CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-08 10:12:53 +01:00
Code Issues Packages Projects Releases Wiki Activity
7,405 Commits 24 Branches 119 Tags
34d4eedf672cb523942c14f16c8a57ef1036fbe9
Commit Graph

190 Commits

Author SHA1 Message Date
Mike Reeves
34d4eedf67 Remove old modules 2021-05-26 10:11:47 -04:00
m0duspwnens
525d4325c7 define ZEEKLOGLOOKUP in the yaml 2021-05-25 17:18:58 -04:00
m0duspwnens
ecf7e25a51 fix merge conflict 2021-05-25 17:16:44 -04:00
m0duspwnens
dfaf40f583 add zeekloglookup to translate zeeklogs to filebeat filesets 2021-05-25 17:14:26 -04:00
Mike Reeves
543154f037 Remove old modules 2021-05-25 16:58:18 -04:00
m0duspwnens
2eee6b45bc Merge branch 'pipeline' of https://github.com/Security-Onion-Solutions/securityonion into pipeline 2021-05-25 16:52:08 -04:00
m0duspwnens
0de5c6f204 fix sodefault modules 2021-05-25 16:52:02 -04:00
Mike Reeves
9363fc153c Fix pillar for module 2021-05-25 16:44:13 -04:00
m0duspwnens
2aacd5b9b6 so defaults filebeat modules 2021-05-25 16:40:50 -04:00
Mike Reeves
5e5d30a377 Fix 3rd party modules 2021-05-25 08:26:25 -04:00
Mike Reeves
71a74a6656 Added updated script and core modules 2021-05-13 13:07:16 -04:00
Mike Reeves
68a667ee7c Add thirfpartydefaults.yml 2021-05-12 15:31:19 -04:00
m0duspwnens
ad67167e97 remove whitespace control 2021-05-11 12:58:21 -04:00
m0duspwnens
4012a8276c add template for module .yml file 2021-05-11 12:22:25 -04:00
m0duspwnens
efc028d0a5 handle the docker port bindings for filebeat modules 2021-05-10 18:08:47 -04:00
Mike Reeves
01a121e029 Add defaults.yml 2021-05-10 15:29:50 -04:00
Wes Lambert
728d1f7540 Make Zeek and Suricata great again 2021-05-06 14:06:17 +00:00
Wes Lambert
ee92ba20b0 Add modules path reference 2021-05-06 13:56:39 +00:00
Wes Lambert
1b749cf004 Additional config 2021-05-06 13:55:07 +00:00
Wes Lambert
37929dbd7d Add additional config for Filebeat modules 2021-05-06 13:54:28 +00:00
Mike Reeves
0622c77a7f Add filebeat modules 2021-05-04 10:50:13 -04:00
Mike Reeves
aa66b6226f Add hostname to the listener 2021-04-13 20:22:51 -04:00
Mike Reeves
db7dcd76cd Add hostname to the listener 2021-04-13 20:21:32 -04:00
Mike Reeves
7153f58a03 Add Firewall for Beats port 2021-04-13 20:17:26 -04:00
Mike Reeves
621e5c1cf8 Enable Filebeat Stats 2021-04-13 19:18:10 -04:00
Mike Reeves
18203513ab Update cert location for eval.import 2021-03-10 09:14:14 -05:00
Mike Reeves
1ecb079066 Fix Kibana Script for loading dashboards 2021-03-08 17:36:07 -05:00
Mike Reeves
bf4ac2a312 Fix some merge conflicts 2021-03-08 11:43:24 -05:00
Mike Reeves
a0a8d12526 Enable SSL and Features 2021-03-04 10:08:28 -05:00
Mike Reeves
4f867e5375 Fix all scripts for ssl elastic 2021-03-03 10:02:23 -05:00
Mike Reeves
3219f4cd12 Remove Features Option 2021-03-02 11:04:50 -05:00
Jason Ertel
58e4205602 Revert "Make filebeat retry forever" 2021-02-03 21:46:29 -05:00
Mike Reeves
55a8f6aa7a Make filebeat retry forever 2021-02-02 16:41:52 -05:00
Mike Reeves
4212afe0c9 Add features option back 2021-01-30 19:57:18 -05:00
Mike Reeves
4ef38f8d04 Add EPS and RAID status collection for telegraf 2021-01-25 19:14:46 -05:00
Mike Reeves
636687ac59 Merge pull request #2702 from Security-Onion-Solutions/essecurity 
SSL with Elastic Basic license. Remove features option.
 2021-01-21 13:57:28 -05:00
Mike Reeves
9408d62c65 Remove features 2021-01-21 13:55:53 -05:00
Wes Lambert
19d22e1f8a Allow for Filebeat queue/output adjustments via pillar 2021-01-21 15:34:54 +00:00
m0duspwnens
b693373d8d change how we allow or disallow states to be run https://github.com/Security-Onion-Solutions/securityonion/issues/2679 2021-01-20 15:09:53 -05:00
weslambert
6b4af30fc1 Change clean_removed to true cleanup tracking of Zeek logs removed from current 2020-11-18 13:47:32 -05:00
m0duspwnens
1fca5e65df redo how containers get added to so-status https://github.com/Security-Onion-Solutions/securityonion/issues/1681 2020-11-10 15:31:47 -05:00
William Wernert
6169758f4e [fix] 0 -> root so file owner is set correctly 2020-11-03 16:47:59 -05:00
m0duspwnens
10e4248cfc and node that gets filebeat state now can listen for syslog - https://github.com/Security-Onion-Solutions/securityonion/issues/1551 2020-10-19 16:10:20 -04:00
m0duspwnens
79854f111e add 514 tcp listener to filebeat docker and add syslog listener to fb config for manager and manager search - https://github.com/Security-Onion-Solutions/securityonion/issues/1551 2020-10-19 10:27:40 -04:00
Doug Burks
a106913d1a Heavy node filebeat needs extra_hosts for the heavy node itself #1521 2020-10-14 09:51:59 -04:00
Wes Lambert
4fc4913d1e Don't predefine index date for Filebeat ES outputs 2020-10-12 15:44:00 +00:00
Wes Lambert
1970d95d5f Make Filebeat registry persistent to avoid re-reading old data 2020-10-05 13:30:04 +00:00
Wes Lambert
d8f70397f7 Fix Filebeat config for Wazuh 2020-09-30 14:57:56 +00:00
Mike Reeves
0a0e00866c Upgrade Fun 2020-09-14 14:50:22 -04:00
m0duspwnens
09cc8ae1fb fail the state if it isnt in top 2020-09-09 16:48:50 -04:00