CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-06 17:22:49 +01:00
Code Issues Packages Projects Releases Wiki Activity
8,397 Commits 24 Branches 119 Tags
2ffb723bbd77c3669687b13a42d8029e8b2d98a7
Commit Graph

207 Commits

Author SHA1 Message Date
Mike Reeves
6ae2fba71f Update search.sls 2021-09-14 13:57:26 -04:00
Mike Reeves
2cc25587d9 Update eval.sls 2021-09-14 13:57:04 -04:00
Mike Reeves
614a6dc9fe Update manager.sls 2021-09-14 13:56:43 -04:00
William Wernert
e41811fbd0 [fix] Typo 2021-07-13 15:14:13 -04:00
William Wernert
80525ee736 [wip] Add logscan pipeline 2021-07-08 12:29:50 -04:00
m0duspwnens
c9ee28ce01 adding elasticsearch.auth to heavynode and searchnode 2021-06-21 14:47:24 -04:00
Jason Ertel
fca1c6e957 Merge branch 'dev' into kilo 2021-06-14 10:40:04 -04:00
Mike Reeves
7fba904f75 Dynamix Pipelines take 1 2021-06-09 15:32:39 -04:00
Mike Reeves
33db9023eb Revert to SO taxonomy for zeek and suricata 2021-06-08 13:50:39 -04:00
m0duspwnens
d25a439bd4 more changes 2021-06-01 10:53:58 -04:00
m0duspwnens
0134ceef16 merge and resolve conflict in elasticsearch state 2021-05-27 11:33:44 -04:00
m0duspwnens
6da0b57ce1 fix file.file_exists 2021-05-25 11:55:22 -04:00
m0duspwnens
8d9d5a267a generate elasticsearch.auth pillar if it doesnt exist 2021-05-25 11:52:58 -04:00
Mike Reeves
e5a41b60ef Merge remote-tracking branch 'remotes/origin/dev' into pipeline 2021-05-24 09:14:03 -04:00
m0duspwnens
0de1c9a669 removing unreference pillar file docker/config.sls 2021-05-18 07:57:00 -04:00
Wes Lambert
37929dbd7d Add additional config for Filebeat modules 2021-05-06 13:54:28 +00:00
Josh Brower
bba9913be1 Temp revert Fleet Live Query to Hunt 2021-03-17 08:25:25 -04:00
Josh Brower
548f67ca6f Initial support for Live Queries in Hunt 2021-03-04 18:21:13 -05:00
William Wernert
f5c044e3e3 [fix] Log directory fixes 
* The playbook log dir is owned by the socore group, so we can use `su root socore`
* Addresses https://github.com/Security-Onion-Solutions/securityonion/pull/2681#issuecomment-767761670
---
* influxdb runs as root, so we can set the log directory permissions to 755 for this service
 2021-01-26 16:07:34 -05:00
William Wernert
c7c3d004ca [fix] More helix -> helixsensor 2020-12-15 14:01:19 -05:00
m0duspwnens
4e04f31b8e remove old firewall ports pillar file https://github.com/Security-Onion-Solutions/securityonion/issues/1586 2020-12-14 10:24:49 -05:00
TOoSmOotH
379f1d98d8 fix addtotab 2020-12-10 09:15:17 -05:00
TOoSmOotH
d6fa739c60 Adding queue=True 2020-12-08 11:17:47 -05:00
Mike Reeves
8ea088c3fc Restart Elastic on addition of node. 2020-12-07 14:09:41 -05:00
Mike Reeves
d004263b71 Add Elastic Clustering 2020-12-02 14:33:22 -05:00
m0duspwnens
1afa12e607 add elasticsearch template manager pillar and assign to manager node 2020-10-13 16:08:15 -04:00
m0duspwnens
f38519247b change capture loss to every 5 minutes and default grafana dashboard to 1h 2020-10-08 17:52:02 -04:00
William Wernert
d84f85335e [fix] Add jinja option, missing log dirs, compress option 2020-10-06 17:18:39 -04:00
William Wernert
b64a91f13c [refactor] Remove nocompress option 2020-10-06 14:51:43 -04:00
William Wernert
9737b01676 [feat] Move logrotate configuration settings to pillar 2020-10-06 13:22:44 -04:00
William Wernert
f782299281 Remove preconfigured zeeklog + create it during setup 2020-09-28 15:12:36 -04:00
Mike Reeves
0a0e00866c Upgrade Fun 2020-09-14 14:50:22 -04:00
Mike Reeves
5d4e8925a3 Add Firewall Logic 2020-09-09 21:16:40 -04:00
Mike Reeves
ba192d6c32 Update addtotab.sh 2020-08-17 17:23:25 -04:00
m0duspwnens
5a0df27193 rename importpcap node to import 2020-08-12 10:27:15 -04:00
m0duspwnens
11433b87e6 Merge remote-tracking branch 'remotes/origin/dev' into issue/1049 2020-08-10 16:36:49 -04:00
Mike Reeves
63031a965a fix ports 2020-08-08 20:48:46 -04:00
Mike Reeves
9708b02387 update pipeline 2020-08-08 18:32:36 -04:00
m0duspwnens
7933bafd55 more fixes for importpcap node 2020-08-07 15:46:45 -04:00
m0duspwnens
9649994f73 add importpcap to pillar/top 2020-08-07 14:40:02 -04:00
Mike Reeves
e7225349a6 Ability to toggle between redis and minio 2020-08-05 22:56:41 -04:00
Mike Reeves
24ed92c9dc minio and change to global 2020-08-04 15:54:03 -04:00
weslambert
7d432091e2 Remove LS syslog port binding 2020-07-29 08:35:07 -04:00
m0duspwnens
e3efaee864 change reference from bro to zeek 2020-07-17 14:41:44 -04:00
m0duspwnens
e4fff05dbc load templates for es for eval 2020-07-15 08:30:43 -04:00
m0duspwnens
57bf23d83c move templates from logstash to elasticsearch 2020-07-14 16:07:46 -04:00
m0duspwnens
13af4cacb0 merge with dev and resolve conflicts 2020-07-10 16:27:10 -04:00
Mike Reeves
46d572fa8c Fix Filebeat spacing 2020-07-10 15:51:12 -04:00
Mike Reeves
5eb33d5ac7 Logstash Import and Template Assignment 2020-07-10 13:53:55 -04:00
m0duspwnens
24b8f81e38 merge with dev and resolve conflicts 2020-07-10 12:20:14 -04:00