CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-22 00:43:09 +01:00
Code Issues Packages Projects Releases Wiki Activity
8,397 Commits 18 Branches 120 Tags
2ffb723bbd77c3669687b13a42d8029e8b2d98a7
Commit Graph

4922 Commits

Author SHA1 Message Date
Josh Brower
1e14d66f54 Add case_template field to Playbook alerts 2020-10-21 08:59:26 -04:00
weslambert
4765ef5f5c Change rule_ruleset to rule.ruleset 2020-10-20 22:14:23 -04:00
William Wernert
d63358c8f0 [fix] Correct pillar reference + nginx errors 2020-10-20 14:30:06 -04:00
Jason Ertel
d37ddf584a Correct quick action defaults 2020-10-20 14:12:23 -04:00
jtgreen-cse
eaa41266a2 fix for rendering error >1 search node 
Fails rendering if you have more than one search node.
 2020-10-20 13:24:53 -04:00
Mike Reeves
4a9fcfb8cf Fix missing quote 2020-10-20 13:17:40 -04:00
Mike Reeves
a119d8f27d Fix config for airgap installs 2020-10-20 11:28:49 -04:00
m0duspwnens
10e4248cfc and node that gets filebeat state now can listen for syslog - https://github.com/Security-Onion-Solutions/securityonion/issues/1551 2020-10-19 16:10:20 -04:00
William Wernert
42e285cfbe Merge branch 'dev' into feature/nginx-update 
# Conflicts:
#	salt/nginx/etc/nginx.conf
#	salt/nginx/etc/nginx.conf.so-eval
#	salt/nginx/etc/nginx.conf.so-manager
#	salt/nginx/etc/nginx.conf.so-standalone
 2020-10-19 13:25:46 -04:00
Mike Reeves
97a2d91d15 Re-arrange whiptail screens 2020-10-19 12:14:30 -04:00
m0duspwnens
79854f111e add 514 tcp listener to filebeat docker and add syslog listener to fb config for manager and manager search - https://github.com/Security-Onion-Solutions/securityonion/issues/1551 2020-10-19 10:27:40 -04:00
Masaya-A
47652ac080 Update eval.json 2020-10-17 04:45:12 +09:00
Masaya-A
964919109d Update standalone.json 2020-10-17 04:35:39 +09:00
Jason Ertel
2326701cc0 Moved known issues underneath new changes 2020-10-15 19:29:33 -04:00
Jason Ertel
6ee37977c3 Fixed quotes and href targets 2020-10-15 19:25:26 -04:00
Mike Reeves
1ae35a39c3 Update changes.json 2020-10-15 19:11:55 -04:00
Mike Reeves
943aa82ce4 Update changes.json 2020-10-15 19:09:46 -04:00
Mike Reeves
131e105106 Update changes.json 2020-10-15 19:07:37 -04:00
Mike Reeves
cc56dc5a7f Update changes.json 2020-10-15 19:05:47 -04:00
Wes Lambert
d863f26f9d Update Kibana mappings for event ack/eslacation 2020-10-15 18:46:37 +00:00
William Wernert
1fdf431c12 [fix] so-user spelling+syntax fixes 
* Consistent ending punctuation
* Consistent capitalization
* Correct comparison operators
 2020-10-15 13:44:23 -04:00
Mike Reeves
35b10b1f91 Sensors should clean up their dockers as well 2020-10-15 10:31:51 -04:00
Wes Lambert
af9daa4d71 Intel mapping enforcement and winlog.verion 2020-10-15 12:42:33 +00:00
Wes Lambert
e7401b3e0c Fix default discover query 2020-10-14 21:43:19 +00:00
Wes Lambert
54c4ee796f Rename file.flavors.mime to file.mime_type 2020-10-14 18:56:44 +00:00
Wes Lambert
3c820365ab Fix common pipeline field removal so won't fail for missing fields 2020-10-14 13:55:24 +00:00
Doug Burks
a106913d1a Heavy node filebeat needs extra_hosts for the heavy node itself #1521 2020-10-14 09:51:59 -04:00
Josh Patterson
2e62494793 Merge pull request #1518 from Security-Onion-Solutions/issue/1153 
fix issue with schedule being placed in wrong location
 2020-10-14 09:26:31 -04:00
Doug Burks
f88403e83e use ssl on nodes that support it 2020-10-14 05:50:29 -04:00
m0duspwnens
a08d0c8b6f fix issue with schedule being placed in wrong location 2020-10-13 18:24:44 -04:00
Doug Burks
190869a1f2 enable https on elasticsearch nodes that support it 2020-10-13 16:04:55 -04:00
Josh Patterson
15ea152b84 Merge pull request #1515 from Security-Onion-Solutions/issue/1511 
changes for https://github.com/Security-Onion-Solutions/securityonion/issues/1511
 2020-10-13 14:17:28 -04:00
Wes Lambert
3f8f0da468 Replay verbiage -- let users know when preparing to replay 2020-10-13 18:13:36 +00:00
m0duspwnens
2456605a54 changes for https://github.com/Security-Onion-Solutions/securityonion/issues/1511 2020-10-13 14:10:24 -04:00
Doug Burks
0f68a53af4 Update so-curator-closed-delete-delete 2020-10-13 13:22:35 -04:00
Doug Burks
b004a9149e Update so-index-list 2020-10-13 12:40:45 -04:00
Doug Burks
e5ece6cd50 Update so-index-list 2020-10-13 12:34:49 -04:00
Jason Ertel
2ad6ab7dfc Dynamically alter docs URL based on airgap setting 2020-10-13 12:29:59 -04:00
Doug Burks
a75e986836 Update so-elastic-clear 2020-10-13 12:18:27 -04:00
Mike Reeves
c388966e7e Add airgap config 2020-10-13 12:05:19 -04:00
Doug Burks
ad50b5d640 elasticsearch _cat/indices output has changed between 6 and 7 2020-10-13 06:33:40 -04:00
Doug Burks
21b1becd7e Update so-elasticsearch-pipelines-list 2020-10-12 16:34:30 -04:00
Doug Burks
5458c57cc9 Update so-elasticsearch-pipeline-stats 2020-10-12 16:32:11 -04:00
Doug Burks
68e34b781a Update so-elasticsearch-templates-load 2020-10-12 16:10:38 -04:00
Doug Burks
4c43262610 Update so-elasticsearch-templates-list 2020-10-12 16:08:06 -04:00
Wes Lambert
14559b081d Ensure Zeek logs without ts field have an @timestamp field associated 2020-10-12 17:19:23 +00:00
Wes Lambert
4fc4913d1e Don't predefine index date for Filebeat ES outputs 2020-10-12 15:44:00 +00:00
Wes Lambert
884cc2d054 Don't predefine index date for Logstash outputs 2020-10-12 15:41:47 +00:00
Doug Burks
553ce3e363 only include extra_hosts if nodestab exists 2020-10-12 10:13:05 -04:00
Mike Reeves
f5cfd480a3 Moar encryptions 2020-10-12 09:12:36 -04:00