CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2026-04-25 14:07:49 +02:00
Code Issues Packages Projects Releases Wiki Activity
10,122 Commits 40 Branches 125 Tags
43cb78a6a81c677e89990876ab0dbac6743255f8
Commit Graph

6022 Commits

Author SHA1 Message Date
Josh Brower 43cb78a6a8 Upgrade Navigator 2022-05-27 14:21:11 -04:00
weslambert 44622350ea Add ID for RITA filestream inputs 2022-05-25 10:09:01 -04:00
weslambert 99864f4787 Merge pull request #8001 from Security-Onion-Solutions/feature/analyzer_readme 
Add configuration requirements for various analyzers
 2022-05-25 09:33:07 -04:00
Doug Burks 1d0bb21908 UPGRADE: Elastic 7.17.4 #8002 2022-05-24 13:19:30 -04:00
Doug Burks bde06e7ec5 UPGRADE: Elastic 7.17.4 #8002 2022-05-24 13:19:01 -04:00
Wes Lambert b93512eb01 Adjust verbiage around pillar configuration 2022-05-24 12:36:32 +00:00
Wes Lambert 92dee14ee8 Add configuration requirements for various analyzers 2022-05-24 12:29:14 +00:00
weslambert a6f1bf3aef Create Virustotal README 2022-05-23 11:39:44 -04:00
Jason Ertel 88f17f037e Merge pull request #7982 from Security-Onion-Solutions/kilo 
Upgrade to Kratos 0.9.0-alpha.3
 2022-05-19 13:28:58 -04:00
Jason Ertel c20859f8c3 Upgrade to Kratos 0.9.0-alpha.3 2022-05-18 17:05:21 -04:00
Wes Lambert 429ccb2dcc Only import yaml module when config is loaded 2022-05-18 02:07:39 +00:00
weslambert d3206a048f Add information for MHR and WhoisLookup, and other minor updates 2022-05-17 12:49:16 -04:00
weslambert ff855eb8f7 Merge pull request #7958 from Security-Onion-Solutions/feature/mhr_analyzer 
Add Team Cymru Malware Hash Registry Analyzer
 2022-05-17 12:42:01 -04:00
Wes Lambert 8af1f19ac3 Another no_results change 2022-05-17 16:12:43 +00:00
Wes Lambert e4a7e3cba6 Change 'No results found.' to 'no_results' 2022-05-17 16:11:58 +00:00
Wes Lambert 766e9748c5 Add Whoislookup RDAP-based analyzer 2022-05-17 15:52:12 +00:00
weslambert 3761b491c0 Remove whitespace 2022-05-17 10:50:33 -04:00
Wes Lambert e8fc3ccdf4 Add Team Cymru Malware Hash Registry Analyzer 2022-05-17 14:44:53 +00:00
doug 5cbb50a781 update dashboards.queries.json and hunt.queries.json 2022-05-16 08:33:48 -04:00
Jason Ertel b45b6b198b Improved unit test coverage of new analyzers; Utilize localized summaries; Require 100% code coverage on analyzers 2022-05-12 16:32:47 -04:00
Wes Lambert 3dc266cfa9 Add test for when indicator is not found 2022-05-12 19:02:41 +00:00
Wes Lambert a233c08830 Update logic to handle indicators that are not present in database. 2022-05-12 19:02:02 +00:00
Doug Burks 6ed3f42449 remove duplicate showSubtitle from hunt.queries.json 2022-05-12 09:23:00 -04:00
Jason Ertel 35e47c8c3e Add support for analyzers in airgapped environments 2022-05-10 16:51:00 -04:00
Jason Ertel 91a7f25d3a Corrected brand name capitalization 2022-05-10 09:39:19 -04:00
weslambert 34d57c386b Update analyzer docs with information about analyzers that require authentication 2022-05-10 09:32:18 -04:00
Wes Lambert 555ca2e277 Update analyzer build/testing script to download necessary Python packages 2022-05-09 20:06:39 +00:00
Wes Lambert 32adba6141 Update analyzer packages with those built from native (Alpine) Docker image 2022-05-09 20:04:41 +00:00
Jason Ertel 31c04aabdd Disable MRU queries on dashboards 2022-05-09 15:06:43 -04:00
Jason Ertel 3f35dc54d2 Disable actions on dashboards group-by tables 2022-05-09 11:44:39 -04:00
Jason Ertel 0786191fc9 Add dashboard ref to soc.json 2022-05-06 15:16:27 -04:00
weslambert 9800f59ed7 Add Urlscan to observable support matrix 2022-05-06 13:11:43 -04:00
Wes Lambert ccac71f649 Fix formatting/whitespace 2022-05-06 17:08:40 +00:00
Wes Lambert 1990ba0cf0 Fix formatting/whitespace 2022-05-06 17:08:33 +00:00
Wes Lambert 8ff5778569 Add Urlscan analyzer and tests 2022-05-06 17:01:06 +00:00
Jason Ertel bee4cf4c52 Fix typo in analyzer desc 2022-05-06 09:20:03 -04:00
Jason Ertel 105c95909c Dashboard queries 2022-05-04 19:32:06 -04:00
Jason Ertel 890bcd58f9 Merge branch 'dev' into kilo 2022-05-04 19:25:08 -04:00
weslambert a96c665d04 Change test name for EmailRep 2022-05-03 14:13:25 -04:00
weslambert f3a91d9fcd Add EmailRep analyzer to observable support matrix 2022-05-03 10:10:57 -04:00
Wes Lambert 5a9acb3857 Add EmailRep analyzer and tests 2022-05-03 14:06:32 +00:00
Wes Lambert 8b5666b238 Ensure API key is used 2022-05-03 12:48:06 +00:00
weslambert 2fcb2b081d Update allowed complexity to 12 2022-05-02 16:14:43 -04:00
weslambert 25f17a5efd Update allowed complexity to 11 2022-04-29 09:42:57 -04:00
weslambert 66b4fe9f58 Add additional information around URI and User Agent 2022-04-28 17:14:36 -04:00
Wes Lambert c001708707 Add Pulsedive analyzer and tests 2022-04-28 20:56:03 +00:00
weslambert 4edd729596 Add initial supported observable matrix/table 2022-04-27 08:58:34 -04:00
Wes Lambert 76f183b112 Add Greynoise analyzer and tests 2022-04-26 17:25:35 +00:00
Wes Lambert bd63753d80 Update analyzer name/description 2022-04-25 19:27:10 +00:00
Wes Lambert 15fcaa7030 Add localfile analyzer and tests 2022-04-25 19:23:35 +00:00