CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-07 17:52:46 +01:00
Code Issues Packages Projects Releases Wiki Activity
8,722 Commits 24 Branches 119 Tags
48eaf190e94d83523dc6693af160f8b07c5504d0
Commit Graph

23 Commits

Author SHA1 Message Date
Dat
9569e73bd0 Added ASN annotation for IP 2021-10-04 12:41:20 -07:00
Josh Brower
44c75122ed Update Sigmac mappings and config for IPs and ports 2021-03-16 09:05:35 -04:00
Wes Lambert
3c820365ab Fix common pipeline field removal so won't fail for missing fields 2020-10-14 13:55:24 +00:00
Wes Lambert
69a04dedd3 Filterlog config changes 2020-10-09 23:56:52 +00:00
weslambert
5ada85942b Lowercase network.transport 2020-10-08 07:59:57 -04:00
Wes Lambert
869767d9d9 Add initial parsing for Wazuh WEL/Sysmon 2020-09-28 19:04:21 +00:00
Josh Brower
a8b980b6a7 More Playbook Fixes - Issue #1064 2020-08-07 13:35:43 -04:00
Josh Brower
d971d07720 Osquery & WLB Parsing Update for WEL & Sysmon 2020-07-31 16:06:15 -04:00
Josh Brower
65062d93f4 Misc fixes 2020-07-10 19:43:43 -04:00
Josh Brower
206bdc60f3 Merge pull request #967 from Security-Onion-Solutions/feature/low-level-alerts 
Feature - low level alerts
 2020-07-09 13:56:31 -04:00
Josh Brower
52f7111e1d Feature - low level alerts 2020-07-09 13:53:55 -04:00
Doug Burks
fef803a86c Add ignore_failure to geoip processor calls #942 2020-07-08 10:41:14 -04:00
Wes Lambert
18547e8ea8 enforce field types 2020-06-15 16:54:33 +00:00
Josh Brower
56f5fbdf6b Ingest pipeline commid fix for conn logs 2020-05-22 17:11:08 -04:00
Wes Lambert
03805bd6e2 remove type field 2020-05-15 18:29:49 +00:00
Mike Reeves
0b7568e08f Update soc.json with default search info 2020-05-12 13:57:40 -04:00
Wes Lambert
ad50093315 add community_id parsing for ingest 2020-03-30 15:49:36 +00:00
Wes Lambert
93c3c86e2f update wazuh fields and category 2020-03-30 14:24:01 +00:00
Wes Lambert
488858f8bc remove beat field removal 2020-03-17 15:19:08 +00:00
Wes Lambert
c52220330b modify pipelines 2020-03-14 12:03:32 +00:00
Wes Lambert
9ad16e8c71 upadte ingest config 2020-03-11 12:13:53 +00:00
Wes Lambert
ec6638a276 src/dst ip/port fields to ECS 2020-03-02 19:10:18 +00:00
doug
8472b24a67 parse Bro logs using Elasticsearch ingest node 2019-09-23 16:04:23 -04:00