CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-19 07:23:06 +01:00
Code Issues Packages Projects Releases Wiki Activity
4,745 Commits 18 Branches 120 Tags
10f4e09b70189fa3f04a20e917f30acead7e632f
Commit Graph

2739 Commits

Author SHA1 Message Date
Josh Patterson
10f4e09b70 Merge pull request #1424 from Security-Onion-Solutions/issue/1070 
Issue/1070
 2020-09-30 10:11:37 -04:00
William Wernert
00785c6ba5 Merge pull request #1418 from Security-Onion-Solutions/feature/replace-hardcoded-pass 
Feature/replace hardcoded pass
 2020-09-30 08:56:35 -04:00
m0duspwnens
85969dc16d add quotes and remove quotes 2020-09-29 16:29:05 -04:00
m0duspwnens
bf99bab6c0 add quotes and remove quotes 2020-09-29 16:26:45 -04:00
Wes Lambert
36019727b3 Ensure IPs are typed as IP and ports as integer 2020-09-29 18:20:15 +00:00
William Wernert
7d43d48aca Remove bad line in playbook_db_init.sh 2020-09-29 11:13:09 -04:00
William Wernert
55058a11aa Generate passwords for Grafana + Playbook default users 2020-09-29 11:12:09 -04:00
Doug Burks
60134829d5 Alerts - Drilldown should display rule.uuid #1416 2020-09-29 07:51:45 -04:00
Doug Burks
c7b43ac220 Update soc.json 2020-09-29 07:41:49 -04:00
Doug Burks
a7f24b62e6 Hunt - improve NIDS query and eventFields #1415 2020-09-29 07:34:44 -04:00
Josh Patterson
9ca13ebccd Merge pull request #1414 from Security-Onion-Solutions/issue/1404 
change so salt module to /usr/sbin/so-status
 2020-09-28 18:31:26 -04:00
Mike Reeves
c828a2ea75 Merge pull request #1413 from Security-Onion-Solutions/experimental 
Airgap SOUP!
 2020-09-28 17:47:38 -04:00
m0duspwnens
8741520263 change so salt module to /usr/sbin/so-status 2020-09-28 17:31:05 -04:00
Mike Reeves
6b8b0f1b26 Change add registry 2020-09-28 16:48:02 -04:00
Wes Lambert
869767d9d9 Add initial parsing for Wazuh WEL/Sysmon 2020-09-28 19:04:21 +00:00
Josh Patterson
0944cd1bcd Merge pull request #1408 from Security-Onion-Solutions/issue/1093 
Issue/1093
 2020-09-28 14:45:18 -04:00
Doug Burks
6e9e4dc99c Hunt third magnifying glass should group output by event.module and event.dataset #1407 2020-09-28 14:19:55 -04:00
Mike Reeves
2cdf76473c Add Registry back from cleanup 2020-09-28 14:19:43 -04:00
m0duspwnens
053b19de11 Merge remote-tracking branch 'remotes/origin/dev' into issue/1093 2020-09-28 13:25:42 -04:00
Doug Burks
0516a9ddd5 Alerts page "Hunt for this field" action should quote field and group output #1406 2020-09-28 12:35:08 -04:00
m0duspwnens
85e53c53af reject passwords with single or double quotes or backslashes 2020-09-28 11:51:19 -04:00
Mike Reeves
6a4d6f7a6d Additional logic 2020-09-28 10:12:52 -04:00
William Wernert
66b7678df8 Merge pull request #1405 from Security-Onion-Solutions/feature/setup-cleanup 
Feature/setup cleanup
 2020-09-28 09:47:52 -04:00
William Wernert
a60bf11daa Make sure zeek log is only written on whiptail success 2020-09-28 09:11:50 -04:00
William Wernert
05729d216a Don't direct user to check log in so-zeek-log, none exists 2020-09-28 08:45:59 -04:00
Doug Burks
3904295137 Hunt - improve HTTP queries #1401 2020-09-27 08:04:28 -04:00
Doug Burks
aa7f927ffd Hunt - improve x509 queries #1400 2020-09-27 07:17:46 -04:00
Jason Ertel
68f18da832 Add alert query toggle filters for ack'd and escalated alerts 2020-09-25 17:03:42 -04:00
William Wernert
dc330a774e Exit so-zeek-logs if user cancels 2020-09-25 16:30:16 -04:00
Doug Burks
11b200e9c0 Hunt - remove SMTP fields #1397 2020-09-25 14:17:14 -04:00
Doug Burks
20a56d0831 Hunt - add network.community_id column to Events table for more data types #1396 2020-09-25 13:18:28 -04:00
weslambert
b3f9ee3b34 dev nullify so-config-backup cron job 2020-09-24 20:59:42 -04:00
Jason Ertel
c0be252f9f SOC config adjustments for alerting 2020-09-24 16:37:27 -04:00
Mike Reeves
e30958b9ec Airgap SOUP changes 2020-09-24 11:41:02 -04:00
m0duspwnens
d9005c157d fix common salt package name for salt.master state for ubuntu - https://github.com/Security-Onion-Solutions/securityonion/issues/1388 2020-09-24 11:26:58 -04:00
Doug Burks
62dbe425a6 Hunt - fix x509 eventFields #1387 2020-09-24 07:52:46 -04:00
Doug Burks
2b8b8e2f40 Hunt - fix file eventFields #1386 2020-09-24 07:44:28 -04:00
Doug Burks
60daacd6dc Hunt - fix DHCP eventFields #1385 2020-09-24 07:34:29 -04:00
weslambert
5b93c40ce4 Add back missing # sign 2020-09-23 21:34:10 -04:00
Jason Ertel
2f7c0c34e6 Support backslashes in SOC passwords 2020-09-23 10:09:21 -04:00
Wes Lambert
71734ddc0a Add cron job to common state for daily config backup 2020-09-23 13:55:32 +00:00
Wes Lambert
57732b360e Add config backup script 2020-09-23 13:47:14 +00:00
Josh Brower
8bb527b4f1 fix docker_clean syntax 2020-09-21 19:41:39 -04:00
Jason Ertel
694635a38f Add pivot to hunt as a new alerts quick action 2020-09-21 17:10:03 -04:00
Mike Reeves
0f1b92cea9 Update so-rule-update 2020-09-21 15:40:38 -04:00
Mike Reeves
d56a9e1f86 Upgrade to GA including Docker Cleanup 2020-09-21 13:14:06 -04:00
Josh Brower
3cd11807cd Add so-user-list 2020-09-21 10:02:10 -04:00
Jason Ertel
8f4a6df53a Add event.module to default alert query 2020-09-21 09:06:56 -04:00
Jason Ertel
fc51c2aef4 Group by community ID on second alert quick query 2020-09-19 08:39:01 -04:00
Jason Ertel
5b38acb64b Add alerting configuration for soc container 2020-09-18 13:51:23 -04:00