 -04:00
  • 4bcb4b5b9c removed unneeded import DefensiveDepth 2024-06-14 09:32:34 -04:00
  • 68302e14b9 add to defaults and tweaks DefensiveDepth 2024-06-14 09:28:23 -04:00
  • c1abc7a7f1 Update description DefensiveDepth 2024-06-14 08:51:34 -04:00
  • 484717d57d initial support for custom suricata urls and local rulesets DefensiveDepth 2024-06-14 08:42:10 -04:00
  • b91c608fcf Merge pull request #13204 from Security-Onion-Solutions/kaffix Jorge Reyes 2024-06-13 15:54:50 -04:00
  • 8f8ece2b34 Only comment out so-kafka from so-status when it exists & only run ensure_default_pipeline when Kafka is configured reyesj2 2024-06-13 15:50:34 -04:00
  • 9b5c1c01e9 Merge pull request #13200 from Security-Onion-Solutions/kafka/fix Jorge Reyes 2024-06-13 12:26:57 -04:00
  • 816a1d446e Generate kafka-logstash cert on standalone,manager,managersearch in addition to searchnodes. reyesj2 2024-06-13 12:18:13 -04:00
  • 19bfd5beca fix kafka nodeid assignment to increment correctly reyesj2 2024-06-13 12:16:39 -04:00
  • 9ac7e051b3 Merge pull request #13190 from Security-Onion-Solutions/reyesj2/kafka Jorge Reyes 2024-06-13 09:42:59 -04:00
  • 80b1d51f76 wrong location for global.pipeline check reyesj2 2024-06-13 08:50:53 -04:00
  • 6340ebb36d Merge pull request #13197 from Security-Onion-Solutions/dougburks-patch-1 Doug Burks 2024-06-12 16:49:21 -04:00
  • 70721afa51 Update DOWNLOAD_AND_VERIFY_ISO.md Doug Burks 2024-06-12 16:47:26 -04:00
  • 9c31622598 telegraft should only include jolokia config when Kafka is set as the global.pipeline reyesj2 2024-06-12 15:42:00 -04:00
  • f372b0907b Use kafka:password for kafka certs reyesj2 2024-06-12 15:41:10 -04:00
  • fac96e0b08 Merge pull request #13183 from Security-Onion-Solutions/cogburn/cleanup-config coreyogburn 2024-06-12 11:57:31 -06:00
  • 2bc53f9868 Merge remote-tracking branch 'remotes/origin/2.4/dev' into reyesj2/kafka reyesj2 2024-06-12 12:36:58 -04:00
  • e8106befe9 Append '-securityonion' to all Security Onion related Kafka topics. Adjust logstash to ingest all topics ending in '-securityonion' to avoid having to manually list topic names reyesj2 2024-06-12 12:05:16 -04:00
  • 83412b813f Renamed Kafka pillar reyesj2 2024-06-12 11:19:25 -04:00
  • b56d497543 Revert a so-setup change. Kafka is not an installable option reyesj2 2024-06-12 11:17:06 -04:00
  • dd40962288 Revert a whiptail menu change. Kafka is not an install option reyesj2 2024-06-12 11:07:23 -04:00
  • b7eebad2a5 Update Kafka self reset & add initial Kafka wrapper scripts to build out reyesj2 2024-06-12 11:01:40 -04:00
  • 8f8698fd02 Merge remote-tracking branch 'origin/2.4/dev' into issue/13073 m0duspwnens 2024-06-12 10:50:18 -04:00
  • 092f716f12 Merge pull request #13189 from Security-Onion-Solutions/soupmsgq Josh Patterson 2024-06-12 10:41:49 -04:00
  • c38f48c7f2 remove this \n m0duspwnens 2024-06-12 10:34:32 -04:00
  • 98837bc379 this method does not cause soup to fail m0duspwnens 2024-06-12 09:11:02 -04:00
  • 0f243bb6ec Merge remote-tracking branch 'origin/2.4/dev' into issue/13073 m0duspwnens 2024-06-11 16:33:23 -04:00
  • 88fc1bbe32 quotes on vars m0duspwnens 2024-06-11 16:32:57 -04:00
  • d5ef0e5744 Fix unnecessary escaping Corey Ogburn 2024-06-11 12:34:32 -06:00
  • 2ecac38f6d disable logstash on heavynodes m0duspwnens 2024-06-11 13:50:29 -04:00
  • e90557d7dc Merge pull request #13179 from Security-Onion-Solutions/2.4/fixintegritycheck Josh Brower 2024-06-11 13:08:40 -04:00
  • 628893fd5b remove redundant 'kafka_' from annotations & defaults reyesj2 2024-06-11 11:56:21 -04:00
  • a81e4c3362 remove dash(-) from kafka.id reyesj2 2024-06-11 11:55:17 -04:00
  • ca7b89c308 Added Kafka reset to SOC UI. Incase of changing an active broker to a controller topics may become unavailable. Resolving this would require manual intervention. This option allows running a reset to start from a clean slate to then configure cluster to desired state before reenabling Kafka as global pipeline. reyesj2 2024-06-11 11:21:13 -04:00
  • 03335cc015 Merge pull request #13182 from Security-Onion-Solutions/dockerup Josh Patterson 2024-06-11 11:08:40 -04:00
  • 08557ae287 kafka.id field should only be present when metadata for kafka exists reyesj2 2024-06-11 11:01:34 -04:00
  • 08d2a6242d Add new bind - suricata all.rules DefensiveDepth 2024-06-11 10:03:33 -04:00
  • 4b481bd405 add epoch to docker for oracle m0duspwnens 2024-06-11 09:41:58 -04:00
  • 0b1e3b2a7f upgrade docker for focal m0duspwnens 2024-06-10 16:24:44 -04:00
  • dbd9873450 upgrade docker for jammy m0duspwnens 2024-06-10 16:04:11 -04:00
  • c6d0a17669 docker upgrade debian 12 m0duspwnens 2024-06-10 15:43:29 -04:00
  • adeab10f6d upgrade docker and containerd.io for oracle m0duspwnens 2024-06-10 12:14:27 -04:00