CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2026-01-16 21:21:31 +01:00
Code Issues Packages Projects Releases Wiki Activity
16,675 Commits 24 Branches 121 Tags
31df0b5d7d22427ed4f402efe33d2c71e1ba0c40
Commit Graph

896 Commits

Author SHA1 Message Date
Josh Patterson
b0a8191f59 Merge remote-tracking branch 'origin/2.4/dev' into vlb2 2025-05-19 10:02:26 -04:00
Josh Patterson
28aedcf50b remove vm map example 2025-05-19 09:58:43 -04:00
Josh Brower
9022dc24fb Add Parsing for Playbooks 2025-05-14 13:19:50 -06:00
Corey Ogburn
78b7068638 Playbook Settings 
Map a folder from the manager's soc config folder to soc's sensoroni folder for storing the playbook repo.

Added playbook module section with default values.
 2025-05-14 13:19:49 -06:00
Doug Burks
a8cb18bb2e Update defaults.yaml to replace remaining instances of identity_id with user.name 2025-05-08 09:09:26 -04:00
Josh Brower
d47a798645 Show user.name instead of id 2025-05-07 11:17:00 -04:00
Jason Ertel
1ecf2b29fc update default actions for subgrid support 2025-05-06 13:56:16 -04:00
Josh Patterson
3a31d80a85 fix regex and label for hypervisor annotation 2025-04-30 13:10:49 -04:00
Josh Patterson
5a8e542f96 create macro for resource regex and fix regex logic for mem and cpu 2025-04-30 13:08:54 -04:00
Josh Patterson
ed80c4e13b Merge remote-tracking branch 'origin/2.4/dev' into vlb2 2025-04-23 15:42:04 -04:00
Jason Ertel
3b447b343f fix typo 2025-04-17 11:51:45 -04:00
Jason Ertel
d0375d3c7e fix typo 2025-04-17 11:51:21 -04:00
Jason Ertel
b607689993 improve regex 2025-04-17 11:47:52 -04:00
Jason Ertel
8f1e528f1c improve regex 2025-04-17 11:09:39 -04:00
Jason Ertel
366e39950a subord annotations; ensure node reboots occur in background 2025-04-16 15:55:16 -04:00
Josh Patterson
cc0e91aa96 Merge remote-tracking branch 'origin/2.4/dev' into vlb2 2025-04-07 08:52:50 -04:00
Jason Ertel
b99bb0b004 support options field on actions 2025-04-04 11:19:30 -04:00
Josh Patterson
445afca6ee use vrt 2025-04-03 13:44:13 -04:00
Jason Ertel
9c455badb9 support background actions via config UI 2025-04-03 13:08:44 -04:00
Josh Patterson
f9bf4e4130 Merge remote-tracking branch 'origin/2.4/dev' into vlb2 2025-03-27 11:26:32 -04:00
Jason Ertel
1236c8c1f2 support pcap imports for sensors in distributed grids 2025-03-21 10:34:55 -04:00
Jason Ertel
ad8f3dfde7 use specified role on new user add 2025-03-17 14:55:40 -04:00
Josh Patterson
ae94722eda Merge remote-tracking branch 'origin/2.4/dev' into vlb2 2025-03-11 11:20:50 -04:00
Jason Ertel
2af05b9a23 switch back to colon for better clarity 2025-03-07 08:24:19 -05:00
Doug Burks
3037dc7c38 Update soc_soc.yaml to fix previous change 2025-03-07 07:13:27 -05:00
Mike Reeves
14e95f4898 Update soc_soc.yaml 2025-03-06 21:01:45 -05:00
Mike Reeves
bad0031829 Update soc_soc.yaml 2025-03-06 20:58:23 -05:00
Josh Patterson
f30938ed59 hypervisor annotation show if base domain is initialized or not 2025-03-06 15:26:08 -05:00
Mike Reeves
03ebc2d86e Add Actions 2025-03-05 15:58:10 -05:00
Mike Reeves
3021ed5d36 Add Actions 2025-03-05 15:56:26 -05:00
Mike Reeves
b51aa56e86 Some things I thought were bools are not bools 2025-03-05 15:15:26 -05:00
Mike Reeves
b01fb733a9 Some things I thought were bools are not bools 2025-03-05 14:56:26 -05:00
Mike Reeves
c7c6d3e556 Merge branch '2.4/dev' of github.com:Security-Onion-Solutions/securityonion into truefalse 2025-03-05 13:21:21 -05:00
Corey Ogburn
21a64b6c1d Add Client Parameter 
Add groupItemsPerPage so detections groupby tables have proper default value for page size.
 2025-03-05 09:43:21 -07:00
Josh Patterson
6c472dd383 Merge remote-tracking branch 'origin/2.4/dev' into vlb2 2025-03-05 08:58:03 -05:00
Josh Patterson
2c5861a0c2 ensure local hypervisor dir when new hypervisor key accepted. apply soc.dyanno.hypervisor when hypervisor key accepted 2025-03-05 08:51:10 -05:00
Doug Burks
c6c67f4d06 FEATURE: Add sankey chart to Elastic Agent API dashboard to show relationship between process.name and process.Ext.api.name #14339 2025-03-05 06:31:16 -05:00
Jason Ertel
85450693a2 Merge branch '2.4/dev' into jertel/wip 2025-03-04 10:55:29 -05:00
Jason Ertel
0047246cf2 reduce stdout verbosity 2025-03-04 10:55:12 -05:00
Doug Burks
44535cba8c FIX: Elastic Agent Security Events dashboard should reference user.effective.name #14325 2025-03-04 06:46:56 -05:00
Doug Burks
e53f4fd1f1 Update defaults.yaml to quote the process.entity_id value 2025-03-02 05:54:30 -05:00
Josh Patterson
c8a1c8377a vm power operations 2025-02-27 16:04:44 -05:00
Mike Reeves
2ffaf2f601 Add hunt queries 2025-02-27 12:42:03 -05:00
Mike Reeves
4696152f78 Add hunt queries 2025-02-27 12:31:51 -05:00
Mike Reeves
a0944f8359 Add hunt queries 2025-02-27 12:17:57 -05:00
Mike Reeves
1fdbe987b8 Add hunt queries 2025-02-27 12:15:37 -05:00
Mike Reeves
40303c2d78 Add hunt queries 2025-02-27 12:10:59 -05:00
Mike Reeves
4b5048bd80 Add hunt queries 2025-02-27 11:57:57 -05:00
Mike Reeves
9d31050907 roll back SOC changes 2025-02-27 11:32:59 -05:00
Mike Reeves
e930d1dec6 roll back SOC changes 2025-02-27 11:28:06 -05:00