CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-07 09:42:46 +01:00
Code Issues Packages Projects Releases Wiki Activity
15,376 Commits 24 Branches 119 Tags
34c3a58efe651b6b04f5890f6d2d0b48494cb15e
Commit Graph

161 Commits

Author SHA1 Message Date
Jason Ertel
0ffef75d7b Move background jobs to cron 2022-11-17 09:50:41 -05:00
Jason Ertel
c572848ece temporarily remove filecheck for debug purposes 2022-11-17 08:06:24 -05:00
Mike Reeves
591616fe5b Add statics to all containers 2022-11-15 11:05:17 -05:00
Mike Reeves
225c33e5c9 Add Strelka Filecheck 2022-11-02 09:46:23 -04:00
Mike Reeves
4187363451 Add Strelka Filecheck 2022-11-02 09:44:08 -04:00
m0duspwnens
b526532ab6 use global vars in states 2022-10-11 11:57:15 -04:00
Jason Ertel
21c7f940d7 Update copyrights 2022-09-13 11:48:25 -04:00
Mike Reeves
2bd9dd80e2 Move In Day 2022-09-07 09:06:25 -04:00
Jason Ertel
eefcc929c2 Update copyright pattern to match other repos 2022-01-24 10:09:23 -05:00
Jason Ertel
7c22f46a55 Update copyright year for 2022 2022-01-24 09:35:29 -05:00
weslambert
39e5ded58d Refactor ignore list and only ignore for signature-base for now 2021-09-15 11:32:29 -04:00
weslambert
4d41d3aee1 Ignore these rules by default because they are causing issues with YARA compilation with Strelka 2021-09-15 10:29:11 -04:00
Wes Lambert
038c58f3d5 Ignore TIME_WAIT when checking for Strelka frontend port reservation 2021-03-16 14:51:16 +00:00
Wes Lambert
f142b754dc Add Strelka files.processed directory so files will be moved from staging to processed 2021-03-15 15:43:31 +00:00
Wes Lambert
b6a785395d Add Strelka staging directory for state 2021-03-15 15:42:13 +00:00
Mike Reeves
b4b449aa14 Pull in Suricata changes 2021-02-19 11:01:15 -05:00
Wes Lambert
0039877779 Check for port availability for Wazuh and Strelka 2021-01-21 13:29:09 +00:00
m0duspwnens
b693373d8d change how we allow or disallow states to be run https://github.com/Security-Onion-Solutions/securityonion/issues/2679 2021-01-20 15:09:53 -05:00
Mike Reeves
2950779d91 Fix stralka rule update 2021-01-13 09:57:12 -05:00
Wes Lambert
ac96ded2dc Support setting rule repos via pillar 2020-12-22 15:36:15 +00:00
weslambert
2fee2ca143 Change identifier name to be more descriptive 2020-12-18 15:40:54 -05:00
weslambert
7453626b06 Add identifier 2020-12-18 15:39:52 -05:00
weslambert
1a463bccaf Add cron.absent to remove old cron job if present 2020-12-18 11:25:14 -05:00
weslambert
9493aad1a5 Read from dedicated unprocessed dir 2020-12-18 10:53:17 -05:00
weslambert
bf76c1b58c Create unprocessed dir and move Zeek extracted files there 2020-12-18 10:52:14 -05:00
weslambert
c819729cd6 Don't use max_files or time_to_live for shutdown params 2020-12-02 13:17:19 -05:00
weslambert
9517cb2a58 Remove ScanMmbot 2020-12-01 11:25:51 -05:00
m0duspwnens
1fca5e65df redo how containers get added to so-status https://github.com/Security-Onion-Solutions/securityonion/issues/1681 2020-11-10 15:31:47 -05:00
m0duspwnens
4ee3e1ed01 fix sensor mainip logic for strelka yaml files 2020-09-16 10:29:23 -04:00
Mike Reeves
112a0b426e Merge branch 'dev' into experimental 2020-09-13 14:54:00 -04:00
Mike Reeves
48d1d0c168 Strelkas Rules Update 2020-09-11 18:24:56 -04:00
m0duspwnens
09cc8ae1fb fail the state if it isnt in top 2020-09-09 16:48:50 -04:00
m0duspwnens
a229ae82ce only allow state to run if it is in top for the node 2020-09-02 16:15:52 -04:00
weslambert
000c2abb33 Update timing for so-yara-update 2020-08-26 11:02:33 -04:00
Jason Ertel
2325940789 Ensure strelka manager connects to local redis on heavy nodes 2020-08-19 16:24:28 -04:00
Jason Ertel
5ff0058a65 Ensure strelka backend, frontend, and filestream are connecting to redis locally, on heavy node instances 2020-08-19 16:13:18 -04:00
Mike Reeves
24ed92c9dc minio and change to global 2020-08-04 15:54:03 -04:00
Jason Ertel
8f66a27f07 Refactor image repository to a single variable 2020-07-13 18:26:43 -04:00
m0duspwnens
9c2dcd2318 fix reference to master grain 2020-07-09 17:06:44 -04:00
m0duspwnens
3cf31e2460 https://github.com/Security-Onion-Solutions/securityonion/issues/404 2020-07-09 11:27:06 -04:00
Wes Lambert
a24402de99 More Strelka rule config 2020-06-25 16:31:04 +00:00
Wes Lambert
63c45be388 Update Strelka init for rules 2020-06-25 15:49:58 +00:00
Wes Lambert
52a0ace1b8 Use Strelka rules if enabled 2020-06-24 17:08:58 +00:00
weslambert
f3809cb93d Wrap with quotes 2020-05-27 08:31:14 -04:00
Wes Lambert
e09027e795 update Strelka cron 2020-05-26 13:00:03 +00:00
m0duspwnens
eebe0eb618 get the first ip for the ip_interfaces:mainint grain 2020-05-18 10:54:07 -04:00
m0duspwnens
037bedb0c0 remove whitespace at top of file 2020-05-18 10:48:02 -04:00
m0duspwnens
15cd0c6b49 change strelka ip for sensor nodes 2020-05-18 10:41:39 -04:00
Mike Reeves
09e2413695 Remove version hardcode 2020-05-10 17:31:50 -04:00
m0duspwnens
766b56a944 update dockers to 1.2.2 2020-04-23 10:11:26 -04:00