CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-16 14:02:52 +01:00
Code Issues Packages Projects Releases Wiki Activity
10,818 Commits 28 Branches 119 Tags
10fc8de9f94d47536a459a604ed54bd8834dfa02
Commit Graph

6433 Commits

Author SHA1 Message Date
doug
3482df5ee1 fix jinja whitespace 2023-01-04 13:33:51 -05:00
doug
a67a254edc update Copyright year 2023-01-04 12:44:18 -05:00
Doug Burks
e3d32c7871 Improve default sysmon fields and add new network_connection fields 2023-01-04 07:38:18 -05:00
Wes
bd114eb1c4 Update RITA beacon parsing 2023-01-03 16:01:35 +00:00
doug
5d060f9832 update Sysmon File dashboard 2022-12-31 14:10:02 -05:00
doug
edcbfd17f5 update sysmon parser 2022-12-30 16:20:06 -05:00
Doug Burks
3e1a5b6329 Improve Strelka dashboard 2022-12-21 15:34:06 -05:00
Doug Burks
b1709f3ea3 Improve Firewall dashboard 2022-12-21 15:28:41 -05:00
Doug Burks
76a73ea35c Improve Software dashboard 2022-12-21 15:25:19 -05:00
Doug Burks
991a6ec43c Improve Intel dashboard 2022-12-21 15:19:54 -05:00
Doug Burks
e2c0607249 Improve FTP dashboard 2022-12-21 14:36:44 -05:00
Doug Burks
82c61e6bc9 improve NIDS Alerts dashboard 2022-12-21 14:32:05 -05:00
Doug Burks
37aa779095 Minor improvements 2022-12-21 13:14:38 -05:00
Doug Burks
9e631ad63d Improve SOC dashboards 2022-12-21 13:04:12 -05:00
Jason Ertel
87cebedc85 Backup the new Kratos location 2022-12-14 14:12:47 -05:00
Jason Ertel
e8a8f65ddc fix typo 2022-12-14 12:56:25 -05:00
Jason Ertel
a7a15117f0 Improve soup wording when the script itself needs updated 2022-12-14 12:03:47 -05:00
Jason Ertel
865ba4264b Stop backing up kratos since it now lives in /nsm. Ensure kratos is removed when re-installing. 2022-12-14 10:57:24 -05:00
Jason Ertel
6985b0ab27 Move kratos DB to /nsm 2022-12-14 10:50:24 -05:00
Mike Reeves
b0d934daf7 Update config.map.jinja 2022-12-13 13:52:13 -05:00
Doug Burks
aa08803f03 FIX: so-import utilities should hyperlink to dashboards #9373 2022-12-13 13:23:27 -05:00
Doug Burks
bb346d531d FIX: so-import utilities should hyperlink to dashboards #9373 2022-12-13 13:22:53 -05:00
Doug Burks
6c057d0b0a FIX: so-import utilities should hyperlink to dashboards #9373 2022-12-13 12:43:54 -05:00
Doug Burks
47e43e53d9 FIX: so-import utilities should hyperlink to dashboards #9373 2022-12-13 12:43:10 -05:00
Wes
98a1fb96c2 Add test coverage for empty list value 2022-12-13 16:23:16 +00:00
Wes
874bbd2580 Remove extra whitespace 2022-12-13 16:02:46 +00:00
Wes
90dedbb841 Update tests to account for change in 'file_path' value verification 2022-12-13 15:58:35 +00:00
Wes
df5dd5fe28 Use new list verification function for 'file_path' 2022-12-13 15:57:43 +00:00
Wes
d5ab455485 Add new test for list value verification function 2022-12-13 15:56:58 +00:00
Wes
20b79b7ab0 Add new function to verify list value 2022-12-13 15:56:26 +00:00
Jason Ertel
d7dd2d2ef8 Upgrade ES to 8.5.3 2022-12-12 13:43:28 -05:00
weslambert
f85fb5ecf9 Remove double quotes to fix issue with file path sourcing from 'localfile.py' 2022-12-08 16:35:24 -05:00
Jason Ertel
d48d473f43 Switch back to older style redirect due to incompatibility with Ub 18 2022-12-07 14:06:24 -05:00
Jason Ertel
225b7e359c Use original style due to pgrep conflict with cron 2022-12-07 11:53:42 -05:00
Jason Ertel
7b05627d5c Suricata support for filecheck; reduce cron noise 2022-12-07 07:58:32 -05:00
Mike Reeves
f0c3b876a9 Update init.sls 2022-12-06 13:35:03 -05:00
Mike Reeves
531423f49a Update init.sls 2022-12-06 13:25:03 -05:00
Jason Ertel
0dd2e51e83 Ensure Suricata move events get picked up 2022-12-06 11:39:58 -05:00
weslambert
8bb3b22993 Disable additional YARA rules there are causing compilation errors 2022-12-05 11:30:22 -05:00
Jason Ertel
69c5a9dd90 ensure tmp files are not processed 2022-12-05 10:31:09 -05:00
Jason Ertel
86c31c129a add suricata to socore group 2022-12-05 10:27:42 -05:00
Jason Ertel
483a9d477f undo filecheck location move 2022-12-05 10:15:15 -05:00
Jason Ertel
d7f60a0e58 only check files on inotify 2022-12-05 10:01:40 -05:00
Jason Ertel
f06443f3dd add suricata to socore group 2022-12-05 09:57:24 -05:00
Jason Ertel
fe798138e3 add suricata to socore group 2022-12-05 09:50:35 -05:00
Jason Ertel
e9bb60dedb fix filecheck for suricata deployments 2022-12-05 09:28:25 -05:00
Jason Ertel
992ced685f fix filecheck for suricata deployments 2022-12-05 09:27:31 -05:00
Jason Ertel
592bbf4217 fix filecheck for suricata deployments 2022-12-05 09:21:08 -05:00
Mike Reeves
a3f9859fdb Update init.sls 2022-12-02 09:38:13 -05:00
Doug Burks
7184b9cb25 disable ecat_arp_info by default in so-zeek-logs 2022-12-01 07:18:05 -05:00