CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-06 17:22:49 +01:00
Code Issues Packages Projects Releases Wiki Activity
4,205 Commits 24 Branches 119 Tags
42c9653669752b4af5f9dc7707c622a5712aea55
Commit Graph

136 Commits

Author SHA1 Message Date
Mike Reeves
42c9653669 anon user hack 2020-08-11 14:45:55 -04:00
Mike Reeves
f553a8e27a anon user hack 2020-08-11 14:40:34 -04:00
Mike Reeves
59292425c0 Add transport hostname 2020-08-10 23:03:54 -04:00
Mike Reeves
ac3f490299 Add transport hostname 2020-08-10 23:02:03 -04:00
Mike Reeves
52cc56bebb Add transport hostname 2020-08-10 22:56:15 -04:00
Mike Reeves
c3d8c599cc Turn off user auth 2020-08-10 22:13:17 -04:00
Mike Reeves
6007a6c4d8 Things like this are why I hate Java 2020-08-10 22:10:03 -04:00
Mike Reeves
d00231af06 Things like this are why I hate Java 2020-08-10 22:05:46 -04:00
Mike Reeves
cf5c29d01c Change certs path on elstic 2020-08-10 21:30:53 -04:00
Mike Reeves
e7cd527d49 Enable SSL in elastic 2020-08-10 21:18:03 -04:00
Mike Reeves
d171adb9c9 jruby ssl fun 2020-08-07 23:39:13 -04:00
Mike Reeves
64af6f99e9 jruby ssl fun 2020-08-07 23:34:55 -04:00
Mike Reeves
2705cbbf45 jruby ssl fun 2020-08-07 23:33:02 -04:00
Mike Reeves
5525e235d1 jruby ssl fun 2020-08-07 23:28:58 -04:00
Mike Reeves
1b0f90b7e4 sync script 2020-08-07 22:12:47 -04:00
Mike Reeves
d15d53bcdc Add script to extract cacerts 2020-08-07 22:04:30 -04:00
Josh Brower
928e5ed832 Playbook/Nav Fixes - Issue #1064 2020-08-07 17:02:48 -04:00
Josh Brower
ff209cfd65 Merge pull request #1149 from Security-Onion-Solutions/feature/wlb-parsing 
Ingest Parsing Update for Sysmon/WEL
 2020-08-07 13:37:22 -04:00
Josh Brower
a8b980b6a7 More Playbook Fixes - Issue #1064 2020-08-07 13:35:43 -04:00
Josh Brower
15efe77e06 Ingest Parsing Update for Sysmon/WEL 2020-08-06 13:11:47 -04:00
Josh Brower
d971d07720 Osquery & WLB Parsing Update for WEL & Sysmon 2020-07-31 16:06:15 -04:00
Josh Brower
55e60cb749 initial refactor - beats/sysmon parsing 2020-07-28 11:03:33 -04:00
Josh Patterson
549916306c Merge pull request #1008 from Security-Onion-Solutions/quickfix/lstoes 
Quickfix/lstoes
 2020-07-14 17:37:19 -04:00
m0duspwnens
5cf71596b2 add curlys 2020-07-14 17:36:52 -04:00
Josh Brower
8647944ae6 Parsing & Hunt query updates 2020-07-14 16:59:06 -04:00
Doug Burks
a1e6a85a68 explicitly set Suricata timestamp timezone to UTC 2020-07-14 15:49:46 -04:00
Wes Lambert
f9df39977b Add observer name for Strelka events 2020-07-14 17:38:43 +00:00
Wes Lambert
d6afde90b0 Convert message timestamp to @timestamp 2020-07-14 13:37:00 +00:00
Josh Brower
e62381e998 Merge pull request #982 from Security-Onion-Solutions/bugfix/alerting 
Misc fixes
 2020-07-10 19:50:27 -04:00
Josh Brower
65062d93f4 Misc fixes 2020-07-10 19:43:43 -04:00
Mike Reeves
c656bec9c0 Merge branch 'dev' into feature/espillarz 2020-07-10 11:35:12 -04:00
Mike Reeves
1a6c4c12b4 Fix elasticsearch yaml 2020-07-09 21:56:32 -04:00
Mike Reeves
6094d19b0b Make hot default 2020-07-09 16:54:31 -04:00
Mike Reeves
3c6465bb7f ES Jinja the config 2020-07-09 16:42:39 -04:00
Josh Brower
206bdc60f3 Merge pull request #967 from Security-Onion-Solutions/feature/low-level-alerts 
Feature - low level alerts
 2020-07-09 13:56:31 -04:00
Josh Brower
52f7111e1d Feature - low level alerts 2020-07-09 13:53:55 -04:00
Doug Burks
8dfafffef0 remove duplicate line for message2.conn_uids 2020-07-09 06:44:08 -04:00
weslambert
4cf31e1ee7 Drop message field and original exiftool keys 2020-07-08 10:55:40 -04:00
Doug Burks
fef803a86c Add ignore_failure to geoip processor calls #942 2020-07-08 10:41:14 -04:00
weslambert
b25a3b6986 Rename uids to uid 2020-07-08 09:39:37 -04:00
weslambert
2992938596 Merge pull request #947 from Security-Onion-Solutions/fix/strelka_exiftool 
Add fields for exiftool keys
 2020-07-07 17:13:57 -04:00
Wes Lambert
3b50ce032a Add fields for exiftool keys 2020-07-07 20:02:09 +00:00
Mike Reeves
eccfaf94fb Merge branch 'dev' of https://github.com/Security-Onion-Solutions/securityonion into issue/937 2020-07-07 15:10:12 -04:00
Wes Lambert
e0570e1db7 Add Zeek FUID for Strelka records 2020-07-07 15:00:01 +00:00
Mike Reeves
c59096d9bd rename node pillar to elasticsearch 2020-07-07 10:42:12 -04:00
Doug Burks
98cfba18e9 fix zeek.ftp description 2020-07-01 20:27:40 -04:00
Doug Burks
f6adf4ed56 fix zeek.smb_mapping description 2020-07-01 20:26:51 -04:00
Doug Burks
2cbd5ffe61 fix zeek.ssh description 2020-07-01 20:26:06 -04:00
Wes Lambert
84e2965fef Addl krb fix 2020-06-30 03:06:01 +00:00
Wes Lambert
bf8798f1d1 Fix krb client/server cert subject parsing 2020-06-30 03:04:01 +00:00