CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-19 15:33:06 +01:00
Code Issues Packages Projects Releases Wiki Activity
8,397 Commits 18 Branches 120 Tags
2ffb723bbd77c3669687b13a42d8029e8b2d98a7
Commit Graph

4922 Commits

Author SHA1 Message Date
Mike Reeves
b4b449aa14 Pull in Suricata changes 2021-02-19 11:01:15 -05:00
William Wernert
4689e32ce4 Add sed for curly braces in minion pillars to soup 2021-02-19 10:18:06 -05:00
William Wernert
2184c6d59f [fix] Create dict value if it doesn't exist 2021-02-19 09:31:22 -05:00
William Wernert
9183c0a92c [feat] Initial so-rules script 
* Quote curly braces in minion pillar, need to add sed function in soup
 2021-02-19 09:24:12 -05:00
doug
88eb5b1d61 Update syslog ingest parser to accomodate pfSense filterlog changes #3033 2021-02-19 08:02:32 -05:00
Jason Ertel
faa78c0e26 Salt doesn't like a name starting with a non alpha-numeric char. Switch back to long if/then format 2021-02-18 14:51:09 -05:00
Josh Patterson
79e7b1da4d Merge pull request #3021 from Security-Onion-Solutions/issue/2989 
change suricata clean cron to run once a day
 2021-02-18 14:07:40 -05:00
m0duspwnens
03487c2a31 change suricata clean cron to run once a day 2021-02-18 14:06:45 -05:00
Josh Patterson
0ab9577863 Merge pull request #3018 from Security-Onion-Solutions/all_rules_dont_show_changes 
dont show changes since file can be large
 2021-02-18 12:23:54 -05:00
m0duspwnens
bf100a2310 dont show changes since file can be large 2021-02-18 12:23:22 -05:00
Josh Patterson
2092044335 Merge pull request #3017 from Security-Onion-Solutions/issue/1237 
load templates all the time
 2021-02-18 12:13:49 -05:00
m0duspwnens
e730efb4ec load templates all the time 2021-02-18 12:12:18 -05:00
Josh Patterson
76cdc45fad Merge pull request #3016 from Security-Onion-Solutions/all_rules_dont_show_changes 
Don't show changes because all.rules can be large
 2021-02-18 12:00:08 -05:00
m0duspwnens
069997a65c Don't show changes because all.rules can be large 2021-02-18 11:56:25 -05:00
Jason Ertel
6f7bc650a0 Apply reserved ports if the existing file is 0 bytes 2021-02-18 11:20:13 -05:00
Josh Patterson
a9da761fab Merge pull request #3012 from Security-Onion-Solutions/issue/2989 
Issue/2989
 2021-02-18 10:52:23 -05:00
m0duspwnens
95df18c545 limit eve logs and gz files based on days 2021-02-18 10:45:20 -05:00
m0duspwnens
a4d5f58256 fix surilogcompress 2021-02-18 10:33:47 -05:00
Josh Patterson
3f7cdb933f Merge pull request #3010 from Security-Onion-Solutions/issue/2989 
Issue/2989
 2021-02-18 09:58:35 -05:00
m0duspwnens
74ca4487de ensure at least 2 eve files are kept https://github.com/Security-Onion-Solutions/securityonion/issues/2989 2021-02-18 09:51:40 -05:00
m0duspwnens
4b07d5e457 add identifier to eve clean cron 2021-02-18 09:39:54 -05:00
m0duspwnens
041d193f2d fix brackets 2021-02-18 09:37:37 -05:00
m0duspwnens
0bef8b6662 limit number of eve.json files for suricata https://github.com/Security-Onion-Solutions/securityonion/issues/2989 2021-02-18 09:26:59 -05:00
Josh Brower
b5087b815a Merge pull request #3002 from Security-Onion-Solutions/feature/sigma-tweaks 
Update .security analyzer
 2021-02-17 16:38:22 -05:00
Josh Brower
d2a74c80e2 Update .security analyzer 2021-02-17 16:37:31 -05:00
m0duspwnens
7a595df5b6 strelka logrotate - https://github.com/Security-Onion-Solutions/securityonion/issues/2736 2021-02-17 11:17:41 -05:00
m0duspwnens
2b07d89b5a error: /opt/so/conf/sensor-rotate.conf:8 unknown option 'endscript' -- ignoring line 2021-02-17 11:01:18 -05:00
m0duspwnens
e6ae1af85f test rotating strelka log at 100k 2021-02-17 10:47:06 -05:00
Josh Patterson
fddef1a6f4 Merge pull request #2985 from Security-Onion-Solutions/issue/2915 
remove old backup files
 2021-02-17 09:43:58 -05:00
Josh Patterson
bec437c2cf Merge pull request #2984 from Security-Onion-Solutions/issue/2737 
Issue/2737
 2021-02-16 15:41:46 -05:00
Josh Patterson
eb18ec552c Merge pull request #2980 from Security-Onion-Solutions/issue/2915 
Issue/2915
 2021-02-16 12:01:37 -05:00
doug
fabe3c87f2 Hunt: improve Wazuh queries #2383 2021-02-16 11:56:14 -05:00
m0duspwnens
7099ed4bf5 delete many backup files 2021-02-16 11:55:49 -05:00
m0duspwnens
1ccc5480e1 remove oldest backup 2021-02-16 11:40:45 -05:00
doug
397d8d0964 Kibana 7.10.2 config changes #2954 2021-02-14 07:04:51 -05:00
doug
3248edea8b Update Kibana dashboard hyperlinks to new url format #2361 2021-02-12 17:25:42 -05:00
m0duspwnens
100601c452 only laod templates if they change https://github.com/Security-Onion-Solutions/securityonion/issues/1237 2021-02-12 16:03:45 -05:00
doug
31a0c2bc82 Update Kibana dashboard hyperlinks to new url format #2361 2021-02-12 15:37:25 -05:00
doug
797d2c4dba Kibana 7.10.2 config changes #2954 2021-02-12 15:35:06 -05:00
Doug Burks
fd4cb0b7a8 Kibana 7.10.2 config changes #2954 2021-02-12 14:05:29 -05:00
Doug Burks
c717773fc3 Kibana 7.10.2 config changes #2954 2021-02-12 14:04:00 -05:00
Josh Patterson
a8598a50e4 Merge pull request #2953 from Security-Onion-Solutions/issue/2756 
remove /etc/yum.repos.d/salt-2019-2-5.repo if present
 2021-02-12 12:05:21 -05:00
m0duspwnens
3b0c2b3e91 remove /etc/yum.repos.d/salt-2019-2-5.repo if present https://github.com/Security-Onion-Solutions/securityonion/issues/2756 2021-02-12 12:04:08 -05:00
m0duspwnens
7e4d7a6985 drop icmp timestamp replies https://github.com/Security-Onion-Solutions/securityonion/issues/1704 2021-02-11 11:09:21 -05:00
m0duspwnens
3cfbc61f4e only save at the end 2021-02-10 11:15:39 -05:00
Mike Reeves
125f7d6262 add warm node action for hot/warm 2021-02-08 11:49:49 -05:00
Mike Reeves
5043b970ef Fix tar syntax 2021-02-06 19:14:44 -05:00
Mike Reeves
a3ca84db66 Fix backupdir name state 2021-02-06 15:32:42 -05:00
Mike Reeves
bf79c92456 Lock down Backups folder permissions 2021-02-05 22:31:08 -05:00
Mike Reeves
8f97973fac Lock down Backups folder permissions 2021-02-05 22:17:31 -05:00