CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2026-04-25 14:07:49 +02:00
Code Issues Packages Projects Releases Wiki Activity
4,756 Commits 40 Branches 125 Tags
596f2d31e429981838c7a658ac6b572e9b092eda
Commit Graph

4756 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
William Wernert 596f2d31e4 Automation -> automation 2020-09-30 17:04:24 -04:00
William Wernert 3ec255ecee Remove old api token from sql 2020-09-30 17:03:35 -04:00
William Wernert 6361c790e9 Move automation user create to separate script to run after playbook state 2020-09-30 17:02:02 -04:00
William Wernert 8e80b41ca9 Remove Automation user from sql, gen user + store api key 2020-09-30 16:32:43 -04:00
William Wernert f3b8da1f9d Fix Engrish (can causing -> can cause) 2020-09-30 13:40:57 -04:00
William Wernert 25d4bde33b Merge pull request #1428 from Security-Onion-Solutions/feature/warn-dhcp 
Add warning about IP address changing for network/DHCP iso installs
 2020-09-30 13:13:40 -04:00
William Wernert 1ff20f7e27 Add warning about IP address changing for network/DHCP iso installs 2020-09-30 13:11:33 -04:00
weslambert defe832121 Merge pull request #1427 from Security-Onion-Solutions/fix/wazuh_filebeat 
Fix Filebeat config for Wazuh
 2020-09-30 10:59:01 -04:00
Wes Lambert d8f70397f7 Fix Filebeat config for Wazuh 2020-09-30 14:57:56 +00:00
weslambert dac2ad5dbf Merge pull request #1425 from Security-Onion-Solutions/feature/soctopus_pillar 
Add initial implementation of SOCtopus pillar
 2020-09-30 10:25:26 -04:00
Wes Lambert c62acf5e4e Add initial implmentation of SOCtopus pillar 2020-09-30 14:24:15 +00:00
Josh Patterson 10f4e09b70 Merge pull request #1424 from Security-Onion-Solutions/issue/1070 
Issue/1070
 2020-09-30 10:11:37 -04:00
William Wernert 00785c6ba5 Merge pull request #1418 from Security-Onion-Solutions/feature/replace-hardcoded-pass 
Feature/replace hardcoded pass
 2020-09-30 08:56:35 -04:00
Doug Burks 0a995f4a7a Update README.md 2020-09-30 07:43:20 -04:00
m0duspwnens 85969dc16d add quotes and remove quotes 2020-09-29 16:29:05 -04:00
m0duspwnens bf99bab6c0 add quotes and remove quotes 2020-09-29 16:26:45 -04:00
weslambert 401764437f Merge pull request #1421 from Security-Onion-Solutions/fix/ip_type 
Ensure IPs are typed as IP and ports as integer
 2020-09-29 14:21:25 -04:00
Wes Lambert 36019727b3 Ensure IPs are typed as IP and ports as integer 2020-09-29 18:20:15 +00:00
m0duspwnens 547c3ff52c single quote inputs to yaml files 2020-09-29 13:59:16 -04:00
William Wernert 7d43d48aca Remove bad line in playbook_db_init.sh 2020-09-29 11:13:09 -04:00
William Wernert 55058a11aa Generate passwords for Grafana + Playbook default users 2020-09-29 11:12:09 -04:00
William Wernert ebe00822f8 Merge pull request #1417 from Security-Onion-Solutions/bugfix/local_zeeklogs 
Bugfix/local zeeklogs
 2020-09-29 08:58:02 -04:00
Doug Burks 60134829d5 Alerts - Drilldown should display rule.uuid #1416 2020-09-29 07:51:45 -04:00
Doug Burks c7b43ac220 Update soc.json 2020-09-29 07:41:49 -04:00
Doug Burks a7f24b62e6 Hunt - improve NIDS query and eventFields #1415 2020-09-29 07:34:44 -04:00
Josh Patterson 9ca13ebccd Merge pull request #1414 from Security-Onion-Solutions/issue/1404 
change so salt module to /usr/sbin/so-status
 2020-09-28 18:31:26 -04:00
Mike Reeves c828a2ea75 Merge pull request #1413 from Security-Onion-Solutions/experimental 
Airgap SOUP!
 2020-09-28 17:47:38 -04:00
m0duspwnens 8741520263 change so salt module to /usr/sbin/so-status 2020-09-28 17:31:05 -04:00
Mike Reeves 6b8b0f1b26 Change add registry 2020-09-28 16:48:02 -04:00
William Wernert f77305e22f Generate zeeklogs sls earlier to avoid error 2020-09-28 16:45:06 -04:00
William Wernert f782299281 Remove preconfigured zeeklog + create it during setup 2020-09-28 15:12:36 -04:00
Josh Patterson fa6396b121 Merge pull request #1410 from Security-Onion-Solutions/fix/disable_auto_start 
send to dev/null to prevent output
 2020-09-28 15:07:40 -04:00
weslambert 3d6c956e02 Merge pull request #1409 from Security-Onion-Solutions/feature/wazuh_wel 
Add initial parsing for Wazuh WEL/Sysmon
 2020-09-28 15:07:15 -04:00
m0duspwnens 0bb1ba2853 send to dev/null to prevent output 2020-09-28 15:06:43 -04:00
Wes Lambert 869767d9d9 Add initial parsing for Wazuh WEL/Sysmon 2020-09-28 19:04:21 +00:00
Josh Patterson 0944cd1bcd Merge pull request #1408 from Security-Onion-Solutions/issue/1093 
Issue/1093
 2020-09-28 14:45:18 -04:00
m0duspwnens 3b709e7877 remove cleaning of webpasswd1 2020-09-28 14:44:14 -04:00
Doug Burks 6e9e4dc99c Hunt third magnifying glass should group output by event.module and event.dataset #1407 2020-09-28 14:19:55 -04:00
Mike Reeves 2cdf76473c Add Registry back from cleanup 2020-09-28 14:19:43 -04:00
m0duspwnens 053b19de11 Merge remote-tracking branch 'remotes/origin/dev' into issue/1093 2020-09-28 13:25:42 -04:00
m0duspwnens bda9078843 check for invalid characters in fleet user password 2020-09-28 13:25:23 -04:00
Doug Burks 0516a9ddd5 Alerts page "Hunt for this field" action should quote field and group output #1406 2020-09-28 12:35:08 -04:00
m0duspwnens 85e53c53af reject passwords with single or double quotes or backslashes 2020-09-28 11:51:19 -04:00
Mike Reeves 6a4d6f7a6d Additional logic 2020-09-28 10:12:52 -04:00
William Wernert 66b7678df8 Merge pull request #1405 from Security-Onion-Solutions/feature/setup-cleanup 
Feature/setup cleanup
 2020-09-28 09:47:52 -04:00
William Wernert 3b9de2b7ca Disable ipv6 earlier in setup 2020-09-28 09:14:45 -04:00
William Wernert a60bf11daa Make sure zeek log is only written on whiptail success 2020-09-28 09:11:50 -04:00
William Wernert 05729d216a Don't direct user to check log in so-zeek-log, none exists 2020-09-28 08:45:59 -04:00
Doug Burks 3904295137 Hunt - improve HTTP queries #1401 2020-09-27 08:04:28 -04:00
Doug Burks aa7f927ffd Hunt - improve x509 queries #1400 2020-09-27 07:17:46 -04:00