CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-06 09:12:45 +01:00
Code Issues Packages Projects Releases Wiki Activity
10,744 Commits 24 Branches 119 Tags
5b6182c003a0a56c2e6df69462c89f3b39b21a5c
Commit Graph

10744 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Jason Ertel
5b6182c003 Merge pull request #9289 from Security-Onion-Solutions/jertel/filechek 
Update filecheck to support Suricata extracted files
 2022-12-05 10:59:44 -05:00
Jason Ertel
69c5a9dd90 ensure tmp files are not processed 2022-12-05 10:31:09 -05:00
Jason Ertel
86c31c129a add suricata to socore group 2022-12-05 10:27:42 -05:00
Jason Ertel
483a9d477f undo filecheck location move 2022-12-05 10:15:15 -05:00
Jason Ertel
d7f60a0e58 only check files on inotify 2022-12-05 10:01:40 -05:00
Jason Ertel
f06443f3dd add suricata to socore group 2022-12-05 09:57:24 -05:00
Jason Ertel
fe798138e3 add suricata to socore group 2022-12-05 09:50:35 -05:00
Jason Ertel
e9bb60dedb fix filecheck for suricata deployments 2022-12-05 09:28:25 -05:00
Jason Ertel
992ced685f fix filecheck for suricata deployments 2022-12-05 09:27:31 -05:00
Jason Ertel
592bbf4217 fix filecheck for suricata deployments 2022-12-05 09:21:08 -05:00
Mike Reeves
eacf6238d8 Merge pull request #9274 from Security-Onion-Solutions/2.3.190 
2.3.190
 2022-12-02 15:33:53 -05:00
Mike Reeves
0a7ada314d 2.3.190 2022-12-02 15:31:42 -05:00
Mike Reeves
c8edb43748 Merge pull request #9272 from Security-Onion-Solutions/2.3.190 
2.3.190
 2022-12-02 15:28:02 -05:00
Mike Reeves
f112663a76 2.3.190 2022-12-02 15:21:42 -05:00
weslambert
4311d5135b Merge pull request #9269 from Security-Onion-Solutions/fix/zeek_scripts_bzar_remove_by_default 
Don't load BZAR script(s) by default
 2022-12-02 11:02:07 -05:00
weslambert
2b2d39c869 Don't load BZAR script(s) by default 2022-12-02 10:46:45 -05:00
Mike Reeves
fcc0534572 Merge pull request #9267 from Security-Onion-Solutions/TOoSmOotH-patch-4 
Update init.sls
 2022-12-02 09:41:03 -05:00
Mike Reeves
a3f9859fdb Update init.sls 2022-12-02 09:38:13 -05:00
Doug Burks
cf5d5e4fc2 Merge pull request #9257 from Security-Onion-Solutions/dougburks-patch-1 
Disable ecat_arp_info by default in so-zeek-logs and so-whiptail
 2022-12-01 07:31:47 -05:00
Doug Burks
7184b9cb25 disable ecat_arp_info by default in so-zeek-logs 2022-12-01 07:18:05 -05:00
Doug Burks
544d716c19 disable ecat_arp_info by default 2022-12-01 07:17:16 -05:00
weslambert
f1f611cede Merge pull request #9256 from Security-Onion-Solutions/fix/ics_ingest_pipelines_bsap_node_status 
Change 'bsap.node.status.byte' to 'bsap.node.status_byte'
 2022-11-30 13:04:39 -05:00
weslambert
5988c12773 Change 'bsap.node.status.byte' to 'bsap.node.status_byte' 2022-11-30 13:01:30 -05:00
Mike Reeves
dc5f4ef942 Merge pull request #9253 from Security-Onion-Solutions/TOoSmOotH-patch-2 
Use shutil in case there are multiple filesystems involved.
 2022-11-30 11:04:30 -05:00
Doug Burks
91e15c233d Merge pull request #9252 from Security-Onion-Solutions/dougburks-patch-1 
update stun, tunnel, and wireguard dashboards in dashboards.queries.json
 2022-11-30 11:03:56 -05:00
Mike Reeves
42cde0b6f0 Use shutil in case there are multiple filesystems involved. 2022-11-30 10:59:09 -05:00
Doug Burks
1279997ca9 update stun, tunnel, and wireguard dashboards in dashboards.queries.json 2022-11-30 10:59:00 -05:00
weslambert
93e0ec8696 Merge pull request #9249 from Security-Onion-Solutions/fix/ics_ingest_pipelines_additional_field_renames 
More ICS Field Name Updates
 2022-11-30 10:26:36 -05:00
Wes
8f0547beda Change 'bsap.node.status_byte' to 'bsap.node_status_byte'. 2022-11-30 15:24:53 +00:00
Wes
6cb4c02200 More field updates 2022-11-30 15:22:02 +00:00
weslambert
8c54c44690 Merge pull request #9248 from Security-Onion-Solutions/fix/ics_ingest_pipelines_additional_field_renames 
Additional ICS field renames and updates
 2022-11-30 10:09:44 -05:00
Wes
5d72f8d55a Additional field renames and updates 2022-11-30 15:01:41 +00:00
Mike Reeves
768225ff5a Merge pull request #9242 from Security-Onion-Solutions/TOoSmOotH-patch-1 2022-11-29 23:42:15 -05:00
Mike Reeves
571ac4edec Update soup 2022-11-29 18:36:47 -05:00
weslambert
86cfac4983 Merge pull request #9241 from Security-Onion-Solutions/fix/ics_pipelines_field_renames 
ICS Pipelines - Various Field Renames
 2022-11-29 17:23:34 -05:00
Wes
e00a80feb4 Use native link_id naming scheme for now 2022-11-29 22:05:37 +00:00
Wes
e8e39a7105 Various field renames 2022-11-29 21:32:05 +00:00
Wes
13ea44db95 Use native 'is_orig' since we are already using that field name for other logs 2022-11-29 21:21:41 +00:00
weslambert
7f4f1397e7 Merge pull request #9240 from Security-Onion-Solutions/fix/add_s7comm_upload_download_ingest_pipeline 
Add Zeek s7comm upload download ingest pipeline
 2022-11-29 15:00:26 -05:00
Wes
5db3e22363 Add s7comm_upload_download references in various places 2022-11-29 19:58:18 +00:00
Wes
6fe2857ba5 Add Zeek s7comm_upload_download ingest pipeline 2022-11-29 19:45:56 +00:00
weslambert
56b0bae089 Merge pull request #9238 from Security-Onion-Solutions/fix/opcua_encoding_mask_format 
Fix OP CUA Encoding Mask Format and Ensure Connection State Is Populated Before Assessing Its Value
 2022-11-29 14:16:03 -05:00
weslambert
f947e501cb Add space per request 2022-11-29 14:14:37 -05:00
weslambert
ff8bbc399f Add space per request 2022-11-29 14:14:08 -05:00
weslambert
80226a27cc Add space per request 2022-11-29 14:13:41 -05:00
weslambert
266207cc18 Add space per request 2022-11-29 14:12:52 -05:00
weslambert
5255c120c5 Add space per request 2022-11-29 14:11:20 -05:00
Wes
d44f8e495b Check if connection.state is populated before trying to assess its value 2022-11-29 19:00:47 +00:00
Wes
13a8cbdabb Add convert processor for opcua.encoding_mask 2022-11-29 18:59:30 +00:00
Doug Burks
c3c505f8ff Merge pull request #9237 from Security-Onion-Solutions/dougburks-patch-1 
add ICS COTP dashboard to dashboards.queries.json
 2022-11-29 13:40:24 -05:00