CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-06 09:12:45 +01:00
Code Issues Packages Projects Releases Wiki Activity
10,456 Commits 24 Branches 119 Tags
4502e2c260c20aed31b01985d376cb1b8cacd7e3
Commit Graph

10456 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Peter Di Giorgio
4502e2c260 Remove logs for OT parsers 2022-10-24 23:16:18 -07:00
Peter Di Giorgio
beb67847f9 Remove modbus,bzar,dnp3,oui-logging 2022-10-24 23:14:32 -07:00
Peter Di Giorgio
9cdc29c482 Fix Syntax for zeeklogs pillar 2022-10-24 14:30:15 -07:00
Peter Di Giorgio
01d177366d Fix Zeek Pillar 2022-10-24 12:00:43 -07:00
Peter Di Giorgio
24cf481f4a Merge pull request #8973 from lock-wire/patch-3 
Add Modbus, DNP3, BZAR, and oui-logging
 2022-10-21 18:06:13 -07:00
Peter Di Giorgio
cd4e0c1f8e Add DNP3 and Modbus extensions to zeeklogs.sls 
Add DNP3 and Modbus extenstions to zeeklogs to ensure filebeat.yml is configured properly to ship lots.  Need to move these behind the OT flag.
 2022-10-21 14:19:21 -07:00
Peter Di Giorgio
4a60310dc8 Add Modbus, DNP3, BZAR, and oui-logging 
This is an initial proof of concept.  Need to migrate these entries behind a flag.
 2022-10-21 14:04:40 -07:00
weslambert
930620fce6 Merge pull request #8971 from lock-wire/patch-2 
Add Ingest pipeline for Modbus and DNP3 extensions
 2022-10-21 16:28:52 -04:00
Peter Di Giorgio
7a60d0987c Update zeek.conn to include client.oui 2022-10-21 13:02:01 -07:00
Peter Di Giorgio
9ac06057c1 Create zeek.read_write_multiple_registers 2022-10-21 13:00:12 -07:00
Peter Di Giorgio
e5c69c3236 Create zeek.modbus_mask_write_register 2022-10-21 12:58:36 -07:00
Peter Di Giorgio
39f050c6e4 Rename modbus_detailed to zeek.modbus_detailed 2022-10-21 12:56:59 -07:00
Peter Di Giorgio
4ee083759c Rename dnp3_objects to zeek.dnp3_objects 2022-10-21 12:56:35 -07:00
Peter Di Giorgio
072bfd87b7 Create Ingest for Modbus Detailed 2022-10-21 12:53:30 -07:00
Peter Di Giorgio
b7aaaa80bb Create Ingest for DNP3 Objects extension 2022-10-21 12:51:13 -07:00
weslambert
a54fc4cead Merge pull request #8942 from Security-Onion-Solutions/master 
Update Foxtrot to .180
 2022-10-18 16:39:21 -04:00
Mike Reeves
fa45e8ded7 Merge pull request #8924 from Security-Onion-Solutions/dev 
2.3.180
2.3.180-20221014 		2022-10-17 10:41:06 -04:00
Mike Reeves
6d0ead7b5b Merge pull request #8923 from Security-Onion-Solutions/2.3.180 
2.3.180
 2022-10-17 09:47:06 -04:00
Mike Reeves
a2a6625f3b 2.3.180 2022-10-17 09:39:07 -04:00
Mike Reeves
3c2510acd7 Merge pull request #8920 from Security-Onion-Solutions/dev 
Merge Dev into Foxtrot
 2022-10-17 09:34:57 -04:00
Doug Burks
0d807d20f4 Merge pull request #8914 from Security-Onion-Solutions/dougburks-patch-1 
Remove destination_geo.organization_name from Sysmon Network sankey diagram
 2022-10-13 13:03:51 +00:00
Doug Burks
f4042263a3 Remove destination_geo.organization_name from Sysmon Network sankey diagram 2022-10-13 08:59:10 -04:00
Doug Burks
a930f8233d Merge pull request #8899 from Security-Onion-Solutions/dougburks-patch-2 
