CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-08 10:12:53 +01:00
Code Issues Packages Projects Releases Wiki Activity
15,376 Commits 24 Branches 119 Tags
34c3a58efe651b6b04f5890f6d2d0b48494cb15e
Commit Graph

725 Commits

Author SHA1 Message Date
Doug Burks
dfd8ac3626 FIX: Update SOC MOTD #13320 2024-07-09 12:55:58 -04:00
m0duspwnens
50f0c43212 merge dev 2024-06-26 12:33:32 -04:00
weslambert
bf91030204 Add option for detections without license 2024-06-21 15:33:11 -04:00
m0duspwnens
469ca44016 fix maps 2024-06-20 16:53:12 -04:00
m0duspwnens
81fcd68e9b create and use redis:nodes and elasticsearch:nodes pillars 2024-06-20 16:42:11 -04:00
Doug Burks
07b9011636 Update defaults.yaml to put Process actions in logical order 2024-06-20 10:09:27 -04:00
Matthew Wright
bc2b3b7f8f Merge pull request #13236 from Security-Onion-Solutions/mwright/licenseDropdown 
Added license presets to defaults.yaml file
 2024-06-18 18:05:15 -04:00
unknown
ea02a2b868 Added license presets to defaults.yaml file 2024-06-18 16:52:00 -04:00
Doug Burks
de18bf06c3 FEATURE: Add new Process actions #13226 2024-06-18 10:36:41 -04:00
DefensiveDepth
521cccaed6 Update defaults 2024-06-18 08:43:00 -04:00
Doug Burks
93ced0959c FEATURE: Add more links and descriptions to SOC MOTD #13216 2024-06-17 09:25:01 -04:00
Doug Burks
6f13fa50bf FEATURE: Add more links and descriptions to SOC MOTD #13216 2024-06-17 09:24:32 -04:00
Doug Burks
3bface12e0 FEATURE: Add more links and descriptions to SOC MOTD #13216 2024-06-17 09:23:14 -04:00
Doug Burks
b584c8e353 FEATURE: Add more links and descriptions to SOC MOTD #13216 2024-06-17 09:13:17 -04:00
DefensiveDepth
7af94c172f Change spelling 2024-06-14 16:00:22 -04:00
DefensiveDepth
7556587e35 Update rule templates 2024-06-14 15:47:57 -04:00
DefensiveDepth
c89f1c9d95 remove multiline 2024-06-14 13:48:55 -04:00
DefensiveDepth
b7ac599a42 set to empty 2024-06-14 13:21:36 -04:00
DefensiveDepth
68302e14b9 add to defaults and tweaks 2024-06-14 09:28:23 -04:00
DefensiveDepth
c1abc7a7f1 Update description 2024-06-14 08:51:34 -04:00
DefensiveDepth
484717d57d initial support for custom suricata urls and local rulesets 2024-06-14 08:42:10 -04:00
Corey Ogburn
d5ef0e5744 Fix unnecessary escaping 2024-06-11 12:34:32 -06:00
DefensiveDepth
08d2a6242d Add new bind - suricata all.rules 2024-06-11 10:03:33 -04:00
Corey Ogburn
ee696be51d Remove rootCA and insecureSkipVerify from SOC defaults 2024-06-07 13:07:04 -06:00
Corey Ogburn
5d3fd3d389 AdditionalCA and InsecureSkipVerify 
New fields have been added to manager and then duplicated over to SOC's config in the same vein as how proxy was updated earlier this week.

AdditionalCA holds the PEM formatted public keys that should be trusted when making requests. It has been implemented for both Sigma's zip downloads and Sigma and Suricata's repository clones and pulls.

InsecureSkipVerify has been added to help our users troubleshoot their configuration. Setting it to true will not verify the cert on outgoing requests. Self signed, missing, or invalid certs will not throw an error.
 2024-06-07 12:47:09 -06:00
Corey Ogburn
fa063722e1 RootCA and InsecureSkipVerify 
New empty settings and their annotations.
 2024-06-07 09:10:14 -06:00
Corey Ogburn
42818a9950 Remove proxy from SOC defaults 2024-06-06 13:28:07 -06:00
Corey Ogburn
e85c3e5b27 SOC Proxy Setting 
The so_proxy value we build during install is now copied to SOC's config.
 2024-06-06 11:55:27 -06:00
Corey Ogburn
85c269e697 Added TemplateDetections To Detection ClientParams 
The UI can now insert templates when you select a Detection language. These are those templates, annotated.
 2024-05-30 15:59:03 -06:00
Josh Brower
185fb38b2d Merge pull request #13079 from Security-Onion-Solutions/2.4/sigmapipelineupdates 
Add IDH mappings
 2024-05-24 14:48:22 -04:00
DefensiveDepth
550b3ee92d Add IDH mappings 2024-05-24 14:46:24 -04:00
DefensiveDepth
f90d40b471 Fix typo 2024-05-24 12:56:17 -04:00
DefensiveDepth
4344988abe Add instructions for sigma and yara repos 2024-05-24 12:54:36 -04:00
Josh Brower
979147a111 Merge pull request #13062 from Security-Onion-Solutions/2.4/backupscript 
Detections backup script
 2024-05-24 10:06:56 -04:00
DefensiveDepth
66725b11b3 Added unit tests 2024-05-24 09:55:10 -04:00
Jason Ertel
bd11d59c15 add event.dataset since there are other datasets in soc logs 2024-05-24 08:38:12 -04:00
Jason Ertel
15155613c3 provide default columns when viewing SOC logs 2024-05-24 08:23:45 -04:00
Mike Reeves
1e6161f89c Update defaults.yaml 2024-05-23 08:19:43 -04:00
Doug Burks
3d4f3a04a3 Update defaults.yaml to fix order of groupby tables and eliminate duplicate 2024-05-23 05:56:18 -04:00
DefensiveDepth
a072e34cfe Fix casing issue 2024-05-22 17:12:41 -04:00
DefensiveDepth
d19c1a514b Detections backup script 2024-05-22 15:12:23 -04:00
DefensiveDepth
f9e9b825cf Removed unneeded groupby 2024-05-21 17:53:20 -04:00
DefensiveDepth
3992ef1082 Add rule.uuid to default groupbys 2024-05-21 17:45:56 -04:00
Jason Ertel
31fdf15ce1 Merge branch '2.4/dev' into jertel/eaconfig 2024-05-20 18:59:35 -04:00
Jason Ertel
6b2219b7f2 elastalert settings 2024-05-20 18:52:37 -04:00
Corey Ogburn
6e97c39f58 Marked as Advanced 2024-05-20 14:52:05 -06:00
Corey Ogburn
026023fd0a Annotate integrityCheckFrequencySeconds per det engine 2024-05-20 14:35:11 -06:00
Corey Ogburn
fcc72a4f4e Add Default IntegrityCheck Frequency Values 2024-05-20 11:23:25 -06:00
Corey Ogburn
0cc57fc240 Change Compilation Report Path 
Move compilation report path to /opt/so/state and mount that foulder in SOC
 2024-05-17 15:47:23 -06:00
Jason Ertel
1c4d36760a add support for custom alerters 2024-05-17 14:49:39 -04:00