CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-06 17:22:49 +01:00
Code Issues Packages Projects Releases Wiki Activity

Update changes.json sub-bullets to improve communication of the content

Browse Source
This commit is contained in:
Jason Ertel
2020-07-20 08:47:09 -04:00
parent bd70fdbb33
commit beda859207
1 changed files with 3 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
salt/soc/files/soc/changes.json
View File

@@ -17,8 +17,9 @@
{ "summary": "Improved Elastic ingest parsers including Windows event logs and Sysmon logs shipped with WinLogbeat and Osquery (ECS)." }, { "summary": "Improved Elastic ingest parsers including Windows event logs and Sysmon logs shipped with WinLogbeat and Osquery (ECS)." },
{ "summary": "Elastic nodes are now HOT by default, making it easier to add a warm node later." }, { "summary": "Elastic nodes are now HOT by default, making it easier to add a warm node later." },
{ "summary": "<i>so-allow</i> now runs at the end of an install so users can enable access right away." }, { "summary": "<i>so-allow</i> now runs at the end of an install so users can enable access right away." },
{ "summary": "Alert severities across Wazuh, Suricata and Playbook (Sigma) have been standardized and copied to <i>event.severity</i>:<ol><li>Low</li><li>Medium</li><li>High</li><li>Critical</li></ol>" }, { "summary": "Alert severities across Wazuh, Suricata and Playbook (Sigma) have been standardized and copied to <i>event.severity</i>:<ul><li>1 = Low</li><li>2 = Medium</li><li>3 = High</li><li>4 = Critical</li></ul>" },
{ "summary": "Initial implementation of alerting queues:<ul><li>Low & Medium alerts are accessible through Kibana & Hunt.</li><li>High & Critical alerts are accessible through Kibana, Hunt and TheHive for immediate analysis.</li><li>ATT&CK Navigator is now a statically-hosted site in the nginx container.</li></ul>" }, { "summary": "Initial implementation of alerting queues:<ul><li>Low & Medium alerts are accessible through Kibana & Hunt.</li><li>High & Critical alerts are accessible through Kibana, Hunt and TheHive for immediate analysis.</li></ul>" },
{ "summary": "ATT&CK Navigator is now a statically-hosted site in the nginx container." },
{ "summary": "Playbook updates:<ul><li>All Sigma rules in the community repo (500+) are now imported and kept up to date.</li><li>Initial implementation of automated testing when a Play's detection logic has been edited (i.e., Unit Testing).</li><li>Updated UI Theme.</li><li>Once authenticated through SOC, users can now access Playbook with analyst permissions without login.</li></ul>" }, { "summary": "Playbook updates:<ul><li>All Sigma rules in the community repo (500+) are now imported and kept up to date.</li><li>Initial implementation of automated testing when a Play's detection logic has been edited (i.e., Unit Testing).</li><li>Updated UI Theme.</li><li>Once authenticated through SOC, users can now access Playbook with analyst permissions without login.</li></ul>" },
{ "summary": "Kolide Launcher has been updated to include the ability to pass arbitrary flags. This new functionality was sponsored by SOS." }, { "summary": "Kolide Launcher has been updated to include the ability to pass arbitrary flags. This new functionality was sponsored by SOS." },
{ "summary": "Fixed issue with Wazuh authd registration service port not being correctly exposed." }, { "summary": "Fixed issue with Wazuh authd registration service port not being correctly exposed." },