CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-08 02:02:50 +01:00
Code Issues Packages Projects Releases Wiki Activity
15,376 Commits 24 Branches 119 Tags
34c3a58efe651b6b04f5890f6d2d0b48494cb15e
Commit Graph

9690 Commits

Author SHA1 Message Date
weslambert
f4490fab58 Add rule.uuid for YARA matches 2024-05-21 17:05:39 -04:00
weslambert
deb140e38e Exclude detections from template name matching 2024-05-21 13:38:52 -04:00
Jason Ertel
d57cc9627f exclude false positives related to detections 2024-05-21 13:31:50 -04:00
Jason Ertel
8ce19a93b9 exclude false positives related to detections 2024-05-21 13:29:20 -04:00
Jason Ertel
d315b95d77 elastalert settings 2024-05-21 07:15:19 -04:00
Jason Ertel
b7a4f20c61 elastalert settings 2024-05-20 20:11:30 -04:00
Jason Ertel
02b4d37c11 elastalert settings 2024-05-20 20:00:31 -04:00
Jason Ertel
f8ce039065 elastalert settings 2024-05-20 19:58:12 -04:00
Jason Ertel
e2d0b8f4c7 elastalert settings 2024-05-20 19:38:36 -04:00
Jason Ertel
8a3061fe3e elastalert settings 2024-05-20 19:36:06 -04:00
Jason Ertel
c594168b65 elastalert settings 2024-05-20 19:05:43 -04:00
Jason Ertel
31fdf15ce1 Merge branch '2.4/dev' into jertel/eaconfig 2024-05-20 18:59:35 -04:00
Jason Ertel
6b2219b7f2 elastalert settings 2024-05-20 18:52:37 -04:00
Corey Ogburn
6e97c39f58 Marked as Advanced 2024-05-20 14:52:05 -06:00
Corey Ogburn
026023fd0a Annotate integrityCheckFrequencySeconds per det engine 2024-05-20 14:35:11 -06:00
Jorge Reyes
d7ee89542a Merge pull request #13040 from Security-Onion-Solutions/lkscript 
Create helper script for tpm enrollment
 2024-05-20 15:25:50 -04:00
reyesj2
6fac6eebce Helper script for enrolling tpm into luks 
Signed-off-by: reyesj2 <94730068+reyesj2@users.noreply.github.com>
 2024-05-20 14:37:54 -04:00
Corey Ogburn
fcc72a4f4e Add Default IntegrityCheck Frequency Values 2024-05-20 11:23:25 -06:00
Corey Ogburn
0cc57fc240 Change Compilation Report Path 
Move compilation report path to /opt/so/state and mount that foulder in SOC
 2024-05-17 15:47:23 -06:00
weslambert
d9edff38df Create compile report for SOC integrity check 2024-05-17 16:10:10 -04:00
Jason Ertel
1c4d36760a add support for custom alerters 2024-05-17 14:49:39 -04:00
reyesj2
34a5985311 Create tpm enrollment script 
Signed-off-by: reyesj2 <94730068+reyesj2@users.noreply.github.com>
 2024-05-16 21:14:57 -04:00
Josh Patterson
572b8d08d9 Merge branch '2.4/dev' into issue/13021 2024-05-16 16:39:17 -04:00
m0duspwnens
cc6cb346e7 fix issue/13030 2024-05-16 16:31:45 -04:00
m0duspwnens
b54632080e check if exists in override before popping 2024-05-16 16:04:17 -04:00
Josh Patterson
9d4668f4d3 Revert "dont merge policy from global_overrides if not defined in default index_settings" 2024-05-16 15:45:55 -04:00
Josh Patterson
da2ac4776e Merge pull request #13028 from Security-Onion-Solutions/issue/13021 
dont merge policy from global_overrides if not defined in default index_settings
 2024-05-16 14:33:51 -04:00
m0duspwnens
9796354b48 dont merge policy from global_overrides if not defined in default index_settings 2024-05-16 14:27:32 -04:00
Jason Ertel
aa32eb9c0e Merge pull request #13025 from Security-Onion-Solutions/jertel/suridp 
exclude detect-parse errors
 2024-05-15 19:21:30 -04:00
Jason Ertel
4771810361 exclude detect-parse errors 2024-05-15 19:10:50 -04:00
Mike Reeves
ab9ec2ec6b Update soup 2024-05-15 18:04:01 -04:00
Josh Patterson
4d7835612d Merge pull request #13022 from Security-Onion-Solutions/soupaml 
add a newline to final output of so-elastic-agent-gen-installers
 2024-05-15 16:37:53 -04:00
m0duspwnens
8076ea0e0a add another space 2024-05-15 16:34:05 -04:00
Josh Brower
320ae641b1 Merge pull request #13023 from Security-Onion-Solutions/2.4/sigmapipelineupdates 
alphabetical order
 2024-05-15 16:30:45 -04:00
DefensiveDepth
b4aec9a9d0 alphabetical order 2024-05-15 16:29:21 -04:00
m0duspwnens
6af0308482 add a newline 2024-05-15 16:26:44 -04:00
Josh Patterson
08024c7511 Merge pull request #13020 from Security-Onion-Solutions/issue/13012 
Issue/13012
 2024-05-15 15:33:01 -04:00
m0duspwnens
3a56058f7f update description 2024-05-15 15:31:31 -04:00
Mike Reeves
8803ad4018 Update enabled.sls 2024-05-15 14:05:48 -04:00
m0duspwnens
62a8024c6c Merge remote-tracking branch 'origin/2.4/dev' into issue/13012 2024-05-15 13:48:46 -04:00
m0duspwnens
ea253726a0 fix soup 2024-05-15 13:48:32 -04:00
Mike Reeves
e3a0847867 Update soup 2024-05-15 11:31:41 -04:00
Mike Reeves
7345d2c5a6 Update enabled.sls 2024-05-15 11:16:20 -04:00
m0duspwnens
427b1e4524 revert soup_scripts back to common 2024-05-15 10:28:02 -04:00
m0duspwnens
2dbbe8dec4 soup_scripts put so-yaml in salt file system. move soup scripts to manager.soup_scripts 2024-05-15 10:07:06 -04:00
m0duspwnens
51862e5803 remove idh.services from idh node pillar files 2024-05-14 13:08:51 -04:00
Doug Burks
67645a662d FEATURE: Add NetFlow dashboard #13009 2024-05-14 10:14:16 -04:00
Doug Burks
5b45c80a62 FEATURE: Add NetFlow dashboard #13009 2024-05-14 10:01:18 -04:00
weslambert
6dec9b4cf7 Merge pull request #12986 from Security-Onion-Solutions/fix/old_strelka 
Remove old Strelka configuration for YARA
 2024-05-14 09:27:19 -04:00
weslambert
13062099b3 Remove YARA script update and reference to exclusions 2024-05-13 18:04:16 -04:00