CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-26 10:53:07 +01:00
Code Issues Packages Projects Releases Wiki Activity
16,199 Commits 19 Branches 120 Tags
515cb3aea89cab2e1f9bda99d30d74f19ec6f9c9
Commit Graph

10255 Commits

Author SHA1 Message Date
Jorge Reyes
515cb3aea8 Merge pull request #14345 from Security-Onion-Solutions/reyesj2-patch-2 
osquery templates
 2025-03-05 14:28:08 -06:00
reyesj2
d2884ef00b typo 2025-03-05 14:02:45 -06:00
reyesj2
0f16b00563 osquery templates 2025-03-05 13:57:47 -06:00
Corey Ogburn
21a64b6c1d Add Client Parameter 
Add groupItemsPerPage so detections groupby tables have proper default value for page size.
 2025-03-05 09:43:21 -07:00
Doug Burks
c6c67f4d06 FEATURE: Add sankey chart to Elastic Agent API dashboard to show relationship between process.name and process.Ext.api.name #14339 2025-03-05 06:31:16 -05:00
Jorge Reyes
f35930317b Merge pull request #14336 from Security-Onion-Solutions/reyesj2-patch-2 
ES 8.17.3
 2025-03-04 15:36:59 -06:00
reyesj2
11dc004811 ES 8.17.3 2025-03-04 14:24:38 -06:00
Jorge Reyes
966503d875 Merge pull request #14331 from Security-Onion-Solutions/reyesj2-patch-2 
osquery v1.15.0 index templates updates
 2025-03-04 13:17:28 -06:00
reyesj2
124bf266b5 osquery v1.15.0 index templates updates 
Signed-off-by: reyesj2 <94730068+reyesj2@users.noreply.github.com>
 2025-03-04 12:27:04 -06:00
Jason Ertel
85450693a2 Merge branch '2.4/dev' into jertel/wip 2025-03-04 10:55:29 -05:00
Jason Ertel
0047246cf2 reduce stdout verbosity 2025-03-04 10:55:12 -05:00
reyesj2
e1c8bee71a install bc package 2025-03-04 08:58:41 -06:00
Doug Burks
44535cba8c FIX: Elastic Agent Security Events dashboard should reference user.effective.name #14325 2025-03-04 06:46:56 -05:00
Jorge Reyes
3f4a5a1b28 Merge pull request #14320 from Security-Onion-Solutions/reyesj2/zeekparslin 
zeek traceroute & ntp
 2025-03-03 10:56:15 -06:00
reyesj2
4bd83f8983 zeek traceroute & ntp 
Signed-off-by: reyesj2 <94730068+reyesj2@users.noreply.github.com>
 2025-03-03 10:48:06 -06:00
Doug Burks
e53f4fd1f1 Update defaults.yaml to quote the process.entity_id value 2025-03-02 05:54:30 -05:00
reyesj2
9bc64bf453 managed int multiline input 2025-02-27 16:48:07 -06:00
Jason Ertel
bc969c1ca2 Merge pull request #14302 from Security-Onion-Solutions/jertel/wip 
more false positives
 2025-02-27 08:00:49 -05:00
Jason Ertel
772aa7379f more false positives 2025-02-27 07:55:22 -05:00
reyesj2
80fed1e045 default capinfos to use start/end time arg 2025-02-25 21:47:56 -06:00
Jason Ertel
a94d657251 Merge pull request #14296 from Security-Onion-Solutions/jertel/wip 
annotation/config updates
 2025-02-25 17:04:13 -05:00
Jason Ertel
9dafa062f8 annotation/config updates 2025-02-25 17:00:41 -05:00
reyesj2
17edc06987 allow installing integrations that require an elastic license 2025-02-24 14:45:43 -06:00
reyesj2
e2772e899e component template missing metadata field 2025-02-24 10:24:11 -06:00
reyesj2
d7c06e5ff4 run elasticsearch state, right before completing soup to ensure templates for optional integrations are loaded 2025-02-24 09:02:56 -06:00
