CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-10 03:02:58 +01:00
Code Issues Packages Projects Releases Wiki Activity
10,084 Commits 26 Branches 119 Tags
000e813fbb83eaa2731655a1f4976f1cb2d6d39c
Commit Graph

5996 Commits

Author SHA1 Message Date
Wes Lambert
555ca2e277 Update analyzer build/testing script to download necessary Python packages 2022-05-09 20:06:39 +00:00
Wes Lambert
32adba6141 Update analyzer packages with those built from native (Alpine) Docker image 2022-05-09 20:04:41 +00:00
Jason Ertel
31c04aabdd Disable MRU queries on dashboards 2022-05-09 15:06:43 -04:00
Jason Ertel
3f35dc54d2 Disable actions on dashboards group-by tables 2022-05-09 11:44:39 -04:00
Jason Ertel
0786191fc9 Add dashboard ref to soc.json 2022-05-06 15:16:27 -04:00
weslambert
9800f59ed7 Add Urlscan to observable support matrix 2022-05-06 13:11:43 -04:00
Wes Lambert
ccac71f649 Fix formatting/whitespace 2022-05-06 17:08:40 +00:00
Wes Lambert
1990ba0cf0 Fix formatting/whitespace 2022-05-06 17:08:33 +00:00
Wes Lambert
8ff5778569 Add Urlscan analyzer and tests 2022-05-06 17:01:06 +00:00
Jason Ertel
bee4cf4c52 Fix typo in analyzer desc 2022-05-06 09:20:03 -04:00
Jason Ertel
105c95909c Dashboard queries 2022-05-04 19:32:06 -04:00
Jason Ertel
890bcd58f9 Merge branch 'dev' into kilo 2022-05-04 19:25:08 -04:00
weslambert
a96c665d04 Change test name for EmailRep 2022-05-03 14:13:25 -04:00
weslambert
f3a91d9fcd Add EmailRep analyzer to observable support matrix 2022-05-03 10:10:57 -04:00
Wes Lambert
5a9acb3857 Add EmailRep analyzer and tests 2022-05-03 14:06:32 +00:00
Wes Lambert
8b5666b238 Ensure API key is used 2022-05-03 12:48:06 +00:00
weslambert
2fcb2b081d Update allowed complexity to 12 2022-05-02 16:14:43 -04:00
weslambert
25f17a5efd Update allowed complexity to 11 2022-04-29 09:42:57 -04:00
weslambert
66b4fe9f58 Add additional information around URI and User Agent 2022-04-28 17:14:36 -04:00
Wes Lambert
c001708707 Add Pulsedive analyzer and tests 2022-04-28 20:56:03 +00:00
weslambert
4edd729596 Add initial supported observable matrix/table 2022-04-27 08:58:34 -04:00
Wes Lambert
76f183b112 Add Greynoise analyzer and tests 2022-04-26 17:25:35 +00:00
Wes Lambert
bd63753d80 Update analyzer name/description 2022-04-25 19:27:10 +00:00
Wes Lambert
15fcaa7030 Add localfile analyzer and tests 2022-04-25 19:23:35 +00:00
Josh Patterson
80eb31368a add eval 2022-04-22 16:04:29 -04:00
Jason Ertel
d8fdf2b701 Merge branch 'dev' into kilo 2022-04-22 15:11:24 -04:00
Jason Ertel
459d388614 Only override nameservers if the first nameserver given is non empty 2022-04-22 15:08:56 -04:00
Wes Lambert
fbf6e64e67 Add initial OTX analyzer and tests 2022-04-22 17:13:40 +00:00
weslambert
542db5b7f5 Update defaults.yaml 2022-04-21 17:24:24 -04:00
Wes Lambert
b2db32a2c7 Add function/test for non-existent VT api_key 2022-04-21 17:33:24 +00:00
Wes Lambert
9287d6adf7 Reduce size of test output for test 2022-04-21 16:56:22 +00:00
Wes Lambert
c8e189f35a Add source-packages for JA3er 2022-04-21 16:46:45 +00:00
Wes Lambert
5afcc8de4f Add JA3er analyzer and associated test 2022-04-21 16:42:46 +00:00
weslambert
d7eed52fae Change -f to -r 2022-04-21 09:46:44 -04:00
Doug Burks
e608285341 UPGRADE: Elastic 7.17.3 #7807 2022-04-21 08:57:08 -04:00
Doug Burks
04856540dc UPGRADE: Elastic 7.17.3 #7807 2022-04-21 08:54:09 -04:00
Doug Burks
feb7eeeb8e UPGRADE: Elastic 7.17.3 #7807 2022-04-21 08:47:40 -04:00
Doug Burks
1edb443c5d so-playbook-sync pgrep should be more strict to avoid multiple matches on Ubuntu 2022-04-20 16:48:26 -04:00
Doug Burks
8fc03afdc0 so-sensor-clean pgrep should be more strict to avoid matching multiples on Ubuntu 2022-04-20 16:47:18 -04:00
Doug Burks
15ef0968d9 FIX: Improve Zeek file extraction #7829 2022-04-20 14:01:46 -04:00
Jason Ertel
aeb70dad8f Doc updates 2022-04-19 14:31:21 -04:00
Jason Ertel
4129cef9fb Add new spamhaus analyzer 2022-04-19 12:12:52 -04:00
m0duspwnens
807f6adf1e add securityonion-strelka-oneshot and securityonion-strelka-fileshot to workstation 2022-04-19 09:19:09 -04:00
Jason Ertel
0cb73d8f6a Merge branch 'dev' into kilo 2022-04-18 11:04:32 -04:00
Josh Brower
b35b505f0a Fix pattern matching 2022-04-18 10:39:04 -04:00
Josh Brower
2b39570b08 Fix matching logic 2022-04-18 10:37:38 -04:00
Jason Ertel
159122b52c Merge branch 'dev' into kilo 2022-04-18 10:11:37 -04:00
Doug Burks
0eda9a3bd7 move thehive removal from up_to_2.3.120 to post_to_2.3.120 2022-04-15 15:45:01 -04:00
Josh Brower
bd19da1878 Remove thehive entries from so-status 2022-04-15 12:21:56 -04:00
m0duspwnens
02c19da3c4 remove influxdb module patched state files when salt is upgraded 2022-04-14 15:00:14 -04:00