What's Changed
- Update VERSION by @TOoSmOotH in #11047
- set timezone during setup. set salt log levels to info by @m0duspwnens in #11060
- Add soup for 2.4.20 by @TOoSmOotH in #11075
- force image pulls to go into soup log by @jertel in #11083
- Issue/10998 by @m0duspwnens in #11090
- Fix certs for Rec & Heavy by @defensivedepth in #11113
- add missing containers to soc_docker.yaml. force port bindings to []string by @m0duspwnens in #11124
- Exclude console log by @weslambert in #11123
- Merge in hotfix by @TOoSmOotH in #11128
- Update HOTFIX by @TOoSmOotH in #11129
- Update SOC event fields by @weslambert in #11139
- Add more Elastic Fleet integrations by @weslambert in #11153
- use consistent cert dir and reduce jinja complexity by @jertel in #11161
- allow testing runs to proceed with unsupported os by @jertel in #11165
- use the correct var by @jertel in #11166
- fix centos install by @jertel in #11169
- new python watchdog by @m0duspwnens in #11177
- ingest pfsense sample data by @jertel in #11178
- dont need to repo_sync rocky or centos by @m0duspwnens in #11184
- fix path to intermediate ca cert on heavy nodes by @jertel in #11186
- Failreposync by @m0duspwnens in #11190
- Fix Heavy Node for acks by @TOoSmOotH in #11193
- Add Apache package and templates by @weslambert in #11197
- Make sure a data stream is created for syslog by @weslambert in #11208
- Add syslog to heavynode by @weslambert in #11212
- Issue/10975 by @m0duspwnens in #11217
- Correct Fortigate Integration by @weslambert in #11219
- iso desktop join grid - set install_type and minion_type by @m0duspwnens in #11221
- Analyzer SOC Administration by @weslambert in #11218
- New Config Default: longRelayTimeoutMs by @coreyogburn in #11222
- Update motd.md by @dougburks in #11226
- Issue/10975 by @m0duspwnens in #11231
- Strelka entropy mapping by @weslambert in #11232
- Add so-elastic-agent by @weslambert in #11239
- testing; desktop; configuration improvements by @jertel in #11241
- ensure hostname is set by @jertel in #11243
- ensure hostname is set by @jertel in #11245
- MS testing by @jertel in #11249
- Issue/10975 by @m0duspwnens in #11255
- only ingest pfsense on sensor nodes by @jertel in #11256
- Remove templates by @weslambert in #11261
- Issue/11210 by @m0duspwnens in #11269
- addl node types by @jertel in #11271
- give priority to presets by @jertel in #11276
- Issue/11229 by @m0duspwnens in #11288
- dont manage sorules by @m0duspwnens in #11295
- FIX: SOC Config pcap doc links should point to steno docs #11302 by @dougburks in #11303
- Update so-minion by @TOoSmOotH in #11308
- exclude docker pull unauth errors from failing setup by @jertel in #11315
- Regex & Transform Role by @defensivedepth in #11317
- improvents for checking system requirements by @m0duspwnens in #11328
- Clean component template directory by @weslambert in #11329
- Change description to indicate that opencanary modules only apply to IDH nodes by @weslambert in #11297
- fix idstool extra_env for container by @m0duspwnens in #11344
- ensure all binds are present to avoid volume sprawl by @jertel in #11345
- ignore debian apt update output by @jertel in #11351
- Fix EVTX Imports by @weslambert in #11352
- FIX: SOC Config sensoroni doc links should point to correct docs #11362 by @dougburks in #11363
- Update soup to prune in background by @jertel in #11369
- /app/dashboards to /kibana/app/dashboards by @weslambert in #11289
- Add a note about testing analyzers outside of the Sensoroni Docker container by @weslambert in #11384
- Make scan.pe.image_version type of 'float' by @weslambert in #11391
- Issue/11390 by @m0duspwnens in #11393
- log check tool initial by @jertel in #11397
- skip zeek spool logs due to test data false positives by @jertel in #11398
- don't inspect imported zeek output by @jertel in #11399
- Update nginx.conf to use user nobody by @TOoSmOotH in #11403
- Fix/filecheckcron by @m0duspwnens in #11404
- deb OS doesn't use /var/log/cron, skip by @jertel in #11405
- ignore generic python stack trace log lines of code, rely on actual e… by @jertel in #11406
- Fix sendmail errors in zeek by @TOoSmOotH in #11408
- Fix zeek from creating summary files by @TOoSmOotH in #11409
- FIX: Remove telegraf beats EPS script by @TOoSmOotH in #11411
- ignore generic python stack trace log lines of code, rely on actual e… by @jertel in #11414
- Issue/11390 by @m0duspwnens in #11415
- Jertel/lc by @jertel in #11416
- logcheck improvements by @jertel in #11417
- more exclusions by @jertel in #11418
- Exclude known_certs by @weslambert in #11423
- exclude known issues by @jertel in #11422
- Fix Yara crontab by @TOoSmOotH in #11426
- Upgrade packages and load integrations when packages change by @weslambert in #11430
- Update defaults.yaml by @TOoSmOotH in #11432
- exclude all playbook logs by @jertel in #11436
- remove redis from eval by @m0duspwnens in #11437
- exclude logstash errors by @jertel in #11440
- exclude oom error from cmd line by @jertel in #11441
- more known errors by @jertel in #11442
- fix exclusion by @jertel in #11448
- Fix/pkgs by @m0duspwnens in #11461
- exclude known issues by @jertel in #11464
- Fix/pkgs by @m0duspwnens in #11465
- 2.4.20 by @TOoSmOotH in #11475
- 2.4.20 by @TOoSmOotH in #11476
Full Changelog: 2.4.10-202030821...2.4.20-20231006