CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-19 23:43:07 +01:00
Code Issues Packages Projects Releases Wiki Activity
10,653 Commits 18 Branches 120 Tags
0ede5a73137c51a7a6757e283dedb10cdf9a2be2
Commit Graph

6407 Commits

Author SHA1 Message Date
weslambert
0ede5a7313 Remove JA3er references 2022-10-26 10:24:25 -04:00
Wes
803d2d4d75 Add PyYAML .whl files back since they were 'deleted' in the previous commit 2022-10-25 19:15:54 +00:00
Wes
0267ece4bf Fix PyYAML .whl file name and remove JA3er analyzer 2022-10-25 19:11:52 +00:00
m0duspwnens
8c5197c2ea add line space 2022-10-21 11:49:01 -04:00
m0duspwnens
8b5c79fb39 add so-kratos and so-ossec to curator defaults 2022-10-21 11:21:03 -04:00
m0duspwnens
71eaa715b6 update jinja 2022-10-21 11:09:52 -04:00
m0duspwnens
c880be8d45 use curator defaults.yaml merged with pillar for actions 2022-10-21 10:38:32 -04:00
m0duspwnens
998870ac87 Merge remote-tracking branch 'remotes/origin/2.4/dev' into statesglobals 2022-10-17 15:58:44 -04:00
m0duspwnens
b089a58243 use registry_host instead of manager 2022-10-17 15:53:29 -04:00
m0duspwnens
09b7af2998 fix typo 2022-10-17 15:50:48 -04:00
m0duspwnens
deba743ef0 fix elasticsearch auth globals 2022-10-13 13:54:52 -04:00
m0duspwnens
04b4030eb6 only add elasticsearch.auth to elasticsearch global var if auth exists 2022-10-13 12:31:41 -04:00
Doug Burks
f6151b3895 Remove destination_geo.organization_name from Sysmon Network sankey diagram 2022-10-13 09:03:10 -04:00
m0duspwnens
78b496a689 fix mine_functions.conf 2022-10-12 16:03:44 -04:00
m0duspwnens
95f7cb6bcd change file_mode to mode 2022-10-12 14:21:55 -04:00
m0duspwnens
eed3746ebc fix some globals 2022-10-12 13:39:37 -04:00
m0duspwnens
6a17f201a2 changes for backup state 2022-10-12 11:31:42 -04:00
weslambert
dd09ce7aab Add log package for Fleet to allow for custom log ingestion 2022-10-11 12:00:57 -04:00
m0duspwnens
b526532ab6 use global vars in states 2022-10-11 11:57:15 -04:00
doug
d65fde9536 improve sysmon dashboards 2022-10-07 12:23:40 -04:00
weslambert
bee1b06f76 Update to Kibana 8.4.3 2022-10-06 15:14:43 -04:00
weslambert
985e1728d7 Update to Kibana 8.4.3 2022-10-06 15:13:27 -04:00
Jason Ertel
0fdec03fa9 use yaml anchor to avoid duplicated annotations 2022-09-30 15:15:35 -04:00
Jason Ertel
30a23a4cd0 Add SOC annotations 2022-09-30 15:00:08 -04:00
Jason Ertel
5708f3595e Avoid overwriting the file inode since it's mapped into a running container 2022-09-27 17:27:28 -04:00
Jason Ertel
e519548557 add logLevel default and annotation for quick access to enabling debug logs 2022-09-27 16:55:28 -04:00
Jason Ertel
981371c72f log salt-relay responses for troubleshooting assistance 2022-09-27 16:48:47 -04:00
Jason Ertel
16d24d4bc9 Merge pull request #8822 from Security-Onion-Solutions/config 
user management / sync
 2022-09-27 11:14:32 -04:00
Jason Ertel
53b4f01921 replace quotes on minion arg 2022-09-27 10:54:08 -04:00
Jason Ertel
851e44e5fa ensure salt-relay is restarted when SOC is manually restarted 2022-09-27 10:31:14 -04:00
Jason Ertel
7f7f2c15d0 add support for querying active salt jobs (future use) 2022-09-27 10:29:21 -04:00
m0duspwnens
6bd4860f19 fix path 2022-09-27 09:57:01 -04:00
m0duspwnens
42b03ca6df add missing soc things 2022-09-27 09:53:48 -04:00
Jason Ertel
556ddc2ee4 sync in background 2022-09-27 09:24:34 -04:00
Jason Ertel
8e175b2d3f add manual sync 2022-09-27 07:05:04 -04:00
Mike Reeves
2066efcabf Add Rules to sync 2022-09-26 17:18:28 -04:00
Mike Reeves
37c98c14cd Fix zeek logs in filebeat 2022-09-26 17:11:10 -04:00
Mike Reeves
aa7dd47b00 Fix zeek logs in filebeat 2022-09-26 17:01:44 -04:00
Doug Burks
80201f1465 Change managing-rules.html to rules.html in soc_idstools.yaml 2022-09-26 14:58:51 -04:00
Jason Ertel
0ad1a1a262 so-user and salt-relay updates for user management 2022-09-26 14:57:33 -04:00
Josh Brower
97f42dcce5 Merge pull request #8811 from Security-Onion-Solutions/2.4/elastic-fleet 
Live Query - View in Hunt fix
 2022-09-26 09:35:12 -04:00
Josh Brower
a0b579019f Live Query - View in Hunt fix 2022-09-26 09:27:09 -04:00
Doug Burks
4e5eb1cbb8 Merge pull request #8807 from Security-Onion-Solutions/2.4/dev-ocd 
initial quick OCD pass
 2022-09-23 20:39:54 +00:00
doug
fee5a7bea9 initial quick OCD pass 2022-09-23 16:29:55 -04:00
Josh Brower
d698238ed1 Merge pull request #8799 from Security-Onion-Solutions/2.4/elastic-fleet 
Live Query - View in Hunt link
 2022-09-23 15:00:32 -04:00
Mike Reeves
e3f4a58989 Merge pull request #8804 from Security-Onion-Solutions/funstuff 
Firewall and More
 2022-09-23 14:00:51 -04:00
Mike Reeves
d26be44df1 update soc_firewall.yaml 2022-09-23 13:09:46 -04:00
Mike Reeves
3e2be096be update soc_firewall.yaml 2022-09-23 13:08:03 -04:00
Mike Reeves
2b9322b823 Helps if you add the IP address 2022-09-23 08:52:58 -04:00
Josh Patterson
975c7fabcc remove minion hg 2022-09-23 08:39:48 -04:00