securityonion

mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-06 09:12:45 +01:00

Author	SHA1	Message	Date
defensivedepth	4c5099d429	Initial support for local lookup	2024-10-29 10:27:54 -04:00
Josh Brower	6a3e5415cf	Merge pull request #13832 from Security-Onion-Solutions/2.4/sigmapipelines Add process and file creation mappings	2024-10-28 18:30:21 -04:00
coreyogburn	2c4f65009c	Merge pull request #13873 from Security-Onion-Solutions/cogburn/tuning-notes Tuning Notes	2024-10-28 15:37:06 -06:00
defensivedepth	f3ca5b1c42	Remove OS-specific mappings	2024-10-28 09:19:51 -04:00
Corey Ogburn	640f53d085	Cleanup Fix indentation and trailing comma.	2024-10-24 17:05:36 -06:00
Corey Ogburn	1aa9d87c5d	Corrected Put the note on the right model this time.	2024-10-24 17:05:36 -06:00
Corey Ogburn	e11c562022	Added Note to ES Mappings	2024-10-24 17:05:35 -06:00
coreyogburn	a76a2d8e9f	Merge pull request #13800 from Security-Onion-Solutions/cogburn/detection-status-hunt Cogburn/detection status hunt	2024-10-24 16:31:59 -06:00
Corey Ogburn	6ce52bf9ab	Specify Defaults for detectionEngineStatusQueries Specify the defaults as an example to the user.	2024-10-24 13:11:49 -06:00
Corey Ogburn	f67fcecc6e	Clean up StatusQueries String	2024-10-24 11:18:48 -06:00
Corey Ogburn	b7c392a244	Corrected a misspelling	2024-10-24 11:18:48 -06:00
Corey Ogburn	ad0b0a5e95	Refactor to String To accomodate the config screen, the annotation now specifies it as a multiline string with a yaml syntax. The user can edit the yaml to add or remove queries. The UI will parse the YAML before use. Also updated the IntegrityFailure queries to specify table columns more relevant to a sync failure than the default ones.	2024-10-24 11:18:47 -06:00
Corey Ogburn	c77b0afd8e	Move to Client/Detections Added a basic annotation.	2024-10-24 11:18:47 -06:00
Corey Ogburn	04ebe4efea	Array to Dictionary	2024-10-24 11:18:46 -06:00
Corey Ogburn	cbb4d6846f	Detection Engine Status Queries A few for testing	2024-10-24 11:18:45 -06:00
Josh Patterson	ba699b8d06	Merge pull request #13863 from Security-Onion-Solutions/issue/13851 Issue/13851	2024-10-24 11:00:28 -04:00
m0duspwnens	a0558ace16	replace: False to remove state warning	2024-10-24 10:33:16 -04:00
m0duspwnens	ca793966a8	set retry and interval to remove state warning	2024-10-24 10:32:42 -04:00
Josh Patterson	dbc533e976	Merge pull request #13859 from Security-Onion-Solutions/stpndfls call airgap_rules if airgap. log rsync and git commands	2024-10-23 16:44:41 -04:00
m0duspwnens	4d902da931	call airgap_rules if airgap. log rsync and git commands	2024-10-23 15:58:11 -04:00
Josh Patterson	578a18acbe	Merge pull request #13853 from Security-Onion-Solutions/agcr install createrepo for airgap	2024-10-23 14:21:26 -04:00
m0duspwnens	17ba048b50	use manager state to install createrepo_c for airgap	2024-10-23 10:40:26 -04:00
Josh Patterson	36a2bffdc7	Merge pull request #13855 from Security-Onion-Solutions/issue/204 fix HELD for debian families	2024-10-23 09:40:25 -04:00
m0duspwnens	8cc530dd4c	fix HELD for debian families	2024-10-23 09:36:17 -04:00
m0duspwnens	1df104967e	fix pkg name	2024-10-22 16:50:23 -04:00
m0duspwnens	7a0f6d5e93	fix pkg name	2024-10-22 16:42:01 -04:00
m0duspwnens	8d2ae23ae6	install createrepo on airgap and non airgap	2024-10-22 13:56:38 -04:00
m0duspwnens	21f359456c	install createrepo for airgap	2024-10-22 11:35:08 -04:00
Jorge Reyes	2b4dfbe2ca	Merge pull request #13849 from Security-Onion-Solutions/revert-13841-reyesj2/eaintegration Revert "Add support for cybereason integration"	2024-10-21 15:26:15 -04:00
Jorge Reyes	cf95af66c6	Revert "Add support for cybereason integration"	2024-10-21 15:23:05 -04:00
Josh Patterson	b95563bdf1	Merge pull request #13842 from Security-Onion-Solutions/issue/204 prevent state from failing if versionlock plugin not installed	2024-10-18 14:48:03 -04:00
m0duspwnens	4d093735ec	prevent state from failing if versionlock plugin not installed	2024-10-18 14:41:23 -04:00
Jorge Reyes	cd5d5b4bb0	Merge pull request #13841 from Security-Onion-Solutions/reyesj2/eaintegration Add support for cybereason integration	2024-10-18 13:40:31 -04:00
reyesj2	8b11019712	Add support for cybereason integration Signed-off-by: reyesj2 <94730068+reyesj2@users.noreply.github.com>	2024-10-18 11:56:47 -04:00
Josh Patterson	1930740d10	Merge pull request #13836 from Security-Onion-Solutions/issue/204 Issue/204	2024-10-17 12:23:50 -04:00
m0duspwnens	39230159ae	update description	2024-10-17 12:10:49 -04:00
m0duspwnens	76ff0c56cd	create versionlock pillar dir/files during soup to 120	2024-10-17 10:06:40 -04:00
m0duspwnens	17870bcab8	Merge remote-tracking branch 'origin/2.4/dev' into issue/204	2024-10-17 09:59:36 -04:00
m0duspwnens	5fb660bc9a	remove kernel bool option, just use list	2024-10-17 09:29:03 -04:00
m0duspwnens	73ce526467	allow users to lock pkgs from upgrade	2024-10-16 17:06:03 -04:00
Jorge Reyes	0ba6df3b23	Merge pull request #13834 from Security-Onion-Solutions/reyesj2/eaintegration FEATURE: add support for trend micro integrations	2024-10-16 17:03:49 -04:00
reyesj2	322199358d	add support for trendmicro integration Signed-off-by: reyesj2 <94730068+reyesj2@users.noreply.github.com>	2024-10-16 16:45:46 -04:00
defensivedepth	dcdfaf66f4	Add process and file creation mappings	2024-10-16 15:20:52 -04:00
coreyogburn	a3933bdc79	Merge pull request #13826 from Security-Onion-Solutions/cogburn/ai-switch-flip Changes to allow reviews to start showing	2024-10-15 16:03:18 -06:00
Josh Patterson	ebd21f3f53	Merge pull request #13825 from Security-Onion-Solutions/issue/13808 Issue/13808	2024-10-15 17:18:56 -04:00
m0duspwnens	ce6c7c3b91	Merge remote-tracking branch 'origin/2.4/dev' into issue/13808	2024-10-15 13:14:18 -04:00
m0duspwnens	c2e46932ee	fix array def	2024-10-15 12:01:53 -04:00
m0duspwnens	c46fb7e74c	check if service is running before trying to start it	2024-10-15 11:46:09 -04:00
m0duspwnens	ac6637c6ab	set vars global	2024-10-15 09:56:50 -04:00
m0duspwnens	cc19b60146	restore services/top at start of soup	2024-10-15 09:32:14 -04:00

1 2 3 4 5 ...

15833 Commits