CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-08 18:22:47 +01:00
Code Issues Packages Projects Releases Wiki Activity
8,516 Commits 24 Branches 119 Tags
4c54d6309cfc33606919951f5e4b801cbb553bcc
Commit Graph

8516 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
m0duspwnens
8d2f614af6 Merge remote-tracking branch 'remotes/origin/dev' into issue/4674 2021-08-10 10:16:30 -04:00
m0duspwnens
1415de858c delete old dashboard folders via api - https://github.com/Security-Onion-Solutions/securityonion/issues/4674 2021-08-10 10:16:14 -04:00
Josh Patterson
59e9fddf18 Merge pull request #5109 from Security-Onion-Solutions/issue/4674 
remove old dashboard dirs
 2021-08-09 13:37:45 -04:00
m0duspwnens
ad3b6cf629 remove old dashboard dirs - https://github.com/Security-Onion-Solutions/securityonion/issues/4674 2021-08-09 13:34:02 -04:00
William Wernert
b12e2eded5 Merge pull request #5086 from Security-Onion-Solutions/foxtrot 
Add conditional check for logscan log + add log folder to logrotate config
 2021-08-06 11:32:23 -04:00
William Wernert
26030d83eb Merge branch 'dev' into foxtrot 2021-08-06 09:44:10 -04:00
William Wernert
3b01f6431e Add logscan to logrotate config 2021-08-06 09:43:58 -04:00
Jason Ertel
a646867593 Merge branch 'dev' into kilo 2021-08-06 09:14:45 -04:00
Josh Patterson
768e61e11a Merge pull request #5080 from Security-Onion-Solutions/issue/2806 
Issue/2806
 2021-08-05 12:02:42 -04:00
m0duspwnens
e72ad9eb5a allow curator 2021-08-05 11:54:49 -04:00
m0duspwnens
ac4faf673d add so-manager to curator.yml 2021-08-05 11:11:59 -04:00
William Wernert
dd1769fbef Only check for logscan on manager-type and import 2021-08-05 11:02:09 -04:00
m0duspwnens
853a986082 add reqs to docker add manager to so-curator-closed-delete-delte 2021-08-05 10:36:18 -04:00
m0duspwnens
727a3742f5 run only on manager if truecluster enabled 2021-08-05 09:50:51 -04:00
Doug Burks
478a0b6a3f Merge pull request #5075 from Security-Onion-Solutions/fix/typo 
fix typo
 2021-08-05 07:43:46 -04:00
Doug Burks
771688a70f fix typo 2021-08-05 07:34:07 -04:00
Josh Patterson
40fa549353 Merge pull request #5066 from Security-Onion-Solutions/issue/2806 
dont run curator on searchnode if truecluster is enabled
 2021-08-04 15:01:11 -04:00
Jason Ertel
84fdc1e690 Merge pull request #5057 from Security-Onion-Solutions/bravo 
Several Suricata things
 2021-08-04 12:26:11 -04:00
Mike Reeves
71bbb41b5f Merge branch 'dev' into bravo 2021-08-04 10:57:10 -04:00
m0duspwnens
52cb72ba67 dont run curator on searchnode if truecluster is enabled - https://github.com/Security-Onion-Solutions/securityonion/issues/2806 2021-08-04 09:40:34 -04:00
William Wernert
54a3b754e0 Merge pull request #5050 from Security-Onion-Solutions/foxtrot 
Add logscan state, related pipeline config, and initial so-learn script
 2021-08-03 16:30:07 -04:00
William Wernert
2bc88e7750 Remove learn from allowed states for helixsensor 2021-08-03 15:29:37 -04:00
William Wernert
ef59cb47dd Use print_err function 2021-08-03 15:26:57 -04:00
William Wernert
9e5d3aa286 Fix removed root check in so-rule 2021-08-03 15:25:53 -04:00
William Wernert
25bf25eae6 Allowed states remove typo'd logscan 2021-08-03 15:24:32 -04:00
William Wernert
24f5fa66f3 Merge branch 'dev' into foxtrot 2021-08-03 13:02:29 -04:00
Mike Reeves
1aeb2d7d4f Merge pull request #5040 from Security-Onion-Solutions/kilo 
Condense cloud automations
 2021-08-03 10:59:28 -04:00
Jason Ertel
ee176f5bfd Condense cloud automations 2021-08-03 07:40:50 -04:00
Jason Ertel
eb093b8e6c Condense cloud automations 2021-08-02 21:52:42 -04:00
Jason Ertel
f88fa6e3b2 Condense cloud automations 2021-08-02 21:51:26 -04:00
Jason Ertel
724f7d4f3d Merge pull request #5036 from Security-Onion-Solutions/kilo 
Condense cloud automations
 2021-08-02 18:04:05 -04:00
Jason Ertel
19816d8814 Condense cloud automations 2021-08-02 17:55:27 -04:00
William Wernert
d3b170c6df Add logscan automation file + fix enable command in setup 2021-08-02 12:37:37 -04:00
William Wernert
757091beeb Add log_level to logscan.conf 2021-08-02 10:35:39 -04:00
William Wernert
8a49039b85 Only append source.ip to logscan.source.ips if it's been created 2021-08-02 09:50:49 -04:00
William Wernert
4f39cd1d7f Add logscan dynamic object to so-common template mappings 2021-07-30 16:02:02 -04:00
William Wernert
2a6277c0c3 Fix field names in logscan pipeline 2021-07-30 15:46:39 -04:00
William Wernert
33bd6aed20 Fix logscan pipeline on eval 
* Rename logscan pipeline to logscan.alert
* Add module to indices array in filebeat.yml
 2021-07-30 14:41:15 -04:00
William Wernert
b9980c9d30 Fix pipeline name 2021-07-30 13:09:09 -04:00
William Wernert
01bb94514c Correct mod_so_status to only act on single string 2021-07-30 11:05:48 -04:00
William Wernert
d71967ea1d Fix incorrect writing of so-status.conf 2021-07-30 10:28:39 -04:00
William Wernert
0b06d0bfdb Merge branch 'dev' into foxtrot 2021-07-29 15:15:25 -04:00
William Wernert
b2a83018ba Remove or run logscan based on enabled bool 2021-07-29 15:14:54 -04:00
William Wernert
ba265d94f4 Change default value in learn init to a dict where approriate 2021-07-29 15:14:28 -04:00
Mike Reeves
af7b314cfe Merge pull request #4993 from Security-Onion-Solutions/kilo 
Merge 2.3.61 MSEARCH Hotfix into dev
 2021-07-29 15:02:51 -04:00
Jason Ertel
4c6447a3da merge 2.3.61 MSEARCH hotfix into dev 2021-07-29 15:00:58 -04:00
William Wernert
b30f771fa2 Set write_needed flag correctly, include newline in so-status.conf string 2021-07-29 14:59:26 -04:00
Mike Reeves
837c0402a0 Merge pull request #4989 from Security-Onion-Solutions/hotfix/2.3.61 
Hotfix/2.3.61
2.3.61MSEARCH 		2021-07-29 14:58:25 -04:00
William Wernert
e38219aa2e Fix learn init.sls typo 2021-07-29 14:35:02 -04:00
William Wernert
9e92f6da3d Add container to so-status when enabling/disabling ml module 2021-07-29 14:25:20 -04:00