CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-06 17:22:49 +01:00
Code Issues Packages Projects Releases Wiki Activity
8,397 Commits 24 Branches 119 Tags
2ffb723bbd77c3669687b13a42d8029e8b2d98a7
Commit Graph

8397 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
m0duspwnens
52cb72ba67 dont run curator on searchnode if truecluster is enabled - https://github.com/Security-Onion-Solutions/securityonion/issues/2806 2021-08-04 09:40:34 -04:00
William Wernert
54a3b754e0 Merge pull request #5050 from Security-Onion-Solutions/foxtrot 
Add logscan state, related pipeline config, and initial so-learn script
 2021-08-03 16:30:07 -04:00
William Wernert
2bc88e7750 Remove learn from allowed states for helixsensor 2021-08-03 15:29:37 -04:00
William Wernert
ef59cb47dd Use print_err function 2021-08-03 15:26:57 -04:00
William Wernert
9e5d3aa286 Fix removed root check in so-rule 2021-08-03 15:25:53 -04:00
William Wernert
25bf25eae6 Allowed states remove typo'd logscan 2021-08-03 15:24:32 -04:00
William Wernert
24f5fa66f3 Merge branch 'dev' into foxtrot 2021-08-03 13:02:29 -04:00
Mike Reeves
1aeb2d7d4f Merge pull request #5040 from Security-Onion-Solutions/kilo 
Condense cloud automations
 2021-08-03 10:59:28 -04:00
Jason Ertel
ee176f5bfd Condense cloud automations 2021-08-03 07:40:50 -04:00
Jason Ertel
eb093b8e6c Condense cloud automations 2021-08-02 21:52:42 -04:00
Jason Ertel
f88fa6e3b2 Condense cloud automations 2021-08-02 21:51:26 -04:00
Jason Ertel
724f7d4f3d Merge pull request #5036 from Security-Onion-Solutions/kilo 
Condense cloud automations
 2021-08-02 18:04:05 -04:00
Jason Ertel
19816d8814 Condense cloud automations 2021-08-02 17:55:27 -04:00
William Wernert
d3b170c6df Add logscan automation file + fix enable command in setup 2021-08-02 12:37:37 -04:00
William Wernert
757091beeb Add log_level to logscan.conf 2021-08-02 10:35:39 -04:00
William Wernert
8a49039b85 Only append source.ip to logscan.source.ips if it's been created 2021-08-02 09:50:49 -04:00
William Wernert
4f39cd1d7f Add logscan dynamic object to so-common template mappings 2021-07-30 16:02:02 -04:00
William Wernert
2a6277c0c3 Fix field names in logscan pipeline 2021-07-30 15:46:39 -04:00
William Wernert
33bd6aed20 Fix logscan pipeline on eval 
* Rename logscan pipeline to logscan.alert
* Add module to indices array in filebeat.yml
 2021-07-30 14:41:15 -04:00
William Wernert
b9980c9d30 Fix pipeline name 2021-07-30 13:09:09 -04:00
William Wernert
01bb94514c Correct mod_so_status to only act on single string 2021-07-30 11:05:48 -04:00
William Wernert
d71967ea1d Fix incorrect writing of so-status.conf 2021-07-30 10:28:39 -04:00
William Wernert
0b06d0bfdb Merge branch 'dev' into foxtrot 2021-07-29 15:15:25 -04:00
William Wernert
b2a83018ba Remove or run logscan based on enabled bool 2021-07-29 15:14:54 -04:00
William Wernert
ba265d94f4 Change default value in learn init to a dict where approriate 2021-07-29 15:14:28 -04:00
Mike Reeves
af7b314cfe Merge pull request #4993 from Security-Onion-Solutions/kilo 
Merge 2.3.61 MSEARCH Hotfix into dev
 2021-07-29 15:02:51 -04:00
Jason Ertel
4c6447a3da merge 2.3.61 MSEARCH hotfix into dev 2021-07-29 15:00:58 -04:00
William Wernert
b30f771fa2 Set write_needed flag correctly, include newline in so-status.conf string 2021-07-29 14:59:26 -04:00
Mike Reeves
837c0402a0 Merge pull request #4989 from Security-Onion-Solutions/hotfix/2.3.61 
Hotfix/2.3.61
2.3.61MSEARCH 		2021-07-29 14:58:25 -04:00
William Wernert
e38219aa2e Fix learn init.sls typo 2021-07-29 14:35:02 -04:00
William Wernert
9e92f6da3d Add container to so-status when enabling/disabling ml module 2021-07-29 14:25:20 -04:00
William Wernert
44551ea9ee Fix so-learn list 2021-07-29 13:31:48 -04:00
William Wernert
c53da9b1ff Fix wrong variables in learn init.sls 2021-07-29 12:04:40 -04:00
William Wernert
e1785dbd9a Fix typo 2021-07-29 12:00:53 -04:00
William Wernert
2560a9b78c [wip] Change learn:modules to dictionary 2021-07-29 11:58:58 -04:00
William Wernert
d53e989c55 Add ability to set cpu_period per module 2021-07-29 11:52:10 -04:00
William Wernert
211a841cdb Fix file path in bind mount for logscan 2021-07-29 11:40:19 -04:00
Josh Patterson
50e4365475 Merge pull request #4990 from Security-Onion-Solutions/issue/4985 
Issue/4985
 2021-07-29 11:14:54 -04:00
Jason Ertel
c524b54af1 Merge pull request #4988 from Security-Onion-Solutions/mkr2361 
2.3.61-MSEARCH
 2021-07-29 11:10:41 -04:00
Mike Reeves
7591bb115e 2.3.61-MSEARCH 2021-07-29 11:09:54 -04:00
Mike Reeves
3d2da303c8 2.3.61-MSEARCH 2021-07-29 11:09:27 -04:00
Mike Reeves
f585eb6e62 2.3.61-MSEARCH 2021-07-29 11:08:03 -04:00
m0duspwnens
4b6120a46b fix the hours get 2021-07-29 10:59:33 -04:00
Mike Reeves
d946c6d5ed Merge pull request #4987 from Security-Onion-Solutions/kilo 
Do not prompt about uppercased hostname during testing
 2021-07-29 10:57:56 -04:00
William Wernert
5894b85bd1 Remove broken yaml dump arg, rename metavars 2021-07-29 10:57:53 -04:00
m0duspwnens
3fc43f7d92 allow for adjustment to auto patch os schedule - https://github.com/Security-Onion-Solutions/securityonion/issues/4985 2021-07-29 10:48:24 -04:00
Jason Ertel
8ed264460f Do not prompt about uppercased hostname during testing 2021-07-29 10:45:35 -04:00
William Wernert
811b32735e Merge branch 'dev' into foxtrot 2021-07-29 09:52:29 -04:00
Mike Reeves
4b3db0c4d2 Merge pull request #4972 from Security-Onion-Solutions/mkr2361 
Fix Manager Search
 2021-07-28 17:08:40 -04:00
Mike Reeves
281ba21298 Merge pull request #4956 from Security-Onion-Solutions/kilo 
Merge master to dev
 2021-07-28 17:07:58 -04:00