CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-19 07:23:06 +01:00
Code Issues Packages Projects Releases Wiki Activity
11,026 Commits 18 Branches 120 Tags
4923fb1c3593670a476c311c81aa7f53c7b6f4d2
Commit Graph

103 Commits

Author SHA1 Message Date
Doug Burks
c15db73561 Avoid unnecessary Zeek processes in Import Mode 2023-01-10 16:48:47 -05:00
Wes
c741fe6b4d Ensure ICS/SCADA plugins/scripts are enabled 2022-12-06 16:23:26 +00:00
Doug Burks
40f5bb25ef FIX: Avoid deprecation warning in Zeek file extraction script #9123 2022-11-11 16:28:23 -05:00
Mike Reeves
bf5df1ac51 Add Strelka Filecheck 2022-11-02 09:57:07 -04:00
m0duspwnens
b526532ab6 use global vars in states 2022-10-11 11:57:15 -04:00
doug
fee5a7bea9 initial quick OCD pass 2022-09-23 16:29:55 -04:00
m0duspwnens
e1ea3c2031 soc for zeek 2022-09-20 16:22:54 -04:00
m0duspwnens
1685e0e6db few more 2022-09-20 15:25:50 -04:00
m0duspwnens
75aa121b2d fix some things 2022-09-20 13:19:15 -04:00
m0duspwnens
29285b8fb1 fix conflixt in zeek/init.sls 2022-09-20 11:12:44 -04:00
m0duspwnens
d1ee3a7d04 zeek 2.4 2022-09-20 11:11:29 -04:00
m0duspwnens
79785fc053 zeek jinja 2022-09-19 15:26:32 -04:00
Mike Reeves
958d2494a8 Zeek Test 2022-09-16 10:27:42 -04:00
Mike Reeves
2a51ecb1ac Zeek Test 2022-09-16 09:10:09 -04:00
Mike Reeves
f02db7a815 Zeek Test 2022-09-16 09:05:16 -04:00
Mike Reeves
9a6fe3e8de Add BPF 2022-09-16 08:36:44 -04:00
Mike Reeves
a4dc63f3a4 Change how zeek and suri are populated in the minion file 2022-09-14 09:53:57 -04:00
Mike Reeves
9ca2e6e871 Add more logging to setup process 2022-09-12 14:20:59 -04:00
Mike Reeves
2254512a2a Add more logging to setup process 2022-09-12 12:48:02 -04:00
Mike Reeves
2bd9dd80e2 Move In Day 2022-09-07 09:06:25 -04:00
Doug Burks
15ef0968d9 FIX: Improve Zeek file extraction #7829 2022-04-20 14:01:46 -04:00
Mike Reeves
0d1da5d1dc Update networks.cfg.jinja 2022-02-18 20:02:50 -05:00
Mike Reeves
6f4ee4123a Update networks.cfg.jinja 2022-02-18 11:26:58 -05:00
Mike Reeves
95eab61615 Rename to the .jinja standard 2022-02-18 11:06:33 -05:00
Mike Reeves
3e194c9b4b Walk the homenet for zeek 2022-02-17 11:33:22 -05:00
Mike Reeves
89eb2d0a8b Add netowrks.cfg to Zeek 2022-02-16 14:24:58 -05:00
Jason Ertel
eefcc929c2 Update copyright pattern to match other repos 2022-01-24 10:09:23 -05:00
Jason Ertel
7c22f46a55 Update copyright year for 2022 2022-01-24 09:35:29 -05:00
William Wernert
a5cba5ecf8 Merge branch 'dev' into foxtrot 2021-10-29 10:01:46 -04:00
m0duspwnens
7eb42fa6bd change boolean 2021-10-28 08:43:03 -04:00
m0duspwnens
18ce9c7819 disable zeekpacketlosscron and telegraf checks if zeek is diabled via pillar 2021-10-28 07:46:02 -04:00
William Wernert
eee612e73d Make folder/file states explicit 
Rather than using /nsm/zeek (max_depth: 1) create explicit states for /nsm/zeek/spool and /nsm/zeek/spool/state.db that set correct ownership
 2021-10-27 11:43:09 -04:00
m0duspwnens
d7e5377a44 more requires 2021-10-22 16:46:45 -04:00
Josh Brower
4d307c53e8 Add support for disabling Zeek and Suricata 2021-09-17 13:01:50 -04:00
m0duspwnens
8ffeae38bc https://github.com/Security-Onion-Solutions/securityonion/issues/4024 2021-07-27 16:16:48 -04:00
Mike Reeves
a2e1b1de3a Merge pull request #4484 from Security-Onion-Solutions/pipeline 
Pipeline
 2021-06-10 13:41:14 -04:00
Mike Reeves
eac5c604bd Update packetloss.sh 2021-05-28 12:57:35 -04:00
Mike Reeves
34d4eedf67 Remove old modules 2021-05-26 10:11:47 -04:00
Mike Reeves
cd3e355f84 Fix zeek depth 2021-05-25 16:54:20 -04:00
Mike Reeves
90b3462ead No recurse for you 2021-05-06 13:29:15 -04:00
m0duspwnens
fcd3f81400 fix quotes 2021-02-25 11:16:53 -05:00
m0duspwnens
c8213fa3d4 change docker exec 2021-02-25 11:07:54 -05:00
m0duspwnens
add66e750e forgot to add -c 2021-02-25 10:49:09 -05:00
m0duspwnens
d52abcbcbd ensure zeekctl is run as user zeek https://github.com/Security-Onion-Solutions/securityonion/issues/3130 2021-02-25 09:58:07 -05:00
Jason Ertel
34dab9009c Ensure Zeek spool dir is owned by Zeek to allow Zeek to start correctly 2021-02-25 08:10:13 -05:00
m0duspwnens
b693373d8d change how we allow or disallow states to be run https://github.com/Security-Onion-Solutions/securityonion/issues/2679 2021-01-20 15:09:53 -05:00
m0duspwnens
96b72d46be show steno,zeek,suricata as disabled in so-status on import node 2020-12-16 12:01:48 -05:00
m0duspwnens
09b3a4a0dd merge pillar with the defaults https://github.com/Security-Onion-Solutions/securityonion/issues/2319 2020-12-11 14:35:06 -05:00
m0duspwnens
b8e8510dd2 merge pillar with the defaults https://github.com/Security-Onion-Solutions/securityonion/issues/2319 2020-12-11 14:26:32 -05:00
m0duspwnens
1fca5e65df redo how containers get added to so-status https://github.com/Security-Onion-Solutions/securityonion/issues/1681 2020-11-10 15:31:47 -05:00