CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-26 19:03:35 +01:00
Code Issues Packages Projects Releases Wiki Activity
3,926 Commits 19 Branches 120 Tags
095e637dfa43b2c9fb6583fb783b6493ca943205
Commit Graph

2228 Commits

Author SHA1 Message Date
Jason Ertel
9781d8d0e7 Ensure permissions are consistently applied to all imported PCAP files 2020-07-15 13:53:28 -04:00
Jason Ertel
0a976861f3 Dynamically set sensor checkin interval; allow overrides if var is preset 2020-07-15 13:22:14 -04:00
Josh Brower
d11ef08961 Playbook anonymous perms fix 2020-07-15 12:37:04 -04:00
Jason Ertel
9dc1151347 Imported logs are sent to so-import index on eval installations 2020-07-14 22:59:42 -04:00
Josh Patterson
549916306c Merge pull request #1008 from Security-Onion-Solutions/quickfix/lstoes 
Quickfix/lstoes
 2020-07-14 17:37:19 -04:00
m0duspwnens
5cf71596b2 add curlys 2020-07-14 17:36:52 -04:00
Jason Ertel
acb800d1c9 Using static UID for Grafana overview dashboard to allow SOC to directly link to those dashboards 2020-07-14 17:36:30 -04:00
Jason Ertel
9bbbaa485c Switch PM to AM since we want to span midnight to midnight 2020-07-14 17:36:30 -04:00
m0duspwnens
acaec6c125 remove recurse causing issues 2020-07-14 17:12:29 -04:00
Josh Brower
e7e1982862 Merge pull request #1007 from Security-Onion-Solutions/bugfix/ingest-parsing 
Parsing & Hunt query updates
 2020-07-14 17:00:04 -04:00
Josh Brower
8647944ae6 Parsing & Hunt query updates 2020-07-14 16:59:06 -04:00
Mike Reeves
55056f3193 Merge pull request #1006 from Security-Onion-Solutions/fix/perms 
Change opt/so perms
 2020-07-14 16:19:02 -04:00
m0duspwnens
57bf23d83c move templates from logstash to elasticsearch 2020-07-14 16:07:46 -04:00
Doug Burks
a1e6a85a68 explicitly set Suricata timestamp timezone to UTC 2020-07-14 15:49:46 -04:00
Wes Lambert
f9df39977b Add observer name for Strelka events 2020-07-14 17:38:43 +00:00
weslambert
7ed902c0ae Merge pull request #1001 from Security-Onion-Solutions/fix/suricata_timestamp 
Convert message timestamp to @timestamp
 2020-07-14 13:34:58 -04:00
Josh Brower
ba8395fc11 Fleet reactor fix 2020-07-14 13:04:29 -04:00
William Wernert
3df5904269 Merge pull request #979 from Security-Onion-Solutions/feature/setup 
Feature/setup
 2020-07-14 11:17:03 -04:00
William Wernert
ad3c4c4950 [fix] master -> manager 2020-07-14 11:09:12 -04:00
Mike Reeves
57cd2cdbeb Change opt/so perms 2020-07-14 10:37:49 -04:00
Mike Reeves
f2d9abf1a5 Merge pull request #996 from Security-Onion-Solutions/fix/curator 
Add all actions to cron
 2020-07-14 10:05:27 -04:00
Mike Reeves
e404a41d8a Add all actions to cron 2020-07-14 10:04:15 -04:00
Mike Reeves
15be31af6d Merge pull request #995 from Security-Onion-Solutions/fix/curator 
Fix spelling error in actions
 2020-07-14 09:43:41 -04:00
Jason Ertel
67f2edce28 Resolve merge conflict that reverted import URL back to Kibana 2020-07-14 09:40:16 -04:00
Mike Reeves
d4e6189f6e Fix spelling error in actions 2020-07-14 09:39:56 -04:00
Wes Lambert
d6afde90b0 Convert message timestamp to @timestamp 2020-07-14 13:37:00 +00:00
Josh Brower
2c72940010 Playbook db init fix 2020-07-14 09:09:55 -04:00
Josh Brower
b884e09e7a Playbook db init fix 2020-07-14 09:09:47 -04:00
Jason Ertel
09c460dbe9 Switch to final image repository prefix 'securityonion' for RC1 2020-07-14 00:45:20 -04:00
Jason Ertel
d75d64c8ed Mount imported pcap dirs into sensoroni container for imported PCAP pivots 2020-07-13 21:03:47 -04:00
Jason Ertel
8f66a27f07 Refactor image repository to a single variable 2020-07-13 18:26:43 -04:00
William Wernert
06aa63dd14 Merge branch 'dev' into feature/setup 2020-07-13 11:24:04 -04:00
Josh Brower
e62381e998 Merge pull request #982 from Security-Onion-Solutions/bugfix/alerting 
Misc fixes
 2020-07-10 19:50:27 -04:00
Josh Brower
65062d93f4 Misc fixes 2020-07-10 19:43:43 -04:00
William Wernert
ce7373501b [fix] Add fallback for hive + cortex users 2020-07-10 17:58:47 -04:00
William Wernert
571e97cdf7 Merge branch 'dev' into feature/setup 
# Conflicts:
#	salt/thehive/scripts/cortex_init
#	salt/thehive/scripts/hive_init
#	setup/so-functions
#	setup/so-whiptail
 2020-07-10 17:42:56 -04:00
William Wernert
547298fce0 [refactor] Hide output for cortex and thehive init scripts 2020-07-10 17:34:33 -04:00
weslambert
eb2dc0be4c Fix value 2020-07-10 17:17:33 -04:00
m0duspwnens
13af4cacb0 merge with dev and resolve conflicts 2020-07-10 16:27:10 -04:00
Mike Reeves
755f47da2d Merge pull request #975 from Security-Onion-Solutions/fix/lstemplate 
Fix/lstemplate
 2020-07-10 15:55:50 -04:00
Mike Reeves
46d572fa8c Fix Filebeat spacing 2020-07-10 15:51:12 -04:00
Wes Lambert
d7f7fb801c Set role 2020-07-10 19:35:27 +00:00
Wes Lambert
37ab252e01 Add sensor proc eval 2020-07-10 19:30:08 +00:00
William Wernert
f56811e745 [feat] Use setup user+pass for TheHive, Cortex, and Fleet as well 2020-07-10 14:40:04 -04:00
William Wernert
72aa91b763 [feat] Add message in setup and motd on where to access SOC 2020-07-10 14:38:21 -04:00
Jason Ertel
358ef78cd9 Do not stop curator since imported data will now be placed into a longer term so-import index 2020-07-10 13:58:52 -04:00
Jason Ertel
811bbb4cb0 Require sudo to run an import 2020-07-10 13:58:52 -04:00
Wes Lambert
6e99ca600f Move zeek_clean to so-sensor-clean 2020-07-10 17:56:40 +00:00
Mike Reeves
5eb33d5ac7 Logstash Import and Template Assignment 2020-07-10 13:53:55 -04:00
m0duspwnens
24b8f81e38 merge with dev and resolve conflicts 2020-07-10 12:20:14 -04:00