CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-30 12:53:19 +01:00
Code Issues Packages Projects Releases Wiki Activity
5,916 Commits 20 Branches 120 Tags
3ff99da3020249b058266cb367a991dcf96178ce
Commit Graph

3378 Commits

Author SHA1 Message Date
Wes Lambert
24a54a326c Allow for muliple files for rules 2020-11-02 21:03:45 +00:00
Jason Ertel
184d163d65 Do not persist the Cortex PID file; This allows Cortex to recover from non-graceful container shutdowns, such as a power loss event on the host machine 2020-11-02 15:04:13 -05:00
Wes Lambert
3113d5fbdb Format scan.exiftool as text 2020-11-02 19:31:14 +00:00
Wes Lambert
6420ee0310 Update parsing for scan.exiftool 2020-11-02 19:28:12 +00:00
weslambert
71a260a000 Match max-pending-packets size 2020-11-02 08:38:45 -05:00
jtgreen-cse
6359e03ba6 fix for Windows events via osquery 
This change was required to properly let Windows events flow through their specific pipelines. Otherwise, the `temp` field stays around and gets ingested in ES.
 2020-10-29 15:03:13 -04:00
William Wernert
b489fee8b5 Merge pull request #1738 from Security-Onion-Solutions/bugfix/nginx-redirect 
Bugfix/nginx redirect
 2020-10-29 14:33:38 -04:00
William Wernert
91221c4332 [revert] Move proxy_pass back to ip 2020-10-29 10:23:12 -04:00
Mike Reeves
57d8f25422 Create master node role in ES 2020-10-28 16:44:14 -04:00
William Wernert
3abd1c9f16 [fix] Configure soctopus to use url_base 2020-10-28 16:08:19 -04:00
Mike Reeves
13be0da484 Add a place where custom logstash certs can go 2020-10-28 15:26:41 -04:00
Mike Reeves
361b13dc88 Add a place where custom logstash certs can go 2020-10-28 15:25:00 -04:00
Jason Ertel
98c669e80b Disable nginx server version and TLSv1.0/TLSv1.1 2020-10-28 14:29:29 -04:00
William Wernert
b02d434a0e [fix] Change any scripts using auth headers to url_base 2020-10-28 12:29:09 -04:00
William Wernert
3ee9f23d26 [fix] Use url_base in sensoroni.json instead of manager hostname 2020-10-28 12:28:34 -04:00
Jason Ertel
348c2feee2 Prevent usage of dollar signs in admin passwords during setup 2020-10-28 11:07:05 -04:00
Mike Reeves
97207bd006 Merge pull request #1702 from Security-Onion-Solutions/dockernet 
Custom Docker IP Range
 2020-10-28 10:48:56 -04:00
Wes Lambert
453247971e Add Wazuh user management scripts 2020-10-28 12:22:50 +00:00
Mike Reeves
697bc53aec Dockernet Modifications 2020-10-27 15:08:34 -04:00
Jason Ertel
5a705fc0f2 Add Hunt quick action for hunted events, grouping by dataset and module 2020-10-27 12:30:33 -04:00
Jason Ertel
474c4e54b4 Ensure labels and icons are associated with all quick actions 2020-10-27 12:04:57 -04:00
William Wernert
c58deef2e0 Merge branch 'dev' into feature/nginx-update 2020-10-27 09:29:06 -04:00
Mike Reeves
0ad65c8cd4 Merge pull request #1568 from jtgreen-cse/patch-1 
fix for rendering error >1 search node
 2020-10-26 16:57:17 -04:00
William Wernert
0aaf8d6d9a [fix] Change 301 to 307 so curl requests work as intended 2020-10-26 16:37:16 -04:00
Mike Reeves
5395983fc7 Merge pull request #1580 from Security-Onion-Solutions/feature/thehive-casetemplates 
Add case_template field to Playbook alerts
 2020-10-26 14:13:54 -04:00
William Wernert
3648e293a1 [fix] Add -L option to curl to respect redirects 2020-10-26 14:08:52 -04:00
Mike Reeves
ecfd1bbe4d Merge remote-tracking branch 'remotes/origin/dev' into escluster 2020-10-26 13:33:05 -04:00
Jason Ertel
3809573963 Correct cheatsheet URL for airgap installs 2020-10-26 12:16:55 -04:00
Jason Ertel
571550c019 Merge master into dev 2020-10-26 10:30:26 -04:00
William Wernert
e613bb3740 Merge branch 'dev' into feature/nginx-update 2020-10-26 10:28:14 -04:00
William Wernert
4662837075 [fix] Revert changes from merging dev 2020-10-26 10:25:16 -04:00
Doug Burks
c61199618a Update so-curator-closed-delete-delete 2020-10-24 07:15:43 -04:00
Mike Reeves
d9c021e86a Update so-curator-closed-delete-delete 2020-10-23 17:07:16 -04:00
Mike Reeves
b6f1cfada6 Update changes.json 2020-10-23 16:44:02 -04:00
Jason Ertel
85e0b2cab3 Add cheatsheet URL to soc.json 2020-10-23 16:35:35 -04:00
Mike Reeves
c8a6b232d5 Fix which field we return for Elastic index 2020-10-23 15:58:35 -04:00
William Wernert
fdb7cb90e3 [wip] Test alt variable usage 2020-10-23 15:36:01 -04:00
William Wernert
73b83584e6 [fix] Remove bad '_' character 2020-10-23 14:32:43 -04:00
Josh Patterson
1185e43064 Merge pull request #1614 from Security-Onion-Solutions/issue/1573 
Issue/1573 and Issue/1601
 2020-10-22 15:57:40 -04:00
Mike Reeves
51ca661219 update wording for USB device vs CDROM 2020-10-22 14:54:34 -04:00
m0duspwnens
50a767ca6c dont list aptcacherng in so-status if user chose open updates during setup - https://github.com/Security-Onion-Solutions/securityonion/issues/1573 2020-10-22 14:52:07 -04:00
William Wernert
6a08086dfa [refactor] Make variable names consistent 2020-10-22 14:10:06 -04:00
William Wernert
6a3e921924 [fix] Fixes for fleet install 2020-10-22 13:09:26 -04:00
m0duspwnens
0bfdef274b update so-status to work with disabled containers - https://github.com/Security-Onion-Solutions/securityonion/issues/1601 2020-10-22 12:09:19 -04:00
m0duspwnens
0b6b6e38fc fix map for steno 2020-10-22 11:24:18 -04:00
m0duspwnens
aa59eff1ac fix if statement 2020-10-22 10:59:03 -04:00
m0duspwnens
172ca9aa8d add option to enable or disable to steno docker container - https://github.com/Security-Onion-Solutions/securityonion/issues/1601 2020-10-22 10:52:34 -04:00
William Wernert
79c4f07ff7 [fix] Don't listen on port 80 on all installs 2020-10-22 10:43:24 -04:00
Mike Reeves
460a391460 Update changes.json 2020-10-22 10:00:20 -04:00
Mike Reeves
905fcd06a6 Remove old 2.3.0 dockers 2020-10-22 08:51:40 -04:00