reyesj2
3f2b0973af manually create unused logs-soc@package for successful elasticsearch templates load 2025-02-24 08:59:59 -06:00
Josh Brower
6d0350793d Remove old defend json 2025-02-23 14:02:17 -05:00
Jason Ertel
7155ccaf96 ensure override for nmcli exists in /etc 2025-02-21 17:10:39 -05:00
reyesj2
c1282e77a0 move removal of eaintegrations.txt to up_to_2.4.130 2025-02-21 14:02:22 -06:00
Josh Brower
22f3865602 Dont upgrade integrations during pre-phase 2025-02-21 09:32:36 -05:00
Jason Ertel
f51d255c98 Merge pull request #14274 from Security-Onion-Solutions/jertel/wip 
Ignore more acceptable test error logs
 2025-02-21 08:40:56 -05:00
Jason Ertel
66a2ec7e21 ES upgrade errors to ignore 2025-02-21 08:38:40 -05:00
Jorge Reyes
fc12b1f09b Merge pull request #14272 from Security-Onion-Solutions/reyesj2-patch-1 
ES 8.17.2 pipeline version updates
 2025-02-20 17:32:20 -06:00
reyesj2
69b559fb26 ES 8.17.2 pipeline version updates 2025-02-20 17:11:28 -06:00
Jorge Reyes
637ed59567 Merge pull request #14271 from Security-Onion-Solutions/reyesj2-patch-1 
add back settings previously defined when overwritting logs-elastic_a…
 2025-02-20 15:26:12 -06:00
reyesj2
df350b5a56 ES 8.17.2 2025-02-20 14:20:09 -06:00
reyesj2
3b6344e7f0 add back settings previously defined when overwritting logs-elastic_agent@package and logs-endpoint.diagnostics.collection@package 2025-02-20 12:42:30 -06:00
Jorge Reyes
145648431f Merge pull request #14267 from Security-Onion-Solutions/reyesj2-patch-1 
set metrics indices to 0 replicas
 2025-02-20 10:13:29 -06:00
reyesj2
c9b41e2eb1 formatting 
Signed-off-by: reyesj2 <94730068+reyesj2@users.noreply.github.com>
 2025-02-20 10:11:34 -06:00
reyesj2
499d473b9d set metrics indices to 0 replicas 2025-02-20 10:06:59 -06:00
Josh Brower
41147ae7f3 Merge pull request #14265 from Security-Onion-Solutions/2.4/elasticfix 
Update Elastic Defend JSON
 2025-02-19 16:22:28 -05:00
Josh Brower
c6d72d31cb Update Elastic Defend JSON 2025-02-19 16:16:38 -05:00
reyesj2
64f6a2d81e re-enable security (siem) in default kibana space 2025-02-19 10:38:37 -06:00
reyesj2
45c66b93d7 make sure only a non-empty file is loaded 
Signed-off-by: reyesj2 <94730068+reyesj2@users.noreply.github.com>
 2025-02-19 09:23:48 -06:00
Jorge Reyes
a3dba9b566 Merge pull request #14255 from Security-Onion-Solutions/foxtrot 
ES 8.17.1
 2025-02-18 14:58:46 -06:00
Jason Ertel
23ab8983f7 Revert "Support CLI changing of a user's password without disabling existing auth settings for that user" 
This reverts commit b25b6f7bf2.
 2025-02-18 12:41:41 -05:00
Jason Ertel
b25b6f7bf2 Support CLI changing of a user's password without disabling existing auth settings for that user 2025-02-18 12:37:25 -05:00
Jason Ertel
19593cd771 use consistent ciphers across listeners 2025-02-18 12:17:50 -05:00
reyesj2
1be8de7acb must use null check 2025-02-18 11:16:57 -06:00
Jason Ertel
7dd64380cc Enable TLSv1.3 and use consistent ciphers across listeners 2025-02-18 11:48:00 -05:00