CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2026-01-19 06:31:55 +01:00
Code Issues Packages Projects Releases Wiki Activity
16,981 Commits 25 Branches 121 Tags
348f9dcaec75bcdbbdfa47dd7d2a86f4d73316df
Commit Graph

10863 Commits

Author SHA1 Message Date
m0duspwnens
2e3c1adc63 runner to setup manager for first hypervisor 2025-01-14 16:20:21 -05:00
Jorge Reyes
107ca38268 fix http query for "includes" function 2025-01-14 08:24:07 -06:00
Jorge Reyes
35547b476f update http query 2025-01-14 08:13:27 -06:00
Jorge Reyes
ad765200c3 Merge pull request #14105 from Security-Onion-Solutions/reyesj2/moarzeekparse 
Additional Zeek parsing & cloudflare_logpush integration
 2025-01-13 11:37:21 -06:00
reyesj2
4618256442 include okta-mappings in so-logs-okta.system index template 2025-01-13 11:32:27 -06:00
reyesj2
323ef1d5d6 add missing lifecycle name to trend_micro_vision_one indices 2025-01-13 09:29:22 -06:00
reyesj2
a5b1648b68 add missing lifecycle name to crowdstrike indices 2025-01-13 09:26:16 -06:00
reyesj2
14c920a258 fix hidden ldap menu subtitle 2025-01-13 09:23:32 -06:00
reyesj2
4f92b7ced1 add support for cloudflare_logpush integration 2025-01-13 09:23:05 -06:00
Joshua Brower
dcdf31eee8 Fix folder perm 2025-01-10 16:15:17 -05:00
Jason Ertel
3ab1b907e4 subgrid config annotations 2025-01-10 13:45:42 -05:00
reyesj2
e60a1e4357 zeek ldap & ldap_search parsing 
Signed-off-by: reyesj2 <94730068+reyesj2@users.noreply.github.com>
 2025-01-09 16:06:10 -06:00
m0duspwnens
776afa4a36 setup items on manager when hypervisor joins the grid 2025-01-09 16:32:41 -05:00
m0duspwnens
3cac19d498 createvm script without setting network in base domain 2025-01-09 16:31:51 -05:00
m0duspwnens
2ba8a87c9d add directory where qcow2 images will be distributed from 2025-01-09 16:20:56 -05:00
m0duspwnens
d677dc51de add comment about reactors required by salt-master 2025-01-09 16:19:23 -05:00
m0duspwnens
ebbfcd169c add pkg required for so-qcow2-modify-network 2025-01-09 16:17:50 -05:00
m0duspwnens
574d2994d1 use cmd.run instead of cmd.script to resolve issue 64962 2025-01-09 16:16:59 -05:00
m0duspwnens
ecc5d64584 move logge def to global 2025-01-09 16:14:57 -05:00
m0duspwnens
6888682f92 add comments for raid scripts 2025-01-09 16:14:01 -05:00
m0duspwnens
0197cdb33d fix bridge forwarding on hypervisors bridge 2025-01-09 16:12:33 -05:00
Joshua Brower
bcb92b63e3 Move json files to container image 2025-01-09 10:58:40 -05:00
Jorge Reyes
412397fa7b Merge pull request #14089 from Security-Onion-Solutions/reyesj2/moarzeekparse 2025-01-08 17:45:14 -06:00
reyesj2
0e87351a9c add zeek.quic mappings 
Signed-off-by: reyesj2 <94730068+reyesj2@users.noreply.github.com>
 2025-01-08 16:18:53 -06:00
Joshua Brower
a2caf7425d Add config options 2025-01-07 13:22:14 -05:00
Joshua Brower
6fa11a38ef Update defaults 2025-01-07 13:14:50 -05:00
Joshua Brower
e3f75215b6 Merge remote-tracking branch 'origin/2.4/dev' into 2.4/navigator 2025-01-07 13:06:49 -05:00
reyesj2
a21535b0a2 run elasticsearch state to sync templates 
Signed-off-by: reyesj2 <94730068+reyesj2@users.noreply.github.com>
 2025-01-06 21:33:07 -06:00
Jason Ertel
bd96b5d722 invalidate user sessions when an admin changes the user's password 2025-01-06 17:23:10 -05:00
reyesj2
b97619b8f9 Merge remote-tracking branch 'origin/2.4/dev' into reyesj2/es-integ-tmp 2025-01-06 14:44:35 -06:00
reyesj2
3d3f0460fa move addon integration script run to elasticfleet state 
Signed-off-by: reyesj2 <94730068+reyesj2@users.noreply.github.com>
 2025-01-06 14:42:16 -06:00
reyesj2
9fe3f6042f Remove individual integrations ip mappings component template. Replaced with global mappings 
Signed-off-by: reyesj2 <94730068+reyesj2@users.noreply.github.com>
 2025-01-06 10:44:22 -06:00
reyesj2
cdd4a1ff1f fixes addon integration map file 
Signed-off-by: reyesj2 <94730068+reyesj2@users.noreply.github.com>
 2025-01-03 16:06:22 -06:00
Josh Brower
8408a53b82 Merge remote-tracking branch 'origin/2.4/dev' into 2.4/navigator 2025-01-02 16:13:34 -05:00
Doug Burks
927b618ec9 Update Zeek QUIC dashboard, add Hunt query, add quic.server.name as column in Events table 2025-01-02 06:57:56 -05:00
reyesj2
9f83853922 Zeek QUIC support 
Signed-off-by: reyesj2 <94730068+reyesj2@users.noreply.github.com>
 2024-12-31 13:44:20 -06:00
reyesj2
ecf094f684 WIP: support all es fleet integrations 
Signed-off-by: reyesj2 <94730068+reyesj2@users.noreply.github.com>
 2024-12-26 16:18:04 -06:00
Josh Brower
8f5634d958 Merge pull request #14048 from Security-Onion-Solutions/2.4/sigmaHashes 
Refactor pipeline for hash changes
 2024-12-23 15:49:35 -05:00
defensivedepth
7237b8971e Refactor pipeline for hash changes 2024-12-23 15:41:13 -05:00
Mike Reeves
09ef096620 Update soup 2024-12-23 08:27:45 -05:00
m0duspwnens
3c59858f70 improvements to createvm 2024-12-20 11:42:53 -05:00
m0duspwnens
6f0161e9da script to create base domain 2024-12-19 17:36:48 -05:00
m0duspwnens
f2bd735f51 another script to create raid 2024-12-19 10:13:05 -05:00
m0duspwnens
7a8fd8c3e5 handle salt-cloud package 2024-12-19 10:12:29 -05:00
m0duspwnens
b24aa2f797 fix destroying virbr0 2024-12-19 10:11:54 -05:00
reyesj2
b3436415dc merge 2.4/dev 
Signed-off-by: reyesj2 <94730068+reyesj2@users.noreply.github.com>
 2024-12-18 14:13:25 -06:00
reyesj2
157185c370 add ti_opencti integration support 2024-12-18 11:33:49 -06:00
Mike Reeves
9c10094914 Fix conflict 2024-12-18 10:19:40 -05:00
defensivedepth
17405b849a Delete uneeded files 2024-12-17 16:01:31 -05:00
m0duspwnens
5e4f1fc279 only run fix ldap when lief installed 2024-12-16 10:23:14 -05:00