CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-09 10:42:54 +01:00
Code Issues Packages Projects Releases Wiki Activity
5,032 Commits 25 Branches 119 Tags
2326701cc048d66dca23f8da8dc011519d4ce308
Commit Graph

141 Commits

Author SHA1 Message Date
Jason Ertel
2326701cc0 Moved known issues underneath new changes 2020-10-15 19:29:33 -04:00
Jason Ertel
6ee37977c3 Fixed quotes and href targets 2020-10-15 19:25:26 -04:00
Mike Reeves
1ae35a39c3 Update changes.json 2020-10-15 19:11:55 -04:00
Mike Reeves
943aa82ce4 Update changes.json 2020-10-15 19:09:46 -04:00
Mike Reeves
131e105106 Update changes.json 2020-10-15 19:07:37 -04:00
Mike Reeves
cc56dc5a7f Update changes.json 2020-10-15 19:05:47 -04:00
Jason Ertel
2ad6ab7dfc Dynamically alter docs URL based on airgap setting 2020-10-13 12:29:59 -04:00
Mike Reeves
c388966e7e Add airgap config 2020-10-13 12:05:19 -04:00
Mike Reeves
29c3948f95 Fix soc.json 2020-10-11 14:09:14 -04:00
Mike Reeves
31e0b5c81c Add nodes to soc.json 2020-10-11 11:28:49 -04:00
Doug Burks
3cfee82b59 Update Hunt fields for firewall #1500 2020-10-10 08:18:00 -04:00
Doug Burks
5f15320b9d Update Hunt fields for firewall #1500 2020-10-10 07:54:48 -04:00
Doug Burks
8cfabf101c Update Hunt query for firewall #1499 2020-10-10 07:17:49 -04:00
Doug Burks
2489ca608a Improve Hunt FTP queries #1479 2020-10-08 05:30:17 -04:00
Doug Burks
a686704d37 remove rule.uuid now that underlying issue has been resolved 2020-10-06 09:39:57 -04:00
Doug Burks
a45aa43f41 Add trailing comma to "thehive" stanza 2020-10-05 12:35:33 -04:00
Jason Ertel
1ebe970876 Disable escalate button if thehive is not enabled 2020-10-05 09:54:18 -04:00
Doug Burks
e7cba6ba1d Change SOC Alerts eventFetchLimit from 5000 to 500 #1447 2020-10-05 09:29:01 -04:00
Doug Burks
948e0c4c61 Add rule.name to Hunt Wazuh Alerts query #1442 2020-10-05 09:26:13 -04:00
Jason Ertel
cf5b1245ea Add configurable flags to enable/disable dismiss and escalate buttons 2020-10-05 09:16:17 -04:00
Mike Reeves
c7fcdc8084 Merge pull request #1438 from Security-Onion-Solutions/socyaml 
Socyaml
 2020-10-01 18:08:33 -04:00
Mike Reeves
4991ea8de3 Jason made me rename json 2020-10-01 18:07:06 -04:00
Mike Reeves
36ccece724 commas gone crazy 2020-10-01 18:02:06 -04:00
Mike Reeves
a0432e97b0 Python print ftl 2020-10-01 17:57:56 -04:00
Mike Reeves
490278a4c3 Add alert events filed 2020-10-01 17:49:17 -04:00
Mike Reeves
9d9d3aac53 Switch to JSON from yaml 2020-10-01 17:37:57 -04:00
Mike Reeves
744a8bca73 More json for soc 2020-10-01 17:30:23 -04:00
Mike Reeves
8a41636e7f More json for soc 2020-10-01 17:28:45 -04:00
Mike Reeves
dc79dca7fe More json for soc 2020-10-01 17:25:51 -04:00
Mike Reeves
1c55f738ec More json for soc 2020-10-01 17:23:29 -04:00
Mike Reeves
92fa33159e More json for soc 2020-10-01 17:12:08 -04:00
Mike Reeves
5730c85988 More json for soc 2020-10-01 17:04:15 -04:00
Mike Reeves
63be0734c9 More json for soc 2020-10-01 17:00:25 -04:00
Mike Reeves
5653828154 More json for soc 2020-10-01 16:57:04 -04:00
Jason Ertel
8e15ed56d6 'Escalated' filter toggle will auto-enable 'acknowledged' filter toggle 2020-10-01 16:23:47 -04:00
Mike Reeves
cc2f2de5b5 soc.json stuff 2020-10-01 15:23:07 -04:00
Mike Reeves
b423e8d22a soc.json stuff 2020-10-01 15:20:13 -04:00
Mike Reeves
1a561f6b12 soc.json stuff 2020-10-01 15:18:34 -04:00
Doug Burks
e836f96c65 move rule.uuid after rule.name 2020-10-01 12:09:52 -04:00
Doug Burks
4851069a10 remove rule.gid from Alerts groupby since Wazuh and Playbook may not have that field 2020-10-01 11:51:40 -04:00
Doug Burks
bc19cce4c2 Acknowledging an alert may acknowledge more alerts than intended #1426 2020-10-01 10:00:54 -04:00
Doug Burks
26781de244 Add Strelka query to Hunt #1433 2020-10-01 06:59:36 -04:00
Jason Ertel
ff04bb507a Remove default Elastalert rules to stop automated alerts from being sent to thehive 2020-09-30 15:06:54 -04:00
Doug Burks
60134829d5 Alerts - Drilldown should display rule.uuid #1416 2020-09-29 07:51:45 -04:00
Doug Burks
c7b43ac220 Update soc.json 2020-09-29 07:41:49 -04:00
Doug Burks
a7f24b62e6 Hunt - improve NIDS query and eventFields #1415 2020-09-29 07:34:44 -04:00
Doug Burks
6e9e4dc99c Hunt third magnifying glass should group output by event.module and event.dataset #1407 2020-09-28 14:19:55 -04:00
Doug Burks
0516a9ddd5 Alerts page "Hunt for this field" action should quote field and group output #1406 2020-09-28 12:35:08 -04:00
Doug Burks
3904295137 Hunt - improve HTTP queries #1401 2020-09-27 08:04:28 -04:00
Doug Burks
aa7f927ffd Hunt - improve x509 queries #1400 2020-09-27 07:17:46 -04:00