CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-12 12:12:59 +01:00
Code Issues Packages Projects Releases Wiki Activity
10,592 Commits 26 Branches 119 Tags
1ad7a0db59b88a943e5e0dd343b69aedc8d86423
Commit Graph

315 Commits

Author SHA1 Message Date
Doug Burks
1ad7a0db59 add bacnet_property to hunt.eventfields.json 2022-11-22 11:05:26 -05:00
Doug Burks
af626fe3a1 add bacnet to hunt.eventfields.json 2022-11-22 11:03:45 -05:00
Doug Burks
073f5ed789 add dnp3_objects to hunt.eventfields.json 2022-11-22 11:02:21 -05:00
Doug Burks
bbcefea417 add s7comm_plus to hunt.eventfields.json 2022-11-22 10:58:42 -05:00
Doug Burks
73c282595d update dnp3 in hunt.eventfields.json 2022-11-22 10:57:06 -05:00
Doug Burks
07a53db09a add cip_identity to hunt.evenfields.json 2022-11-22 10:55:39 -05:00
Doug Burks
80e50fa7b4 add ecat_arp_info to hunt.eventfields.json 2022-11-22 10:53:48 -05:00
Doug Burks
84d333e915 add s7comm to hunt.eventfields.json 2022-11-22 10:51:06 -05:00
Doug Burks
ae582caa55 Add modbus_detailed to hunt.eventfields.json 2022-11-22 10:48:33 -05:00
Doug Burks
264ae2b9ac add enip to hunt.eventfields.json 2022-11-22 10:45:20 -05:00
Doug Burks
b522c9eea4 reorder fields in hunt.eventfields.json 2022-11-22 10:43:01 -05:00
Doug Burks
51cc047933 add cip to hunt.eventfields.json 2022-11-22 10:40:22 -05:00
Doug Burks
2a805ac1a6 Add tds entries to hunt.eventfields.json 2022-11-22 10:29:55 -05:00
Doug Burks
595f615ed9 Add ICS dashboard 2022-11-22 10:22:55 -05:00
Doug Burks
aa7c39d312 Add dashboards for stun, tds, and wireguard 2022-11-22 10:08:39 -05:00
doug
84b2fc9c17 FEATURE: Improve local copy of docs in SOC #9097 2022-11-08 16:26:09 -05:00
Doug Burks
f4042263a3 Remove destination_geo.organization_name from Sysmon Network sankey diagram 2022-10-13 08:59:10 -04:00
doug
454a7a4799 FEATURE: Add new Sysmon dashboards #8870 2022-10-07 11:52:49 -04:00
bryant-treacle
82dff3e9da Fix issues: 8591-8953 2022-08-30 13:48:53 +00:00
Doug Burks
32c29b28eb revert to lower case #8469 2022-08-11 15:33:30 -04:00
Doug Burks
7bf2603414 revert to lower case #8469 2022-08-11 15:32:49 -04:00
Doug Burks
4003876465 FIX: Fix TLP options in Cases to align with TLP 2.0 #8469 2022-08-11 08:49:54 -04:00
Doug Burks
4c677961c4 FIX: Fix TLP options in Cases to align with TLP 2.0 #8469 2022-08-11 08:49:25 -04:00
Doug Burks
4c1585f8d8 FIX: Display PCAP menu action on Dashboards page #8343 2022-07-29 14:50:10 -04:00
Doug Burks
94c637449d FIX: Improve default dashboards #8136 2022-06-21 12:53:06 -04:00
Doug Burks
dce415297c improve readability in motd.md 2022-06-04 06:59:09 -04:00
Doug Burks
de126647f8 Update motd.md to include links to Dashboards and Cases 2022-06-04 06:55:08 -04:00
Doug Burks
83bff5ee87 add bar and pie examples to overview dashboard in dashboards.queries.json 2022-06-03 15:02:40 -04:00
Doug Burks
4a886338c8 fix description field for default dashboard in dashboards.queries.json 2022-06-03 11:10:01 -04:00
Doug Burks
7da1802eae Add sankey diagram to default dashboard in dashboards.queries.json 2022-06-03 11:03:48 -04:00
Doug Burks
269b16bbfd https://github.com/Security-Onion-Solutions/securityonion/issues/8049 2022-05-31 16:51:05 -04:00
Doug Burks
cd382a1b25 FIX: Elastalert query in Hunt #8049 2022-05-31 16:50:32 -04:00
Doug Burks
e1c9b0d108 FIX: Elastalert query in Hunt #8049 2022-05-31 16:47:52 -04:00
Doug Burks
9a98667e85 FIX: Elastalert query in Hunt #8049 2022-05-31 16:47:11 -04:00
doug
5cbb50a781 update dashboards.queries.json and hunt.queries.json 2022-05-16 08:33:48 -04:00
Doug Burks
6ed3f42449 remove duplicate showSubtitle from hunt.queries.json 2022-05-12 09:23:00 -04:00
Jason Ertel
31c04aabdd Disable MRU queries on dashboards 2022-05-09 15:06:43 -04:00
Jason Ertel
3f35dc54d2 Disable actions on dashboards group-by tables 2022-05-09 11:44:39 -04:00
Jason Ertel
0786191fc9 Add dashboard ref to soc.json 2022-05-06 15:16:27 -04:00
Jason Ertel
105c95909c Dashboard queries 2022-05-04 19:32:06 -04:00
Jason Ertel
deb9b0e5ef Add analyze feature 2022-03-28 15:53:24 -04:00
Doug Burks
9bf0265cea Merge pull request #7566 from Security-Onion-Solutions/feature/hunt-soc-auth 
FEATURE: Add new Hunt query for SOC logins #7327
 2022-03-15 10:58:40 -04:00
Doug Burks
eec44a6b02 Add a SOC Auth query to hunt.queries.json 2022-03-15 10:38:46 -04:00
Doug Burks
d1e1887e36 Add support for Kratos audit logs in hunt.eventfields.json 2022-03-15 10:37:58 -04:00
Mike Reeves
9c80ff4f65 Remove hive from more files 2022-03-15 09:37:58 -04:00
Jason Ertel
5a28725def Add assignee to case list 2022-03-14 08:45:28 -04:00
weslambert
65f998d6f7 Remove process.name.keyword for future-proofing 2022-03-08 12:44:51 -05:00
weslambert
f71ccadb8a Change to label fields for Zeek syslog 2022-03-04 16:29:55 -05:00
Jason Ertel
14c587fca2 Add new abbreviated result limit param 2022-01-27 15:51:02 -05:00
Jason Ertel
eefcc929c2 Update copyright pattern to match other repos 2022-01-24 10:09:23 -05:00