CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2026-01-30 20:03:32 +01:00
Code Issues Packages Projects Releases Wiki Activity
14,897 Commits 24 Branches 121 Tags
26cb8d43e13fc05cb0d2178e8cc82ce4f5338564
Commit Graph

58 Commits

Author SHA1 Message Date
Jason Ertel
b4817fa062 Merge pull request #12956 from Security-Onion-Solutions/jertel/testcy 
test regexes for detections
 2024-05-07 08:45:38 -07:00
Jason Ertel
4ebe070cd8 test regexes for detections 2024-05-06 19:03:12 -04:00
m0duspwnens
554a203541 update airgapEnabled in map file 2024-05-06 12:59:45 -04:00
m0duspwnens
38f74d2e9e change quotes 2024-05-06 11:38:30 -04:00
m0duspwnens
5b966b83a9 change rulesRepos for airgap or not 2024-05-06 09:26:52 -04:00
DefensiveDepth
26c6a98b45 Initial airgap support for detections 2024-05-06 08:43:01 -04:00
m0duspwnens
47ba4c0f57 add new annotation for soc autoEnabledSigmaRules 2024-05-01 12:55:29 -04:00
DefensiveDepth
dbfb178556 Add test 2024-04-16 12:22:53 -04:00
DefensiveDepth
f5e42e73af Add docs for ruleset change 2024-04-12 13:30:20 -04:00
DefensiveDepth
1c5f02ade2 Update annotations 2024-04-11 09:21:08 -04:00
Josh Brower
f72cbd5f23 Merge pull request #12755 from Security-Onion-Solutions/2.4/detections-defaults 
2.4/detections defaults
 2024-04-04 11:33:59 -04:00
DefensiveDepth
49d5fa95a2 Detections tweaks 2024-04-04 11:26:44 -04:00
Jason Ertel
a7fab380b4 clarify telemetry annotation 2024-04-04 07:51:23 -04:00
Jason Ertel
a9517e1291 clarify telemetry annotation 2024-04-04 07:49:30 -04:00
Jason Ertel
3aea2dec85 analytics 2024-04-01 09:50:18 -04:00
DefensiveDepth
bbcd3116f7 Fixes 2024-03-26 09:31:46 -04:00
DefensiveDepth
cc0f4847ba Casing and validation 2024-03-26 08:10:57 -04:00
DefensiveDepth
7c4ea8a58e Add Detections SOC Config 2024-03-26 07:39:39 -04:00
Jason Ertel
1cbac11fae detections annotations 2024-03-06 11:08:03 -05:00
Jason Ertel
167aff24f6 detections annotations 2024-03-06 11:03:52 -05:00
Jason Ertel
0f12297f50 add new pcap annotations 2024-03-06 08:19:42 -05:00
Jason Ertel
12653eec8c add new pcap annotations 2024-03-06 08:14:33 -05:00
Josh Brower
59af547838 Fix download location 2024-02-27 09:49:54 -05:00
Doug Burks
52580fb8c4 Merge pull request #12434 from Security-Onion-Solutions/feature/improve-endpoint-columns 
Add multiple endpoint features
 2024-02-26 12:05:30 -05:00
Josh Brower
a6bb7216f9 Add Detection AutoUpdate config 2024-02-26 08:18:42 -05:00
Doug Burks
58f4fb87d0 fix new eventFields in soc_soc.yaml 2024-02-23 17:06:29 -05:00
Doug Burks
b7ef1e8af1 add more endpoint.events.x fields to soc_soc.yaml 2024-02-23 15:38:53 -05:00
m0duspwnens
573d565976 convert _x_ to . for soc ui to config 2024-02-23 15:03:44 -05:00
Josh Brower
ffb3cc87b7 Default ruleset; Descriptions 2024-02-16 11:55:10 -05:00
Josh Brower
5102269440 Update defaults 2024-02-12 16:44:54 -05:00
Josh Brower
7e3187c0b8 Fixup sigma pipelines 2024-02-07 15:35:31 -05:00
Josh Brower
b7b501d289 Add Sigma pipelines 2024-02-07 15:02:52 -05:00
Jason Ertel
e075d07f5c show last highstate date/time on grid metrics screen; expose maxUploadSize and staleMetricsMs settings on config screen 2023-12-29 11:38:42 -05:00
Jason Ertel
546c562ef0 expose standard relay timeout in config UI; up default to 45s to accommodate sluggish pillar.get calls 2023-09-01 10:31:02 -04:00
Corey Ogburn
a615fc8e47 New Config Default: longRelayTimeoutMs 
Salt is getting a second timeout for operations known to take a long time such as sending and importing files. There's also an entry in soc_soc.yaml so the value can be changed in SOC's config page.
 2023-08-30 15:33:01 -06:00
Jason Ertel
1fb3a59573 add missing annotations to avoid soc crash 2023-08-11 13:41:58 -04:00
Jason Ertel
a5e60363cf add missing annotations to avoid soc crash 2023-08-11 13:38:16 -04:00
Corey Ogburn
bb7a918a16 Added ReverseLookup Option 
Defaults to false, has metadata to show up in the config section of soc.
 2023-07-21 13:18:08 -06:00
m0duspwnens
e15c14cc2e fix indent 2023-05-17 15:50:31 -04:00
m0duspwnens
f7ddf57f39 move files out of config 2023-05-17 15:49:22 -04:00
m0duspwnens
8e18986671 enabled/disable soc in ui 2023-05-11 15:33:16 -04:00
Jason Ertel
316db85584 Generate SOC SRVKey during setup 2023-02-24 10:20:23 -05:00
Jason Ertel
7b1f867ac3 Add defaults for auto extracted observables 2023-01-24 13:17:50 -05:00
Jason Ertel
b6f37f8499 Correct indentation of client section 2022-12-22 10:26:51 -05:00
Jason Ertel
3fd210463e fix redis defaults to force string keys instead of numeric 2022-12-21 18:11:39 -05:00
Jason Ertel
fa7488effb change format of license key for compat with config alignment 2022-12-16 15:56:02 -05:00
Jason Ertel
b37697e95d Switch license key to single line to avoid multiline/list conflicts 2022-12-16 12:50:22 -05:00
Jason Ertel
f84ceca03e consolidate eventFields from hunt and dashbaords into a single setting 2022-12-15 14:22:23 -05:00
Jason Ertel
fd13c7ccc0 Additional metadata for soc 2022-12-05 09:03:22 -05:00
Jason Ertel
6347532dd8 regex should match entire input against allowed logLevel values 2022-10-26 18:48:20 -04:00