CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-06 09:12:45 +01:00
Code Issues Packages Projects Releases Wiki Activity
10,440 Commits 24 Branches 119 Tags
06ddae13b51b26b38441a62846d94e0467d2689e
Commit Graph

66 Commits

Author SHA1 Message Date
Mike Reeves
06ddae13b5 Update filecheck 2022-10-31 15:41:57 -04:00
Mike Reeves
f7043f3f62 Update init.sls 2022-10-31 15:25:38 -04:00
Mike Reeves
86ca3602f3 Update init.sls 2022-10-31 14:44:01 -04:00
Mike Reeves
416c28fded Update init.sls 2022-10-31 14:42:23 -04:00
Mike Reeves
db9b93a96c Update init.sls 2022-10-31 14:35:02 -04:00
Mike Reeves
5635375d8d Update init.sls 2022-10-31 14:30:11 -04:00
Mike Reeves
07e72e4013 Update filecheck 2022-10-31 13:47:49 -04:00
Mike Reeves
518d2aaa9c Update filecheck.yaml 2022-10-31 13:45:00 -04:00
Mike Reeves
e93e2995b7 Update filecheck 2022-10-31 13:42:18 -04:00
Mike Reeves
d2eb61a830 Update filecheck.yaml 2022-10-31 13:41:45 -04:00
Mike Reeves
4c5a2c0610 Update filecheck 2022-10-31 13:36:42 -04:00
Mike Reeves
e9e7362005 Add Filechecks 2022-10-31 12:57:08 -04:00
weslambert
8a0e92cc6f Add 'gen_webshells.yar' and re-arrange to put ignored rules in alphabetical order 2022-08-29 09:37:29 -04:00
Jason Ertel
eefcc929c2 Update copyright pattern to match other repos 2022-01-24 10:09:23 -05:00
Jason Ertel
7c22f46a55 Update copyright year for 2022 2022-01-24 09:35:29 -05:00
weslambert
39e5ded58d Refactor ignore list and only ignore for signature-base for now 2021-09-15 11:32:29 -04:00
weslambert
4d41d3aee1 Ignore these rules by default because they are causing issues with YARA compilation with Strelka 2021-09-15 10:29:11 -04:00
Wes Lambert
038c58f3d5 Ignore TIME_WAIT when checking for Strelka frontend port reservation 2021-03-16 14:51:16 +00:00
Wes Lambert
f142b754dc Add Strelka files.processed directory so files will be moved from staging to processed 2021-03-15 15:43:31 +00:00
Wes Lambert
b6a785395d Add Strelka staging directory for state 2021-03-15 15:42:13 +00:00
Mike Reeves
b4b449aa14 Pull in Suricata changes 2021-02-19 11:01:15 -05:00
Wes Lambert
0039877779 Check for port availability for Wazuh and Strelka 2021-01-21 13:29:09 +00:00
m0duspwnens
b693373d8d change how we allow or disallow states to be run https://github.com/Security-Onion-Solutions/securityonion/issues/2679 2021-01-20 15:09:53 -05:00
Mike Reeves
2950779d91 Fix stralka rule update 2021-01-13 09:57:12 -05:00
Wes Lambert
ac96ded2dc Support setting rule repos via pillar 2020-12-22 15:36:15 +00:00
weslambert
2fee2ca143 Change identifier name to be more descriptive 2020-12-18 15:40:54 -05:00
weslambert
7453626b06 Add identifier 2020-12-18 15:39:52 -05:00
weslambert
1a463bccaf Add cron.absent to remove old cron job if present 2020-12-18 11:25:14 -05:00
weslambert
9493aad1a5 Read from dedicated unprocessed dir 2020-12-18 10:53:17 -05:00
weslambert
bf76c1b58c Create unprocessed dir and move Zeek extracted files there 2020-12-18 10:52:14 -05:00
weslambert
c819729cd6 Don't use max_files or time_to_live for shutdown params 2020-12-02 13:17:19 -05:00
weslambert
9517cb2a58 Remove ScanMmbot 2020-12-01 11:25:51 -05:00
m0duspwnens
1fca5e65df redo how containers get added to so-status https://github.com/Security-Onion-Solutions/securityonion/issues/1681 2020-11-10 15:31:47 -05:00
m0duspwnens
4ee3e1ed01 fix sensor mainip logic for strelka yaml files 2020-09-16 10:29:23 -04:00
Mike Reeves
112a0b426e Merge branch 'dev' into experimental 2020-09-13 14:54:00 -04:00
Mike Reeves
48d1d0c168 Strelkas Rules Update 2020-09-11 18:24:56 -04:00
m0duspwnens
09cc8ae1fb fail the state if it isnt in top 2020-09-09 16:48:50 -04:00
m0duspwnens
a229ae82ce only allow state to run if it is in top for the node 2020-09-02 16:15:52 -04:00
weslambert
000c2abb33 Update timing for so-yara-update 2020-08-26 11:02:33 -04:00
Jason Ertel
2325940789 Ensure strelka manager connects to local redis on heavy nodes 2020-08-19 16:24:28 -04:00
Jason Ertel
5ff0058a65 Ensure strelka backend, frontend, and filestream are connecting to redis locally, on heavy node instances 2020-08-19 16:13:18 -04:00
Mike Reeves
24ed92c9dc minio and change to global 2020-08-04 15:54:03 -04:00
Jason Ertel
8f66a27f07 Refactor image repository to a single variable 2020-07-13 18:26:43 -04:00
m0duspwnens
9c2dcd2318 fix reference to master grain 2020-07-09 17:06:44 -04:00
m0duspwnens
3cf31e2460 https://github.com/Security-Onion-Solutions/securityonion/issues/404 2020-07-09 11:27:06 -04:00
Wes Lambert
a24402de99 More Strelka rule config 2020-06-25 16:31:04 +00:00
Wes Lambert
63c45be388 Update Strelka init for rules 2020-06-25 15:49:58 +00:00
Wes Lambert
52a0ace1b8 Use Strelka rules if enabled 2020-06-24 17:08:58 +00:00
weslambert
f3809cb93d Wrap with quotes 2020-05-27 08:31:14 -04:00
Wes Lambert
e09027e795 update Strelka cron 2020-05-26 13:00:03 +00:00