CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2026-04-25 14:07:49 +02:00
Code Issues Packages Projects Releases Wiki Activity
14,657 Commits 40 Branches 125 Tags
4c5b42b898c062ff76dbbdd5eb24d81d3fb315e9
Commit Graph

9138 Commits

Author SHA1 Message Date
m0duspwnens 79e98e508f pass in UPDATE_DIR as a pillar 2024-02-14 13:28:12 -05:00
Josh Patterson cf6266a92b Merge pull request #12354 from Security-Onion-Solutions/2450soup 
modify soup to update soup scripts using salt
 2024-02-13 16:23:57 -05:00
m0duspwnens 2e9fa2438b add back comment 2024-02-13 16:19:50 -05:00
Corey Ogburn a5db9f87dd Merge branch 'kilo' into cogburn/detection_playbooks 2024-02-13 14:08:44 -07:00
Corey Ogburn f321e734eb Added so-detection mapping in elasticsearch 2024-02-13 14:05:27 -07:00
Corey Ogburn 8800b7e878 WIP: Detections Changes 
Removed some strelka/yara rules from salt.

Removed yara scripts for downloading and updating rules. This will be managed by SOC.

Added a new compile_yara.py script.

Added the strelka repos folder.
 2024-02-13 14:05:27 -07:00
Corey Ogburn 031ee078c5 socsigmarepo 
Need write permissions on the /opt/so/rules dir so I can clone the sigma repo there.
 2024-02-13 14:05:27 -07:00
m0duspwnens 00f2374582 fix path for so-firewall 2024-02-13 15:43:02 -05:00
m0duspwnens 468eedfaeb add soup script update retru 2024-02-13 15:30:24 -05:00
m0duspwnens 88786e8342 use file.copy to preserve perms 2024-02-13 15:05:09 -05:00
Corey Ogburn c933627a71 Merge branch 'kilo' of github.com:security-onion-solutions/securityonion into kilo 2024-02-13 12:53:29 -07:00
Corey Ogburn 0d297274c8 DetectionComment Mapping Defined 2024-02-13 12:53:18 -07:00
m0duspwnens 141fd49f02 use rsync 2024-02-13 14:27:22 -05:00
m0duspwnens 7112337c85 fix copy 2024-02-13 13:52:14 -05:00
Josh Brower 0c6c6ba2d5 Various UI tweaks 2024-02-13 13:38:43 -05:00
m0duspwnens d6ac7a3286 fix the jinja 2024-02-13 13:31:34 -05:00
m0duspwnens 9175a73456 dont need $ for vars 2024-02-13 13:08:09 -05:00
m0duspwnens 1bde002f20 update case 2024-02-13 12:51:53 -05:00
Doug Burks 0741ae370a Update defaults.yaml 2024-02-13 12:51:26 -05:00
m0duspwnens d7f853b5b2 comment out script copy in soup 2024-02-13 12:50:22 -05:00
m0duspwnens 5c9b1ab38b copy with cp 2024-02-13 12:48:31 -05:00
m0duspwnens b713771494 add back common soup_scripts state 2024-02-13 12:30:36 -05:00
Doug Burks 8060751a66 Add table columns to process dashboard in defaults.yaml 2024-02-13 12:24:33 -05:00
m0duspwnens c1258f9a92 Merge remote-tracking branch 'origin/2.4/dev' into 2450soup 2024-02-13 11:09:24 -05:00
m0duspwnens 92634724c4 move rm 2024-02-13 11:09:08 -05:00
m0duspwnens 3efaba1104 modify soup to update soup scripts without using salt 2024-02-13 11:04:26 -05:00
Josh Brower ea80469c2d Detection Default queries 2024-02-12 19:39:55 -05:00
Doug Burks 0ad39a7e32 FEATURE: Add new SOC action to show process ancestry #12345 2024-02-12 19:18:29 -05:00
Doug Burks 20d2f3b97e Update Sublime action in defaults.yaml to use i18n 2024-02-12 19:13:32 -05:00
Josh Brower ccb14485a3 Fix conflicting id 2024-02-12 19:06:19 -05:00
Josh Brower 5102269440 Update defaults 2024-02-12 16:44:54 -05:00
Mike Reeves 5a4e11b2f8 Update soup 
Remove a function that isn't used any more
 2024-02-12 16:09:47 -05:00
Mike Reeves e713b4c660 Merge pull request #12346 from Security-Onion-Solutions/reyesj2-patch-1 
Remove unused file
 2024-02-12 16:07:31 -05:00
Mike Reeves f91cb5b81f Merge pull request #12290 from petiepooo/fix-remove-intca-symlink 
fix: also remove intca symlink
 2024-02-12 12:33:13 -05:00
Jorge Reyes 4b697b2406 Remove unused file 2024-02-12 09:28:48 -05:00
Josh Brower c04f5a3f0f Merge pull request #12268 from Security-Onion-Solutions/feature/fleet-artifacts 
Feature/fleet artifacts
 2024-02-12 08:58:14 -05:00
Josh Brower cc0f25a4f7 Wait for ES to be ready 2024-02-11 13:30:20 -05:00
Josh Brower eafb5cf15e Change to file_root 2024-02-11 13:18:20 -05:00
Jorge Reyes 2b2aa30ac1 Merge pull request #12332 from Security-Onion-Solutions/reyesj2/sod-putty 
Add putty to SOD
 2024-02-10 20:41:03 -05:00
Josh Brower 66ac36a944 Update soup 2024-02-10 11:07:26 -05:00
Josh Brower feabb7c51f Merge remote-tracking branch 'origin/2.4/dev' into feature/fleet-artifacts 2024-02-10 10:57:46 -05:00
Corey Ogburn 64f6d0fba9 Updated Detection's ES Mappings 
Detection's now have a License field and the Comment model is defined now.
 2024-02-09 14:20:07 -07:00
Josh Patterson 94b6e781bb Merge pull request #12337 from Security-Onion-Solutions/salt3006.6v2 
Salt3006.6v2
 2024-02-09 15:45:39 -05:00
m0duspwnens 304ae49251 fix source 2024-02-09 12:41:23 -05:00
m0duspwnens 213ac822a8 create dir and chown 2024-02-09 10:54:07 -05:00
m0duspwnens 2143881c0b specify *.rules 2024-02-09 10:22:25 -05:00
m0duspwnens 5903ae596c move suricata rules to /opt/so/rules/nids/suri 2024-02-09 09:47:23 -05:00
Josh Brower 654602bf80 Fixup shell 2024-02-09 09:30:18 -05:00
reyesj2 3c9d6da1d8 add putty to sod packages.sls 
Signed-off-by: reyesj2 <94730068+reyesj2@users.noreply.github.com>
 2024-02-08 22:05:37 -05:00
Josh Brower 683abf0179 Rework naming 2024-02-08 13:24:25 -05:00