Skip to content

Update configuration#78

Merged
caffeinatedpixel merged 62 commits intodevelopfrom
config_update
Sep 22, 2025
Merged

Update configuration#78
caffeinatedpixel merged 62 commits intodevelopfrom
config_update

Conversation

@caffeinatedpixel
Copy link
Copy Markdown
Contributor

@caffeinatedpixel caffeinatedpixel commented Sep 22, 2025

No description provided.

lisaSW and others added 30 commits September 10, 2024 23:09
@lisaSW @caffeinatedpixel
Update on config structure, functionality, and tests
392fd16 
Co-Authored-By: Naomi Kramer <naomiagoddard@gmail.com>
@caffeinatedpixel @lisaSW
Extend subnet type to read/write from db, update tests
3167dbc 
Co-Authored-By: Liza Tsibur <liza@activecountermeasures.com>
@lisaSW
updated read file config test and subnet tests
d45bd06
@lisaSW @caffeinatedpixel
fixed config and util tests, updated subnet related functions
ebd5186 
Co-Authored-By: Naomi Kramer <naomiagoddard@gmail.com>
@caffeinatedpixel @lisaSW
Remove error return from GetDefaultConfig
65d2335 
Co-Authored-By: Liza Tsibur <liza@activecountermeasures.com>
@lisaSW
added json tags to database struct
74ab9d2
@lisaSW
Updated beacon weights validation for config
98fd5a9
@lisaSW
updates to score thresholds validation tags
9836c56
@lisaSW
changes to config subnet validation and testing
5ab4f1d
@lisaSW
Update subnet.go
eb131e0
@caffeinatedpixel
Write missing host entries to http to populate http_proto
46cabd4
@lisaSW
Updating some fields to uint64
8e9b3d1
@caffeinatedpixel
WIP update some field types
38ab19b
@caffeinatedpixel
Update zeek count types and fix tests
6ea362a
@caffeinatedpixel
Add clickhouse credentials
b4140df
@caffeinatedpixel
Misc fixes
ea8e10a
@caffeinatedpixel
Update pointer
dbf3447
@caffeinatedpixel
Add ability to mark datasets as sample datasets
f7ac2ce
@caffeinatedpixel
fix column name
0d117e4
@caffeinatedpixel
Fix datasets exiting import if hour is empty
17b3710
@caffeinatedpixel
Fix zeek count parsing from TSV files
b361c67
@caffeinatedpixel
Remove storing dns conns in arrays, Fix historical first seen dns lag
3039bfb
@caffeinatedpixel
Remove unused columns
ae9451e
@lisaSW
Update config.hjson
3e10909
@lisaSW
Update config.hjson
ec8aae3
@lisaSW @caffeinatedpixel
updated impact category score functions to use float64
70c8cb7 
Co-Authored-By: Naomi Kramer <naomiagoddard@gmail.com>
@lisaSW
Update subnet.go
0729795
@caffeinatedpixel
Store import version in imports table
3a362cd
@caffeinatedpixel
Fix duplicated SNI/IP long connections
786c635
@lisaSW
Update subnet_test.go
50169bd
lisaSW and others added 25 commits March 10, 2025 21:58
@lisaSW
Merge pull request #40 from activecm/selinux-tamper-removal
d7f2e4d 
Remove SELinux Tampering for QA
@caffeinatedpixel
Add network size column
8d726b9
@caffeinatedpixel
Fix http_proto for missing host, update tests for missing host fixes
93b9dfd
@caffeinatedpixel
Add online feeds to default config
8b173da
@caffeinatedpixel
Merge branch 'http-fixes' into config_update
67271c9
@william-stearns @caffeinatedpixel
Update sshprep (#45)
c67effa 
* Update sshprep

Co-Authored-By: William Stearns <3538265+william-stearns@users.noreply.github.com>

* Update sshprep

Add Bradley's suggestion of using head -1 to limit to a single address.

---------

Co-authored-by: Naomi Kramer <naomi@activecountermeasures.com>
Co-authored-by: William Stearns <3538265+william-stearns@users.noreply.github.com>
@0x6d6f7468
Installer Behavior Tweaks (#41)
3555d9b 
* Add --yes flag to add-apt-repository command

* Add missing sudo flags, make sure we're using the SUDO variable instead
@caffeinatedpixel @0x6d6f7468
Add ability to perform zone transfers (#48)
b23387c 
* Store zone transfer records

Co-Authored-By: moth <25512187+0x6d6f7468@users.noreply.github.com>

* Update config

* Add tests

* Tests, connectivity test

* Update tests

---------

Co-authored-by: moth <25512187+0x6d6f7468@users.noreply.github.com>
@william-stearns @caffeinatedpixel @0x6d6f7468
Support RedHat/RHEL as a valid target (#47)
7d81340 
* Update sshprep

