CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-06 17:22:49 +01:00
Code Issues Packages Projects Releases Wiki Activity
15,376 Commits 24 Branches 119 Tags
34c3a58efe651b6b04f5890f6d2d0b48494cb15e
Commit Graph

145 Commits

Author SHA1 Message Date
Jason Ertel
66563a4da0 zeek networks will only ever have one HOME_NETWORKS setting 2024-05-01 09:31:11 -04:00
Jason Ertel
d0e140cf7b zeek networks will only ever have one HOME_NETWORKS setting 2024-05-01 09:30:52 -04:00
Jason Ertel
87c6d0a820 zeek networks will only ever have one HOME_NETWORKS setting 2024-05-01 09:29:36 -04:00
Jason Ertel
84db82852c annotation updates for custom settings 2024-04-30 15:14:56 -04:00
Mike Reeves
d57f773072 Fix regex to allow ipv6 in bpfs 2024-03-27 09:36:42 -04:00
m0duspwnens
dfe707ab64 fix issue/11610 2023-10-24 17:26:39 -04:00
reyesj2
dd28dc6ddd Add back plugin-tds/ plugin-profinet. Using patched versions for Zeek 6 
Signed-off-by: reyesj2 <94730068+reyesj2@users.noreply.github.com>
 2023-10-18 15:30:32 -04:00
reyesj2
ed693a7ae6 Remove commented lines in defaults.yaml to avoid UI issues. 
Signed-off-by: reyesj2 <94730068+reyesj2@users.noreply.github.com>
 2023-10-16 15:48:51 -04:00
reyesj2
e5c936e8cf Replace external zeek-community-id with builtin community-id. Disable plugin-tds + plugin-profinet. Not updated for Zeek 6.x 
Signed-off-by: reyesj2 <94730068+reyesj2@users.noreply.github.com>
 2023-10-16 15:18:26 -04:00
Mike Reeves
2427344dca Update defaults.yaml 2023-09-27 15:58:58 -04:00
Mike Reeves
f094b1162d Update defaults.yaml 2023-09-27 15:48:05 -04:00
Doug Burks
09e005127e Update soc_zeek.yaml 2023-06-02 07:41:55 -04:00
Wes
2bb77251b0 Move Elastic Fleet logging exclusions to the Fleet pillar 2023-05-31 13:38:58 +00:00
weslambert
36791665f3 Merge pull request #10462 from Security-Onion-Solutions/feature/elastic_agent_zeek_logging 
Dynamic integration configuration and Zeek log exclusions for Elastic Agent
 2023-05-30 19:27:13 -04:00
Wes
e5117a343d Change description 2023-05-30 17:10:17 +00:00
Wes
e910f04beb Add default description and Zeek log exclusions for Elastic Fleet 2023-05-30 03:10:52 +00:00
Mike Reeves
8ce0d76287 Zeek Annotations 2023-05-25 12:12:18 -04:00
Mike Reeves
3be3df00d1 Zeek Annotations 2023-05-25 12:10:15 -04:00
Mike Reeves
bf4ac0c2dd Allow additional docker parameters 2023-05-18 17:08:39 -04:00
Mike Reeves
5315c51197 Allow additional docker parameters 2023-05-18 16:52:38 -04:00
Mike Reeves
0fd9fb9294 Allow additional docker parameters 2023-05-18 15:19:09 -04:00
m0duspwnens
63cea88c1d enable/disable influxdb in ui 2023-05-11 12:43:06 -04:00
m0duspwnens
9049f9cf03 enabled/disable elastalert via web ui 2023-05-08 15:56:26 -04:00
m0duspwnens
d5c7eec4ef enabled false by default, enabled via pillar in so-minion 2023-05-08 13:43:53 -04:00
m0duspwnens
5d50dbb69e enabled/disable zeek 2023-05-08 10:12:32 -04:00
m0duspwnens
743bbfea35 add zeek.enabled to zeek annotation file 2023-05-05 17:09:01 -04:00
m0duspwnens
e8a5a5bffb import GLOBALS 2023-05-05 16:44:46 -04:00
m0duspwnens
a97fa9675b enable/disable zeek in ui 2023-05-05 16:33:59 -04:00
Mike Reeves
cbd1c05929 Sbin Changes 2023-05-04 10:36:03 -04:00
Mike Reeves
d5c4a2887e Fix annotations and defaults for logstash 2023-05-03 13:37:06 -04:00
bryant-treacle
57d90a62f7 Update soc_zeek.yaml 2023-04-27 16:21:41 -04:00
Mike Reeves
3d7f2bc691 Fix annotations and file locations 2023-04-27 13:23:53 -04:00
bryant-treacle
e93e58fedb Update node.cfg.jinja 2023-04-26 08:28:40 -04:00
m0duspwnens
b0f9585da1 Merge remote-tracking branch 'origin/2.4/dev' into issue/10050 2023-04-18 11:31:00 -04:00
m0duspwnens
7c8ba04820 set file limit for zeek container 2023-04-18 11:30:39 -04:00
Mike Reeves
04eb73ac27 Update defaults.yaml 2023-04-12 10:06:23 -04:00
m0duspwnens
2589670755 set forceType 2023-04-06 15:16:04 -04:00
m0duspwnens
df4bf95b93 sort local.zeek so redef is last 2023-04-06 09:54:59 -04:00
m0duspwnens
1be86cdf8e issue 10050 and issue 10062 2023-03-29 17:21:40 -04:00
m0duspwnens
903ad530fe move zeek bpf from zeek pillar to bpf pillar 2023-03-20 15:28:33 -04:00
Doug Burks
4a2e75dd8c fix formatting 2023-03-03 17:16:45 -05:00
Doug Burks
adb925b4d6 enable zeek vlan script 2023-03-03 12:48:42 -05:00
Doug Burks
c15db73561 Avoid unnecessary Zeek processes in Import Mode 2023-01-10 16:48:47 -05:00
Wes
c741fe6b4d Ensure ICS/SCADA plugins/scripts are enabled 2022-12-06 16:23:26 +00:00
Doug Burks
40f5bb25ef FIX: Avoid deprecation warning in Zeek file extraction script #9123 2022-11-11 16:28:23 -05:00
Mike Reeves
bf5df1ac51 Add Strelka Filecheck 2022-11-02 09:57:07 -04:00
m0duspwnens
b526532ab6 use global vars in states 2022-10-11 11:57:15 -04:00
doug
fee5a7bea9 initial quick OCD pass 2022-09-23 16:29:55 -04:00
m0duspwnens
e1ea3c2031 soc for zeek 2022-09-20 16:22:54 -04:00
m0duspwnens
1685e0e6db few more 2022-09-20 15:25:50 -04:00