-
Notifications
You must be signed in to change notification settings - Fork 492
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Merge pull request #12616 from Security-Onion-Solutions/2.4/dev
2.4.60
- Loading branch information
Showing
63 changed files
with
1,514 additions
and
231 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,190 @@ | ||
| body: | ||
| - type: markdown | ||
| attributes: | ||
| value: | | ||
| ⚠️ This category is solely for conversations related to Security Onion 2.4 ⚠️ | ||
| If your organization needs more immediate, enterprise grade professional support, with one-on-one virtual meetings and screensharing, contact us via our website: https://securityonion.com/support | ||
| - type: dropdown | ||
| attributes: | ||
| label: Version | ||
| description: Which version of Security Onion 2.4.x are you asking about? | ||
| options: | ||
| - | ||
| - 2.4 Pre-release (Beta, Release Candidate) | ||
| - 2.4.10 | ||
| - 2.4.20 | ||
| - 2.4.30 | ||
| - 2.4.40 | ||
| - 2.4.50 | ||
| - 2.4.60 | ||
| - 2.4.70 | ||
| - 2.4.80 | ||
| - 2.4.90 | ||
| - 2.4.100 | ||
| - Other (please provide detail below) | ||
| validations: | ||
| required: true | ||
| - type: dropdown | ||
| attributes: | ||
| label: Installation Method | ||
| description: How did you install Security Onion? | ||
| options: | ||
| - | ||
| - Security Onion ISO image | ||
| - Network installation on Red Hat derivative like Oracle, Rocky, Alma, etc. | ||
| - Network installation on Ubuntu | ||
| - Network installation on Debian | ||
| - Other (please provide detail below) | ||
| validations: | ||
| required: true | ||
| - type: dropdown | ||
| attributes: | ||
| label: Description | ||
| description: > | ||
| Is this discussion about installation, configuration, upgrading, or other? | ||
| options: | ||
| - | ||
| - installation | ||
| - configuration | ||
| - upgrading | ||
| - other (please provide detail below) | ||
| validations: | ||
| required: true | ||
| - type: dropdown | ||
| attributes: | ||
| label: Installation Type | ||
| description: > | ||
| When you installed, did you choose Import, Eval, Standalone, Distributed, or something else? | ||
| options: | ||
| - | ||
| - Import | ||
| - Eval | ||
| - Standalone | ||
| - Distributed | ||
| - other (please provide detail below) | ||
| validations: | ||
| required: true | ||
| - type: dropdown | ||
| attributes: | ||
| label: Location | ||
| description: > | ||
| Is this deployment in the cloud, on-prem with Internet access, or airgap? | ||
| options: | ||
| - | ||
| - cloud | ||
| - on-prem with Internet access | ||
| - airgap | ||
| - other (please provide detail below) | ||
| validations: | ||
| required: true | ||
| - type: dropdown | ||
| attributes: | ||
| label: Hardware Specs | ||
| description: > | ||
| Does your hardware meet or exceed the minimum requirements for your installation type as shown at https://docs.securityonion.net/en/2.4/hardware.html? | ||
| options: | ||
| - | ||
| - Meets minimum requirements | ||
| - Exceeds minimum requirements | ||
| - Does not meet minimum requirements | ||
| - other (please provide detail below) | ||
| validations: | ||
| required: true | ||
| - type: input | ||
| attributes: | ||
| label: CPU | ||
| description: How many CPU cores do you have? | ||
| validations: | ||
| required: true | ||
| - type: input | ||
| attributes: | ||
| label: RAM | ||
| description: How much RAM do you have? | ||
| validations: | ||
| required: true | ||
| - type: input | ||
| attributes: | ||
| label: Storage for / | ||
| description: How much storage do you have for the / partition? | ||
| validations: | ||
| required: true | ||
| - type: input | ||
| attributes: | ||
| label: Storage for /nsm | ||
| description: How much storage do you have for the /nsm partition? | ||
| validations: | ||
| required: true | ||
| - type: dropdown | ||
| attributes: | ||
| label: Network Traffic Collection | ||
| description: > | ||
| Are you collecting network traffic from a tap or span port? | ||
| options: | ||
| - | ||
| - tap | ||
| - span port | ||
| - other (please provide detail below) | ||
| validations: | ||
| required: true | ||
| - type: dropdown | ||
| attributes: | ||
| label: Network Traffic Speeds | ||
| description: > | ||
| How much network traffic are you monitoring? | ||
| options: | ||
| - | ||
| - Less than 1Gbps | ||
| - 1Gbps to 10Gbps | ||
| - more than 10Gbps | ||
| validations: | ||
| required: true | ||
| - type: dropdown | ||
| attributes: | ||
| label: Status | ||
| description: > | ||
| Does SOC Grid show all services on all nodes as running OK? | ||
| options: | ||
| - | ||
| - Yes, all services on all nodes are running OK | ||
| - No, one or more services are failed (please provide detail below) | ||
