CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-08 10:12:53 +01:00
Code Issues Packages Projects Releases Wiki Activity
3,943 Commits 24 Branches 119 Tags
201efd285ab84b08a1b0f26632c211e1ea0f7f9c
Commit Graph

3943 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Jason Ertel
358ef78cd9 Do not stop curator since imported data will now be placed into a longer term so-import index 2020-07-10 13:58:52 -04:00
Jason Ertel
811bbb4cb0 Require sudo to run an import 2020-07-10 13:58:52 -04:00
weslambert
33375a0809 Merge pull request #973 from Security-Onion-Solutions/fix/curator_logsizelimit 
Move zeek_clean to so-sensor-clean
 2020-07-10 13:57:58 -04:00
Wes Lambert
6e99ca600f Move zeek_clean to so-sensor-clean 2020-07-10 17:56:40 +00:00
Mike Reeves
5eb33d5ac7 Logstash Import and Template Assignment 2020-07-10 13:53:55 -04:00
m0duspwnens
24b8f81e38 merge with dev and resolve conflicts 2020-07-10 12:20:14 -04:00
Mike Reeves
bbef7955b2 Update eval.sls 2020-07-10 11:36:46 -04:00
Mike Reeves
9da4dd0ac9 Merge pull request #971 from Security-Onion-Solutions/feature/espillarz 
Feature/espillarz
 2020-07-10 11:35:24 -04:00
Mike Reeves
c656bec9c0 Merge branch 'dev' into feature/espillarz 2020-07-10 11:35:12 -04:00
m0duspwnens
0a1b5f29eb merge with dev and resolv conflicts 2020-07-10 10:48:49 -04:00
m0duspwnens
1f48dc765e merge with dev and resolv conflicts 2020-07-10 10:36:48 -04:00
Mike Reeves
3706aa76d8 Add jinja extension 2020-07-10 10:35:31 -04:00
Doug Burks
2ce254dfb0 add new DPD query to Hunt 2020-07-10 06:00:36 -04:00
Doug Burks
f5114c034d change Log Type query in Hunt to include event.dataset in the groupby 2020-07-10 05:52:10 -04:00
Mike Reeves
1a6c4c12b4 Fix elasticsearch yaml 2020-07-09 21:56:32 -04:00
Jason Ertel
6bfd777d25 Enabled elastalert log 2020-07-09 21:34:35 -04:00
Mike Reeves
8ef18f9044 Fiz pillar 2020-07-09 18:51:59 -04:00
m0duspwnens
b2e7a4221c master to manager for ssl signing policy 2020-07-09 17:19:17 -04:00
Mike Reeves
9a7035326d Update Logstash pillar 2020-07-09 17:09:20 -04:00
m0duspwnens
9c2dcd2318 fix reference to master grain 2020-07-09 17:06:44 -04:00
Mike Reeves
ad6c9e7fe9 recurse actions for curator 2020-07-09 16:58:35 -04:00
Mike Reeves
6094d19b0b Make hot default 2020-07-09 16:54:31 -04:00
Mike Reeves
3c6465bb7f ES Jinja the config 2020-07-09 16:42:39 -04:00
Jason Ertel
33179141a1 Enable PCAP pivots from imports 2020-07-09 16:11:38 -04:00
m0duspwnens
5ca3ecf4bd fix reference to master grain 2020-07-09 15:42:39 -04:00
Josh Brower
7b91704894 Merge pull request #970 from Security-Onion-Solutions/defensivedepth-patch-2-host-pillar 
Update so-setup
 2020-07-09 15:32:38 -04:00
Josh Brower
58d290aa57 Update so-setup 2020-07-09 15:32:19 -04:00
William Wernert
c5eff1d89e [feat][WIP] Add option to run so-allow -a <ip/cidr> during setup 2020-07-09 14:47:55 -04:00
Josh Brower
206bdc60f3 Merge pull request #967 from Security-Onion-Solutions/feature/low-level-alerts 
Feature - low level alerts
 2020-07-09 13:56:31 -04:00
m0duspwnens
bdd0f64462 add period 2020-07-09 13:54:48 -04:00
Josh Brower
52f7111e1d Feature - low level alerts 2020-07-09 13:53:55 -04:00
m0duspwnens
aea3099df6 change wording 2020-07-09 13:52:31 -04:00
m0duspwnens
823ee42120 https://github.com/Security-Onion-Solutions/securityonion/issues/404 2020-07-09 13:45:24 -04:00
Mike Reeves
7c6677916a Curator actions 2020-07-09 12:56:29 -04:00
Mike Reeves
357efac873 Add index specific curator settings 2020-07-09 12:10:53 -04:00
Mike Reeves
ca20279a09 Add curator to static pillar 2020-07-09 12:00:07 -04:00
Mike Reeves
96bcf9d9f3 Add temaplte files per index 2020-07-09 11:51:55 -04:00
m0duspwnens
3cf31e2460 https://github.com/Security-Onion-Solutions/securityonion/issues/404 2020-07-09 11:27:06 -04:00
Mike Reeves
9c2f7d574d Add ES settings to pillar 2020-07-09 11:19:02 -04:00
Mike Reeves
2c32c24bf0 Fix logstash logic 2020-07-09 09:16:48 -04:00
Josh Patterson
2bfdb09674 Merge pull request #966 from Security-Onion-Solutions/issue/959 
fix typo
 2020-07-09 08:52:30 -04:00
m0duspwnens
d539f1ddf8 fix typo 2020-07-09 08:51:53 -04:00
Doug Burks
8dfafffef0 remove duplicate line for message2.conn_uids 2020-07-09 06:44:08 -04:00
weslambert
818f7f56b2 Merge pull request #965 from Security-Onion-Solutions/feature/add_gcp_check 
Add GCP and make cloud check more generic
 2020-07-08 23:31:37 -04:00
weslambert
c01047fad2 Add /dev/null 2020-07-08 23:30:50 -04:00
weslambert
889ba67d85 Move EC2 to more generic cloud verbiage 2020-07-08 23:27:46 -04:00
weslambert
ce00d829e1 Move EC2 to more generic cloud verbiage and check for GCP 2020-07-08 23:26:48 -04:00
weslambert
67fb46f519 Merge pull request #963 from Security-Onion-Solutions/fix/curator_logsizelimit 
Add standalone evaluation for log_size_limit
 2020-07-08 15:40:54 -04:00
Josh Patterson
99ce77e9bd Merge pull request #962 from Security-Onion-Solutions/issue/959 
pillarize yum.conf installonly_limit and proxy
 2020-07-08 15:39:22 -04:00
Wes Lambert
f2cea273b6 Add standalone evaluation for log_size_limit 2020-07-08 19:39:14 +00:00