CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2026-01-16 21:21:31 +01:00
Code Issues Packages Projects Releases Wiki Activity
15,938 Commits 24 Branches 121 Tags
01ac1cdccacd7d43cb2a2afaf7ec8ff6a6e96231
Commit Graph

773 Commits

Author SHA1 Message Date
Corey Ogburn
1b7095fa81 Improved import-file url regex 
sed doesn't remove ALL whitespace, only newlines. It's better to stop at the first whitespace than to stop at a particular, maybe-not-last query string parameter.
 2023-06-20 09:41:14 -06:00
Corey Ogburn
89d789fe0f New folder for salt to maintain 
This folder is where a manager will initially store uploaded PCAP/EVTX files before sending to sensors. Sensors will store uploads in this folder on their own system.
 2023-06-20 09:41:14 -06:00
Corey Ogburn
49055e260f salt-relay import-file reporting 
On successful import, return dashboard URL
 2023-06-20 09:41:14 -06:00
Corey Ogburn
a465039887 2 new capabilities: send-file and import-file 2023-06-20 09:41:14 -06:00
Doug Burks
0e09d73aa0 Resolve conflicts with dataset PR 2023-06-20 07:40:10 -04:00
Doug Burks
fc824359ed Update default fields for kratos.audit 2023-06-20 07:30:56 -04:00
Doug Burks
7caa7cec6b Fix SOC Auth queries in Dashboards and Hunt 
Change `event.dataset:audit` to `event.dataset:kratos.audit`.
 2023-06-20 07:13:33 -04:00
Wes
b5bccc5e05 Use module in dataset name and add dataset tag 2023-06-15 13:06:57 +00:00
Mike Reeves
cace817c79 Merge branch '2.4/dev' of https://github.com/Security-Onion-Solutions/securityonion into airgaps 2023-05-24 08:43:03 -04:00
Jason Ertel
ba0ec18a33 Ignore Synchronize button clicks when an active salt job is running and another is already in queue 2023-05-22 14:52:07 -04:00
Mike Reeves
5315c51197 Allow additional docker parameters 2023-05-18 16:52:38 -04:00
Mike Reeves
7ab31e36af Merge branch '2.4/dev' of https://github.com/Security-Onion-Solutions/securityonion into airgaps 2023-05-18 15:19:15 -04:00
Mike Reeves
0fd9fb9294 Allow additional docker parameters 2023-05-18 15:19:09 -04:00
Jason Ertel
4930ae4ba6 add missing var for local dev 2023-05-17 18:14:21 -04:00
m0duspwnens
e15c14cc2e fix indent 2023-05-17 15:50:31 -04:00
m0duspwnens
f7ddf57f39 move files out of config 2023-05-17 15:49:22 -04:00
m0duspwnens
05a81596e5 place and access sensoronikey from sensoroni.config 2023-05-12 14:38:39 -04:00
m0duspwnens
fa1a428133 fix import 2023-05-11 15:36:20 -04:00
m0duspwnens
8e18986671 enabled/disable soc in ui 2023-05-11 15:33:16 -04:00
Mike Reeves
cbd1c05929 Sbin Changes 2023-05-04 10:36:03 -04:00
Mike Reeves
2d4f4791e0 Move files out of common 2023-05-01 15:21:31 -04:00
Doug Burks
4dcc79d245 FIX: Overview Customization link #10173 2023-04-20 16:26:51 -04:00
m0duspwnens
1047462898 add identifiers for all cron.present 2023-04-13 16:25:47 -04:00
Jason Ertel
7f28cdd2a3 provide means for using salt-relay with local development against remove VMs 2023-04-10 14:04:03 -04:00
Doug Burks
5be5466efe fix GeoIP queries 2023-03-24 14:03:12 -04:00
Doug Burks
a9dc7a14cb fix GeoIP queries 2023-03-24 13:56:51 -04:00
Doug Burks
aa9d44ab09 Add four new GeoIP dashboards 2023-03-24 13:51:13 -04:00
Josh Brower
bad905f54c SOC Logs & Hunt Query 2023-03-23 16:22:59 -04:00
Josh Brower
2fe8668f1b Merge pull request #9891 from Security-Onion-Solutions/2.4/huntqueries 
Initial updates for 2.4 fieldnames
 2023-03-09 14:37:50 -05:00
Josh Brower
73abf8dbfd Generic host dashboard 2023-03-09 14:32:52 -05:00
Josh Brower
1493806040 Change host dashboard titles 2023-03-08 17:03:02 -05:00
Josh Brower
a5c89bfaa1 update sysmon dashboards 2023-03-08 16:49:34 -05:00
m0duspwnens
0f9803120e Merge remote-tracking branch 'remotes/origin/2.4/dev' into 2.4/heavynode 2023-03-06 13:55:09 -05:00
m0duspwnens
b6d55bedc8 make influxdb token accessible to all nodes 2023-03-06 13:50:17 -05:00
Doug Burks
a2bda07820 add VLAN dashboard 2023-03-05 15:24:11 -05:00
Josh Brower
9db6df0f14 Initial updates for 2.4 fieldnames 2023-03-04 15:19:19 -05:00
Doug Burks
e24296d536 add SOC Dashboards groupby for Zeek conn vlan field 2023-03-03 15:23:43 -05:00
m0duspwnens
052e0dea2e create and manage metrics_link in a file for soc 2023-02-28 14:47:44 -05:00
Josh Patterson
cbcd3c9dd9 Update defaults.map.jinja 2023-02-27 15:39:03 -05:00
Josh Patterson
8632606a24 Update defaults.map.jinja 2023-02-27 15:37:35 -05:00
Josh Patterson
8d33f01936 Update defaults.map.jinja 2023-02-27 15:01:31 -05:00
Jason Ertel
aed41404fc Merge pull request #9852 from Security-Onion-Solutions/kilo 
Remove FleetDM tool from SOC instead of deactivating it; generate SRV key during setup
 2023-02-24 13:05:58 -05:00
Jason Ertel
316db85584 Generate SOC SRVKey during setup 2023-02-24 10:20:23 -05:00
Jason Ertel
d3c5d0569a Remove FleetDM tool instead of deactivating it 2023-02-24 10:20:02 -05:00
m0duspwnens
8f46e4aa30 set docker extra_hosts for soc 2023-02-23 12:26:58 -05:00
Jason Ertel
4222b09970 Merge branch '2.4/dev' into reposync 2023-02-23 12:15:03 -05:00
Mike Reeves
148b0b1c4c use hostnames please 2023-02-23 11:11:29 -05:00
weslambert
ecf70847fd Change 'GLOBALS.minion_id' to 'GLOBALS.hostname' for 'analyzerNodeId' value to ensure SOC creates analyzer jobs in the correct directory 2023-02-22 16:23:48 -05:00
Jason Ertel
8746f55834 influx upgrade 2023-02-15 08:03:22 -05:00
Jason Ertel
cd27ae89cc influx upgrade 2023-02-10 16:34:06 -05:00