CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2026-06-09 20:06:09 +02:00
Code Issues Packages Projects Releases Wiki Activity
18,205 Commits 32 Branches 127 Tags
52791204e46c656a8d7fcc94de5ac7e9c61d55de
Commit Graph

34 Commits

Author SHA1 Message Date
Mike Reeves 5b3ca98b80 Fix JA4+ license link in soc_zeek.yaml 
Updated the license link in the JA4+ fingerprinting description.
 2026-04-06 10:12:37 -04:00
Josh Patterson 3b269e8b82 Merge remote-tracking branch 'origin/3/dev' into delta 2026-03-19 15:14:06 -04:00
Mike Reeves d3938b61d2 ja4plus nest enabled under ja4plus key for defaults 2026-03-19 12:39:37 -04:00
Josh Patterson c2c5aea244 ensure bool sliders for each state:enabled annotation 2026-03-19 12:35:38 -04:00
Mike Reeves 83b7fecbbc ja4plus cleanup 2026-03-19 11:12:24 -04:00
Mike Reeves d227cf71c8 ja4plus cleanup 2026-03-19 11:01:40 -04:00
Doug Burks 930985b770 update helpLink references for new documentation 2026-03-18 09:46:45 -04:00
Mike Reeves 6809497730 Add SOC UI toggle for JA4+ fingerprinting in Zeek 
JA4 (BSD licensed) remains always enabled, but JA4+ variants (JA4S,
JA4D, JA4H, JA4L, JA4SSH, JA4T, JA4TS, JA4X) require a FoxIO license
and are now toggleable via the SOC UI. The toggle includes a license
agreement warning and defaults to disabled.
 2026-03-17 09:35:31 -04:00
Mike Reeves 6b8e2e2643 Add Filters 2025-10-01 19:58:07 -04:00
reyesj2 af6245f19d add zeek file_extraction forcedType for instances where a single line is speciifed 2025-03-17 14:30:17 -05:00
Jason Ertel 0566f46d5b Clarify enabled settings 2024-09-16 10:41:01 -04:00
Jason Ertel 217bb388a0 Clarify enabled settings 2024-09-16 10:05:17 -04:00
Jason Ertel 66563a4da0 zeek networks will only ever have one HOME_NETWORKS setting 2024-05-01 09:31:11 -04:00
Jason Ertel d0e140cf7b zeek networks will only ever have one HOME_NETWORKS setting 2024-05-01 09:30:52 -04:00
Jason Ertel 87c6d0a820 zeek networks will only ever have one HOME_NETWORKS setting 2024-05-01 09:29:36 -04:00
Jason Ertel 84db82852c annotation updates for custom settings 2024-04-30 15:14:56 -04:00
Mike Reeves d57f773072 Fix regex to allow ipv6 in bpfs 2024-03-27 09:36:42 -04:00
Doug Burks 09e005127e Update soc_zeek.yaml 2023-06-02 07:41:55 -04:00
Wes 2bb77251b0 Move Elastic Fleet logging exclusions to the Fleet pillar 2023-05-31 13:38:58 +00:00
weslambert 36791665f3 Merge pull request #10462 from Security-Onion-Solutions/feature/elastic_agent_zeek_logging 
Dynamic integration configuration and Zeek log exclusions for Elastic Agent
 2023-05-30 19:27:13 -04:00
Wes e5117a343d Change description 2023-05-30 17:10:17 +00:00
Wes e910f04beb Add default description and Zeek log exclusions for Elastic Fleet 2023-05-30 03:10:52 +00:00
Mike Reeves 8ce0d76287 Zeek Annotations 2023-05-25 12:12:18 -04:00
m0duspwnens 743bbfea35 add zeek.enabled to zeek annotation file 2023-05-05 17:09:01 -04:00
bryant-treacle 57d90a62f7 Update soc_zeek.yaml 2023-04-27 16:21:41 -04:00
m0duspwnens 2589670755 set forceType 2023-04-06 15:16:04 -04:00
m0duspwnens 1be86cdf8e issue 10050 and issue 10062 2023-03-29 17:21:40 -04:00
doug fee5a7bea9 initial quick OCD pass 2022-09-23 16:29:55 -04:00
m0duspwnens e1ea3c2031 soc for zeek 2022-09-20 16:22:54 -04:00
Mike Reeves 958d2494a8 Zeek Test 2022-09-16 10:27:42 -04:00
Mike Reeves 2a51ecb1ac Zeek Test 2022-09-16 09:10:09 -04:00
Mike Reeves f02db7a815 Zeek Test 2022-09-16 09:05:16 -04:00
Mike Reeves 9ca2e6e871 Add more logging to setup process 2022-09-12 14:20:59 -04:00
Mike Reeves 2bd9dd80e2 Move In Day 2022-09-07 09:06:25 -04:00