CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-06 09:12:45 +01:00
Code Issues Packages Projects Releases Wiki Activity
17,240 Commits 24 Branches 119 Tags
33ada95bbce6fdfb45bee98b376a4a7662f8a830
Commit Graph

61 Commits

Author SHA1 Message Date
reyesj2
8a8ea04088 ignore error for elastic-fleet agent 2025-10-08 14:01:18 -05:00
reyesj2
d03dd7ac2d check for oom kill only in the last 24 hours 
Signed-off-by: reyesj2 <94730068+reyesj2@users.noreply.github.com>
 2025-09-19 11:32:13 -05:00
reyesj2
c9db52433f add oom check to so-log-check 
Signed-off-by: reyesj2 <94730068+reyesj2@users.noreply.github.com>
 2025-09-19 11:08:42 -05:00
reyesj2
415f456661 ignore composable templates with error in the name 2025-07-12 08:30:04 -05:00
Jason Ertel
bf8da60605 exclude component updates indexes with error in the name 2025-07-10 07:47:53 -04:00
Jason Ertel
5ecb483596 excluded harmless log error; suppress so-user grep output 2025-04-29 09:35:36 -04:00
Jason Ertel
a0637fa25d ignore false positives 2025-03-21 14:54:52 -04:00
Jason Ertel
772aa7379f more false positives 2025-02-27 07:55:22 -05:00
Jason Ertel
66a2ec7e21 ES upgrade errors to ignore 2025-02-21 08:38:40 -05:00
Jason Ertel
bf19c6e730 ca download; ignore shard errors on startup; clarify oidc id 2025-02-05 15:04:04 -05:00
reyesj2
9532f21c7b check zeek reporter.log 2024-12-05 13:49:44 -06:00
Jason Ertel
918f26962a ignore fp from hydra 2024-11-17 12:21:06 -05:00
DefensiveDepth
89a1e2500e Exclude logstash startup errors 2024-08-28 16:50:11 -04:00
Jason Ertel
f19a35ff06 move custom alerters to subgroup; avoid false positives on log check 2024-08-28 09:32:25 -04:00
Jason Ertel
eabb894580 exclude all logstash errors related to license manager init log line 2024-08-22 17:52:37 -04:00
weslambert
205bbd9c61 Use more specific match 2024-08-16 14:31:11 -04:00
weslambert
224bc6b429 Ignore old SOC logs before licenseStatus 2024-08-16 14:15:10 -04:00
DefensiveDepth
b860bf753a Add influxdb known error 2024-08-15 11:50:34 -04:00
reyesj2
ff29d9ca51 Update log-check to ignore kafka data directories 
Signed-off-by: reyesj2 <94730068+reyesj2@users.noreply.github.com>
 2024-07-11 10:23:51 -04:00
Jason Ertel
8ce19a93b9 exclude false positives related to detections 2024-05-21 13:29:20 -04:00
Jason Ertel
4771810361 exclude detect-parse errors 2024-05-15 19:10:50 -04:00
Jason Ertel
19e1aaa1a6 exclude detection rule errors 2024-05-09 15:45:33 -04:00
DefensiveDepth
58ddd55123 Exclude yara runtime log 2024-04-23 07:28:07 -04:00
Mike Reeves
21f86be8ee Update so-log-check 2024-04-05 08:03:42 -04:00
DefensiveDepth
1d221a574b Exclude Elastalert EQL errors 2024-04-04 06:48:25 -04:00
Jason Ertel
216b8c01bf disregard errors that in removed applications that occurred before the upgrade 2024-03-28 09:31:39 -04:00
DefensiveDepth
d7ecad4333 Initial cut to remove Playbook and deps 2024-03-25 19:42:31 -04:00
Jason Ertel
f889a089bf disregard benign telegraf error 2024-03-22 09:48:27 -04:00
Jason Ertel
47eea80d03 exempt transient license check errors 2024-01-10 09:07:17 -05:00
Jason Ertel
3456de3a30 exclude transient influxdb error 2023-12-22 07:16:45 -05:00
weslambert
244968ce23 Remove unnecessary blank lines 2023-12-20 17:30:15 -05:00
weslambert
65f89b22b2 Ignore Curator logs 2023-12-20 17:28:55 -05:00
Jason Ertel
ca21e32d83 log false positives 2023-12-19 10:47:39 -05:00
Jason Ertel
25c39540c8 fix import stats 2023-12-11 14:48:46 -05:00
Jason Ertel
f7fa4d05fb avoid startup error 2023-11-14 15:40:52 -05:00
Jason Ertel
7a0b21647f disregard false positives 2023-11-04 10:05:37 -04:00
Jason Ertel
1a3d4a2051 ignore malformed open canary log lines 2023-11-03 09:14:26 -04:00
Jason Ertel
96fdfb3829 ignore connectivity problems to docker containers during startup 2023-11-02 16:46:41 -04:00
Jason Ertel
32701b5941 more log bypass 2023-11-02 12:50:12 -04:00
Jason Ertel
e18e0fd69a more log bypass 2023-11-02 10:39:14 -04:00
Jason Ertel
1d2518310d more log bypass 2023-11-02 09:59:45 -04:00
Jason Ertel
c420e198fb ignore specific Suricata errors 2023-10-31 11:18:39 -04:00
m0duspwnens
01cb0fccb6 mark suricata 7 log line as fp fo so-log-check 2023-10-17 10:01:11 -04:00
Jason Ertel
c699c2fe2a exclude known issues 2023-10-03 09:43:29 -04:00
Jason Ertel
8c7933cd60 fix exclusion 2023-09-30 18:11:29 -04:00
Jason Ertel
ea085c5ff6 more known errors 2023-09-29 21:38:13 -04:00
Jason Ertel
e8b67da08b exclude oom error from cmd line 2023-09-29 14:20:20 -04:00
Jason Ertel
d546d52069 exclude logstash 2023-09-29 14:08:44 -04:00
Jason Ertel
ec3cc7a854 exclude all playbook logs 2023-09-29 10:49:36 -04:00
Jason Ertel
89a9c30cc8 exclude known issues 2023-09-28 08:27:31 -04:00