CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2026-01-01 13:53:18 +01:00
Code Issues Packages Projects Releases Wiki Activity
5,092 Commits 20 Branches 120 Tags
0ad65c8cd4037e53e5cfc12d1672b4c18a19384f
Commit Graph

2984 Commits

Author SHA1 Message Date
Mike Reeves
0ad65c8cd4 Merge pull request #1568 from jtgreen-cse/patch-1 
fix for rendering error >1 search node
 2020-10-26 16:57:17 -04:00
Mike Reeves
5395983fc7 Merge pull request #1580 from Security-Onion-Solutions/feature/thehive-casetemplates 
Add case_template field to Playbook alerts
 2020-10-26 14:13:54 -04:00
Jason Ertel
3809573963 Correct cheatsheet URL for airgap installs 2020-10-26 12:16:55 -04:00
Jason Ertel
571550c019 Merge master into dev 2020-10-26 10:30:26 -04:00
Doug Burks
c61199618a Update so-curator-closed-delete-delete 2020-10-24 07:15:43 -04:00
Mike Reeves
d9c021e86a Update so-curator-closed-delete-delete 2020-10-23 17:07:16 -04:00
Mike Reeves
b6f1cfada6 Update changes.json 2020-10-23 16:44:02 -04:00
Jason Ertel
85e0b2cab3 Add cheatsheet URL to soc.json 2020-10-23 16:35:35 -04:00
Mike Reeves
c8a6b232d5 Fix which field we return for Elastic index 2020-10-23 15:58:35 -04:00
Josh Patterson
1185e43064 Merge pull request #1614 from Security-Onion-Solutions/issue/1573 
Issue/1573 and Issue/1601
 2020-10-22 15:57:40 -04:00
Mike Reeves
51ca661219 update wording for USB device vs CDROM 2020-10-22 14:54:34 -04:00
m0duspwnens
50a767ca6c dont list aptcacherng in so-status if user chose open updates during setup - https://github.com/Security-Onion-Solutions/securityonion/issues/1573 2020-10-22 14:52:07 -04:00
m0duspwnens
0bfdef274b update so-status to work with disabled containers - https://github.com/Security-Onion-Solutions/securityonion/issues/1601 2020-10-22 12:09:19 -04:00
m0duspwnens
0b6b6e38fc fix map for steno 2020-10-22 11:24:18 -04:00
m0duspwnens
aa59eff1ac fix if statement 2020-10-22 10:59:03 -04:00
m0duspwnens
172ca9aa8d add option to enable or disable to steno docker container - https://github.com/Security-Onion-Solutions/securityonion/issues/1601 2020-10-22 10:52:34 -04:00
Mike Reeves
460a391460 Update changes.json 2020-10-22 10:00:20 -04:00
Mike Reeves
905fcd06a6 Remove old 2.3.0 dockers 2020-10-22 08:51:40 -04:00
m0duspwnens
712dc6b277 fix grabbing soversion in so-features-enable 2020-10-21 16:47:48 -04:00
m0duspwnens
32294eb2ed fix arg for so-firewall addhostgroup 2020-10-21 15:34:35 -04:00
m0duspwnens
ef1e05db3e only allow hosts in syslog host group to connect to manager type nodes 2020-10-21 14:41:03 -04:00
m0duspwnens
8805fef187 firewall to allow search nodes to connect to beats on manager 2020-10-21 12:43:28 -04:00
m0duspwnens
5f43380aa0 add firewall rules for syslog 2020-10-21 11:20:34 -04:00
Josh Brower
844ffe8fdf nest case_template 2020-10-21 09:58:31 -04:00
Josh Brower
1e14d66f54 Add case_template field to Playbook alerts 2020-10-21 08:59:26 -04:00
weslambert
4765ef5f5c Change rule_ruleset to rule.ruleset 2020-10-20 22:14:23 -04:00
Jason Ertel
d37ddf584a Correct quick action defaults 2020-10-20 14:12:23 -04:00
jtgreen-cse
eaa41266a2 fix for rendering error >1 search node 
Fails rendering if you have more than one search node.
 2020-10-20 13:24:53 -04:00
Mike Reeves
4a9fcfb8cf Fix missing quote 2020-10-20 13:17:40 -04:00
Mike Reeves
a119d8f27d Fix config for airgap installs 2020-10-20 11:28:49 -04:00
m0duspwnens
10e4248cfc and node that gets filebeat state now can listen for syslog - https://github.com/Security-Onion-Solutions/securityonion/issues/1551 2020-10-19 16:10:20 -04:00
m0duspwnens
79854f111e add 514 tcp listener to filebeat docker and add syslog listener to fb config for manager and manager search - https://github.com/Security-Onion-Solutions/securityonion/issues/1551 2020-10-19 10:27:40 -04:00
Masaya-A
47652ac080 Update eval.json 2020-10-17 04:45:12 +09:00
Masaya-A
964919109d Update standalone.json 2020-10-17 04:35:39 +09:00
Jason Ertel
2326701cc0 Moved known issues underneath new changes 2020-10-15 19:29:33 -04:00
Jason Ertel
6ee37977c3 Fixed quotes and href targets 2020-10-15 19:25:26 -04:00
Mike Reeves
1ae35a39c3 Update changes.json 2020-10-15 19:11:55 -04:00
Mike Reeves
943aa82ce4 Update changes.json 2020-10-15 19:09:46 -04:00
Mike Reeves
131e105106 Update changes.json 2020-10-15 19:07:37 -04:00
Mike Reeves
cc56dc5a7f Update changes.json 2020-10-15 19:05:47 -04:00
Wes Lambert
d863f26f9d Update Kibana mappings for event ack/eslacation 2020-10-15 18:46:37 +00:00
William Wernert
1fdf431c12 [fix] so-user spelling+syntax fixes 
* Consistent ending punctuation
* Consistent capitalization
* Correct comparison operators
 2020-10-15 13:44:23 -04:00
Mike Reeves
35b10b1f91 Sensors should clean up their dockers as well 2020-10-15 10:31:51 -04:00
Wes Lambert
af9daa4d71 Intel mapping enforcement and winlog.verion 2020-10-15 12:42:33 +00:00
Wes Lambert
e7401b3e0c Fix default discover query 2020-10-14 21:43:19 +00:00
Wes Lambert
54c4ee796f Rename file.flavors.mime to file.mime_type 2020-10-14 18:56:44 +00:00
Wes Lambert
3c820365ab Fix common pipeline field removal so won't fail for missing fields 2020-10-14 13:55:24 +00:00
Doug Burks
a106913d1a Heavy node filebeat needs extra_hosts for the heavy node itself #1521 2020-10-14 09:51:59 -04:00
Josh Patterson
2e62494793 Merge pull request #1518 from Security-Onion-Solutions/issue/1153 
fix issue with schedule being placed in wrong location
 2020-10-14 09:26:31 -04:00
Doug Burks
f88403e83e use ssl on nodes that support it 2020-10-14 05:50:29 -04:00