CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2026-02-21 22:45:27 +01:00
Code Issues Packages Projects Releases Wiki Activity
10,444 Commits 25 Branches 121 Tags
4a18f8d18a7e52b5e48dc91ef90f4dfd419d9c9f
Commit Graph

155 Commits

Author SHA1 Message Date
Jason Ertel
31c04aabdd Disable MRU queries on dashboards 2022-05-09 15:06:43 -04:00
Jason Ertel
3f35dc54d2 Disable actions on dashboards group-by tables 2022-05-09 11:44:39 -04:00
Jason Ertel
0786191fc9 Add dashboard ref to soc.json 2022-05-06 15:16:27 -04:00
Jason Ertel
deb9b0e5ef Add analyze feature 2022-03-28 15:53:24 -04:00
Mike Reeves
9c80ff4f65 Remove hive from more files 2022-03-15 09:37:58 -04:00
Jason Ertel
14c587fca2 Add new abbreviated result limit param 2022-01-27 15:51:02 -05:00
Jason Ertel
a4d2807fbb Switch to httpcase for consistency 2022-01-24 09:45:07 -05:00
Jason Ertel
dc44a91398 Prefix all SO fields to avoid potential conflicts with future ECS changes 2022-01-19 14:26:22 -05:00
Mike Reeves
1d94e3ac69 Fix some formatting 2022-01-12 09:38:22 -05:00
Jason Ertel
66c9e20c6a Add wilcards for CCS compatibility 2022-01-07 15:57:08 -05:00
Jason Ertel
9ef83da23f Add case exclusion toggle to Hunt to avoid hunt results getting case data hits unintentionally 2022-01-07 12:58:35 -05:00
Jason Ertel
4bfdfffe21 Switch soc.json to use lowercase labels in default queries; Also enable the 'Add Case' feature 2022-01-05 09:54:13 -05:00
Jason Ertel
e5110ac4e8 Use CCS compatible index 2021-12-29 09:08:10 -05:00
Jason Ertel
5a4473ecd6 fix indent 2021-12-28 08:33:31 -05:00
Jason Ertel
f335670b3f Add new client-side param for cases 2021-12-27 21:53:30 -05:00
Jason Ertel
194e4119f0 Correct missing json vars 2021-12-27 20:36:28 -05:00
Jason Ertel
09626deb05 Correct var names for jinja 2021-12-27 18:01:15 -05:00
Jason Ertel
ab3319b472 Add artifact support 2021-12-27 10:49:10 -05:00
Jason Ertel
2761662eb9 Add status presets 2021-12-09 13:09:56 -05:00
Jason Ertel
a9b7b9ee92 Jinjafy case params 2021-12-08 17:41:48 -05:00
Jason Ertel
b73eb76c94 Make case module dynamic 2021-12-07 11:51:02 -05:00
Wes Lambert
032373187c Allow setting ES index patterns for SOC in pillar 2021-10-15 16:02:53 +00:00
Jason Ertel
fbd9bab2f1 Split apart roles and users into separate maps 2021-09-16 16:08:55 -04:00
Josh Brower
e0a289182f Fix Fleet Link Logic 2021-09-15 09:28:23 -04:00
Josh Brower
74b0b365bd Fleet SA - SOC Link Fix 2021-09-14 13:23:07 -04:00
Jason Ertel
10126bb7ef Auth enhancements 2021-09-02 09:44:57 -04:00
doug
7e86681509 FIX: Airgap link to Release Notes #4685 2021-07-16 16:50:49 -04:00
Jason Ertel
09fbb045a1 If ES auth disabled ensure user/pass are blank 2021-06-16 09:59:57 -04:00
Jason Ertel
901242f7e9 remove extra parenthesis 2021-06-02 16:23:45 -04:00
Jason Ertel
20e896cacf Update all configs to pass user/pass to ES 2021-06-02 12:17:15 -04:00
Jason Ertel
c757d21360 Increase default SOC API and ES timeouts from 2m to 5m 2021-06-02 09:38:59 -04:00
doug
aeea5701e4 completely disable both alerts.actions.json and hunt.actions.json 2021-05-26 16:34:05 -04:00
doug
ee675546ac add menu.actions.json and update soc.json 2021-05-26 14:09:00 -04:00
m0duspwnens
ef32bff302 fix up soc.json 2021-05-17 18:29:27 -04:00
m0duspwnens
e50002e0ca influx and grafana default for manager nodes - https://github.com/Security-Onion-Solutions/securityonion/issues/4207 2021-05-17 16:26:12 -04:00
Jason Ertel
8facbcf18c Do not set influxdb hostUrl if import node since import nodes don't run influxdb 2021-04-09 20:40:44 -04:00
Jason Ertel
5cb73ced36 Add Influx module to SOC config 2021-04-09 14:58:15 -04:00
Jason Ertel
cc30abfe1b Refresh fieldcaps every 5 minutes 2021-03-18 13:48:57 -04:00
Jason Ertel
4e9f629231 Reformat inactiveTools list in JSON format 2021-03-17 18:25:05 -04:00
Jason Ertel
4de809ecbd Automatically hide SOC tools that are not installed. Resolves #1643. 2021-03-17 16:13:50 -04:00
Jason Ertel
8cddfeb47d Provide pillar for each client param 2021-03-12 07:42:10 -05:00
Jason Ertel
462f76e2bb Remove client params block in favor in individual settings that will go into the pillar 2021-03-12 06:38:53 -05:00
Jason Ertel
80987dfd1d Support overrides of client params 2021-03-11 18:01:04 -05:00
Jason Ertel
b1777ff10f Merge pull request #3357 from Security-Onion-Solutions/nomorefeatures 
SSL with Elastic Security
 2021-03-08 21:22:30 -05:00
Jason Ertel
84c152e233 fix: Sensors can temporarily show offline while processing large PCAP jobs. Resolves #3279. 2021-03-08 12:05:44 -05:00
Mike Reeves
bfd05a8cfc Change to https for elastic connections 2021-03-02 11:32:29 -05:00
Jason Ertel
5d955bcdb7 Enable new SoStatus module in SOC for managing grid status 2020-12-08 09:22:18 -05:00
Mike Reeves
97207bd006 Merge pull request #1702 from Security-Onion-Solutions/dockernet 
Custom Docker IP Range
 2020-10-28 10:48:56 -04:00
Mike Reeves
697bc53aec Dockernet Modifications 2020-10-27 15:08:34 -04:00
Jason Ertel
474c4e54b4 Ensure labels and icons are associated with all quick actions 2020-10-27 12:04:57 -04:00