CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-06 17:22:49 +01:00
Code Issues Packages Projects Releases Wiki Activity
14,719 Commits 24 Branches 119 Tags
2206553e038a8c6fb32b0c680b96b79f1137c583
Commit Graph

1030 Commits

Author SHA1 Message Date
Mike Reeves
2206553e03 Update analyst.json 2024-04-10 09:49:21 -04:00
DefensiveDepth
376efab40c Ship Defender logs 2024-04-08 14:01:38 -04:00
Corey Ogburn
00cea6fb80 Detection Author as a Keyword instead of Text 
With Quick Actions added to Detections, as many fields should be usable as possible.
 2024-04-05 11:22:47 -06:00
Wes
105eadf111 Add cef 2024-04-03 14:40:41 +00:00
weslambert
df058b3f4a Merge branch '2.4/dev' into feature/pfsense_suricata 2024-03-25 10:08:03 -04:00
Wes
5e21da443f Minor verbiage updates 2024-03-25 13:58:32 +00:00
weslambert
4e1543b6a8 Get only code 2024-03-22 09:56:21 -04:00
Wes
5934829e0d Include pfsense config 2024-03-21 20:08:33 +00:00
Wes
486a633dfe Add pfsense Suricata config 2024-03-21 20:07:59 +00:00
Wes
c6df805556 Add SOC template 2024-03-18 14:53:36 +00:00
Wes
005930f7fd Add error.message mapping for system.syslog 2024-03-07 15:41:23 +00:00
weslambert
d8e8933ea0 Add AWS Security Hub template 2024-03-05 09:25:41 -05:00
weslambert
d85ac39e28 Add AWS Inspector template 2024-03-05 09:23:17 -05:00
weslambert
1514f1291e Add AWS GuardDuty template 2024-03-05 09:21:48 -05:00
weslambert
b64d61065a Add AWS Cloudfront template 2024-03-05 09:19:43 -05:00
weslambert
df3943b465 Daily rollover 2024-02-27 17:24:27 -05:00
weslambert
1d099f97d2 Update pattern for endpoint diagnostic template 2024-02-26 11:27:56 -05:00
Josh Patterson
d2f7946377 Merge pull request #12411 from Security-Onion-Solutions/issue/12382 
nest under policy
 2024-02-21 16:28:04 -05:00
m0duspwnens
162785575c nest under policy 2024-02-21 15:28:24 -05:00
Josh Brower
686304f24a Merge remote-tracking branch 'origin/2.4/dev' into kilo 2024-02-15 09:47:51 -05:00
Corey Ogburn
0d297274c8 DetectionComment Mapping Defined 2024-02-13 12:53:18 -07:00
Corey Ogburn
64f6d0fba9 Updated Detection's ES Mappings 
Detection's now have a License field and the Comment model is defined now.
 2024-02-09 14:20:07 -07:00
Corey Ogburn
29174566f3 WIP: Updated Detection Mappings, Changed Engine to Language 
Detection mappings updated to include the removal of Note and the addition of Tags, Ruleset, and Language.

SOC defaults updated to use language based queries rather than engine and show the language column instead of the engine column in results.
 2024-02-08 09:44:56 -07:00
Wes
182667bafb Change numbers for Elasticsearch 2024-02-01 13:59:23 +00:00
Wes
bc502cc065 Custom Elasticserach pipeline annotations 2024-01-31 21:46:33 +00:00
Wes
bc75be9402 Custom pipelines in UI 2024-01-31 20:16:48 +00:00
Wes
cd4bd6460a Custom pipelines 2024-01-31 20:16:18 +00:00
Corey Ogburn
585147d1de Added so-detection mapping in elasticsearch 2024-01-31 10:39:47 -07:00
Wes
12ab6338db Add diagnostic 2024-01-25 20:16:52 +00:00
weslambert
cd54d4becb Fix indent 2024-01-25 13:57:02 -05:00
weslambert
5f1c76f6ec endpoint.diagnostic.collection 2024-01-25 09:46:25 -05:00
Wes
8426aad56d Text mapping for scan.pe.flags 2024-01-24 15:10:42 +00:00
Wes
d23d367058 Make scan.pe.flags a string 2024-01-24 15:08:38 +00:00
Wes
80a3942245 Rename RITA pipelines 2024-01-22 20:15:48 +00:00
Wes
7118cc8dee Add additional integration SOC configuration 2024-01-19 22:04:07 +00:00
Wes
05aa8b013a Add additional integration to templates 2024-01-19 22:02:39 +00:00
Mike Reeves
efe8cfda95 Update suricata.common 2024-01-19 13:39:28 -05:00
Mike Reeves
08486e279c Update suricata.common 2024-01-19 13:36:43 -05:00
Wes
e70ce50912 Change description 2024-01-17 14:06:16 +00:00
Wes
f6590ac0bf Remove Suricata IKEv2 pipeline 2024-01-16 18:10:00 +00:00
Wes
ea64ce92d3 Add Suricata IKE pipeline 2024-01-16 18:09:46 +00:00
Wes
8a92b023b2 Add interface name 2024-01-16 18:09:16 +00:00
weslambert
252c51dafb Change order of names 2024-01-12 16:45:18 -05:00
weslambert
a07e6e1058 OTX pulses 2024-01-12 16:43:33 -05:00
weslambert
3f9678056d OTX pulses template 2024-01-12 16:42:32 -05:00
Wes
418f41c7e4 Add SOC configuration for metrics 2024-01-12 15:03:18 +00:00
Wes
5eae349938 Add endpoint metrics templates 2024-01-12 13:47:35 +00:00
Wes
c89d674a92 Add settings for integrations 2024-01-11 14:18:06 +00:00
Wes
9b1ddcacb4 Add additional templates for integrations 2024-01-11 14:00:09 +00:00
Josh Brower
5513e74807 comma 2024-01-09 08:12:33 -05:00