CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2026-04-24 21:47:48 +02:00
Code Issues Packages Projects Releases Wiki Activity
14,766 Commits 41 Branches 125 Tags
39555873729731bbf79ee3ebbe32d7c4c01e9ad9
Commit Graph

1029 Commits

Author SHA1 Message Date
DefensiveDepth 376efab40c Ship Defender logs 2024-04-08 14:01:38 -04:00
Corey Ogburn 00cea6fb80 Detection Author as a Keyword instead of Text 
With Quick Actions added to Detections, as many fields should be usable as possible.
 2024-04-05 11:22:47 -06:00
Wes 105eadf111 Add cef 2024-04-03 14:40:41 +00:00
weslambert df058b3f4a Merge branch '2.4/dev' into feature/pfsense_suricata 2024-03-25 10:08:03 -04:00
Wes 5e21da443f Minor verbiage updates 2024-03-25 13:58:32 +00:00
weslambert 4e1543b6a8 Get only code 2024-03-22 09:56:21 -04:00
Wes 5934829e0d Include pfsense config 2024-03-21 20:08:33 +00:00
Wes 486a633dfe Add pfsense Suricata config 2024-03-21 20:07:59 +00:00
Wes c6df805556 Add SOC template 2024-03-18 14:53:36 +00:00
Wes 005930f7fd Add error.message mapping for system.syslog 2024-03-07 15:41:23 +00:00
weslambert d8e8933ea0 Add AWS Security Hub template 2024-03-05 09:25:41 -05:00
weslambert d85ac39e28 Add AWS Inspector template 2024-03-05 09:23:17 -05:00
weslambert 1514f1291e Add AWS GuardDuty template 2024-03-05 09:21:48 -05:00
weslambert b64d61065a Add AWS Cloudfront template 2024-03-05 09:19:43 -05:00
weslambert df3943b465 Daily rollover 2024-02-27 17:24:27 -05:00
weslambert 1d099f97d2 Update pattern for endpoint diagnostic template 2024-02-26 11:27:56 -05:00
Josh Patterson d2f7946377 Merge pull request #12411 from Security-Onion-Solutions/issue/12382 
nest under policy
 2024-02-21 16:28:04 -05:00
m0duspwnens 162785575c nest under policy 2024-02-21 15:28:24 -05:00
Josh Brower 686304f24a Merge remote-tracking branch 'origin/2.4/dev' into kilo 2024-02-15 09:47:51 -05:00
Corey Ogburn 0d297274c8 DetectionComment Mapping Defined 2024-02-13 12:53:18 -07:00
Corey Ogburn 64f6d0fba9 Updated Detection's ES Mappings 
Detection's now have a License field and the Comment model is defined now.
 2024-02-09 14:20:07 -07:00
Corey Ogburn 29174566f3 WIP: Updated Detection Mappings, Changed Engine to Language 
Detection mappings updated to include the removal of Note and the addition of Tags, Ruleset, and Language.

SOC defaults updated to use language based queries rather than engine and show the language column instead of the engine column in results.
 2024-02-08 09:44:56 -07:00
Wes 182667bafb Change numbers for Elasticsearch 2024-02-01 13:59:23 +00:00
Wes bc502cc065 Custom Elasticserach pipeline annotations 2024-01-31 21:46:33 +00:00
Wes bc75be9402 Custom pipelines in UI 2024-01-31 20:16:48 +00:00
Wes cd4bd6460a Custom pipelines 2024-01-31 20:16:18 +00:00
Corey Ogburn 585147d1de Added so-detection mapping in elasticsearch 2024-01-31 10:39:47 -07:00
Wes 12ab6338db Add diagnostic 2024-01-25 20:16:52 +00:00
weslambert cd54d4becb Fix indent 2024-01-25 13:57:02 -05:00
weslambert 5f1c76f6ec endpoint.diagnostic.collection 2024-01-25 09:46:25 -05:00
Wes 8426aad56d Text mapping for scan.pe.flags 2024-01-24 15:10:42 +00:00
Wes d23d367058 Make scan.pe.flags a string 2024-01-24 15:08:38 +00:00
Wes 80a3942245 Rename RITA pipelines 2024-01-22 20:15:48 +00:00
Wes 7118cc8dee Add additional integration SOC configuration 2024-01-19 22:04:07 +00:00
Wes 05aa8b013a Add additional integration to templates 2024-01-19 22:02:39 +00:00
Mike Reeves efe8cfda95 Update suricata.common 2024-01-19 13:39:28 -05:00
Mike Reeves 08486e279c Update suricata.common 2024-01-19 13:36:43 -05:00
Wes e70ce50912 Change description 2024-01-17 14:06:16 +00:00
Wes f6590ac0bf Remove Suricata IKEv2 pipeline 2024-01-16 18:10:00 +00:00
Wes ea64ce92d3 Add Suricata IKE pipeline 2024-01-16 18:09:46 +00:00
Wes 8a92b023b2 Add interface name 2024-01-16 18:09:16 +00:00
weslambert 252c51dafb Change order of names 2024-01-12 16:45:18 -05:00
weslambert a07e6e1058 OTX pulses 2024-01-12 16:43:33 -05:00
weslambert 3f9678056d OTX pulses template 2024-01-12 16:42:32 -05:00
Wes 418f41c7e4 Add SOC configuration for metrics 2024-01-12 15:03:18 +00:00
Wes 5eae349938 Add endpoint metrics templates 2024-01-12 13:47:35 +00:00
Wes c89d674a92 Add settings for integrations 2024-01-11 14:18:06 +00:00
Wes 9b1ddcacb4 Add additional templates for integrations 2024-01-11 14:00:09 +00:00
Josh Brower 5513e74807 comma 2024-01-09 08:12:33 -05:00
Josh Brower 31ee365a91 Fixup FIM events 2024-01-09 08:11:05 -05:00