CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-24 18:03:10 +01:00
Code Issues Packages Projects Releases Wiki Activity
12,404 Commits 19 Branches 120 Tags
09e005127e85579e3883e5bd90839bca8fc09b53
Commit Graph

7592 Commits

Author SHA1 Message Date
Doug Burks
09e005127e Update soc_zeek.yaml 2023-06-02 07:41:55 -04:00
weslambert
3a5a59af59 Merge pull request #10485 from Security-Onion-Solutions/fix/elastic_fleet_dedicated 
Add so-fleet role logic
 2023-05-31 16:04:40 -04:00
Josh Patterson
8f3a874e61 Merge pull request #10483 from Security-Onion-Solutions/dedfleetES 
exclude elasticsearch.ca state from fleet and receiver nodes
 2023-05-31 16:02:57 -04:00
m0duspwnens
66dc6274e6 exclude elasticsearch.ca state from fleet and receiver nodes 2023-05-31 15:59:36 -04:00
Wes
302e580d8f Add so-fleet role logic 2023-05-31 19:56:17 +00:00
Wes
344e2bf1d0 Update defaults file 2023-05-31 15:30:03 +00:00
Wes
2bb77251b0 Move Elastic Fleet logging exclusions to the Fleet pillar 2023-05-31 13:38:58 +00:00
weslambert
36791665f3 Merge pull request #10462 from Security-Onion-Solutions/feature/elastic_agent_zeek_logging 
Dynamic integration configuration and Zeek log exclusions for Elastic Agent
 2023-05-30 19:27:13 -04:00
Wes
f3be63051b Remove Fleet configuration 2023-05-30 20:48:43 +00:00
m0duspwnens
743ed316f8 dont apply suricata.enabled on import nodes 2023-05-30 16:10:41 -04:00
Wes
e4b4bbcfdc Use ZEEKMERGED from zeek/config.map.jinja 2023-05-30 19:51:13 +00:00
Wes
b6e090f29f Move Elastic Fleet logic in so-common to so-elastic-fleet-common 2023-05-30 18:43:56 +00:00
weslambert
25006ed20b Merge pull request #10455 from Security-Onion-Solutions/fix/curator_cluster_delete_delete 
Update so-elasticsearch-cluster-space-used and so-curator-cluster-delete-delete
 2023-05-30 14:28:22 -04:00
Wes
4469a93a75 Fix typo 2023-05-30 18:24:30 +00:00
Wes
096dadf9bd Change 1024 to 1000 for gigabytes 2023-05-30 17:29:42 +00:00
Wes
b441fe662f Change 1024 to 1000 for gigabytes 2023-05-30 17:28:59 +00:00
Wes
e5117a343d Change description 2023-05-30 17:10:17 +00:00
Wes
b9d692eb0e Remove default value 2023-05-30 17:08:52 +00:00
Wes
36a7f54160 Add extension 2023-05-30 16:46:38 +00:00
Wes
9035fa3037 Don't load Elasticsearch integration 2023-05-30 15:46:00 +00:00
Wes
b4b87e5620 Only provide JSON output 2023-05-30 15:43:31 +00:00
Wes
97c53d70a4 Remove integrations 2023-05-30 14:05:40 +00:00
Wes
53b4f7bd5c Add spacing 2023-05-30 14:05:11 +00:00
Wes
79014a53ec Remove extra lines 2023-05-30 12:35:32 +00:00
Wes
e910f04beb Add default description and Zeek log exclusions for Elastic Fleet 2023-05-30 03:10:52 +00:00
Wes
ef5b63337b Add check for integration existence and integration update functionality 2023-05-30 02:58:00 +00:00
Wes
799e92e595 Add files 2023-05-30 02:56:23 +00:00
Wes
c835c523a9 Elastic Fleet integration update improvements 2023-05-30 02:54:39 +00:00
Josh Brower
9ec1492fad Change Fleet Host URL API Endpoint 2023-05-29 07:44:18 -04:00
Wes
5af1bfe142 Move alert generation outside of the inner loop 2023-05-27 21:15:45 +00:00
Mike Reeves
89f5d9f292 Rule Updates 2023-05-26 17:14:10 -04:00
Mike Reeves
5922fc0e45 Rule Updates 2023-05-26 16:29:13 -04:00
Mike Reeves
b48e259fee Rule Updates 2023-05-26 16:27:29 -04:00
Mike Reeves
b4d85a7bf8 Rule Updates 2023-05-26 16:21:07 -04:00
Mike Reeves
38881231ac Merge branch '2.4/dev' of https://github.com/Security-Onion-Solutions/securityonion into airgaps 2023-05-26 15:16:38 -04:00
Mike Reeves
b2d2a9f0ed Rule Updates 2023-05-26 15:16:14 -04:00
m0duspwnens
5b4ec70ca6 fix typo on suricata annotations. add to global annotations 2023-05-26 09:37:57 -04:00
Wes
ce114a2601 Fix total space logic and rename TOTAL_AVAILABLE_SPACE to TOTAL_USED_SPACE 2023-05-26 13:19:45 +00:00
Wes
5de59a879a Break out of index deletion when unable to bring space below the disk space threshold 2023-05-26 13:15:27 +00:00
m0duspwnens
5c933910aa simplify map for updating suricata config if md engine is suricata 2023-05-25 17:25:54 -04:00
m0duspwnens
a3c3f08511 convert list to dict to work better with ui. regex on suricata vars HOME_NET for soc 2023-05-25 17:00:48 -04:00
Mike Reeves
8ce0d76287 Zeek Annotations 2023-05-25 12:12:18 -04:00
Mike Reeves
3be3df00d1 Zeek Annotations 2023-05-25 12:10:15 -04:00
m0duspwnens
d99d4756c3 set defaults as example in soc ui for suricata cpu affinity 2023-05-25 11:11:53 -04:00
m0duspwnens
6505d3e2ce update annotations for suricata 2023-05-25 11:03:37 -04:00
Mike Reeves
10f9d0f4bd Suricata Airgap 2023-05-24 16:21:51 -04:00
Mike Reeves
edf531739c Suricata Airgap 2023-05-24 15:47:07 -04:00
Mike Reeves
11d7e66ea0 Suricata Airgap 2023-05-24 15:30:52 -04:00
Mike Reeves
caaedee5a7 Suricata Airgap 2023-05-24 15:18:52 -04:00
Mike Reeves
1bdd79c578 Suricata Airgap 2023-05-24 15:05:40 -04:00