CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2026-04-01 18:31:50 +02:00
Code Issues Packages Projects Releases Wiki Activity
17,963 Commits 27 Branches 124 Tags
3/dev
Commit Graph

35 Commits

Author SHA1 Message Date
Mike Reeves
d227cf71c8 ja4plus cleanup 2026-03-19 11:01:40 -04:00
Mike Reeves
b452e70419 Keep JA4S_raw and JA4H_raw hardcoded to disabled 2026-03-17 09:37:37 -04:00
Mike Reeves
6809497730 Add SOC UI toggle for JA4+ fingerprinting in Zeek 
JA4 (BSD licensed) remains always enabled, but JA4+ variants (JA4S,
JA4D, JA4H, JA4L, JA4SSH, JA4T, JA4TS, JA4X) require a FoxIO license
and are now toggleable via the SOC UI. The toggle includes a license
agreement warning and defaults to disabled.
 2026-03-17 09:35:31 -04:00
Mike Reeves
63bb44886e Add JA4D option to config.zeek.ja4 2025-12-01 10:00:42 -05:00
Mike Reeves
05a368681a Create config.zeek.ja4 2025-07-21 10:53:54 -04:00
reyesj2
1de20e9d43 fix zeek file extract 
Signed-off-by: reyesj2 <94730068+reyesj2@users.noreply.github.com>
 2024-12-06 09:55:56 -06:00
Mike Reeves
3be3df00d1 Zeek Annotations 2023-05-25 12:10:15 -04:00
bryant-treacle
e93e58fedb Update node.cfg.jinja 2023-04-26 08:28:40 -04:00
m0duspwnens
df4bf95b93 sort local.zeek so redef is last 2023-04-06 09:54:59 -04:00
m0duspwnens
1be86cdf8e issue 10050 and issue 10062 2023-03-29 17:21:40 -04:00
m0duspwnens
1685e0e6db few more 2022-09-20 15:25:50 -04:00
m0duspwnens
d1ee3a7d04 zeek 2.4 2022-09-20 11:11:29 -04:00
m0duspwnens
79785fc053 zeek jinja 2022-09-19 15:26:32 -04:00
Mike Reeves
0d1da5d1dc Update networks.cfg.jinja 2022-02-18 20:02:50 -05:00
Mike Reeves
6f4ee4123a Update networks.cfg.jinja 2022-02-18 11:26:58 -05:00
Mike Reeves
95eab61615 Rename to the .jinja standard 2022-02-18 11:06:33 -05:00
Mike Reeves
3e194c9b4b Walk the homenet for zeek 2022-02-17 11:33:22 -05:00
Mike Reeves
89eb2d0a8b Add netowrks.cfg to Zeek 2022-02-16 14:24:58 -05:00
m0duspwnens
e3efaee864 change reference from bro to zeek 2020-07-17 14:41:44 -04:00
m0duspwnens
fd939a06b9 whitespace cleanup 2020-07-01 13:40:40 -04:00
m0duspwnens
38db512eda fix spacing 2020-07-01 13:29:19 -04:00
m0duspwnens
4e7e19af54 pillarize zeek node.cfg. change reference from bro to zeek. 2020-07-01 13:26:27 -04:00
m0duspwnens
8d2ca003fb change how we populate local.zeek - https://github.com/Security-Onion-Solutions/securityonion-saltstack/issues/585 2020-04-28 14:10:57 -04:00
m0duspwnens
c46a45f00f LOAD to LOCAL in local.zeek and sort local.zeek and zeekctl.cfg output 2020-04-28 12:08:32 -04:00
m0duspwnens
b6741daca6 pillarize local.zeek and move zeekctl from defaults.yml to zeek pillar - https://github.com/Security-Onion-Solutions/securityonion-saltstack/issues/585 2020-04-28 09:44:37 -04:00
Josh Brower
31ae8a2c26 Zeek - enable Community ID policy 2020-03-26 16:33:47 -04:00
m0duspwnens
2bda1f4beb remove whitespace 2020-03-13 16:12:16 -04:00
m0duspwnens
1db9692c6b allow all zeekctl configuration options to be defined - https://github.com/Security-Onion-Solutions/securityonion-saltstack/issues/97 2020-03-13 16:10:42 -04:00
m0duspwnens
a21ffaecc8 add option to compress archived logs for zeekctl - https://github.com/Security-Onion-Solutions/securityonion-saltstack/issues/97 2020-03-13 15:05:25 -04:00
m0duspwnens
3aa48b1a23 first go at managing zeekctl.cfg - https://github.com/Security-Onion-Solutions/securityonion-saltstack/issues/97 2020-03-13 13:20:48 -04:00
Wes Lambert
a8a93260a9 add file extraction 2020-03-03 22:40:06 +00:00
Josh Brower
3fdc5fbef4 Dep Bro and enabled Zeek BPF 2020-01-30 09:45:02 -05:00
Wes Lambert
3277ca185e Update Zeek config 2020-01-29 22:09:32 +00:00
Wes Lambert
c38569d8a6 Add script for CVE-2020-0601 2020-01-28 13:07:37 +00:00
Mike Reeves
4d00f26c35 Switch to Zeek and download registry 2020-01-13 15:51:38 -05:00