CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-06 09:12:45 +01:00
Code Issues Packages Projects Releases Wiki Activity
10,696 Commits 24 Branches 119 Tags
13a8cbdabbb6722d787273d1e6a73cd1fc5d27fd
Commit Graph

722 Commits

Author SHA1 Message Date
Wes
13a8cbdabb Add convert processor for opcua.encoding_mask 2022-11-29 18:59:30 +00:00
weslambert
1cc5961c07 Change 'write' to 'read' to correct name and avoid pipeline failure 2022-11-29 12:54:55 -05:00
Wes
5db643e53b Add Zeek dnp3_control ingest pipeline 2022-11-29 17:18:24 +00:00
doug
1bb76bb251 update zeek s7comm parsers 2022-11-29 07:50:21 -05:00
doug
4251331bd4 update zeek tds parsers and dashboard 2022-11-29 07:43:20 -05:00
doug
124d56f4b9 update zeek cip parsers 2022-11-29 07:36:30 -05:00
doug
02821b97ad update bacnet parsers 2022-11-29 07:26:11 -05:00
doug
9a50832669 fix more typos 2022-11-29 07:16:30 -05:00
doug
cffbe757a6 fix bsap typos 2022-11-29 06:56:51 -05:00
doug
8462e66873 fix opcua_binary_browse_description 2022-11-28 13:50:24 -05:00
doug
6d814d3909 add more zeek opcua parsers 2022-11-26 17:43:58 -05:00
doug
73adc571de add more zeek ics parsers 2022-11-26 10:36:49 -05:00
Doug Burks
3f62cddc3b change . to _ 2022-11-23 12:21:12 -05:00
Doug Burks
085420997c move status_code before status_code.link_id 2022-11-23 12:11:04 -05:00
Doug Burks
0a1d0d35c8 fix description 2022-11-23 11:33:31 -05:00
Doug Burks
9ee96f2280 fix description 2022-11-23 11:32:09 -05:00
doug
bc620b7def fix zeek opcua pipelines 2022-11-23 10:56:32 -05:00
weslambert
3a64362887 Remove extra space used during testing 2022-11-22 15:47:16 -05:00
Wes
e77a60bcbf Add missing OPCUA 'activate_session' pipelines 2022-11-22 20:44:48 +00:00
weslambert
3c054fd133 Fix spelling of 'wireguard.responses' field name 2022-11-22 13:02:43 -05:00
weslambert
8e17c23659 Fix format/speliing for 'enip.status_code' field name 2022-11-22 12:05:03 -05:00
weslambert
92170941f0 Fix spelling for 'stun.class' field name 2022-11-22 12:04:07 -05:00
Wes
95a6f9aa7d Add COTP and TDS ingest pipelines 2022-11-22 13:35:19 +00:00
Peter Di Giorgio
33bf0c6902 Merge pull request #9163 from Security-Onion-Solutions/dev 
Update Foxtrot from Dev
 2022-11-17 10:44:24 -06:00
Wes
a278194037 Add additional ICS/SCADA ingest node pipelines 2022-11-17 16:16:33 +00:00
Wes
35e131b888 Update ingest node pipelines for ICS/SCADA protocols 2022-11-16 21:09:30 +00:00
lock-wire
73b1e5949b Add ecat, enip, cip, and opcua 2022-11-11 12:15:54 -08:00
lock-wire
85d30520ce Add BSAP protocol 2022-11-11 07:22:55 -08:00
Peter Di Giorgio
5ebf470a86 Update zeek.bacnet_discovery 2022-11-03 22:27:04 -07:00
Peter Di Giorgio
4b39ccec6d Update zeek.bacnet_property 2022-11-03 15:30:20 -07:00
Peter Di Giorgio
b97c822800 Add zeek.bacnet_discovery and zeek.bacnet_property 2022-10-27 15:40:52 -07:00
Peter Di Giorgio
71e3b2d1fb Create zeek.bacnet 2022-10-27 15:40:07 -07:00
Peter Di Giorgio
2b51d72585 Rename zeek.read_write_multiple_registers to zeek.modbus_read_write_multiple_registers 2022-10-25 17:20:01 -07:00
Peter Di Giorgio
7a60d0987c Update zeek.conn to include client.oui 2022-10-21 13:02:01 -07:00
Peter Di Giorgio
9ac06057c1 Create zeek.read_write_multiple_registers 2022-10-21 13:00:12 -07:00
Peter Di Giorgio
e5c69c3236 Create zeek.modbus_mask_write_register 2022-10-21 12:58:36 -07:00
Peter Di Giorgio
39f050c6e4 Rename modbus_detailed to zeek.modbus_detailed 2022-10-21 12:56:59 -07:00
Peter Di Giorgio
4ee083759c Rename dnp3_objects to zeek.dnp3_objects 2022-10-21 12:56:35 -07:00
Peter Di Giorgio
072bfd87b7 Create Ingest for Modbus Detailed 2022-10-21 12:53:30 -07:00
Peter Di Giorgio
b7aaaa80bb Create Ingest for DNP3 Objects extension 2022-10-21 12:51:13 -07:00
bryant-treacle
82dff3e9da Fix issues: 8591-8953 2022-08-30 13:48:53 +00:00
weslambert
8c694a7ca3 Disable ingest.geoip.downloader by default 2022-08-03 09:21:40 -04:00
weslambert
9ac640fa67 Remove airgap-specific logic for ingest.geoip.downloader 2022-08-03 09:21:03 -04:00
Wes Lambert
839cfcaefa Update Elasticsearch defaults file and config.map.jinja to allow for local GeoIP database use when airgap is enabled 2022-08-02 14:32:17 +00:00
weslambert
2914007393 Add forward slash to fix issue with missing query path 2022-07-18 09:07:34 -04:00
Wes Lambert
b06c16f750 Add ingest node pipeline for Kratos 2022-07-08 15:53:00 +00:00
Mike Reeves
8b3d5e808e Fix repo location 2022-06-30 13:30:56 -04:00
Mike Reeves
e86b7bff84 Fix repo location 2022-06-30 13:29:21 -04:00
weslambert
44595cb333 Merge pull request #8123 from Security-Onion-Solutions/foxtrot 
Merge foxtrot into dev
 2022-06-14 15:44:13 -04:00
doug
025993407e FIX: Add event.category field to pfsense firewall logs #8112 2022-06-13 08:03:44 -04:00