CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-07 01:32:47 +01:00
Code Issues Packages Projects Releases Wiki Activity
14,947 Commits 24 Branches 119 Tags
550b3ee92d02d4d6ce6bb11610532b68fb02089c
Commit Graph

14947 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
DefensiveDepth
a237ef5d96 Update default queries 2024-04-19 16:33:35 -04:00
Doug Burks
c48da45ac3 Merge pull request #12820 from Security-Onion-Solutions/dougburks-patch-1 
FIX: Elastic retention setting not being honored when manager hostname is a subset of search node hostname #12819
 2024-04-18 11:59:57 -04:00
Doug Burks
406dda6051 Update so-elasticsearch-cluster-space-used 2024-04-18 11:48:15 -04:00
Doug Burks
229a989914 Update so-elasticsearch-cluster-space-total 2024-04-18 11:47:01 -04:00
DefensiveDepth
6c6647629c Refactor yara for compilation 2024-04-18 11:32:17 -04:00
Doug Burks
7f9bc1fc0f Merge pull request #12817 from Security-Onion-Solutions/dougburks-patch-1 
FEATURE: Add queue=True to so-checkin so that it will wait for any ru…
 2024-04-18 09:30:55 -04:00
Doug Burks
8d9aae1983 FEATURE: Add queue=True to so-checkin so that it will wait for any running states #12815 2024-04-18 09:28:30 -04:00
Mike Reeves
3854620bcd Merge pull request #12810 from Security-Onion-Solutions/TOoSmOotH-patch-1 
Update limited-analyst.json
 2024-04-17 13:21:04 -04:00
Mike Reeves
67a57e9df7 Update limited-analyst.json 2024-04-17 13:14:45 -04:00
DefensiveDepth
ff28476191 Fix compile_yara path 2024-04-16 13:10:17 -04:00
DefensiveDepth
8cc4d2668e Move compile_yara 2024-04-16 12:52:14 -04:00
DefensiveDepth
dbfb178556 Add test 2024-04-16 12:22:53 -04:00
Josh Brower
5e8b16569f Merge pull request #12793 from Security-Onion-Solutions/2.4/detectiondefaults 
Add docs for ruleset change
 2024-04-12 13:54:06 -04:00
DefensiveDepth
f5e42e73af Add docs for ruleset change 2024-04-12 13:30:20 -04:00
Josh Brower
5b81a73e58 Merge pull request #12791 from Security-Onion-Solutions/2.4/detectiondefaults 
Fix fingerprint paths
 2024-04-12 09:01:38 -04:00
DefensiveDepth
49ccd86c39 Fix fingerprint paths 2024-04-12 08:35:44 -04:00
reyesj2
55cf90f477 merge 2.4/dev 
Signed-off-by: reyesj2 <94730068+reyesj2@users.noreply.github.com>
 2024-04-11 14:44:59 -04:00
reyesj2
c269fb90ac Added a Kismet Wifi devices dashboard for an overview of kismet data 
Signed-off-by: reyesj2 <94730068+reyesj2@users.noreply.github.com>
 2024-04-11 14:41:54 -04:00
Mike Reeves
1250a728ac Merge pull request #12769 from Security-Onion-Solutions/TOoSmOotH-patch-3 
Update analyst.json
 2024-04-11 14:30:17 -04:00
reyesj2
68e016090b Fix network.wireless.ssid not parsing 
Signed-off-by: reyesj2 <94730068+reyesj2@users.noreply.github.com>
 2024-04-11 13:21:54 -04:00
reyesj2
fd689a4607 Fix typo in ingest pipeline 
Test to fix duplicate events in SOC, by removing conflicting field event.created

Signed-off-by: reyesj2 <94730068+reyesj2@users.noreply.github.com>
 2024-04-11 11:18:04 -04:00
Josh Brower
ae09869417 Merge pull request #12780 from Security-Onion-Solutions/2.4/detectiondefaults 
Enable Detections Adv by default
 2024-04-11 09:32:34 -04:00
DefensiveDepth
1c5f02ade2 Update annotations 2024-04-11 09:21:08 -04:00
DefensiveDepth
ed97aa4e78 Enable Detections Adv by default 2024-04-11 08:21:20 -04:00
