CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-19 23:43:07 +01:00
Code Issues Packages Projects Releases Wiki Activity
17,280 Commits 18 Branches 120 Tags
11518f6eea8b78753da9f0cc93c48ac9f70f94b7
Commit Graph

312 Commits

Author SHA1 Message Date
reyesj2
84b38daf62 name destination_geo & source_geo to destination.as and source.as better aligning with ECS and linking other log sources already using .as for ASN geo data. 
Signed-off-by: reyesj2 <94730068+reyesj2@users.noreply.github.com>
 2025-07-25 16:17:22 -05:00
Josh Brower
31cd5b1365 Add support for dns.resolved_ip 2025-06-20 15:02:59 -04:00
Josh Brower
b55cb257b6 Add parsing for Playbook 2025-05-19 13:25:27 -04:00
Josh Brower
9022dc24fb Add Parsing for Playbooks 2025-05-14 13:19:50 -06:00
defensivedepth
7237b8971e Refactor pipeline for hash changes 2024-12-23 15:41:13 -05:00
defensivedepth
f5bd8ab585 Rewrite docs 2024-11-07 15:33:47 -05:00
defensivedepth
5406a263d5 Add local custom template 2024-10-29 19:42:06 -04:00
defensivedepth
f3ca5b1c42 Remove OS-specific mappings 2024-10-28 09:19:51 -04:00
defensivedepth
dcdfaf66f4 Add process and file creation mappings 2024-10-16 15:20:52 -04:00
Doug Burks
dfd8ac3626 FIX: Update SOC MOTD #13320 2024-07-09 12:55:58 -04:00
Doug Burks
93ced0959c FEATURE: Add more links and descriptions to SOC MOTD #13216 2024-06-17 09:25:01 -04:00
Doug Burks
6f13fa50bf FEATURE: Add more links and descriptions to SOC MOTD #13216 2024-06-17 09:24:32 -04:00
Doug Burks
3bface12e0 FEATURE: Add more links and descriptions to SOC MOTD #13216 2024-06-17 09:23:14 -04:00
Doug Burks
b584c8e353 FEATURE: Add more links and descriptions to SOC MOTD #13216 2024-06-17 09:13:17 -04:00
Josh Brower
185fb38b2d Merge pull request #13079 from Security-Onion-Solutions/2.4/sigmapipelineupdates 
Add IDH mappings
 2024-05-24 14:48:22 -04:00
DefensiveDepth
550b3ee92d Add IDH mappings 2024-05-24 14:46:24 -04:00
DefensiveDepth
66725b11b3 Added unit tests 2024-05-24 09:55:10 -04:00
DefensiveDepth
d19c1a514b Detections backup script 2024-05-22 15:12:23 -04:00
DefensiveDepth
376efab40c Ship Defender logs 2024-04-08 14:01:38 -04:00
Jason Ertel
3aea2dec85 analytics 2024-04-01 09:50:18 -04:00
Josh Brower
d832158cc5 Drop Hashes field 2024-03-01 15:26:02 -05:00
Josh Brower
b017157d21 Add antivirus mapping 2024-03-01 14:04:56 -05:00
Josh Brower
d04aa06455 Fix source.ip 2024-02-22 14:01:02 -05:00
Josh Brower
c886e72793 Imphash mappings 2024-02-22 08:59:33 -05:00
Josh Brower
0a9022ba6a Add hash mappings 2024-02-21 17:07:08 -05:00
Josh Brower
81a3e95914 Fixup sigma pipelines 2024-02-07 16:42:16 -05:00
Josh Brower
7e3187c0b8 Fixup sigma pipelines 2024-02-07 15:35:31 -05:00
Doug Burks
da56a421e5 Update motd.md 2023-08-31 09:17:33 -04:00
Doug Burks
4426437ad3 Update motd.md 2023-08-10 15:04:31 -04:00
m0duspwnens
8e18986671 enabled/disable soc in ui 2023-05-11 15:33:16 -04:00
Doug Burks
4dcc79d245 FIX: Overview Customization link #10173 2023-04-20 16:26:51 -04:00
Doug Burks
530c497800 Update motd.md 2022-09-20 15:16:04 -04:00
Jason Ertel
d12ff79af0 Remove comments to avoid confusing config viewers within SOC 2022-09-13 12:08:19 -04:00
Jason Ertel
21c7f940d7 Update copyrights 2022-09-13 11:48:25 -04:00
m0duspwnens
5bb001281b soc defaults changes - client child of server 2022-09-08 15:57:18 -04:00
Mike Reeves
2bd9dd80e2 Move In Day 2022-09-07 09:06:25 -04:00
Doug Burks
94c637449d FIX: Improve default dashboards #8136 2022-06-21 12:53:06 -04:00
Doug Burks
dce415297c improve readability in motd.md 2022-06-04 06:59:09 -04:00
Doug Burks
de126647f8 Update motd.md to include links to Dashboards and Cases 2022-06-04 06:55:08 -04:00
Doug Burks
83bff5ee87 add bar and pie examples to overview dashboard in dashboards.queries.json 2022-06-03 15:02:40 -04:00
Doug Burks
4a886338c8 fix description field for default dashboard in dashboards.queries.json 2022-06-03 11:10:01 -04:00
Doug Burks
7da1802eae Add sankey diagram to default dashboard in dashboards.queries.json 2022-06-03 11:03:48 -04:00
Doug Burks
269b16bbfd https://github.com/Security-Onion-Solutions/securityonion/issues/8049 2022-05-31 16:51:05 -04:00
Doug Burks
cd382a1b25 FIX: Elastalert query in Hunt #8049 2022-05-31 16:50:32 -04:00
Doug Burks
e1c9b0d108 FIX: Elastalert query in Hunt #8049 2022-05-31 16:47:52 -04:00
Doug Burks
9a98667e85 FIX: Elastalert query in Hunt #8049 2022-05-31 16:47:11 -04:00
doug
5cbb50a781 update dashboards.queries.json and hunt.queries.json 2022-05-16 08:33:48 -04:00
Doug Burks
6ed3f42449 remove duplicate showSubtitle from hunt.queries.json 2022-05-12 09:23:00 -04:00
Jason Ertel
31c04aabdd Disable MRU queries on dashboards 2022-05-09 15:06:43 -04:00
Jason Ertel
3f35dc54d2 Disable actions on dashboards group-by tables 2022-05-09 11:44:39 -04:00