CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-20 16:03:06 +01:00
Code Issues Packages Projects Releases Wiki Activity
10,664 Commits 18 Branches 120 Tags
225c33e5c93c41c7fd456c093ec4bf663fe0a4b2
Commit Graph

6416 Commits

Author SHA1 Message Date
Mike Reeves
225c33e5c9 Add Strelka Filecheck 2022-11-02 09:46:23 -04:00
Mike Reeves
4187363451 Add Strelka Filecheck 2022-11-02 09:44:08 -04:00
Jason Ertel
55f22af758 Merge pull request #9017 from Security-Onion-Solutions/config 
Retry so-user commands if another process is currently using so-user
 2022-10-27 15:41:37 -04:00
Jason Ertel
35fab05bdd Retry so-user commands if another process is currently using so-user 2022-10-27 15:25:08 -04:00
Jason Ertel
d7b370e31b Merge pull request #9010 from Security-Onion-Solutions/config 
regex should match entire input against allowed logLevel values
 2022-10-27 13:17:51 -04:00
m0duspwnens
8af0334c3c Merge remote-tracking branch 'remotes/origin/2.4/dev' into patch2.4 2022-10-27 11:08:32 -04:00
m0duspwnens
6525e0f201 setup no longer add patch pillar to minion 2022-10-27 10:56:29 -04:00
m0duspwnens
a95c2a690a add defaults and map for patch state 2022-10-27 10:54:29 -04:00
Jason Ertel
6347532dd8 regex should match entire input against allowed logLevel values 2022-10-26 18:48:20 -04:00
weslambert
0ede5a7313 Remove JA3er references 2022-10-26 10:24:25 -04:00
Wes
803d2d4d75 Add PyYAML .whl files back since they were 'deleted' in the previous commit 2022-10-25 19:15:54 +00:00
Wes
0267ece4bf Fix PyYAML .whl file name and remove JA3er analyzer 2022-10-25 19:11:52 +00:00
m0duspwnens
8c5197c2ea add line space 2022-10-21 11:49:01 -04:00
m0duspwnens
8b5c79fb39 add so-kratos and so-ossec to curator defaults 2022-10-21 11:21:03 -04:00
m0duspwnens
71eaa715b6 update jinja 2022-10-21 11:09:52 -04:00
m0duspwnens
c880be8d45 use curator defaults.yaml merged with pillar for actions 2022-10-21 10:38:32 -04:00
m0duspwnens
998870ac87 Merge remote-tracking branch 'remotes/origin/2.4/dev' into statesglobals 2022-10-17 15:58:44 -04:00
m0duspwnens
b089a58243 use registry_host instead of manager 2022-10-17 15:53:29 -04:00
m0duspwnens
09b7af2998 fix typo 2022-10-17 15:50:48 -04:00
m0duspwnens
deba743ef0 fix elasticsearch auth globals 2022-10-13 13:54:52 -04:00
m0duspwnens
04b4030eb6 only add elasticsearch.auth to elasticsearch global var if auth exists 2022-10-13 12:31:41 -04:00
Doug Burks
f6151b3895 Remove destination_geo.organization_name from Sysmon Network sankey diagram 2022-10-13 09:03:10 -04:00
m0duspwnens
78b496a689 fix mine_functions.conf 2022-10-12 16:03:44 -04:00
m0duspwnens
95f7cb6bcd change file_mode to mode 2022-10-12 14:21:55 -04:00
m0duspwnens
eed3746ebc fix some globals 2022-10-12 13:39:37 -04:00
m0duspwnens
6a17f201a2 changes for backup state 2022-10-12 11:31:42 -04:00
weslambert
dd09ce7aab Add log package for Fleet to allow for custom log ingestion 2022-10-11 12:00:57 -04:00
m0duspwnens
b526532ab6 use global vars in states 2022-10-11 11:57:15 -04:00
doug
d65fde9536 improve sysmon dashboards 2022-10-07 12:23:40 -04:00
weslambert
bee1b06f76 Update to Kibana 8.4.3 2022-10-06 15:14:43 -04:00
weslambert
985e1728d7 Update to Kibana 8.4.3 2022-10-06 15:13:27 -04:00
Jason Ertel
0fdec03fa9 use yaml anchor to avoid duplicated annotations 2022-09-30 15:15:35 -04:00
Jason Ertel
30a23a4cd0 Add SOC annotations 2022-09-30 15:00:08 -04:00
Jason Ertel
5708f3595e Avoid overwriting the file inode since it's mapped into a running container 2022-09-27 17:27:28 -04:00
Jason Ertel
e519548557 add logLevel default and annotation for quick access to enabling debug logs 2022-09-27 16:55:28 -04:00
Jason Ertel
981371c72f log salt-relay responses for troubleshooting assistance 2022-09-27 16:48:47 -04:00
Jason Ertel
16d24d4bc9 Merge pull request #8822 from Security-Onion-Solutions/config 
user management / sync
 2022-09-27 11:14:32 -04:00
Jason Ertel
53b4f01921 replace quotes on minion arg 2022-09-27 10:54:08 -04:00
Jason Ertel
851e44e5fa ensure salt-relay is restarted when SOC is manually restarted 2022-09-27 10:31:14 -04:00
Jason Ertel
7f7f2c15d0 add support for querying active salt jobs (future use) 2022-09-27 10:29:21 -04:00
m0duspwnens
6bd4860f19 fix path 2022-09-27 09:57:01 -04:00
m0duspwnens
42b03ca6df add missing soc things 2022-09-27 09:53:48 -04:00
Jason Ertel
556ddc2ee4 sync in background 2022-09-27 09:24:34 -04:00
Jason Ertel
8e175b2d3f add manual sync 2022-09-27 07:05:04 -04:00
Mike Reeves
2066efcabf Add Rules to sync 2022-09-26 17:18:28 -04:00
Mike Reeves
37c98c14cd Fix zeek logs in filebeat 2022-09-26 17:11:10 -04:00
Mike Reeves
aa7dd47b00 Fix zeek logs in filebeat 2022-09-26 17:01:44 -04:00
Doug Burks
80201f1465 Change managing-rules.html to rules.html in soc_idstools.yaml 2022-09-26 14:58:51 -04:00
Jason Ertel
0ad1a1a262 so-user and salt-relay updates for user management 2022-09-26 14:57:33 -04:00
Josh Brower
97f42dcce5 Merge pull request #8811 from Security-Onion-Solutions/2.4/elastic-fleet 
Live Query - View in Hunt fix
 2022-09-26 09:35:12 -04:00