reyesj2
7124f04138 Update ingest pipelines to match updated mappings 
Signed-off-by: reyesj2 <94730068+reyesj2@users.noreply.github.com>
 2024-04-10 16:13:06 -04:00
reyesj2
2ab9cbba61 Update wording for Kismet poll interval annotation 
Signed-off-by: reyesj2 <94730068+reyesj2@users.noreply.github.com>
 2024-04-10 16:12:22 -04:00
reyesj2
4097e1d81a Create mappings for Kismet integration 
Signed-off-by: reyesj2 <94730068+reyesj2@users.noreply.github.com>
 2024-04-10 16:10:27 -04:00
Mike Reeves
2206553e03 Update analyst.json 2024-04-10 09:49:21 -04:00
Josh Brower
b9474b9352 Merge pull request #12766 from Security-Onion-Solutions/2.4/sigma-pipeline 
Ship Defender logs + more
 2024-04-08 16:35:24 -04:00
DefensiveDepth
376efab40c Ship Defender logs 2024-04-08 14:01:38 -04:00
coreyogburn
acf29a6c9c Merge pull request #12760 from Security-Onion-Solutions/cogburn/detection-author-remap 
Detection Author as a Keyword instead of Text
 2024-04-05 11:39:53 -06:00
Corey Ogburn
00cea6fb80 Detection Author as a Keyword instead of Text 
With Quick Actions added to Detections, as many fields should be usable as possible.
 2024-04-05 11:22:47 -06:00
Mike Reeves
cbc95d0b30 Merge pull request #12759 from Security-Onion-Solutions/TOoSmOotH-patch-2 
Update so-log-check
 2024-04-05 08:17:50 -04:00
Mike Reeves
21f86be8ee Update so-log-check 2024-04-05 08:03:42 -04:00
Josh Brower
8e38c3763e Merge pull request #12756 from Security-Onion-Solutions/2.4/detections-defaults 
Use list not string
 2024-04-04 17:00:38 -04:00
DefensiveDepth
ca807bd6bd Use list not string 2024-04-04 16:58:39 -04:00
Josh Brower
f72cbd5f23 Merge pull request #12755 from Security-Onion-Solutions/2.4/detections-defaults 
2.4/detections defaults
 2024-04-04 11:33:59 -04:00
Josh Brower
1d7e47f589 Merge pull request #12682 from Security-Onion-Solutions/2.4/soup-playbook 
2.4/soup playbook
 2024-04-04 11:28:09 -04:00
DefensiveDepth
49d5fa95a2 Detections tweaks 2024-04-04 11:26:44 -04:00
Jason Ertel
204f44449a Merge pull request #12754 from Security-Onion-Solutions/jertel/ana 
skip telemetry summary in airgap mode
 2024-04-04 10:39:07 -04:00
Jason Ertel
6046848ee7 skip telemetry summary in airgap mode 2024-04-04 10:25:32 -04:00
Doug Burks
b0aee238b1 Merge pull request #12753 from Security-Onion-Solutions/dougburks-patch-1 
FEATURE: Add dashboards specific to Elastic Agent #12746
 2024-04-04 09:35:21 -04:00
Doug Burks
d8ac3f1292 FEATURE: Add dashboards specific to Elastic Agent #12746 2024-04-04 09:30:05 -04:00
Mike Reeves
8788b34c8a Merge pull request #12752 from Security-Onion-Solutions/updates23 
Allow 2.3 to update
 2024-04-04 09:25:41 -04:00
Mike Reeves
784ec54795 2.3 updates 2024-04-04 09:24:17 -04:00
Mike Reeves
54fce4bf8f 2.3 updates 2024-04-04 09:21:16 -04:00
Mike Reeves
c4ebe25bab Attempt to fix 2.3 when main repo changes 2024-04-04 09:18:37 -04:00
Doug Burks
7b4e207329 Merge pull request #12751 from Security-Onion-Solutions/dougburks-patch-1 
FEATURE: Add Events table columns for event.module sigma #12743
 2024-04-04 09:13:53 -04:00
Doug Burks
5ec3b834fb FEATURE: Add Events table columns for event.module sigma #12743 2024-04-04 09:11:41 -04:00
Mike Reeves
7668fa1396 Attempt to fix 2.3 when main repo changes 2024-04-04 09:03:29 -04:00