CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-06 09:12:45 +01:00
Code Issues Packages Projects Releases Wiki Activity
9,844 Commits 24 Branches 119 Tags
5264526ff1b11f9adfc33429aaed1b702ce7779c
Commit Graph

9844 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Wes Lambert
86e228b200 Add .template extension for future-proofing config files 2022-03-08 16:58:37 +00:00
Wes Lambert
a6fd1023b4 Fix criteria for successful execution 2022-03-08 16:57:26 +00:00
Wes Lambert
3f31f7fd41 Add .template extension to fix script behavior and not modify watched file 2022-03-08 16:43:43 +00:00
Jason Ertel
f64da9632f Merge pull request #7461 from Security-Onion-Solutions/kilo 
Gracefully handle situations where another process is using the Kratos DB while so-user executes
 2022-03-08 11:02:14 -05:00
Jason Ertel
0cec5879bb Gracefully handle situations when another process is using the Kratos DB 2022-03-08 10:55:26 -05:00
Jason Ertel
d8ca4976be Merge branch 'dev' into kilo 2022-03-08 10:41:40 -05:00
Jason Ertel
914d81ca07 Revert "Gracefully handle situations when another process is using the Kratos DB" 
This reverts commit f2865d8b7f.
 2022-03-08 10:40:20 -05:00
Jason Ertel
f2865d8b7f Gracefully handle situations when another process is using the Kratos DB 2022-03-08 10:38:05 -05:00
Wes Lambert
28554164cd Remove drop file when securitySolution saved objects change 2022-03-08 14:39:23 +00:00
Wes Lambert
14dddd8649 Remove drop file when config saved objects change 2022-03-08 14:37:15 +00:00
Wes Lambert
c0f49f6fb0 Remove drop file when dashbaord saved objects change 2022-03-08 14:35:04 +00:00
Wes Lambert
d10d4acf9f Modify Kibana config load script to drop file if successfully executed 2022-03-08 14:33:15 +00:00
Doug Burks
da8e885ede Merge pull request #7451 from Security-Onion-Solutions/fix/docker-apparmor 
Update init.sls to avoid telegraf apparmor issues
 2022-03-07 17:06:42 -05:00
Doug Burks
104de2a3c9 Update init.sls to avoid telegraf apparmor issues 
See #2560
 2022-03-07 16:11:22 -05:00
Mike Reeves
fb59421f5b Merge pull request #7446 from Security-Onion-Solutions/fixpipelineload 
Only load pipelines on change
 2022-03-07 15:17:32 -05:00
weslambert
e2bda255cc Merge pull request #7447 from Security-Onion-Solutions/fix/es_templates_soup 
Remove old Elasticsearch index templates during SOUP
 2022-03-07 15:10:44 -05:00
Mike Reeves
4eb37fd5a9 Update init.sls 2022-03-07 15:09:36 -05:00
Wes Lambert
fa9be58b23 Specify index templates 2022-03-07 20:04:23 +00:00
Wes Lambert
647b316a96 Remove old ES index templates 
Signed-off-by: Wes Lambert <wlambertts@gmail.com>
 2022-03-07 20:02:45 +00:00
Mike Reeves
d33db6fb23 Only load pipelines on change 2022-03-07 14:25:46 -05:00
weslambert
eac120f4c2 Merge pull request #7444 from Security-Onion-Solutions/fix/dtc_client_override 
Add DTC client mappings
 2022-03-07 13:38:19 -05:00
Wes Lambert
c549b20221 Add DTC client mappings 2022-03-07 18:36:26 +00:00
Mike Reeves
e6132be4e6 Merge pull request #7443 from Security-Onion-Solutions/fixtemplates 
Only load templates on change
 2022-03-07 10:42:51 -05:00
Mike Reeves
c67604590d Only load templates on change 2022-03-07 09:52:18 -05:00
weslambert