| validations: | ||
| required: true | ||
| - type: dropdown | ||
| attributes: | ||
| label: Salt Status | ||
| description: > | ||
| Do you get any failures when you run "sudo salt-call state.highstate"? | ||
| options: | ||
| - | ||
| - Yes, there are salt failures (please provide detail below) | ||
| - No, there are no failures | ||
| validations: | ||
| required: true | ||
| - type: dropdown | ||
| attributes: | ||
| label: Logs | ||
| description: > | ||
| Are there any additional clues in /opt/so/log/? | ||
| options: | ||
| - | ||
| - Yes, there are additional clues in /opt/so/log/ (please provide detail below) | ||
| - No, there are no additional clues | ||
| validations: | ||
| required: true | ||
| - type: textarea | ||
| attributes: | ||
| label: Detail | ||
| description: Please read our discussion guidelines at https://github.com/Security-Onion-Solutions/securityonion/discussions/1720 and then provide detailed information to help us help you. | ||
| placeholder: |- | ||
| STOP! Before typing, please read our discussion guidelines at https://github.com/Security-Onion-Solutions/securityonion/discussions/1720 in their entirety! | ||
| If your organization needs more immediate, enterprise grade professional support, with one-on-one virtual meetings and screensharing, contact us via our website: https://securityonion.com/support | ||
| validations: | ||
| required: true | ||
| - type: checkboxes | ||
| attributes: | ||
| label: Guidelines | ||
| options: | ||
| - label: I have read the discussion guidelines at https://github.com/Security-Onion-Solutions/securityonion/discussions/1720 and assert that I have followed the guidelines. | ||
| required: true |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,42 @@ | ||
| name: 'Lock Threads' | ||
|
|
||
| on: | ||
| schedule: | ||
| - cron: '50 1 * * *' | ||
| workflow_dispatch: | ||
|
|
||
| permissions: | ||
| issues: write | ||
| pull-requests: write | ||
| discussions: write | ||
|
|
||
| concurrency: | ||
| group: lock-threads | ||
|
|
||
| jobs: | ||
| close-threads: | ||
| runs-on: ubuntu-latest | ||
| permissions: | ||
| issues: write | ||
| pull-requests: write | ||
| steps: | ||
| - uses: actions/stale@v5 | ||
| with: | ||
| days-before-issue-stale: -1 | ||
| days-before-issue-close: 60 | ||
| stale-issue-message: "This issue is stale because it has been inactive for an extended period. Stale issues convey that the issue, while important to someone, is not critical enough for the author, or other community members to work on, sponsor, or otherwise shepherd the issue through to a resolution." | ||
| close-issue-message: "This issue was closed because it has been stale for an extended period. It will be automatically locked in 30 days, after which no further commenting will be available." | ||
| days-before-pr-stale: 45 | ||
| days-before-pr-close: 60 | ||
| stale-pr-message: "This PR is stale because it has been inactive for an extended period. The longer a PR remains stale the more out of date with the main branch it becomes." | ||
| close-pr-message: "This PR was closed because it has been stale for an extended period. It will be automatically locked in 30 days. If there is still a commitment to finishing this PR re-open it before it is locked." | ||
|
|
||
| lock-threads: | ||
| runs-on: ubuntu-latest | ||
| steps: | ||
| - uses: jertel/lock-threads@main | ||
| with: | ||
| include-discussion-currently-open: true | ||
| discussion-inactive-days: 90 | ||
| issue-inactive-days: 30 | ||
| pr-inactive-days: 30 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -1 +1 @@ | ||
| 2.4.50 | ||
| 2.4.60 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -1,7 +1,10 @@ | ||
| {% import_yaml 'bpf/defaults.yaml' as BPFDEFAULTS %} | ||
| {% set BPFMERGED = salt['pillar.get']('bpf', BPFDEFAULTS.bpf, merge=True) %} | ||
| {% import 'bpf/macros.jinja' as MACROS %} | ||
|
|
||
| {{ MACROS.remove_comments(BPFMERGED, 'pcap') }} | ||
|
|
||
| {% set PCAPBPF = BPFMERGED.pcap %} | ||
| {% from 'vars/globals.map.jinja' import GLOBALS %} | ||
| {% if GLOBALS.pcap_engine == "TRANSITION" %} | ||
| {% set PCAPBPF = ["ip and host 255.255.255.1 and port 1"] %} | ||
| {% else %} | ||
| {% import_yaml 'bpf/defaults.yaml' as BPFDEFAULTS %} | ||
| {% set BPFMERGED = salt['pillar.get']('bpf', BPFDEFAULTS.bpf, merge=True) %} | ||
| {% import 'bpf/macros.jinja' as MACROS %} | ||
| {{ MACROS.remove_comments(BPFMERGED, 'pcap') }} | ||
| {% set PCAPBPF = BPFMERGED.pcap %} | ||
| {% endif %} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
|
|
@@ -65,6 +65,7 @@ elasticfleet: | |
| - http_endpoint | ||
| - httpjson | ||
| - iis | ||
| - journald | ||
| - juniper | ||
| - juniper_srx | ||
| - kafka_log | ||
|
|
||
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.