CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-06 09:12:45 +01:00
Code Issues Packages Projects Releases Wiki Activity
10,852 Commits 24 Branches 119 Tags
2f99821736fc0b54005358a417df99b91b27a7ae
Commit Graph

244 Commits

Author SHA1 Message Date
weslambert
2b2d39c869 Don't load BZAR script(s) by default 2022-12-02 10:46:45 -05:00
Peter Di Giorgio
2e30cefd91 Add remaining protocol parsers 
- icsnpp-bsap
      - icsnpp-s7comm
      - zeek-plugin-tds
      - zeek-plugin-profinet
      - zeek-spicy-wireguard
      - zeek-spicy-stun
 2022-11-17 10:47:00 -06:00
Peter Di Giorgio
13b6b43324 Update init.sls 2022-11-17 10:42:21 -06:00
weslambert
78bc2a95e5 Add icsnpp-bsap to enabled plugins 2022-11-17 11:20:24 -05:00
lock-wire
1b8e546045 Add s7comm,tds,stun,profinet,wireguard 2022-11-16 21:41:02 -06:00
Peter Di Giorgio
d890f75cca Correct typo 2022-11-11 13:59:20 -08:00
lock-wire
73b1e5949b Add ecat, enip, cip, and opcua 2022-11-11 12:15:54 -08:00
Peter Di Giorgio
1ea6feca37 Add icsnpp-bacnet 2022-10-27 15:31:38 -07:00
Peter Di Giorgio
61d36d584f Add Modbus, DNP3, BZAR, and oui-logging 2022-10-25 07:10:52 -07:00
Peter Di Giorgio
beb67847f9 Remove modbus,bzar,dnp3,oui-logging 2022-10-24 23:14:32 -07:00
Peter Di Giorgio
01d177366d Fix Zeek Pillar 2022-10-24 12:00:43 -07:00
Peter Di Giorgio
4a60310dc8 Add Modbus, DNP3, BZAR, and oui-logging 
This is an initial proof of concept.  Need to migrate these entries behind a flag.
 2022-10-21 14:04:40 -07:00
Wes Lambert
5c90fce3a1 Add Kratos Logstash output to search pipeline for Logstash 2022-07-08 15:58:00 +00:00
m0duspwnens
d8abc0a195 if in dmz_nodes dont add to filebeta 2022-05-11 11:51:18 -04:00
m0duspwnens
a641346c02 prevent nodes with logstash:dmz:true from being added to logstash:nodes pillar 2022-05-10 17:28:19 -04:00
Josh Patterson
f5095b273d Merge pull request #7665 from Security-Onion-Solutions/workstation_state 
Workstation state
 2022-03-29 10:27:07 -04:00
m0duspwnens
0ddfaf8d74 changes for workstation 2022-03-28 15:34:15 -04:00
Wes Lambert
f613d8ad86 Add RITA Logstash config 2022-03-22 17:36:18 +00:00
Wes Lambert
ba24f75893 Fix index typo 2022-03-11 18:11:16 +00:00
Wes Lambert
70ed20f691 Add new sls file for custom ES index templates 2022-03-11 18:07:23 +00:00
Josh Brower
3610b0cd30 merge in dev 2022-02-21 16:52:53 -05:00
Wes Lambert
de731fc05d Remove default templates from ES template pillar since they are now managed in the defaults file. 2022-02-15 17:04:57 +00:00
Josh Brower
37b17b8821 Initial support - IDH Node 2022-02-07 19:27:51 -05:00
m0duspwnens
797d769661 use actual hostname in logstash:nodes pillar 2022-02-03 10:36:18 -05:00
Jason Ertel
1d885a5419 Add case template to eval installs 2021-12-29 11:38:38 -05:00
Jason Ertel
e87cbc37a4 Add case template 2021-12-28 19:17:15 -05:00
m0duspwnens
759bf9837e pillar top clean up for receiver and logstash.nodes 2021-12-15 09:31:03 -05:00
m0duspwnens
d9a384cc29 remove global:pipeline pillar call from logstash pipeline pillars 2021-12-15 09:30:15 -05:00
m0duspwnens
c490a3be36 move node_data pillar to logstash:nodes, set extra hosts for filebeat docker 2021-12-14 13:32:42 -05:00
m0duspwnens
8d0872bce5 create node_data pillar from mine data, use node_data pillar for filebeat config 2021-12-13 15:48:30 -05:00
m0duspwnens
f3ec5df447 add receiver node 2021-12-07 11:13:51 -05:00
m0duspwnens
96666ab307 add receiver node 2021-12-07 10:19:32 -05:00
m0duspwnens
8da2133cff give kibana.secrets pillar to import node 2021-11-11 11:31:07 -05:00
m0duspwnens
392305e4ed add engame changes that were missing from merge somehow 2021-11-10 09:01:42 -05:00
m0duspwnens
57c6e26634 encrypt kibana saved objects - https://github.com/Security-Onion-Solutions/securityonion/issues/6146 2021-11-09 16:41:25 -05:00
m0duspwnens
c8fb504ee0 Revert "Merge remote-tracking branch 'remotes/origin/dev' into issue/3933" 
This reverts commit 54eec92621, reversing
changes made to 7832e59629.
 2021-10-13 15:22:46 -04:00
Wes Lambert
e1629d7ec4 Initial EG stuff 2021-10-13 17:13:07 +00:00
Mike Reeves
6ae2fba71f Update search.sls 2021-09-14 13:57:26 -04:00
Mike Reeves
2cc25587d9 Update eval.sls 2021-09-14 13:57:04 -04:00
Mike Reeves
614a6dc9fe Update manager.sls 2021-09-14 13:56:43 -04:00
William Wernert
e41811fbd0 [fix] Typo 2021-07-13 15:14:13 -04:00
William Wernert
80525ee736 [wip] Add logscan pipeline 2021-07-08 12:29:50 -04:00
m0duspwnens
c9ee28ce01 adding elasticsearch.auth to heavynode and searchnode 2021-06-21 14:47:24 -04:00
Jason Ertel
fca1c6e957 Merge branch 'dev' into kilo 2021-06-14 10:40:04 -04:00
Mike Reeves
7fba904f75 Dynamix Pipelines take 1 2021-06-09 15:32:39 -04:00
Mike Reeves
33db9023eb Revert to SO taxonomy for zeek and suricata 2021-06-08 13:50:39 -04:00
m0duspwnens
d25a439bd4 more changes 2021-06-01 10:53:58 -04:00
m0duspwnens
0134ceef16 merge and resolve conflict in elasticsearch state 2021-05-27 11:33:44 -04:00
m0duspwnens
6da0b57ce1 fix file.file_exists 2021-05-25 11:55:22 -04:00
m0duspwnens
8d9d5a267a generate elasticsearch.auth pillar if it doesnt exist 2021-05-25 11:52:58 -04:00