CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-07 09:42:46 +01:00
Code Issues Packages Projects Releases Wiki Activity
10,051 Commits 24 Branches 119 Tags
4edd7295965d76f668cf520087ef3c6ed20cc4e1
Commit Graph

243 Commits

Author SHA1 Message Date
weslambert
fbc86f43ec Add exclude filter for logs for when there are no results from analysis 2022-03-24 13:03:03 -04:00
Wes Lambert
8a56c88773 Adjust log file paths 2022-03-22 17:51:17 +00:00
Wes Lambert
57f01c70ec Remove extra forward slash in log path 2022-03-22 17:45:23 +00:00
Wes Lambert
f613d8ad86 Add RITA Logstash config 2022-03-22 17:36:18 +00:00
m0duspwnens
d76facb1bb add extra hosts for idh node 2022-02-25 12:21:43 -05:00
Josh Brower
df9fc807a3 IDH - restart scripts, filebeat fix 2022-02-22 08:05:53 -05:00
Josh Brower
3610b0cd30 merge in dev 2022-02-21 16:52:53 -05:00
Josh Brower
118277ebc5 Ingest Kratos logs 2022-02-18 11:49:02 -05:00
Josh Brower
1e5b9ef0bf IDH - Enable Filebeat 2022-02-10 11:37:10 -05:00
Jason Ertel
eefcc929c2 Update copyright pattern to match other repos 2022-01-24 10:09:23 -05:00
Jason Ertel
7c22f46a55 Update copyright year for 2022 2022-01-24 09:35:29 -05:00
m0duspwnens
bd7ef1cc59 fix whitespace control 2021-12-16 09:19:20 -05:00
m0duspwnens
f9b04ab96a add node's own ip to FILEBEAT_EXTRA_HOSTS 2021-12-15 16:53:22 -05:00
m0duspwnens
522bc1d2b8 fix loadbalance logic and whitespace for filebeat.yml 2021-12-15 16:21:08 -05:00
m0duspwnens
024860d0ae rename EXTRA_NODES to LOGSTASH_NODES AND REDIS_NODES 2021-12-14 23:43:06 -05:00
m0duspwnens
c490a3be36 move node_data pillar to logstash:nodes, set extra hosts for filebeat docker 2021-12-14 13:32:42 -05:00
m0duspwnens
6518691c55 sort the items 2021-12-13 18:16:25 -05:00
m0duspwnens
067e79894f fix loop for node_data 2021-12-13 16:26:38 -05:00
m0duspwnens
6de2f5bd03 fix node_data 2021-12-13 15:55:09 -05:00
m0duspwnens
8d0872bce5 create node_data pillar from mine data, use node_data pillar for filebeat config 2021-12-13 15:48:30 -05:00
m0duspwnens
86f67198bf loadbalance filebeat if across managers and receivers 2021-12-10 17:43:06 -05:00
m0duspwnens
6bf4d5a576 https://github.com/Security-Onion-Solutions/securityonion/issues/6206 2021-11-12 11:37:55 -05:00
m0duspwnens
283f7296bc fix require 2021-10-22 14:45:22 -04:00
m0duspwnens
9f6407fcb0 fix dupe ids 2021-10-22 14:26:04 -04:00
m0duspwnens
f61400680d fix dupe ids 2021-10-22 14:22:15 -04:00
m0duspwnens
fed8bfac67 more requires on docker containers 2021-10-22 14:10:59 -04:00
weslambert
bb36fc1ed8 Add TI module defaults 2021-10-15 17:16:38 -04:00
William Wernert
dd1769fbef Only check for logscan on manager-type and import 2021-08-05 11:02:09 -04:00
William Wernert
33bd6aed20 Fix logscan pipeline on eval 
* Rename logscan pipeline to logscan.alert
* Add module to indices array in filebeat.yml
 2021-07-30 14:41:15 -04:00
William Wernert
9bf1d3e0c6 Misc fixes 2021-07-16 14:59:44 -04:00
William Wernert
818f912a90 [fix] Remove indent 2021-07-14 10:13:14 -04:00
William Wernert
2b0bca8e55 Merge branch 'dev' into feature/logscan 2021-07-12 14:58:30 -04:00
weslambert
a895270bc8 Allow setting Filebeat logging level in pillar 2021-07-12 10:27:43 -04:00
William Wernert
80525ee736 [wip] Add logscan pipeline 2021-07-08 12:29:50 -04:00
Mike Reeves
ea50023ca5 Fix filebeat modules 2021-06-24 15:53:14 -04:00
m0duspwnens
8cd2bc7c13 adding so-eval to ES_INCLUDED_NODES 2021-06-17 09:37:21 -04:00
m0duspwnens
2a5198cae4 change perms to resolve error about module-setup.yml being 660 2021-06-17 08:49:21 -04:00
Jason Ertel
2d34208269 Elastic auth: Fun with Salt 2021-06-16 17:52:22 -04:00
Jason Ertel
09fbb045a1 If ES auth disabled ensure user/pass are blank 2021-06-16 09:59:57 -04:00
Jason Ertel
dd8eb29a18 Continue merge of ECS into Elastic Auth 2021-06-15 09:11:58 -04:00
Jason Ertel
37f4caf536 Make new ECS changes Elastic-auth compatible 2021-06-14 12:13:50 -04:00
Jason Ertel
fca1c6e957 Merge branch 'dev' into kilo 2021-06-14 10:40:04 -04:00
m0duspwnens
fd5d540c78 update roles that include es state 2021-06-14 10:00:19 -04:00
m0duspwnens
d2069dc5f2 update roles that include es state 2021-06-14 09:58:50 -04:00
m0duspwnens
5941332d49 fix two bugs 2021-06-14 08:51:29 -04:00
m0duspwnens
f7600af89b dont loop if modules arent defined for the node 2021-06-11 13:52:33 -04:00
Mike Reeves
12d4d4a4f7 Dynamix Pipelines take 2 2021-06-10 09:19:15 -04:00
Mike Reeves
264080546c Add log path 2021-06-09 11:37:27 -04:00
Mike Reeves
56eb220ed6 Revert to SO taxonomy for zeek and suricata 2021-06-08 09:52:05 -04:00
Jason Ertel
901242f7e9 remove extra parenthesis 2021-06-02 16:23:45 -04:00