CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-07 09:42:46 +01:00
Code Issues Packages Projects Releases Wiki Activity
14,271 Commits 24 Branches 119 Tags
0c6c6ba2d5d2e529ab6239f53ea6bd38d8a13446
Commit Graph

1005 Commits

Author SHA1 Message Date
Corey Ogburn
64f6d0fba9 Updated Detection's ES Mappings 
Detection's now have a License field and the Comment model is defined now.
 2024-02-09 14:20:07 -07:00
Corey Ogburn
29174566f3 WIP: Updated Detection Mappings, Changed Engine to Language 
Detection mappings updated to include the removal of Note and the addition of Tags, Ruleset, and Language.

SOC defaults updated to use language based queries rather than engine and show the language column instead of the engine column in results.
 2024-02-08 09:44:56 -07:00
Corey Ogburn
585147d1de Added so-detection mapping in elasticsearch 2024-01-31 10:39:47 -07:00
Wes
12ab6338db Add diagnostic 2024-01-25 20:16:52 +00:00
weslambert
cd54d4becb Fix indent 2024-01-25 13:57:02 -05:00
weslambert
5f1c76f6ec endpoint.diagnostic.collection 2024-01-25 09:46:25 -05:00
Wes
8426aad56d Text mapping for scan.pe.flags 2024-01-24 15:10:42 +00:00
Wes
d23d367058 Make scan.pe.flags a string 2024-01-24 15:08:38 +00:00
Wes
80a3942245 Rename RITA pipelines 2024-01-22 20:15:48 +00:00
Wes
7118cc8dee Add additional integration SOC configuration 2024-01-19 22:04:07 +00:00
Wes
05aa8b013a Add additional integration to templates 2024-01-19 22:02:39 +00:00
Mike Reeves
efe8cfda95 Update suricata.common 2024-01-19 13:39:28 -05:00
Mike Reeves
08486e279c Update suricata.common 2024-01-19 13:36:43 -05:00
Wes
e70ce50912 Change description 2024-01-17 14:06:16 +00:00
Wes
f6590ac0bf Remove Suricata IKEv2 pipeline 2024-01-16 18:10:00 +00:00
Wes
ea64ce92d3 Add Suricata IKE pipeline 2024-01-16 18:09:46 +00:00
Wes
8a92b023b2 Add interface name 2024-01-16 18:09:16 +00:00
weslambert
252c51dafb Change order of names 2024-01-12 16:45:18 -05:00
weslambert
a07e6e1058 OTX pulses 2024-01-12 16:43:33 -05:00
weslambert
3f9678056d OTX pulses template 2024-01-12 16:42:32 -05:00
Wes
418f41c7e4 Add SOC configuration for metrics 2024-01-12 15:03:18 +00:00
Wes
5eae349938 Add endpoint metrics templates 2024-01-12 13:47:35 +00:00
Wes
c89d674a92 Add settings for integrations 2024-01-11 14:18:06 +00:00
Wes
9b1ddcacb4 Add additional templates for integrations 2024-01-11 14:00:09 +00:00
Josh Brower
5513e74807 comma 2024-01-09 08:12:33 -05:00
Josh Brower
31ee365a91 Fixup FIM events 2024-01-09 08:11:05 -05:00
weslambert
7684aadb87 Merge pull request #12062 from Security-Onion-Solutions/fix/curator_remove 
Curator Remove Changes
 2023-12-20 15:16:47 -05:00
Wes
4baf4657f6 Curator cleanup 2023-12-20 19:10:22 +00:00
Doug Burks
6a1073b616 FIX: Update dashboard and hunt query for firewall logs #12021 2023-12-18 12:57:40 -05:00
Josh Patterson
45f50cc121 Merge pull request #12019 from Security-Onion-Solutions/fix/extrahosts 
fix extra_hosts
 2023-12-14 12:03:07 -05:00
m0duspwnens
3dbf97944d fix extra_hosts. https://github.com/Security-Onion-Solutions/securityonion/issues/12015 2023-12-14 10:26:29 -05:00
weslambert
5d3f2298b6 Merge pull request #12000 from Security-Onion-Solutions/feature/additional_integrations 
Additional Integrations #2
 2023-12-13 13:23:34 -05:00
weslambert
8cf5d9c1a6 Annotations 2023-12-13 11:55:40 -05:00
weslambert
cdac2bfa16 Add Anomali, Cybersixgill, Snort, and ThreatQuotient 2023-12-13 11:03:25 -05:00
Doug Burks
d49d13289e Update so-elastic-clear 2023-12-12 16:37:06 -05:00
Wes
54c3167b10 Delete data streams when necessary 2023-12-12 05:25:50 +00:00
Wes
b1721b6467 Fix directory 2023-12-11 21:43:25 +00:00
Wes
d203aec44a Remove Curator 2023-12-08 19:37:06 +00:00
Doug Burks
ab0e6f9bec update broken help links in SOC Config 2023-12-06 14:35:51 -05:00
Doug Burks
93fb10de86 Merge pull request #11897 from Security-Onion-Solutions/2.4/nids-rule-reference 
FIX: Update NIDS rule.reference in common.nids pipeline #11846
 2023-11-29 12:19:12 -05:00
weslambert
9d63a47792 Certificate hash 2023-11-29 12:01:43 -05:00
weslambert
7001e90667 Client and server fingerprints 2023-11-29 12:00:46 -05:00
Doug Burks
0603e96c08 FIX: Update NIDS rule.reference in common.nids pipeline #11846 2023-11-29 09:46:11 -05:00
weslambert
02baa18502 Add metrics 2023-11-08 22:41:24 -05:00
weslambert
e39edab00d Exclude osquery and display failed name 2023-11-08 20:55:08 -05:00
weslambert
acb6e84248 Don't load index template if component template doesn't exist 2023-11-08 20:34:08 -05:00
Jason Ertel
32079a7bce Merge pull request #11734 from Security-Onion-Solutions/fix/elastic_scripts 
Improve error handling and add retry logic
 2023-11-08 12:19:00 -05:00
Jason Ertel
d256be3eb3 allow template loads to partially succeed only on the initial attempt 2023-11-08 10:32:11 -05:00
Wes
653fda124f Check expected with retry 2023-11-08 13:02:17 +00:00
Wes
b46e86c39b Extend index template loading to 60 attempts and a total of ~5 minutes 2023-11-08 02:29:09 +00:00