Josh Patterson 141116f550 Make so-salt-minion-wait work without requiring a restart
The wait required both a socket gate and a log gate to pass. The log gate
greps the minion log for salt's one-time startup line "Minion is ready to
receive requests!", which scrolls out of the log tail on a minion that has
not restarted recently. On such a minion the log gate could never pass, so
the script ran to its full 120s timeout and exited 1 even though the minion
was healthy and connected. This also false-timed-out when salt_minion_service
reported a non-restart change (e.g. an enable toggle).

The log gate's only remaining purpose is closing the ~2.8s post-connect window
where the master sockets are up but _post_master_init() is still loading. Gate
it on the current pid's uptime: enforce the ready line only within
READY_LINE_WINDOW (90s) of (re)start, and let the already restart-independent
socket gate be the steady-state authority past that. The fresh-restart path is
unchanged, and if uptime can't be read the strict behavior is kept.
2026-07-16 16:52:06 -04:00
2023-12-19 18:58:17 +00:00
2024-04-11 15:32:00 -04:00
2026-05-28 09:34:17 -04:00
2025-06-27 11:00:35 -04:00
2026-04-01 10:47:59 -04:00
2026-05-28 09:34:17 -04:00
2026-05-28 10:24:47 -04:00
2020-11-17 09:00:02 -05:00
2025-02-20 11:07:50 -05:00
2026-03-04 15:48:16 -05:00
2026-03-05 11:05:19 -05:00
2023-06-26 16:01:58 -04:00
2022-09-07 09:06:25 -04:00
ver
2026-06-11 08:18:38 -04:00

Security Onion Logo

Security Onion

Security Onion is a free and open Linux distribution for threat hunting, enterprise security monitoring, and log management. It includes a comprehensive suite of tools designed to work together to provide visibility into your network and host activity.

Features

Security Onion includes everything you need to monitor your network and host systems:

  • Security Onion Console (SOC): A unified web interface for analyzing security events and managing your grid.
  • Elastic Stack: Powerful search backed by Elasticsearch.
  • Intrusion Detection: Network-based IDS with Suricata and host-based monitoring with Elastic Fleet.
  • Network Metadata: Detailed network metadata generated by Zeek or Suricata.
  • Full Packet Capture: Retain and analyze raw network traffic with Suricata PCAP.

Security Onion Pro

For organizations and enterprises requiring advanced capabilities, Security Onion Pro offers additional features designed for scale and efficiency:

  • Onion AI: Leverage powerful AI-driven insights to accelerate your analysis and investigations.
  • Enterprise Features: Enhanced tools and integrations tailored for enterprise-grade security operations.

For more information, visit the Security Onion Pro page.

☁️ Cloud Deployment

Security Onion is available and ready to deploy in the AWS, Azure, and Google Cloud (GCP) marketplaces.

🚀 Getting Started

Goal Resource
Download Security Onion ISO
Requirements Hardware Guide
Install Installation Instructions
What's New Release Notes

📖 Documentation & Support

For more detailed information, please visit our Documentation.

🤝 Contributing

We welcome contributions! Please see our CONTRIBUTING.md for guidelines on how to get involved.

🛡️ License

Security Onion is licensed under the terms of the license found in the LICENSE file.


Built with 🧅 by Security Onion Solutions.

S
Description
Security Onion 2 - Linux distro for threat hunting, enterprise security monitoring, and log management
Readme
80 MiB
Languages
Shell 51%
Jinja 22.2%
SaltStack 12%
Python 8.7%
CSS 2%
Other 4%