CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2026-04-24 21:47:48 +02:00
Code Issues Packages Projects Releases Wiki Activity
12,720 Commits 41 Branches 125 Tags
0b209d69e56ff7d977d56c756fbadc04b11f4585
Commit Graph

12720 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
weslambert 8cf82c4b6a Merge pull request #10398 from Security-Onion-Solutions/fix/elasticsearch_ingest_dns_query 
Check if 'dns.query' is null
 2023-05-22 07:56:44 -04:00
weslambert 78d4586033 Merge pull request #10399 from Security-Onion-Solutions/fix/elastalert_playbook_alerter 
Update 'url' to use 'es_hosts'
 2023-05-22 07:56:31 -04:00
Jason Ertel 02cf1074f2 Merge pull request #10400 from Security-Onion-Solutions/kilo 
use the same requests version that's already packaged with the analyzer
 2023-05-20 08:45:21 -04:00
Jason Ertel a881cab469 use the same requests version that's already packaged with the analyzer 2023-05-19 23:54:30 -04:00
weslambert 00bd93c026 Update 'url' to use 'es_hosts' 2023-05-19 17:14:13 -04:00
weslambert 2c10ad7eec Check if 'dns.query' is null 2023-05-19 15:50:33 -04:00
weslambert 167051af28 Exclude Zeek's reporter.log from being picked up by Elastic Agent 2023-05-19 15:44:09 -04:00
weslambert eb9c5e9af0 Merge pull request #10307 from Security-Onion-Solutions/fix/elastic_fleet_ignore_zeek_logs 
Don't read from 'known_hosts.log', 'known_services.log', or 'ntp.log'
 2023-05-19 15:09:15 -04:00
Jason Ertel 2f942a3e37 Merge pull request #10393 from Security-Onion-Solutions/kilo 
fix lib dependency issue with whoisit
 2023-05-19 14:34:42 -04:00
Jason Ertel 03f97b309a fix lib dependency issue with whoisit 2023-05-19 14:18:19 -04:00
weslambert c6a962a46b Merge pull request #10392 from Security-Onion-Solutions/fix/elastalert_index 
Change Elastalert writeback index name from 'elastalert_status' to 'elastalert'
 2023-05-19 13:31:29 -04:00
weslambert 1ddf45bbbe Change Elastalert writeback index name from 'elastalert_status' to 'elastalert' 2023-05-19 12:39:27 -04:00
Doug Burks f0c4cebaca Merge pull request #10391 from Security-Onion-Solutions/2.4/elastic-8.7.1 
UPGRADE: Elastic 8.7.1 #10269
 2023-05-19 12:29:01 -04:00
Doug Burks 87c42ece00 Update so-kibana-config-load 2023-05-19 12:21:09 -04:00
Doug Burks 4f8fcd3369 Update config_saved_objects.ndjson 2023-05-19 12:19:44 -04:00
bryant-treacle 5b2d91b5b5 Update alarm_zeek_packet_loss.json 2023-05-19 10:32:53 -04:00
bryant-treacle a84322f9b7 Update alarm_suricata_packet_loss.json 2023-05-19 10:32:29 -04:00
bryant-treacle 2de95bcb63 Update alarm_steno_packet_loss.json 2023-05-19 10:32:13 -04:00
bryant-treacle 1e9e2facde Update alarm_low_monitor_traffic.json 2023-05-19 10:29:53 -04:00
bryant-treacle 592c67d1f2 Update alarm_pcap_retention.json 2023-05-19 10:29:15 -04:00
bryant-treacle e91dd29cb2 Update alarm_high_redis_memory_usage.json 2023-05-19 10:25:22 -04:00
bryant-treacle 13c9142814 Update alarm_low_monitor_traffic.json 2023-05-19 10:21:43 -04:00
bryant-treacle ef4f2491f3 Update alarm_high_redis_memory_usage.json 2023-05-19 10:12:44 -04:00
bryant-treacle 645555b990 Update alarm_zeek_packet_loss.json 2023-05-19 10:10:44 -04:00
bryant-treacle 839275814c Update redis.sh - Added percent of used memory. 2023-05-19 08:51:49 -04:00
bryant-treacle 9b973e07e2 Add files via upload 2023-05-19 08:49:43 -04:00
Josh Patterson 0027385da9 Merge pull request #10389 from Security-Onion-Solutions/issue/10229 
enable playbook on eval in pillar during setup
 2023-05-18 17:38:05 -04:00
m0duspwnens 4ef77f9050 enable playbook on eval in pillar during setup 2023-05-18 17:34:59 -04:00
Mike Reeves debbdec350 Allow additional docker parameters 2023-05-18 17:10:18 -04:00
Mike Reeves bf4ac0c2dd Allow additional docker parameters 2023-05-18 17:08:39 -04:00
Mike Reeves cb9e7e63db Allow additional docker parameters 2023-05-18 17:00:54 -04:00
Mike Reeves 32560af767 Allow additional docker parameters 2023-05-18 16:59:45 -04:00
Mike Reeves 1e5ac61ff5 Allow additional docker parameters 2023-05-18 16:57:48 -04:00
Mike Reeves 5315c51197 Allow additional docker parameters 2023-05-18 16:52:38 -04:00
Mike Reeves 8917f9b9d2 Allow additional docker parameters 2023-05-18 16:46:28 -04:00
Mike Reeves c0dc05f26a Allow additional docker parameters 2023-05-18 16:39:42 -04:00
Mike Reeves 2aa801d906 Allow additional docker parameters 2023-05-18 16:31:29 -04:00
weslambert c192ec9109 Merge pull request #10385 from Security-Onion-Solutions/feature/elastalert_eql 
Add initial support for EQL queries for Elastalert
 2023-05-18 15:36:28 -04:00
Mike Reeves 7ab31e36af Merge branch '2.4/dev' of https://github.com/Security-Onion-Solutions/securityonion into airgaps 2023-05-18 15:19:15 -04:00
Mike Reeves 0fd9fb9294 Allow additional docker parameters 2023-05-18 15:19:09 -04:00
Josh Patterson 059f80bfc4 Merge pull request #10384 from Security-Onion-Solutions/issue/10334 
Issue/10334
 2023-05-18 13:28:47 -04:00
m0duspwnens bab2f7282c fix spaciong 2023-05-18 13:27:48 -04:00
m0duspwnens 02920b5ac9 confirm manager ip when found in setup 2023-05-18 13:25:12 -04:00
m0duspwnens 25b0934cda confirm manager ip when found in setup 2023-05-18 13:06:20 -04:00
Wes d3c7ea4805 Add EQL option 2023-05-18 16:55:26 +00:00
Wes 82c3d78672 Change Elasticsearch host syntax 2023-05-18 16:52:27 +00:00
Josh Brower 97b68609bc Merge pull request #10381 from Security-Onion-Solutions/2.4/smallfixes 
2.4/ElasticFleetPunchList
 2023-05-18 09:04:30 -04:00
Josh Patterson 1d611e618f Merge pull request #10383 from Security-Onion-Solutions/issue/10229 
remove conditional on cacertz and capemz
 2023-05-18 08:45:41 -04:00
m0duspwnens f4b8d385ee remove conditional on cacertz and capemz 2023-05-18 08:36:24 -04:00
Jason Ertel b7e0923ec4 Merge pull request #10382 from Security-Onion-Solutions/kilo 
add missing var for local dev
 2023-05-17 18:58:29 -04:00