CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-08 18:22:47 +01:00
Code Issues Packages Projects Releases Wiki Activity
15,376 Commits 24 Branches 119 Tags
34c3a58efe651b6b04f5890f6d2d0b48494cb15e
Commit Graph

146 Commits

Author SHA1 Message Date
m0duspwnens
0c6aba16ec fix redis input 2021-12-14 23:42:37 -05:00
m0duspwnens
15b8d80b71 fix host for input_redis 2021-12-14 18:51:43 -05:00
m0duspwnens
55b74abcc5 extra_hosts and redis_input for logstash 2021-12-14 18:49:30 -05:00
Josh Brower
656ea974dc Use id for doc id if it exists 2021-12-09 09:16:58 -05:00
m0duspwnens
96666ab307 add receiver node 2021-12-07 10:19:32 -05:00
weslambert
3be0d05eea Update field removal based on HTTP input changes 2021-10-25 13:16:30 -04:00
weslambert
7fa43a276a Rename default headers and host for HTTP input 2021-10-25 13:15:20 -04:00
Wes Lambert
e1629d7ec4 Initial EG stuff 2021-10-13 17:13:07 +00:00
William Wernert
33bd6aed20 Fix logscan pipeline on eval 
* Rename logscan pipeline to logscan.alert
* Add module to indices array in filebeat.yml
 2021-07-30 14:41:15 -04:00
William Wernert
b9980c9d30 Fix pipeline name 2021-07-30 13:09:09 -04:00
William Wernert
df6d1d72e2 Merge branch 'dev' into feature/logscan 2021-07-19 15:19:59 -04:00
weslambert
fea4f3f973 Check if Filebeat modules are being used for incoming Beats 2021-07-19 12:57:42 -04:00
William Wernert
9bf1d3e0c6 Misc fixes 2021-07-16 14:59:44 -04:00
William Wernert
3a12d28d20 Merge branch 'dev' into feature/logscan 2021-07-16 14:13:19 -04:00
William Wernert
e8ba4bdc6c Add quotes to string 2021-07-16 14:07:23 -04:00
weslambert
7cdb967810 Only route to FB module pipeline if filebeat in metadata 2021-07-13 11:36:18 -04:00
William Wernert
80525ee736 [wip] Add logscan pipeline 2021-07-08 12:29:50 -04:00
m0duspwnens
0627ca2fc2 use heavynode hostname for certs if heavynode. changes to logstash pipeline for redis if heavynode 2021-07-06 15:32:39 -04:00
weslambert
2e91f27336 Add conditional for heavynode 2021-07-06 14:17:49 -04:00
weslambert
10b1829830 Add conditional for heavynode 2021-07-06 14:16:34 -04:00
Jason Ertel
2d34208269 Elastic auth: Fun with Salt 2021-06-16 17:52:22 -04:00
Jason Ertel
09fbb045a1 If ES auth disabled ensure user/pass are blank 2021-06-16 09:59:57 -04:00
Jason Ertel
dd8eb29a18 Continue merge of ECS into Elastic Auth 2021-06-15 09:11:58 -04:00
Jason Ertel
fca1c6e957 Merge branch 'dev' into kilo 2021-06-14 10:40:04 -04:00
Mike Reeves
12d4d4a4f7 Dynamix Pipelines take 2 2021-06-10 09:19:15 -04:00
Mike Reeves
7fba904f75 Dynamix Pipelines take 1 2021-06-09 15:32:39 -04:00
Mike Reeves
4c90a0ed7e Add templates for SO logs 2021-06-09 12:04:32 -04:00
Mike Reeves
a959ec1eb1 Revert to SO taxonomy for zeek and suricata 2021-06-08 13:23:31 -04:00
Mike Reeves
3e138cbc6d Revert to SO taxonomy for zeek and suricata 2021-06-08 13:14:46 -04:00
Jason Ertel
e22421ec99 Refactor users/roles management via salt due to Salt's clobbering of the inode which breaks Docker mounts 2021-06-04 20:01:30 -04:00
Jason Ertel
5c527b2c48 Rename username param to user since logstash is 'unique' 2021-06-03 07:51:43 -04:00
Jason Ertel
901242f7e9 remove extra parenthesis 2021-06-02 16:23:45 -04:00
weslambert
a1b34e7a88 Fix Suricata index name 2021-06-02 15:30:14 -04:00
Jason Ertel
20e896cacf Update all configs to pass user/pass to ES 2021-06-02 12:17:15 -04:00
Mike Reeves
bfcde15a24 elastic pipeline test 2021-05-26 14:22:14 -04:00
Mike Reeves
1e564c2140 Fix zeek jinja 2021-05-25 10:22:36 -04:00
Wes Lambert
37929dbd7d Add additional config for Filebeat modules 2021-05-06 13:54:28 +00:00
Mike Reeves
2e01330e1b Update 9101_output_osquery_livequery.conf.jinja 2021-03-09 13:15:04 -05:00
Josh Brower
00da549430 Merge pull request #3358 from Security-Onion-Solutions/delta 
FEATURE: Initial support for viewing Osquery Live Query results in Hunt
 2021-03-09 09:18:57 -05:00
Josh Brower
548f67ca6f Initial support for Live Queries in Hunt 2021-03-04 18:21:13 -05:00
Mike Reeves
49371a1d6a fix elastic output for ssl 2021-03-03 14:30:45 -05:00
Mike Reeves
bfd05a8cfc Change to https for elastic connections 2021-03-02 11:32:29 -05:00
Josh Brower
b8137214e4 Initial Support - Live Query to Hunt 2021-02-26 08:08:09 -05:00
Wes Lambert
884cc2d054 Don't predefine index date for Logstash outputs 2020-10-12 15:41:47 +00:00
Mike Reeves
96083e1458 update logstash outputs 2020-10-11 17:06:56 -04:00
Mike Reeves
e4ce17d4de Turn on SSL output 2020-10-11 16:10:55 -04:00
Mike Reeves
a7bd1c2ce5 Turn on SSL output 2020-10-11 15:58:12 -04:00
Wes Lambert
69a04dedd3 Filterlog config changes 2020-10-09 23:56:52 +00:00
weslambert
8e829b47ae Remove dataset name since pipeline no longer in use 2020-10-07 11:48:56 -04:00
m0duspwnens
748dc5ba91 logstash changes per https://github.com/Security-Onion-Solutions/securityonion/issues/1444 2020-10-05 14:10:05 -04:00