CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-06 09:12:45 +01:00
Code Issues Packages Projects Releases Wiki Activity
10,703 Commits 24 Branches 119 Tags
56b0bae089f10b3d6f032f4bd4f6f74b579adec2
Commit Graph

10703 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
weslambert
56b0bae089 Merge pull request #9238 from Security-Onion-Solutions/fix/opcua_encoding_mask_format 
Fix OP CUA Encoding Mask Format and Ensure Connection State Is Populated Before Assessing Its Value
 2022-11-29 14:16:03 -05:00
weslambert
f947e501cb Add space per request 2022-11-29 14:14:37 -05:00
weslambert
ff8bbc399f Add space per request 2022-11-29 14:14:08 -05:00
weslambert
80226a27cc Add space per request 2022-11-29 14:13:41 -05:00
weslambert
266207cc18 Add space per request 2022-11-29 14:12:52 -05:00
weslambert
5255c120c5 Add space per request 2022-11-29 14:11:20 -05:00
Wes
d44f8e495b Check if connection.state is populated before trying to assess its value 2022-11-29 19:00:47 +00:00
Wes
13a8cbdabb Add convert processor for opcua.encoding_mask 2022-11-29 18:59:30 +00:00
Doug Burks
c3c505f8ff Merge pull request #9237 from Security-Onion-Solutions/dougburks-patch-1 
add ICS COTP dashboard to dashboards.queries.json
 2022-11-29 13:40:24 -05:00
Doug Burks
7ea0aa87e4 add ICS COTP dashboard to dashboards.queries.json 2022-11-29 13:38:19 -05:00
weslambert
82317656b1 Merge pull request #9235 from Security-Onion-Solutions/fix/mobus_read_write_multiple_registers_pipeline_failure_resolution 
Change 'write' to 'read' to correct name and avoid pipeline failure
 2022-11-29 12:56:05 -05:00
weslambert
1cc5961c07 Change 'write' to 'read' to correct name and avoid pipeline failure 2022-11-29 12:54:55 -05:00
weslambert
220e998b45 Merge pull request #9234 from Security-Onion-Solutions/fix/add_dnp3_control_ingest_pipeline 
Add 'zeek.dnp3_control' ingest pipeline
 2022-11-29 12:29:44 -05:00
Wes
16cd1080be Add dnp3_control reference in various places 2022-11-29 17:23:37 +00:00
Wes
5db643e53b Add Zeek dnp3_control ingest pipeline 2022-11-29 17:18:24 +00:00
weslambert
745cdef538 Merge pull request #9232 from Security-Onion-Solutions/fix/filebeat_ics_tag_bsap 
Add 'ics' tag for 'bsap'-prefixed events/logs
 2022-11-29 11:37:18 -05:00
weslambert
aa767b8dc1 Add 'ics' tag for 'bsap'-prefixed events/logs 2022-11-29 11:27:41 -05:00
Doug Burks
45cdd16308 Merge pull request #9228 from Security-Onion-Solutions/fix/zeek-ics-eventfields 
More Zeek ICS changes
 2022-11-29 09:18:40 -05:00
doug
1bb76bb251 update zeek s7comm parsers 2022-11-29 07:50:21 -05:00
doug
4251331bd4 update zeek tds parsers and dashboard 2022-11-29 07:43:20 -05:00
doug
124d56f4b9 update zeek cip parsers 2022-11-29 07:36:30 -05:00
doug
02821b97ad update bacnet parsers 2022-11-29 07:26:11 -05:00
doug
9a50832669 fix more typos 2022-11-29 07:16:30 -05:00
doug
cffbe757a6 fix bsap typos 2022-11-29 06:56:51 -05:00
Doug Burks
14ff5670f7 add bsap entries to hunt.eventfields.json 2022-11-29 06:48:20 -05:00
Doug Burks
92e238aa10 Merge pull request #9227 from Security-Onion-Solutions/fix/zeek-ics-parsers 
Fix Zeek ICS parsers and add dashboards
 2022-11-28 15:58:24 -05:00
doug
8462e66873 fix opcua_binary_browse_description 2022-11-28 13:50:24 -05:00
Doug Burks
2763b5846c improve dashboard descriptions 2022-11-28 13:10:23 -05:00
Doug Burks
dd4c34397d improve dashboard descriptions 2022-11-28 13:03:54 -05:00
Doug Burks
a796fa2ff7 make sure that ICS dashboards with sankey also have separate event.dataset table 2022-11-28 12:09:57 -05:00
Doug Burks
268253ce14 update ENIP dashboard 2022-11-28 12:05:35 -05:00
Doug Burks
6a2f886fcc improve ecat dashboard 2022-11-28 12:01:35 -05:00
Doug Burks
63915b0486 consolidate DNP3 dashboards 2022-11-28 11:58:48 -05:00
Doug Burks
ce7b16a230 more ICS dashboards 2022-11-28 10:06:58 -05:00
Doug Burks
a4f5e7b2a6 add ECAT dashboard 2022-11-28 10:05:15 -05:00
Doug Burks
cfbbc3a1a3 add S7 dashboard 2022-11-28 10:02:33 -05:00
Doug Burks
11a7f051a6 organize dashboards 2022-11-28 09:57:54 -05:00
Doug Burks
cb06269b1a update DNP3 and MODBUS dashboards 2022-11-28 09:40:42 -05:00
Mike Reeves
d026414bcf Merge pull request #9226 from Security-Onion-Solutions/bgfix 
Remove BG for filecheck
 2022-11-28 09:12:45 -05:00
Mike Reeves
e15ca408e7 Remove BG for filecheck 2022-11-28 09:11:41 -05:00
Mike Reeves
0e2753393b Remove BG for filecheck 2022-11-28 09:09:25 -05:00
Doug Burks
b06e9e8477 add new zeek opcua logs to so-zeek-logs 2022-11-26 18:44:28 -05:00
Doug Burks
45892400cb add new zeek opcua logs to so-whiptail 2022-11-26 18:42:51 -05:00
Doug Burks
1f0c984b98 add new zeek opcua logs to so-functions 2022-11-26 18:41:12 -05:00
doug
6d814d3909 add more zeek opcua parsers 2022-11-26 17:43:58 -05:00
Doug Burks
9ea59355d5 fix opcua_binary_opensecure_channel in so-functions 2022-11-26 17:03:57 -05:00
Doug Burks
c1287a61af add opcua_binary_opensecure_channel to so-functions 2022-11-26 17:02:04 -05:00
Doug Burks
e44c94c56b add opcua_binary_opensecure_channel to so-whiptail 2022-11-26 17:01:11 -05:00
Doug Burks
ec0cf71c3f add opcua_binary_opensecure_channel to so-zeek-logs 2022-11-26 17:00:32 -05:00
doug
73adc571de add more zeek ics parsers 2022-11-26 10:36:49 -05:00