CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2026-01-03 23:03:09 +01:00
Code Issues Packages Projects Releases Wiki Activity
15,915 Commits 20 Branches 120 Tags
4e0b5569dcf22e24cdbd6deb6cd06fe71597c951
Commit Graph

783 Commits

Author SHA1 Message Date
Jason Ertel
5b74a55c3c ensure roles file exists since no longer syncing clients to es 2024-11-11 17:21:42 -05:00
Jason Ertel
57a9992a3d Merge branch '2.4/dev' into jertel/wip 2024-11-11 10:06:44 -05:00
defensivedepth
dcbb0e48d4 make sure its owned by socore 2024-11-08 14:34:29 -05:00
defensivedepth
8b70aa9f0e Fix socore permissions 2024-11-08 09:19:41 -05:00
defensivedepth
f5bd8ab585 Rewrite docs 2024-11-07 15:33:47 -05:00
defensivedepth
28d468dd41 Merge remote-tracking branch 'origin/2.4/dev' into 2.4/templaterepos 2024-11-07 07:25:01 -05:00
Corey Ogburn
52a144c052 Added Help Link to Annotation for IgnoredSidRanges 2024-11-05 12:11:17 -07:00
Corey Ogburn
25d55feeef More Detailed Description 2024-11-05 11:41:14 -07:00
Corey Ogburn
5e48ccafce Update Default Value 2024-11-05 11:11:34 -07:00
Corey Ogburn
69dd35c30a Add Option for Ignoring Ranges of SIDs in Suricata Integrity Check 2024-11-04 14:31:53 -07:00
Jason Ertel
c9f6b5206a connect 2024-11-01 16:18:40 -04:00
Jason Ertel
825dbb36dd connect 2024-11-01 15:37:59 -04:00
Jason Ertel
cd2e5bf2d0 rename role 2024-10-31 17:20:44 -04:00
Jason Ertel
a146153ee9 switch to json 2024-10-30 12:44:01 -04:00
defensivedepth
5406a263d5 Add local custom template 2024-10-29 19:42:06 -04:00
Jason Ertel
3f3ac21f50 connect 2024-10-29 12:28:24 -04:00
Jason Ertel
11820a16f0 connect 2024-10-29 12:04:38 -04:00
Jason Ertel
1243c7588b connect 2024-10-28 19:42:01 -04:00
Jason Ertel
624c4855c8 connect 2024-10-28 19:25:20 -04:00
Jason Ertel
12a76a9d35 connect 2024-10-28 19:11:26 -04:00
Josh Brower
6a3e5415cf Merge pull request #13832 from Security-Onion-Solutions/2.4/sigmapipelines 
Add process and file creation mappings
 2024-10-28 18:30:21 -04:00
defensivedepth
f3ca5b1c42 Remove OS-specific mappings 2024-10-28 09:19:51 -04:00
Corey Ogburn
6ce52bf9ab Specify Defaults for detectionEngineStatusQueries 
Specify the defaults as an example to the user.
 2024-10-24 13:11:49 -06:00
Corey Ogburn
f67fcecc6e Clean up StatusQueries String 2024-10-24 11:18:48 -06:00
Corey Ogburn
b7c392a244 Corrected a misspelling 2024-10-24 11:18:48 -06:00
Corey Ogburn
ad0b0a5e95 Refactor to String 
To accomodate the config screen, the annotation now specifies it as a multiline string with a yaml syntax. The user can edit the yaml to add or remove queries. The UI will parse the YAML before use.

Also updated the IntegrityFailure queries to specify table columns more relevant to a sync failure than the default ones.
 2024-10-24 11:18:47 -06:00
Corey Ogburn
c77b0afd8e Move to Client/Detections 
Added a basic annotation.
 2024-10-24 11:18:47 -06:00
Corey Ogburn
04ebe4efea Array to Dictionary 2024-10-24 11:18:46 -06:00
Corey Ogburn
cbb4d6846f Detection Engine Status Queries 
A few for testing
 2024-10-24 11:18:45 -06:00
Jason Ertel
cacd5b0643 connect 2024-10-24 09:36:09 -04:00
Jason Ertel
7c405ff9d7 connect 2024-10-24 08:47:52 -04:00
Jason Ertel
5e6dd2e8b3 connect 2024-10-23 16:49:02 -04:00
Jason Ertel
f713dbacf8 connect 2024-10-16 17:53:57 -04:00
defensivedepth
dcdfaf66f4 Add process and file creation mappings 2024-10-16 15:20:52 -04:00
Jason Ertel
647f057714 Merge branch '2.4/dev' into jertel/wip 2024-10-16 13:44:20 -04:00
Jason Ertel
523ff66389 connect work 2024-10-16 13:44:01 -04:00
Corey Ogburn
d2bd9c0e26 Changes to allow reviews to start showing 2024-10-10 09:48:59 -06:00
defensivedepth
778d5be407 Change summaries branch 2024-09-25 15:35:08 -04:00
Jason Ertel
cce9e162d4 remove colon to avoid yaml parsing problems 2024-09-16 15:30:14 -04:00
Jason Ertel
217bb388a0 Clarify enabled settings 2024-09-16 10:05:17 -04:00
Jason Ertel
8b8737221d mark specific settings as allowed to include Jinja 2024-09-11 09:28:17 -04:00
Jason Ertel
f19a35ff06 move custom alerters to subgroup; avoid false positives on log check 2024-08-28 09:32:25 -04:00
Jason Ertel
6043da4424 annotation updates 2024-08-27 13:04:43 -04:00
Jason Ertel
48f1e24bf5 notification updates 2024-08-22 09:04:43 -04:00
Jason Ertel
cf47508185 notification updates 2024-08-22 09:02:32 -04:00
Jason Ertel
caa8d9ecb0 fix repo path 2024-08-09 06:58:40 -04:00
Corey Ogburn
c71b9f6e8f Fix CopyPasta 
Strelka annotations referenced ElastAlert. Fixed.
 2024-08-08 13:31:08 -06:00
Corey Ogburn
8c1feccbe0 Tweak value 2024-08-08 12:53:51 -06:00
Corey Ogburn
5ee15c8b41 Tweak value 2024-08-08 12:00:07 -06:00
Corey Ogburn
5328f55322 Remove new config value 2024-08-08 11:43:15 -06:00