CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-06 17:22:49 +01:00
Code Issues Packages Projects Releases Wiki Activity
15,376 Commits 24 Branches 119 Tags
34c3a58efe651b6b04f5890f6d2d0b48494cb15e
Commit Graph

161 Commits

Author SHA1 Message Date
Corey Ogburn
0cc57fc240 Change Compilation Report Path 
Move compilation report path to /opt/so/state and mount that foulder in SOC
 2024-05-17 15:47:23 -06:00
weslambert
d9edff38df Create compile report for SOC integrity check 2024-05-17 16:10:10 -04:00
Wes
823ff7ce11 Remove exclusions and repos 2024-05-09 17:03:13 +00:00
m0duspwnens
c864fec70c allow strelka.manager to run on standalone 2024-05-09 11:53:50 -04:00
m0duspwnens
a74fee4cd0 strelka compiled rules 2024-05-09 11:26:02 -04:00
m0duspwnens
3a99624eb8 seperate manager states for strelka 2024-05-09 10:03:02 -04:00
weslambert
01a68568a6 Use state 2024-05-08 16:37:13 -04:00
weslambert
0567b93534 Remove mode 2024-05-08 15:39:59 -04:00
Wes
77e2117051 Account for 0 active rules and change watch 2024-05-08 18:47:52 +00:00
Wes
bee8c2c1ce Remove watch 2024-05-07 13:21:59 +00:00
weslambert
a5e89c0854 Merge pull request #12947 from Security-Onion-Solutions/fix/strelka_yara_distributed 
Fix YARA rules for distributed deployments
 2024-05-06 15:53:08 -04:00
Wes
1e48955376 Restart when rules change 2024-05-06 19:39:03 +00:00
Wes
5056ec526b Add compiled directory 2024-05-06 19:27:38 +00:00
Wes
d2fa77ae10 Update compile script 2024-05-06 19:10:41 +00:00
Wes
445fb31634 Add manager SLS 2024-05-06 19:09:37 +00:00
Wes
5aa611302a Handle YARA rules for distributed deployments 2024-05-06 19:08:01 +00:00
DefensiveDepth
3c3ed8b5c5 Add runtime status logs 2024-04-24 16:33:47 -04:00
DefensiveDepth
a237ef5d96 Update default queries 2024-04-19 16:33:35 -04:00
DefensiveDepth
6c6647629c Refactor yara for compilation 2024-04-18 11:32:17 -04:00
DefensiveDepth
8cc4d2668e Move compile_yara 2024-04-16 12:52:14 -04:00
weslambert
8429a364dc Remove Strelka rules watch 2024-03-21 10:09:36 -04:00
weslambert
1568f57096 Remove Strelka config 2024-03-21 10:07:27 -04:00
Wes
e8ae609012 Add Strelka rules watch back 2024-03-08 16:27:17 +00:00
Wes
4e32935991 Add Strelka config back 2024-03-08 16:24:37 +00:00
Josh Brower
49b5788ac1 add bindings 2024-02-01 07:21:49 -05:00
Corey Ogburn
858166bcae WIP: Detections Changes 
Removed some strelka/yara rules from salt.

Removed yara scripts for downloading and updating rules. This will be managed by SOC.

Added a new compile_yara.py script.

Added the strelka repos folder.
 2024-01-30 15:43:51 -07:00
weslambert
4d7af21dd5 Fix quote 2024-01-23 13:55:37 -05:00
weslambert
1698d95efe Use PLACEHOLDER for key values 2024-01-23 13:45:26 -05:00
weslambert
72319e33db Avoid leak test triggering 2024-01-23 12:38:09 -05:00
Wes
3bcb0bc132 Update defaults 2024-01-23 17:18:54 +00:00
Mike Reeves
ee45fc31a2 Delete salt/strelka/tools/sbin_jinja/so-yara-download 2023-09-28 11:04:16 -04:00
m0duspwnens
05e7c32cf9 remove duplicate filecheck_run cron 2023-09-27 10:08:08 -04:00
Jason Ertel
bb3632d1b2 fix bind if statement 2023-09-18 14:38:15 -04:00
Jason Ertel
66bb1272ae avoid volume sprawl 2023-09-18 13:39:56 -04:00
m0duspwnens
0a88c812e8 differnet watchdog package names for debian vs redhat fams 2023-08-25 13:03:33 -04:00
m0duspwnens
ab1d97c985 restart filecheck if watchdog pkg changes 2023-08-25 09:39:16 -04:00
m0duspwnens
4a489afb89 remove old and install new watchdog package 2023-08-25 08:55:00 -04:00
m0duspwnens
789fff561e ensure ownership of /opt/so/log/strelka/filecheck.log 2023-08-08 17:55:30 -04:00
m0duspwnens
58fe25623b ensure ownership of /opt/so/log/strelka/filecheck_stdout.log 2023-08-08 17:48:34 -04:00
m0duspwnens
553b758c61 update cronjobs first, the kill filecheck 2023-08-08 17:28:14 -04:00
m0duspwnens
6da2f117f2 change which user runs filecheck cron based on md engine 2023-08-08 17:25:08 -04:00
m0duspwnens
2dbe679849 force restart of filecheck if the config changes 2023-08-08 17:05:03 -04:00
Mike Reeves
5a59975cb8 Update so-yara-download 2023-07-31 10:14:31 -04:00
Mike Reeves
f0c391e801 Multi OS Support 2023-07-13 15:05:51 -04:00
m0duspwnens
676696b24a restart strelka backend if rules change 2023-07-11 15:48:22 -04:00
weslambert
b7cab1d118 Change path to old one 2023-07-11 09:10:20 -04:00
Mike Reeves
c7a0801eed Merge pull request #10725 from Security-Onion-Solutions/yararules 
Yararules
 2023-07-11 08:49:20 -04:00
m0duspwnens
47b2481cdd nothing in strelka/tools/sbin_jinja to file.recurse 2023-07-10 10:29:19 -04:00
Mike Reeves
0c9e230294 Initial RHEL support 2023-07-10 10:14:47 -04:00
m0duspwnens
f4dc73a206 yara download and update 2023-07-10 09:42:37 -04:00