CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-07 09:42:46 +01:00
Code Issues Packages Projects Releases Wiki Activity
8,397 Commits 24 Branches 119 Tags
2ffb723bbd77c3669687b13a42d8029e8b2d98a7
Commit Graph

253 Commits

Author SHA1 Message Date
Mike Reeves
4af6a901a1 Merge pull request #5461 from Security-Onion-Solutions/truclusterrator 
Add new hunt fields
 2021-09-10 13:17:01 -04:00
Mike Reeves
4f6a3269cb Add more detail to syscollector 2021-09-10 09:59:47 -04:00
Mike Reeves
9f5dafd560 More Event Fields 2021-09-02 13:48:18 -04:00
Mike Reeves
1cee603ee4 Squid event fields 2021-09-02 13:24:04 -04:00
Mike Reeves
2bf471054b Cloudtrail Event Fields 2021-09-02 11:46:18 -04:00
Jason Ertel
10126bb7ef Auth enhancements 2021-09-02 09:44:57 -04:00
Mike Reeves
556bad6925 Add eventfields for new default logs 2021-09-01 15:13:43 -04:00
Jason Ertel
257062e20c Update release notes link to match top right menu for airgap 2021-07-22 09:48:34 -04:00
doug
fa9d7afb46 FIX: Airgap link to Release Notes #4685 2021-07-22 09:42:37 -04:00
Jason Ertel
c3deabae36 Update init.sls 2021-06-22 08:30:54 -04:00
m0duspwnens
9cdbcb72ac Merge branch 'kilo' of https://github.com/Security-Onion-Solutions/securityonion into kilo 2021-06-22 08:23:26 -04:00
m0duspwnens
bc86590411 only add sosyncuser cron if startup_states: highstate is set in minion config 2021-06-22 08:23:16 -04:00
Jason Ertel
8ddc99e91f Allow for adjusting SOC session timeout 2021-06-22 08:07:52 -04:00
Jason Ertel
5e042bf4b8 Improve algorithm for determining if a user sync is necessary; Apply salt state in foreground to avoid collisions with setup salt states. 2021-06-21 12:16:47 -04:00
Jason Ertel
1d4161ba31 Disable HaveIBeenPwned API (pwnedpasswords.com) 2021-06-18 08:36:36 -04:00
Jason Ertel
09fbb045a1 If ES auth disabled ensure user/pass are blank 2021-06-16 09:59:57 -04:00
Jason Ertel
fca1c6e957 Merge branch 'dev' into kilo 2021-06-14 10:40:04 -04:00
Jason Ertel
7205c5cb7b Provide timestamp as arg to SOC PCAP pivots 2021-06-10 15:21:03 -04:00
Jason Ertel
89a02383b8 Correct cronjob path issue for sysctl; suppress diff outputs from users/roles files; suppress salt state output during user sync 2021-06-09 16:31:32 -04:00
Mike Reeves
88eea03f97 Revert to SO taxonomy for zeek and suricata 2021-06-08 13:36:50 -04:00
Mike Reeves
4972f69dd6 Merge remote-tracking branch 'remotes/origin/dev' into pipeline 2021-06-08 11:03:14 -04:00
Jason Ertel
416b38fc71 Use cronjob to ensure user synchronization 2021-06-04 11:24:58 -04:00
Jason Ertel
901242f7e9 remove extra parenthesis 2021-06-02 16:23:45 -04:00
Mike Reeves
9c9bcac61b Update DNS queries 2021-06-02 15:01:14 -04:00
Mike Reeves
e8cc88174f Fix some hunt queries 2021-06-02 13:55:05 -04:00
Jason Ertel
20e896cacf Update all configs to pass user/pass to ES 2021-06-02 12:17:15 -04:00
Jason Ertel
4ff85ab0c4 Merge branch 'dev' into kilo 2021-06-02 10:39:51 -04:00
Jason Ertel
c757d21360 Increase default SOC API and ES timeouts from 2m to 5m 2021-06-02 09:38:59 -04:00
Jason Ertel
3a134cc706 fix merge conflicts 2021-06-02 09:16:28 -04:00
doug
aeea5701e4 completely disable both alerts.actions.json and hunt.actions.json 2021-05-26 16:34:05 -04:00
doug
ee675546ac add menu.actions.json and update soc.json 2021-05-26 14:09:00 -04:00
Jason Ertel
915b7aa2df Switch Kratos config from argon2 to bcrypt12 2021-05-24 10:52:54 -04:00
William Wernert
fe3aec173f Merge branch 'master' into feature/merge-2.3.51 
# Conflicts:
#	VERSION
#	salt/influxdb/init.sls
 2021-05-21 12:31:54 -04:00
m0duspwnens
ef32bff302 fix up soc.json 2021-05-17 18:29:27 -04:00
m0duspwnens
e50002e0ca influx and grafana default for manager nodes - https://github.com/Security-Onion-Solutions/securityonion/issues/4207 2021-05-17 16:26:12 -04:00
Doug Burks
293fb0a76d FEATURE: Pivot from Alerts/Hunt to CyberChef #4081 2021-05-07 13:23:46 -04:00
Doug Burks
2e228c8355 FEATURE: Pivot from Alerts/Hunt to CyberChef #4081 2021-05-07 13:22:03 -04:00
Jason Ertel
f4606828c7 Update MOTD with training link and simply customization commands 2021-04-23 10:42:14 -04:00
Jason Ertel
8facbcf18c Do not set influxdb hostUrl if import node since import nodes don't run influxdb 2021-04-09 20:40:44 -04:00
Jason Ertel
5cb73ced36 Add Influx module to SOC config 2021-04-09 14:58:15 -04:00
Doug Burks
8ca0626387 FIX: Hunt query for HTTP EXE downloads should work for both Zeek and Suricata #3753 2021-04-05 06:55:40 -04:00
Jason Ertel
820b01405f For hunt quick actions, pipe value to 'escape' operator to escape backslashes and double quotes 2021-03-31 14:57:36 -04:00
Jason Ertel
6bce8e8e2c Remove incompatible example 2021-03-29 07:30:26 -04:00
Jason Ertel
0195d366cc Add custom banner to login page 2021-03-26 14:44:31 -04:00
Jason Ertel
7fc2467951 Correct local online docs link to release notes 2021-03-24 15:00:02 -04:00
Jason Ertel
887920e7c5 Implement customizable overview page 2021-03-23 16:44:08 -04:00
Jason Ertel
5ade0b9f40 Implement customizable overview page 2021-03-23 16:31:41 -04:00
Jason Ertel
83a3488a06 Update changes.json to reflect 2.3.40 changes 2021-03-19 11:15:27 -04:00
Jason Ertel
cc30abfe1b Refresh fieldcaps every 5 minutes 2021-03-18 13:48:57 -04:00
Jason Ertel
4e9f629231 Reformat inactiveTools list in JSON format 2021-03-17 18:25:05 -04:00