Update soup for 2.3.180
 2022-10-11 17:14:55 +00:00
Doug Burks
7401008523 Update soup for 2.3.180 2022-10-11 12:58:37 -04:00
Doug Burks
5199ea483e Merge pull request #8878 from Security-Onion-Solutions/feature/improve-sysmon-dashboards 
FEATURE: Add new Sysmon dashboards #8870
 2022-10-07 16:47:02 +00:00
doug
454a7a4799 FEATURE: Add new Sysmon dashboards #8870 2022-10-07 11:52:49 -04:00
Doug Burks
6fb7733d8c Merge pull request #8875 from Security-Onion-Solutions/dougburks-patch-1 
Increment SO to 2.3.180 and Elastic to 8.4.3
 2022-10-07 11:13:13 +00:00
Doug Burks
ab17cbee31 Update Elastic to 8.4.3 2022-10-07 07:03:10 -04:00
Doug Burks
9991f0cf95 update Elastic to 8.4.3 2022-10-07 07:02:24 -04:00
Doug Burks
44d46b06a2 increment version to 2.3.180 2022-10-07 06:58:07 -04:00
Mike Reeves
ba7231f07d Merge pull request #8841 from Security-Onion-Solutions/TOoSmOotH-patch-5 
Update VERSION
 2022-10-03 08:46:19 -04:00
Mike Reeves
8dc11ea23a Update VERSION 2022-10-03 08:43:39 -04:00
Mike Reeves
116a6a0acd Merge pull request #8806 from Security-Onion-Solutions/dev 
2.3.170
2.3.170-20220922 		2022-10-01 08:13:09 -04:00
Mike Reeves
311b69dc4a Merge pull request #8805 from Security-Onion-Solutions/2.3.170 
2.3.170
 2022-09-23 15:34:49 -04:00
Mike Reeves
fd59acce5d 2.3.170 2022-09-23 15:26:14 -04:00
Mike Reeves
956d3e4345 Merge pull request #8793 from Security-Onion-Solutions/TOoSmOotH-patch-3 
Update soup
 2022-09-22 09:22:20 -04:00
Mike Reeves
b8355b3a03 Update soup 2022-09-22 09:10:12 -04:00
bryant-treacle
535b9f86db Merge pull request #8633 from Security-Onion-Solutions/bryant-sysmon 
Fix issues: 8591-8953
 2022-09-19 11:53:34 -04:00
Mike Reeves
97c66a5404 Merge pull request #8639 from Security-Onion-Solutions/TOoSmOotH-patch-1 
dev to 170
 2022-08-31 08:23:48 -04:00
Josh Brower
6553beec99 Merge pull request #8644 from Security-Onion-Solutions/upgrade/elastic-8.4.1 
Upgrade/elastic 8.4.1
 2022-08-30 16:37:56 -04:00
Josh Brower
e171dd52b8 Upgrade Elastic to 8.4.1 2022-08-30 16:11:40 -04:00
Josh Brower
27a837369d Upgrade Elastic to 8.4.1 2022-08-30 16:09:57 -04:00
Mike Reeves
043b9f78e2 Merge pull request #8638 from Security-Onion-Solutions/master 
Merge pull request #8627 from Security-Onion-Solutions/dev
 2022-08-30 14:42:18 -04:00
Mike Reeves
2f260a785f Update README.md 2022-08-30 14:41:41 -04:00
Mike Reeves
001b2dc6cc Update VERSION 2022-08-30 14:39:41 -04:00
Mike Reeves
b13eedfbc2 Merge pull request #8627 from Security-Onion-Solutions/dev 
2.3.160
2.3.160-20220829 		2022-08-30 14:33:36 -04:00
Mike Reeves
dd70ef17b9 Merge pull request #8636 from Security-Onion-Solutions/fixitup 
Merge pull request #8571 from Security-Onion-Solutions/dev
 2022-08-30 14:31:35 -04:00
bryant-treacle
82dff3e9da Fix issues: 8591-8953 2022-08-30 13:48:53 +00:00
Mike Reeves
d9cfd92b8f Merge pull request #8626 from Security-Onion-Solutions/2.3.160 
2.3.160
 2022-08-29 15:00:08 -04:00
Mike Reeves
33cb771780 2.3.160 2022-08-29 14:56:43 -04:00