5600b55f05 Merge pull request #7427 from Security-Onion-Solutions/fix/syslog_kibana_viz 
Replace syslog facility and severity with label fields in Kibana syslog dashboard
 2022-03-07 08:14:35 -05:00
Doug Burks
a59779905f Merge pull request #7437 from Security-Onion-Solutions/dougburks-patch-1 
fix typo
 2022-03-07 08:05:07 -05:00
Doug Burks
848a5c6350 fix typo 2022-03-07 08:03:41 -05:00
Wes Lambert
33ba45472f Replace syslog facility and severity with label fields 2022-03-04 21:40:41 +00:00
weslambert
ee4035f022 Merge pull request #7426 from Security-Onion-Solutions/fix/syslog_zeek 
Change to label fields for syslog facility and severity
 2022-03-04 16:31:45 -05:00
weslambert
f71ccadb8a Change to label fields for Zeek syslog 2022-03-04 16:29:55 -05:00
weslambert
fc3273fa49 Change to label fields to comply with what's defined in Filebeat template 2022-03-04 16:29:01 -05:00
weslambert
3148fa0e06 Merge pull request #7422 from Security-Onion-Solutions/fix/syslog_dot_keyword 
.keyword additions and increase max_clause_count
 2022-03-04 15:32:29 -05:00
weslambert
254cf53c2f Increase clause count to 3500 2022-03-04 10:36:37 -05:00
Wes Lambert
ffae22beef Add DTC syslog mappings for .keyword and add refs to defaults.yml 2022-03-04 13:04:11 +00:00
weslambert
93c2f82345 Merge pull request #7413 from Security-Onion-Solutions/fix/add_keyword_subfield 
Add .keyword subfield for more mappings
 2022-03-03 10:42:38 -05:00
Wes Lambert
1f71816ad7 Add keyword subfield for DTC winlog mappings 2022-03-03 14:54:30 +00:00
Wes Lambert
1c086e36da Add missing comma for file mappings 2022-03-03 13:49:54 +00:00
Wes Lambert
aa8d24b6cd Add DTC destination, source, and winlog mapping references to templates in defaults file 2022-03-03 13:42:20 +00:00
Wes Lambert
85979cbce8 Add file, process, and winlog mapping changes 2022-03-03 13:37:27 +00:00
Wes Lambert
8f97f09c9c Additional .keyword changes for host.hostname client.address, and event.action 2022-03-02 21:54:46 +00:00
Wes Lambert
3ee46e4c29 Add .keyword for destination/source geo.country_name 2022-03-02 21:50:03 +00:00
weslambert
a21060306c Merge pull request #7404 from Security-Onion-Solutions/fix/field_limit_adjustment 
Adjust field limit for now due to component template errors
 2022-03-02 11:41:35 -05:00
Wes Lambert
c5b16fdf3b Adjust field limit for now 2022-03-02 16:33:39 +00:00
weslambert
b80e82aaf6 Merge pull request #7396 from Security-Onion-Solutions/fix/dot_security 
Revert back to usage of .security field
 2022-03-02 10:42:29 -05:00
Josh Brower
2ba72791aa Remove sigma regen cron 2022-03-02 10:31:15 -05:00
Mike Reeves
d570b56c55 Merge pull request #7392 from Security-Onion-Solutions/hotfix/2.3.100 
Hotfix 2.3.100 20220301
2.3.100-20220301 		2022-03-02 10:24:50 -05:00
Mike Reeves
ff4345d3aa Merge pull request #7393 from Security-Onion-Solutions/jertelhf 
Jertelhf
 2022-03-02 10:20:29 -05:00
Jason Ertel
e59f0d69d9 Merge branch 'master' into jertelhf 2022-03-02 10:18:14 -05:00
Mike Reeves
ad2b69c9de Merge pull request #7391 from Security-Onion-Solutions/hf0301 
Hotfix 2.3.100 20220301
 2022-03-02 10:08:27 -05:00
Mike Reeves
e874c32c08 Hotfix 2.3.100-20220301 2022-03-02 10:05:41 -05:00