CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-11 03:32:53 +01:00
Code Issues Packages Projects Releases Wiki Activity
15,376 Commits 26 Branches 119 Tags
34c3a58efe651b6b04f5890f6d2d0b48494cb15e
Commit Graph

725 Commits

Author SHA1 Message Date
Jason Ertel
789719d25e Correct preset file syntax 2021-12-27 13:21:13 -05:00
Jason Ertel
7140255d95 Add missing presets file 2021-12-27 12:27:04 -05:00
Jason Ertel
ab3319b472 Add artifact support 2021-12-27 10:49:10 -05:00
Jason Ertel
d4f395b7f4 Fix query name for open cases 2021-12-15 20:02:35 -05:00
Jason Ertel
2761662eb9 Add status presets 2021-12-09 13:09:56 -05:00
Jason Ertel
a9b7b9ee92 Jinjafy case params 2021-12-08 17:41:48 -05:00
Jason Ertel
b73eb76c94 Make case module dynamic 2021-12-07 11:51:02 -05:00
m0duspwnens
cd1f0c0440 break kratos state out from soc state 2021-11-18 09:10:00 -05:00
weslambert
9ac1cb0e76 Fix spelling 2021-11-12 21:12:09 -05:00
weslambert
3cd1b5687e Make pivot condition independent for ENDGAMEHOST 2021-11-12 12:06:39 -05:00
m0duspwnens
6bf4d5a576 https://github.com/Security-Onion-Solutions/securityonion/issues/6206 2021-11-12 11:37:55 -05:00
m0duspwnens
928aed27c5 require files before starting soc or kratos 2021-10-20 17:04:02 -04:00
Wes Lambert
032373187c Allow setting ES index patterns for SOC in pillar 2021-10-15 16:02:53 +00:00
Wes Lambert
15049f44b9 Add EG pivot 2021-10-14 15:15:23 +00:00
Wes Lambert
5ee0ea3fe7 Allow SOC actions to use Jinja 2021-10-14 13:59:55 +00:00
Jason Ertel
d21dee162d Add Note field to user traits; Enforce max length restrictions on email, firstname, lastname, and note fields 2021-10-08 12:39:17 -04:00
Jason Ertel
30e781d076 Use user ID instead of email as role master 2021-09-17 17:54:38 -04:00
Jason Ertel
fbd9bab2f1 Split apart roles and users into separate maps 2021-09-16 16:08:55 -04:00
Jason Ertel
b81d38e392 Merge branch 'dev' into kilo 2021-09-16 07:44:35 -04:00
Josh Brower
e0a289182f Fix Fleet Link Logic 2021-09-15 09:28:23 -04:00
Jason Ertel
9970e54081 Adjust custom_role examples to be more realistic 2021-09-14 14:03:22 -04:00
Josh Brower
74b0b365bd Fleet SA - SOC Link Fix 2021-09-14 13:23:07 -04:00
Mike Reeves
4af6a901a1 Merge pull request #5461 from Security-Onion-Solutions/truclusterrator 
Add new hunt fields
 2021-09-10 13:17:01 -04:00
Mike Reeves
4f6a3269cb Add more detail to syscollector 2021-09-10 09:59:47 -04:00
Mike Reeves
9f5dafd560 More Event Fields 2021-09-02 13:48:18 -04:00
Mike Reeves
1cee603ee4 Squid event fields 2021-09-02 13:24:04 -04:00
Mike Reeves
2bf471054b Cloudtrail Event Fields 2021-09-02 11:46:18 -04:00
Jason Ertel
10126bb7ef Auth enhancements 2021-09-02 09:44:57 -04:00
Mike Reeves
556bad6925 Add eventfields for new default logs 2021-09-01 15:13:43 -04:00
Jason Ertel
257062e20c Update release notes link to match top right menu for airgap 2021-07-22 09:48:34 -04:00
doug
fa9d7afb46 FIX: Airgap link to Release Notes #4685 2021-07-22 09:42:37 -04:00
Jason Ertel
c3deabae36 Update init.sls 2021-06-22 08:30:54 -04:00
m0duspwnens
9cdbcb72ac Merge branch 'kilo' of https://github.com/Security-Onion-Solutions/securityonion into kilo 2021-06-22 08:23:26 -04:00
m0duspwnens
bc86590411 only add sosyncuser cron if startup_states: highstate is set in minion config 2021-06-22 08:23:16 -04:00
Jason Ertel
8ddc99e91f Allow for adjusting SOC session timeout 2021-06-22 08:07:52 -04:00
Jason Ertel
5e042bf4b8 Improve algorithm for determining if a user sync is necessary; Apply salt state in foreground to avoid collisions with setup salt states. 2021-06-21 12:16:47 -04:00
Jason Ertel
1d4161ba31 Disable HaveIBeenPwned API (pwnedpasswords.com) 2021-06-18 08:36:36 -04:00
Jason Ertel
09fbb045a1 If ES auth disabled ensure user/pass are blank 2021-06-16 09:59:57 -04:00
Jason Ertel
fca1c6e957 Merge branch 'dev' into kilo 2021-06-14 10:40:04 -04:00
Jason Ertel
7205c5cb7b Provide timestamp as arg to SOC PCAP pivots 2021-06-10 15:21:03 -04:00
Jason Ertel
89a02383b8 Correct cronjob path issue for sysctl; suppress diff outputs from users/roles files; suppress salt state output during user sync 2021-06-09 16:31:32 -04:00
Mike Reeves
88eea03f97 Revert to SO taxonomy for zeek and suricata 2021-06-08 13:36:50 -04:00
Mike Reeves
4972f69dd6 Merge remote-tracking branch 'remotes/origin/dev' into pipeline 2021-06-08 11:03:14 -04:00
Jason Ertel
416b38fc71 Use cronjob to ensure user synchronization 2021-06-04 11:24:58 -04:00
Jason Ertel
901242f7e9 remove extra parenthesis 2021-06-02 16:23:45 -04:00
Mike Reeves
9c9bcac61b Update DNS queries 2021-06-02 15:01:14 -04:00
Mike Reeves
e8cc88174f Fix some hunt queries 2021-06-02 13:55:05 -04:00
Jason Ertel
20e896cacf Update all configs to pass user/pass to ES 2021-06-02 12:17:15 -04:00
Jason Ertel
4ff85ab0c4 Merge branch 'dev' into kilo 2021-06-02 10:39:51 -04:00
Jason Ertel
c757d21360 Increase default SOC API and ES timeouts from 2m to 5m 2021-06-02 09:38:59 -04:00