CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-07 17:52:46 +01:00
Code Issues Packages Projects Releases Wiki Activity
7,859 Commits 24 Branches 119 Tags
42ba9888d7e368fbdee084b58d0fd8efa84063ee
Commit Graph

9 Commits

Author SHA1 Message Date
Josh Brower
7cbeed985a Differentiate between event & ingest timestamp 2021-04-13 12:55:40 -04:00
Josh Brower
cf4de255ec Fix Wazuh WEL Shipping 2021-04-12 15:18:18 -04:00
Wes Lambert
875908dc90 Set @timestamp to winlog.systemTime 2021-01-06 16:47:35 +00:00
OmerTirosh
e2ee0db727 Ignore failure for rename processor 
Ignore failure for winlog.event_data.SubjectUserName rename processor.
For some event ids (for example 4688), this field already been added in winlogbeat JS processor.
Therefor, elastic throw [user.name] already exists error.
 2020-11-24 17:21:47 +02:00
Josh Brower
c3b2d98ffb Add event.category to WEL 2020-09-10 06:15:30 -04:00
Josh Brower
b7dd14b8f0 Set event.code to string for WEL 2020-08-28 13:40:04 -04:00
Josh Brower
15efe77e06 Ingest Parsing Update for Sysmon/WEL 2020-08-06 13:11:47 -04:00
Josh Brower
d971d07720 Osquery & WLB Parsing Update for WEL & Sysmon 2020-07-31 16:06:15 -04:00
Josh Brower
55e60cb749 initial refactor - beats/sysmon parsing 2020-07-28 11:03:33 -04:00