Co-Authored-By: William Stearns <3538265+william-stearns@users.noreply.github.com>

* Supporrt RedHat/RHEL as a valid target

---------

Co-authored-by: Naomi Kramer <naomi@activecountermeasures.com>
Co-authored-by: William Stearns <3538265+william-stearns@users.noreply.github.com>
Co-authored-by: moth <moth@blackhillsinfosec.com>
@caffeinatedpixel
Fix tests (#49)
b69f412 
* Fix tests

* Update WalkFiles to use UTC
@lisaSW
fixed issue with rolling datasets over 24hours old not getting histor…
92b97f2 
…ical first seen timestamp set (#52)
@caffeinatedpixel @lisaSW
Change values from float32 to float64 (#50)
f60384b 
* Switch float32 to float64

* Update threat category calculation to match CalculateBucketedScore (#51)

---------

Co-authored-by: Liza Tsibur <liza@activecountermeasures.com>
@caffeinatedpixel
Bump max query execution time default value
e11d5c2
@0x6d6f7468
Use string instead of error for ZoneTransferConnectivityErrors struct…
6b4a49f 
… fields (#61)
@0x6d6f7468
Upgrade Golang to version 1.24 (#59) (#60)
6c83274
@william-stearns @caffeinatedpixel @0x6d6f7468
Replace get_url with shell and curl (#58)
2319c32 
* Update sshprep

Co-Authored-By: William Stearns <3538265+william-stearns@users.noreply.github.com>

* Replace get_url with shell and curl

* Use get_url by default, fall back to curl if it fails

---------

Co-authored-by: Naomi Kramer <naomi@activecountermeasures.com>
Co-authored-by: William Stearns <3538265+william-stearns@users.noreply.github.com>
Co-authored-by: moth <moth@blackhillsinfosec.com>
@william-stearns @caffeinatedpixel @0x6d6f7468
add automated log transfer, AC-Hunter issue 135 (#62)
9f14544 
* Update sshprep

Co-Authored-By: William Stearns <3538265+william-stearns@users.noreply.github.com>

* add automated log transfer, PR135

* cron requires non-executable permission

* Specify suggested YAML plugin and config in VSCode workspace

* Linting and light cleanup

* Update generate_installer.sh

Download zeek_log_transport.sh to send to the sensor.

* Create cron file if remote zeek installation

* Only run zeek log import steps for remote sensor installations

---------

Co-authored-by: Naomi Kramer <naomi@activecountermeasures.com>
Co-authored-by: William Stearns <3538265+william-stearns@users.noreply.github.com>
Co-authored-by: moth <moth@blackhillsinfosec.com>
@0x6d6f7468
Temporarily disable RITA/Zeek log transport until installer is modular (
b3afa71 
#66)
@0x6d6f7468
Uniform -y flag usage for repo management/package installation; Unifo…
32bc436 
…rm SUDO variable usage (#68)
@0x6d6f7468
Resolve Installer Side Effects and Formalize RHEL Support (#73)
4f91586 
* Add missing necessary wildcards for RHEL versions

* Remove Ansible task replacing python3-requests to avoid RHEL distro installation side effects

* Update supported distros in README
@caffeinatedpixel
Update scoring defaults
4376f85
@0x6d6f7468
Resolve Ansible Reboot Errors (#75)
0c61c85 
* Clean up conditionals; Fix reboot step for Ubuntu

* Suppress erroneous error output on RPM systems, ignore errors on reboot necessity checks
@caffeinatedpixel
Ignore missing host rows for openhttp (#76)
63cad7b
@caffeinatedpixel
Fix integration tests due to prevalence (#77)
be91e94
@caffeinatedpixel
Merge branch 'develop' into config_update
e3209e3
@caffeinatedpixel caffeinatedpixel merged commit b923c39 into develop Sep 22, 2025
6 checks passed
caffeinatedpixel added a commit that referenced this pull request Sep 23, 2025
@caffeinatedpixel
Update changes for docker deployment (#79)
ee04ee4 
Updated configurations for docker deployment to reflect changes made in #78
@lisaSW lisaSW mentioned this pull request Dec 16, 2025
Closed
@lisaSW lisaSW linked an issue Dec 16, 2025 that may be closed by this pull request
rita import: "value out of range" for the missed_bytes field #28
Closed
@lisaSW lisaSW added this to the RITA v5.1.0 milestone Jan 28, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

RITA v5.1.0

Development

Successfully merging this pull request may close these issues.

rita import: "value out of range" for the missed_bytes field

4 participants

@caffeinatedpixel @lisaSW @0x6d6f7468 @william-stearns