CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-23 17:33:10 +01:00
Code Issues Packages Projects Releases Wiki Activity
8,397 Commits 18 Branches 120 Tags
2ffb723bbd77c3669687b13a42d8029e8b2d98a7
Commit Graph

4922 Commits

Author SHA1 Message Date
Josh Brower
9d4536dcbe osquery ingest parsing update 2020-05-15 15:05:21 -04:00
Doug Burks
fc883745e5 add fields to conn log 
https://github.com/Security-Onion-Solutions/securityonion-saltstack/issues/599
 2020-05-15 15:02:02 -04:00
Doug Burks
58d59c6844 use null safe operator for source.port and destination.port 
https://github.com/Security-Onion-Solutions/securityonion-saltstack/issues/594
 2020-05-15 14:58:21 -04:00
Josh Brower
4737c0da3f Merge pull request #702 from Security-Onion-Solutions/bugfix/fleet-deployment 
Fleet Setup - Restart nginx
 2020-05-15 14:48:18 -04:00
Josh Brower
6b4822d98d Fleet Setup - Restart nginx 2020-05-15 14:47:19 -04:00
m0duspwnens
c89bc0b51a create nginx conf for standalone - https://github.com/Security-Onion-Solutions/securityonion-saltstack/issues/140 2020-05-15 14:42:38 -04:00
Wes Lambert
03805bd6e2 remove type field 2020-05-15 18:29:49 +00:00
Wes Lambert
5d5f5cf105 update DCE/RPC parsing 2020-05-15 18:19:05 +00:00
Mike Reeves
7e1016ff07 Update firewall rules to allow minions to connect 2020-05-15 13:59:07 -04:00
Mike Reeves
10896c1add Update Release Notes 2020-05-15 13:41:51 -04:00
m0duspwnens
2f566bf6d7 add so-standalone to agent/wazuh-register-agent 2020-05-15 13:25:31 -04:00
m0duspwnens
1a157eb6a5 add so-standalone to agent/ossec.conf 2020-05-15 13:23:58 -04:00
m0duspwnens
9c7481a0c7 add so-status map for standalone 2020-05-15 13:21:05 -04:00
m0duspwnens
74290eca2a change = to in - https://github.com/Security-Onion-Solutions/securityonion-saltstack.git 2020-05-15 11:20:06 -04:00
m0duspwnens
f3a2c1fb4d add missing ] - https://github.com/Security-Onion-Solutions/securityonion-saltstack/issues/140 2020-05-15 11:08:10 -04:00
m0duspwnens
f4db261baf change elif - https://github.com/Security-Onion-Solutions/securityonion-saltstack/issues/140 2020-05-15 10:57:25 -04:00
m0duspwnens
fdae84bb74 remove = in - https://github.com/Security-Onion-Solutions/securityonion-saltstack/issues/140 2020-05-15 10:56:16 -04:00
Doug Burks
d6d27a2861 avoid duplicate entries in _cluster/settings for mastersearch 
https://github.com/Security-Onion-Solutions/securityonion-saltstack/issues/696
 2020-05-15 10:29:24 -04:00
m0duspwnens
509188092c adding so-standalone state logic, add zeek pillar to so-standalone - https://github.com/Security-Onion-Solutions/securityonion-saltstack/issues/140 2020-05-15 10:02:25 -04:00
Doug Burks
e41c1b6755 fix typo 2020-05-14 16:57:34 -04:00
m0duspwnens
692f04727f add standalone mode to pillar and state top - https://github.com/Security-Onion-Solutions/securityonion-saltstack/issues/140 2020-05-14 16:06:19 -04:00
m0duspwnens
9667f8b853 rename so-aptcacherng for so-status 2020-05-14 14:11:06 -04:00
Doug Burks
34d9882987 fix Wazuh and Sysmon queries 2020-05-14 13:47:01 -04:00
m0duspwnens
7f464af5fa run so-elasticsearch-pipelines only on changes - https://github.com/Security-Onion-Solutions/securityonion-saltstack/issues/682 2020-05-14 13:39:19 -04:00
Mike Reeves
dbef2e2832 Update soc.json 2020-05-14 11:56:18 -04:00
Mike Reeves
6991900ceb Update Query for geo 2020-05-14 11:34:10 -04:00
Doug Burks
5c3e7acc6d change resp_mime_types to file.resp_mime_types 2020-05-14 11:21:32 -04:00
Doug Burks
6112322bce change file.path to smb.path 2020-05-14 11:20:11 -04:00
Josh Brower
554612d25f Navigator top.sls fix 2020-05-14 11:19:07 -04:00
Doug Burks
c7b4ab116f fix rfb typo 2020-05-14 10:57:44 -04:00
Josh Brower
3db67de27a osquery packages fix 2020-05-13 20:39:56 -04:00
Josh Brower
8a68e6adb3 Playbook hivealert fixes 2020-05-13 19:27:14 -04:00
Josh Brower
c3627c38e3 Elastalert - NIDS fix 2020-05-13 17:03:14 -04:00
Josh Brower
6e4ee26a58 Elastalert --> TheHive fixes 2020-05-13 16:34:35 -04:00
Josh Brower
23b4870ee6 Playbook - update plays 2020-05-13 12:19:37 -04:00
Jason Ertel
db51ab9d45 Adjust elastalert salt setup to match new so-elastalert image 2020-05-13 12:14:18 -04:00
Josh Patterson
e9cf0f8599 Merge pull request #665 from Security-Onion-Solutions/issue/227 
Issue/227
 2020-05-13 12:11:43 -04:00
m0duspwnens
d94a76a2c7 fix docker_container_cpu calculations for grafana 2020-05-13 12:06:02 -04:00
m0duspwnens
581000b920 add grafana dashboard for mastersearch node - https://github.com/Security-Onion-Solutions/securityonion-saltstack/issues/227 2020-05-13 11:52:10 -04:00
Mike Reeves
50fc9a4713 Merge pull request #664 from Security-Onion-Solutions/feature/defaultsearch 
Remove Keyword
 2020-05-12 17:55:32 -04:00
Mike Reeves
0b0c8d8471 Remove Keyword 2020-05-12 17:54:25 -04:00
Josh Brower
bc4b4385bf Merge pull request #662 from Security-Onion-Solutions/bugfix/soctopus-config 
soctopus config fix
 2020-05-12 17:04:22 -04:00
Josh Brower
d270c8f32d soctopus config fix 2020-05-12 16:59:35 -04:00
m0duspwnens
d5b2a6f059 move statedir and salttmp from salt state to common state 2020-05-12 16:58:26 -04:00
m0duspwnens
56b92afb6b fix telegraf.conf for different roles 2020-05-12 16:54:38 -04:00
Josh Brower
4d3d7dc60e salt bug workarounds 2020-05-12 16:24:24 -04:00
Josh Brower
abd907fee1 Merge pull request #659 from Security-Onion-Solutions/bugfix/nids-parsing-alerting 
suricata parsing
 2020-05-12 14:07:51 -04:00
Josh Brower
62bec93190 suricata parsing 2020-05-12 14:04:02 -04:00
Mike Reeves
0b7568e08f Update soc.json with default search info 2020-05-12 13:57:40 -04:00
Josh Brower
d1eac195d8 Enable Navigator 2020-05-11 22:41:54 -04:00