CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-06 17:22:49 +01:00
Code Issues Packages Projects Releases Wiki Activity
4,745 Commits 24 Branches 119 Tags
10f4e09b70189fa3f04a20e917f30acead7e632f
Commit Graph

4745 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Josh Patterson
10f4e09b70 Merge pull request #1424 from Security-Onion-Solutions/issue/1070 
Issue/1070
 2020-09-30 10:11:37 -04:00
William Wernert
00785c6ba5 Merge pull request #1418 from Security-Onion-Solutions/feature/replace-hardcoded-pass 
Feature/replace hardcoded pass
 2020-09-30 08:56:35 -04:00
Doug Burks
0a995f4a7a Update README.md 2020-09-30 07:43:20 -04:00
m0duspwnens
85969dc16d add quotes and remove quotes 2020-09-29 16:29:05 -04:00
m0duspwnens
bf99bab6c0 add quotes and remove quotes 2020-09-29 16:26:45 -04:00
weslambert
401764437f Merge pull request #1421 from Security-Onion-Solutions/fix/ip_type 
Ensure IPs are typed as IP and ports as integer
 2020-09-29 14:21:25 -04:00
Wes Lambert
36019727b3 Ensure IPs are typed as IP and ports as integer 2020-09-29 18:20:15 +00:00
m0duspwnens
547c3ff52c single quote inputs to yaml files 2020-09-29 13:59:16 -04:00
William Wernert
7d43d48aca Remove bad line in playbook_db_init.sh 2020-09-29 11:13:09 -04:00
William Wernert
55058a11aa Generate passwords for Grafana + Playbook default users 2020-09-29 11:12:09 -04:00
William Wernert
ebe00822f8 Merge pull request #1417 from Security-Onion-Solutions/bugfix/local_zeeklogs 
Bugfix/local zeeklogs
 2020-09-29 08:58:02 -04:00
Doug Burks
60134829d5 Alerts - Drilldown should display rule.uuid #1416 2020-09-29 07:51:45 -04:00
Doug Burks
c7b43ac220 Update soc.json 2020-09-29 07:41:49 -04:00
Doug Burks
a7f24b62e6 Hunt - improve NIDS query and eventFields #1415 2020-09-29 07:34:44 -04:00
Josh Patterson
9ca13ebccd Merge pull request #1414 from Security-Onion-Solutions/issue/1404 
change so salt module to /usr/sbin/so-status
 2020-09-28 18:31:26 -04:00
Mike Reeves
c828a2ea75 Merge pull request #1413 from Security-Onion-Solutions/experimental 
Airgap SOUP!
 2020-09-28 17:47:38 -04:00
m0duspwnens
8741520263 change so salt module to /usr/sbin/so-status 2020-09-28 17:31:05 -04:00
Mike Reeves
6b8b0f1b26 Change add registry 2020-09-28 16:48:02 -04:00
William Wernert
f77305e22f Generate zeeklogs sls earlier to avoid error 2020-09-28 16:45:06 -04:00
William Wernert
f782299281 Remove preconfigured zeeklog + create it during setup 2020-09-28 15:12:36 -04:00
Josh Patterson
fa6396b121 Merge pull request #1410 from Security-Onion-Solutions/fix/disable_auto_start 
send to dev/null to prevent output
 2020-09-28 15:07:40 -04:00
weslambert
3d6c956e02 Merge pull request #1409 from Security-Onion-Solutions/feature/wazuh_wel 
Add initial parsing for Wazuh WEL/Sysmon
 2020-09-28 15:07:15 -04:00
m0duspwnens
0bb1ba2853 send to dev/null to prevent output 2020-09-28 15:06:43 -04:00
Wes Lambert
869767d9d9 Add initial parsing for Wazuh WEL/Sysmon 2020-09-28 19:04:21 +00:00
Josh Patterson
0944cd1bcd Merge pull request #1408 from Security-Onion-Solutions/issue/1093 
Issue/1093
 2020-09-28 14:45:18 -04:00
m0duspwnens
3b709e7877 remove cleaning of webpasswd1 2020-09-28 14:44:14 -04:00
Doug Burks
6e9e4dc99c Hunt third magnifying glass should group output by event.module and event.dataset #1407 2020-09-28 14:19:55 -04:00
Mike Reeves
2cdf76473c Add Registry back from cleanup 2020-09-28 14:19:43 -04:00
m0duspwnens
053b19de11 Merge remote-tracking branch 'remotes/origin/dev' into issue/1093 2020-09-28 13:25:42 -04:00
m0duspwnens
bda9078843 check for invalid characters in fleet user password 2020-09-28 13:25:23 -04:00
Doug Burks
0516a9ddd5 Alerts page "Hunt for this field" action should quote field and group output #1406 2020-09-28 12:35:08 -04:00
m0duspwnens
85e53c53af reject passwords with single or double quotes or backslashes 2020-09-28 11:51:19 -04:00
Mike Reeves
6a4d6f7a6d Additional logic 2020-09-28 10:12:52 -04:00
William Wernert
66b7678df8 Merge pull request #1405 from Security-Onion-Solutions/feature/setup-cleanup 
Feature/setup cleanup
 2020-09-28 09:47:52 -04:00
William Wernert
3b9de2b7ca Disable ipv6 earlier in setup 2020-09-28 09:14:45 -04:00
William Wernert
a60bf11daa Make sure zeek log is only written on whiptail success 2020-09-28 09:11:50 -04:00
William Wernert
05729d216a Don't direct user to check log in so-zeek-log, none exists 2020-09-28 08:45:59 -04:00
Doug Burks
3904295137 Hunt - improve HTTP queries #1401 2020-09-27 08:04:28 -04:00
Doug Burks
aa7f927ffd Hunt - improve x509 queries #1400 2020-09-27 07:17:46 -04:00
Jason Ertel
68f18da832 Add alert query toggle filters for ack'd and escalated alerts 2020-09-25 17:03:42 -04:00
William Wernert
dc330a774e Exit so-zeek-logs if user cancels 2020-09-25 16:30:16 -04:00
William Wernert
9acf610262 Also disable ipv6 for install 2020-09-25 16:10:26 -04:00
William Wernert
d76a4b1359 Show welcome screen on both iso and network installs 2020-09-25 14:59:27 -04:00
Doug Burks
11b200e9c0 Hunt - remove SMTP fields #1397 2020-09-25 14:17:14 -04:00
Doug Burks
20a56d0831 Hunt - add network.community_id column to Events table for more data types #1396 2020-09-25 13:18:28 -04:00
weslambert
6bfef773f2 Merge pull request #1392 from Security-Onion-Solutions/bugfix/config_dev_nullify 
dev nullify so-config-backup cron job
 2020-09-24 21:00:18 -04:00
weslambert
b3f9ee3b34 dev nullify so-config-backup cron job 2020-09-24 20:59:42 -04:00
Jason Ertel
c0be252f9f SOC config adjustments for alerting 2020-09-24 16:37:27 -04:00
Josh Patterson
04f2595fa1 Merge pull request #1389 from Security-Onion-Solutions/issue/1388 
fix common salt package name for salt.master state for ubuntu
 2020-09-24 12:36:26 -04:00
Mike Reeves
e30958b9ec Airgap SOUP changes 2020-09-24 11:41:02 -04:00