CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-06 17:22:49 +01:00
Code Issues Packages Projects Releases Wiki Activity
15,553 Commits 24 Branches 119 Tags
205bbd9c61078bd307edb77e8e663c36137e6918
Commit Graph

1119 Commits

Author SHA1 Message Date
weslambert
5f74b1b730 Update column number because of changes to API 2024-08-15 08:26:56 -04:00
Doug Burks
ab63d5dbdb Update so-elasticsearch-cluster-space-used for changes in _cat/allocation API 2024-08-15 08:01:22 -04:00
weslambert
49d2ac2b13 Change name for system component 2024-07-31 16:17:57 -04:00
Wes
9264a03dbc Add custom system component 2024-07-31 17:03:26 +00:00
Wes
fb2a42a9af Use custom system component 2024-07-31 17:02:45 +00:00
weslambert
bae348bef7 Change version 2024-07-30 16:44:44 -04:00
weslambert
0453f51e64 Actually ignore missing templates 2024-07-30 12:54:07 -04:00
weslambert
d833bd0d55 Elastic 8.14.3 2024-07-30 12:45:25 -04:00
weslambert
46eeb014af Add metrics settings 2024-07-30 12:39:50 -04:00
weslambert
c60b14e2e7 Merge branch '2.4/dev' into foxtrot 2024-07-30 08:52:48 -04:00
Corey Ogburn
20f915f649 so-detection refresh_interval => 1s 
Speeds up the refresh_interval so bulk indexing a single rule does not wait 30s.
 2024-07-25 12:53:04 -06:00
Wes
c55fa6dc6a Fix pattern for pipelines 2024-07-23 17:48:32 +00:00
Wes
17f37750e5 Remove onchanges condition 2024-07-23 16:46:18 +00:00
Wes
e789c17bc3 Add global@custom pipeline file 2024-07-23 16:37:37 +00:00
Wes
6f44d39b18 Remove Fleet final pipeline file 2024-07-23 16:37:03 +00:00
Wes
dd85249781 Remove Fleet final pipeline 2024-07-23 16:36:41 +00:00
Wes
2d0de87530 Add component templates for Fleet metrics 2024-07-17 15:19:46 +00:00
m0duspwnens
6d18177f98 only include global phases if defined in default for that index 2024-07-17 10:16:11 -04:00
m0duspwnens
72ad49ed12 add policy for so-lists and so-items 2024-07-16 14:36:06 -04:00
m0duspwnens
91b2e7d400 Merge remote-tracking branch 'origin/2.4/dev' into silsll 2024-07-16 14:06:56 -04:00
m0duspwnens
34c3a58efe add cold policy 2024-07-16 14:03:48 -04:00
Josh Patterson
a867557f54 Merge pull request #13353 from Security-Onion-Solutions/fci 
fix custom indices
 2024-07-16 13:18:11 -04:00
m0duspwnens
b814f32e0a fix custom indices 2024-07-16 12:39:30 -04:00
weslambert
bf07d56da6 Merge pull request #13341 from Security-Onion-Solutions/revert-13323-fix/agent_pipeline 
Revert "Change pipeline version for agent"
 2024-07-15 11:38:56 -04:00
weslambert
4e81860a13 Revert "Change pipeline version for agent" 2024-07-15 11:33:52 -04:00
weslambert
fe1824aedd Revert "Elastic 8.14.2" 2024-07-15 11:28:59 -04:00
weslambert
d432019ad9 Change version from 1.13.1 to 1.20.0 2024-07-10 12:48:08 -04:00
weslambert
0db0754ee5 Merge pull request #13316 from Security-Onion-Solutions/foxtrot 
Elastic 8.14.2
 2024-07-10 08:53:03 -04:00
Wes
1f5a990b1e Remove lines that aren't needed right now 2024-07-09 18:32:06 +00:00
Wes
669f68ad88 Fleet metric annotations 2024-07-09 15:39:59 +00:00
weslambert
8615e5d5ea Move enabled and index_clean back to the top 2024-07-08 16:50:06 -04:00
weslambert
745b6775f1 Change name for ILM 2024-07-02 09:05:35 -04:00
Wes
1b47d5c622 Changes for Elastic 8.14.1 2024-07-01 15:16:58 +00:00
Wes
32d7927a49 Template changes for Elastic 8.14.1 2024-07-01 15:16:06 +00:00
m0duspwnens
50f0c43212 merge dev 2024-06-26 12:33:32 -04:00
m0duspwnens
81fcd68e9b create and use redis:nodes and elasticsearch:nodes pillars 2024-06-20 16:42:11 -04:00
reyesj2
a81e4c3362 remove dash(-) from kafka.id 
Signed-off-by: reyesj2 <94730068+reyesj2@users.noreply.github.com>
 2024-06-11 11:55:17 -04:00
reyesj2
08557ae287 kafka.id field should only be present when metadata for kafka exists 
Signed-off-by: reyesj2 <94730068+reyesj2@users.noreply.github.com>
 2024-06-11 11:01:34 -04:00
reyesj2
4581a46529 Merge remote-tracking branch 'remotes/origin/2.4/dev' into reyesj2/kafka 2024-06-05 20:47:41 -04:00
reyesj2
3b0339a9b3 create kafka.id from kafka {partition}-{offset}-{timestamp} for tracking event 
Signed-off-by: reyesj2 <94730068+reyesj2@users.noreply.github.com>
 2024-06-04 14:27:52 -04:00
reyesj2
75bdc92bbf Merge remote-tracking branch 'remotes/origin/2.4/dev' into reyesj2/kafka 2024-05-31 14:02:43 -04:00
Wes
a8c231ad8c Add component templates 2024-05-31 17:47:01 +00:00
Wes
f396247838 Add index templates and lifecycle policies 2024-05-31 17:46:19 +00:00
Wes
2c635bce62 Set index for Suricata alerts 2024-05-30 17:02:31 +00:00
Wes
e831354401 Add Suricata alerts setting for configuration 2024-05-30 17:00:11 +00:00
Wes
55c5ea5c4c Add template for Suricata alerts 2024-05-30 16:58:56 +00:00
reyesj2
1fd5165079 Merge remote-tracking branch 'origin/2.4/dev' into reyesj2/kafka 
Signed-off-by: reyesj2 <94730068+reyesj2@users.noreply.github.com>
 2024-05-29 23:37:40 -04:00
DefensiveDepth
8e7c487cb0 Fix strelka rule.uuid 2024-05-23 05:59:31 -04:00
weslambert
f4490fab58 Add rule.uuid for YARA matches 2024-05-21 17:05:39 -04:00
weslambert
deb140e38e Exclude detections from template name matching 2024-05-21 13:38:52 -04:00