CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2026-04-25 14:07:49 +02:00
Code Issues Packages Projects Releases Wiki Activity
15,113 Commits 40 Branches 125 Tags
469ca4401621c2b651cd12f3c1c9eb8892e46ce4
Commit Graph

15113 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
m0duspwnens a2467d0418 move so-tcpreplay to sensor state 2024-06-05 08:24:57 -04:00
Josh Patterson 56a16539ae Merge pull request #13134 from Security-Onion-Solutions/sotcprp 
so-tcpreplay now runs if manager is offline
 2024-06-04 10:43:33 -04:00
m0duspwnens c0b2cf7388 add the curlys 2024-06-04 10:28:21 -04:00
Josh Patterson ef3a52468f Merge pull request #13129 from Security-Onion-Solutions/salt3006.8 
salt 3006.6
 2024-06-03 15:29:19 -04:00
m0duspwnens c88b731793 revert to 3006.6 2024-06-03 15:27:08 -04:00
weslambert 964fef1aab Merge pull request #13117 from Security-Onion-Solutions/fix/items_and_lists 
Add templates for .items and .lists indices
 2024-05-31 16:34:29 -04:00
Wes a8c231ad8c Add component templates 2024-05-31 17:47:01 +00:00
Wes f396247838 Add index templates and lifecycle policies 2024-05-31 17:46:19 +00:00
coreyogburn 37a928b065 Merge pull request #13107 from Security-Onion-Solutions/cogburn/detection-templates 
Added TemplateDetections To Detection ClientParams
 2024-05-30 16:26:17 -06:00
Corey Ogburn 85c269e697 Added TemplateDetections To Detection ClientParams 
The UI can now insert templates when you select a Detection language. These are those templates, annotated.
 2024-05-30 15:59:03 -06:00
m0duspwnens 6e70268ab9 Merge remote-tracking branch 'origin/2.4/dev' into sotcprp 2024-05-30 16:34:37 -04:00
Josh Patterson fb8929ea37 Merge pull request #13103 from Security-Onion-Solutions/salt3006.8 
Salt3006.8
 2024-05-30 16:32:05 -04:00
weslambert 5d9c0dd8b5 Merge pull request #13101 from Security-Onion-Solutions/fix/separate_suricata 
Separate Suricata alerts into a specific data stream
 2024-05-30 16:30:55 -04:00
m0duspwnens debf093c54 Merge remote-tracking branch 'origin/2.4/dev' into salt3006.8 2024-05-30 15:58:10 -04:00
m0duspwnens 7702f05756 upgrade salt 3006.8. soup for 2.4.80 2024-05-30 15:00:32 -04:00
Wes 2c635bce62 Set index for Suricata alerts 2024-05-30 17:02:31 +00:00
Wes e831354401 Add Suricata alerts setting for configuration 2024-05-30 17:00:11 +00:00
Wes 55c5ea5c4c Add template for Suricata alerts 2024-05-30 16:58:56 +00:00
Mike Reeves 12762e08ef Merge pull request #13093 from Security-Onion-Solutions/TOoSmOotH-patch-1 
Update VERSION
 2024-05-29 16:54:31 -04:00
Mike Reeves 62bdb2627a Update VERSION 2024-05-29 16:53:27 -04:00
Mike Reeves 88651219a6 Merge pull request #13090 from Security-Onion-Solutions/2.4.70 
2.4.70
 2024-05-29 14:54:16 -04:00
Mike Reeves a655f8dc04 2.4.70 2024-05-29 14:52:47 -04:00
Mike Reeves e98b8566c9 2.4.70 2024-05-29 14:50:22 -04:00
Josh Brower ef10794e3b Merge pull request #13089 from Security-Onion-Solutions/2.4/realert 
fix rsync
 2024-05-29 11:12:45 -04:00
DefensiveDepth 0d034e7adc fix rsync 2024-05-29 10:55:56 -04:00
Josh Brower ca49943a7f Merge pull request #13085 from Security-Onion-Solutions/2.4/soupchange 
Check to see if local exists
 2024-05-28 10:25:46 -04:00
DefensiveDepth ee4ca0d7a2 Check to see if local exists 2024-05-28 10:24:09 -04:00
Josh Brower 0d634f3b8e Merge pull request #13084 from Security-Onion-Solutions/2.4/soupchange 
Fix fi
 2024-05-28 10:05:33 -04:00
DefensiveDepth f68ac23f0e Fix fi 
Signed-off-by: DefensiveDepth <Josh@defensivedepth.com>
 2024-05-28 10:03:31 -04:00
Josh Brower 825c4a9adb Merge pull request #13083 from Security-Onion-Solutions/2.4/soupchange 
Backup .yml files too
 2024-05-28 09:45:53 -04:00
DefensiveDepth 2a2b86ebe6 Dont overwrite 2024-05-28 09:43:45 -04:00
DefensiveDepth 74dfc25376 backup local rules 2024-05-28 09:29:10 -04:00
DefensiveDepth 81ee60e658 Backup .yml files too 2024-05-28 06:42:18 -04:00
Josh Brower 49fd84a3a7 Merge pull request #13081 from Security-Onion-Solutions/2.4/soupchange 
Dont bail - just wait for enter
 2024-05-24 16:28:40 -04:00
DefensiveDepth 58b565558d Dont bail - just wait for enter 2024-05-24 16:21:59 -04:00
Josh Brower 185fb38b2d Merge pull request #13079 from Security-Onion-Solutions/2.4/sigmapipelineupdates 
Add IDH mappings
 2024-05-24 14:48:22 -04:00
DefensiveDepth 550b3ee92d Add IDH mappings 2024-05-24 14:46:24 -04:00
Josh Brower 29a87fd166 Merge pull request #13078 from Security-Onion-Solutions/2.4/socdefaultsdet 
Add instructions for sigma and yara repos
 2024-05-24 13:02:01 -04:00
DefensiveDepth f90d40b471 Fix typo 2024-05-24 12:56:17 -04:00
DefensiveDepth 4344988abe Add instructions for sigma and yara repos 2024-05-24 12:54:36 -04:00
Josh Brower 979147a111 Merge pull request #13062 from Security-Onion-Solutions/2.4/backupscript 
Detections backup script
 2024-05-24 10:06:56 -04:00
DefensiveDepth 66725b11b3 Added unit tests 2024-05-24 09:55:10 -04:00
Jason Ertel 19f9c4e389 Merge pull request #13076 from Security-Onion-Solutions/jertel/eaconfig 
provide default columns when viewing SOC logs
 2024-05-24 08:39:17 -04:00
Jason Ertel bd11d59c15 add event.dataset since there are other datasets in soc logs 2024-05-24 08:38:12 -04:00
Jason Ertel 15155613c3 provide default columns when viewing SOC logs 2024-05-24 08:23:45 -04:00
m0duspwnens b5f656ae58 dont render pillar each time so-tcpreplay runs 2024-05-23 13:22:22 -04:00
Josh Patterson 7177392adc Merge pull request #13071 from Security-Onion-Solutions/telfinwip 
Telfinwip
 2024-05-23 10:46:54 -04:00
m0duspwnens ea7715f729 use waitforstate var instead. 2024-05-23 10:41:10 -04:00
m0duspwnens 0b9ebefdb6 only show telem status in final whiptail if new deployment 2024-05-23 10:08:23 -04:00
Mike Reeves 19e66604d0 Merge pull request #13069 from Security-Onion-Solutions/TOoSmOotH-patch-8 
Update defaults.yaml
 2024-05-23 08:22:05 -04:00