CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-06 17:22:49 +01:00
Code Issues Packages Projects Releases Wiki Activity
8,397 Commits 24 Branches 119 Tags
2ffb723bbd77c3669687b13a42d8029e8b2d98a7
Commit Graph

8397 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Mike Reeves
2ffb723bbd Rename so-common-template.json to so-common-template.json.jinja 2021-09-14 13:58:45 -04:00
Mike Reeves
6ae2fba71f Update search.sls 2021-09-14 13:57:26 -04:00
Mike Reeves
2cc25587d9 Update eval.sls 2021-09-14 13:57:04 -04:00
Mike Reeves
614a6dc9fe Update manager.sls 2021-09-14 13:56:43 -04:00
m0duspwnens
0534a2dda3 Merge remote-tracking branch 'remotes/origin/dev' into issue/1257 2021-09-13 15:04:50 -04:00
m0duspwnens
f8ab0ac8a9 config changes 2021-09-13 15:04:39 -04:00
m0duspwnens
0ae09cc630 config changes 2021-09-13 09:49:56 -04:00
Mike Reeves
332c4dda22 Merge pull request #5469 from Security-Onion-Solutions/fix/idstools-rule-clear 
Allow so-rule-update to accept any number of args
 2021-09-10 14:41:55 -04:00
William Wernert
679faddd52 Update so-rule-update to pass all args to docker exec 
Instead of passing $1, build a string from all args and add that to the command string for the docker exec statement
 2021-09-10 13:44:37 -04:00
William Wernert
0b42b19763 Update so-rule-update to source so-common 2021-09-10 13:41:58 -04:00
William Wernert
943bd3e902 Merge pull request #5468 from Security-Onion-Solutions/fix/idstools-rule-clear 
Add `--force` flag to idstools-rulecat under so-rule-update
 2021-09-10 13:17:16 -04:00
Mike Reeves
4af6a901a1 Merge pull request #5461 from Security-Onion-Solutions/truclusterrator 
Add new hunt fields
 2021-09-10 13:17:01 -04:00
William Wernert
9c310de459 Add --force flag to idstools-rulecat under so-rule-update 
This forces idstools to pull from the url each time, which prevents it from clearing all.rules if idstools-rulecat is run twice within 15 minutes by any method (either restarting the container or running so-rule-update)
 2021-09-10 13:15:09 -04:00
Mike Reeves
4f6a3269cb Add more detail to syscollector 2021-09-10 09:59:47 -04:00
Doug Burks
6a2e1df7d4 Merge pull request #5460 from Security-Onion-Solutions/feature/welcome-link-docs 
FEATURE: Add docs link to Setup #5459
 2021-09-10 07:27:48 -04:00
doug
db50ef71b4 FEATURE: Add docs link to Setup #5459 2021-09-10 06:19:16 -04:00
Jason Ertel
4e2d5018a2 Merge pull request #5455 from Security-Onion-Solutions/kilo 
Consolidate whiptail screens
 2021-09-09 14:57:28 -04:00
Jason Ertel
94688a9adb Eliminate adv component popup 2021-09-09 14:29:09 -04:00
Jason Ertel
63f67b3500 Rephrase screen that warns about more RAM requirements 2021-09-09 14:16:05 -04:00
Mike Reeves
eaa5e41651 Merge pull request #5450 from Security-Onion-Solutions/TOoSmOotH-patch-1 
Fix Raid Status for cloud
 2021-09-09 11:09:49 -04:00
Mike Reeves
c83f119cc0 Update so-raid-status 2021-09-09 10:59:35 -04:00
Mike Reeves
5d235e932c Fix Raid Status for cloud 2021-09-09 10:46:28 -04:00
m0duspwnens
93f2cd75a4 add the jinja template 2021-09-09 10:19:46 -04:00
m0duspwnens
f06ab8b77d testing defaults.yaml 2021-09-09 08:55:36 -04:00
weslambert
03b45512fa Merge pull request #5436 from Security-Onion-Solutions/fix/kibana_server_url 
Incude server.publicBaseUrl
 2021-09-08 12:13:48 -04:00
weslambert
b8600be0f1 Incude server.publicBaseUrl 2021-09-08 12:12:09 -04:00
Jason Ertel
19a02baa7c Merge pull request #5425 from Security-Onion-Solutions/kilo 
Auth enhancements
 2021-09-07 13:10:36 -04:00
Jason Ertel
3c59579f99 Add maintenance privilege for analysts to refresh indices 2021-09-07 13:03:30 -04:00
Mike Reeves
3f989590ad Merge pull request #5402 from Security-Onion-Solutions/TOoSmOotH-patch-6 
Enable index sorting by default but allow it to be disabled
 2021-09-07 11:28:40 -04:00
Jason Ertel
72cff7ec7a Merge branch 'dev' into kilo 2021-09-07 10:49:08 -04:00
Mike Reeves
e3900606dc Enable index sorting by default but allow it to be disabled 2021-09-04 10:42:18 -04:00
Mike Reeves
a2fd8ae200 Merge pull request #5401 from rwaight/dev 
Enable index sorting in `so-common-template.json`
 2021-09-04 10:32:57 -04:00
Rob Waight
b7591093cf Add index sorting to so-common-template.json 
Add index sorting to so-common-template.json
 2021-09-04 09:45:03 -04:00
Rob Waight
51439cd1ab Merge pull request #1 from Security-Onion-Solutions/dev 
sync with SO/Dev
 2021-09-04 09:43:23 -04:00
Jason Ertel
94ea1f856b Add auditor role; update analyst role with correct syntax 2021-09-03 15:59:48 -04:00
Jason Ertel
fbbb7f4e85 Add auditor role; update analyst role with correct syntax 2021-09-03 15:54:05 -04:00
Mike Reeves
7b3a0cd1e4 Merge pull request #5394 from Security-Onion-Solutions/TOoSmOotH-patch-5 
Add maxfiles to the steno config
 2021-09-03 10:49:59 -04:00
Mike Reeves
9fb28709d5 Add maxfiles to the steno config 2021-09-03 10:47:00 -04:00
Jason Ertel
649f339934 Correct typo 2021-09-02 20:30:48 -04:00
Jason Ertel
f659079542 Consolidate password validation messaging 2021-09-02 19:12:32 -04:00
Jason Ertel
ce70380f0f resolve so-user errors from recent auth changes 2021-09-02 17:59:33 -04:00
Jason Ertel
c4d402d8b4 Ensure role file exists before ES state is run 2021-09-02 15:45:47 -04:00
Mike Reeves
9f5dafd560 More Event Fields 2021-09-02 13:48:18 -04:00
Mike Reeves
1cee603ee4 Squid event fields 2021-09-02 13:24:04 -04:00
William Wernert
a14854d56d Merge pull request #5383 from Security-Onion-Solutions/feature/soup-y 
Add logic to check unattended flag when checking OS updates
 2021-09-02 11:50:45 -04:00
Mike Reeves
2bf471054b Cloudtrail Event Fields 2021-09-02 11:46:18 -04:00
William Wernert
56894b9581 Add logic to check unattended flag when checking if updates are available 2021-09-02 11:15:32 -04:00
Jason Ertel
10126bb7ef Auth enhancements 2021-09-02 09:44:57 -04:00
Jason Ertel
6dfc943e8c Merge pull request #5382 from Security-Onion-Solutions/kilo 
Correct invalid password message
 2021-09-02 07:15:09 -04:00
Jason Ertel
84ecc3cba7 Merge branch 'dev' into kilo 2021-09-02 07:09:36 -04:00