CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-06 09:12:45 +01:00
Code Issues Packages Projects Releases Wiki Activity
11,025 Commits 24 Branches 119 Tags
5b67795c23b688a7ff2ec8c7b4d46b49a7e3b3c9
Commit Graph

246 Commits

Author SHA1 Message Date
reyesj2
a9457d5f53 Remove external community-id replaced with Zeek 6 built in community-id. 
Signed-off-by: reyesj2 <94730068+reyesj2@users.noreply.github.com>
 2023-10-17 16:02:16 -04:00
Mike Reeves
46fc62b8dc Update init.sls 2023-04-12 10:29:54 -04:00
weslambert
2b2d39c869 Don't load BZAR script(s) by default 2022-12-02 10:46:45 -05:00
Peter Di Giorgio
2e30cefd91 Add remaining protocol parsers 
- icsnpp-bsap
      - icsnpp-s7comm
      - zeek-plugin-tds
      - zeek-plugin-profinet
      - zeek-spicy-wireguard
      - zeek-spicy-stun
 2022-11-17 10:47:00 -06:00
Peter Di Giorgio
13b6b43324 Update init.sls 2022-11-17 10:42:21 -06:00
weslambert
78bc2a95e5 Add icsnpp-bsap to enabled plugins 2022-11-17 11:20:24 -05:00
lock-wire
1b8e546045 Add s7comm,tds,stun,profinet,wireguard 2022-11-16 21:41:02 -06:00
Peter Di Giorgio
d890f75cca Correct typo 2022-11-11 13:59:20 -08:00
lock-wire
73b1e5949b Add ecat, enip, cip, and opcua 2022-11-11 12:15:54 -08:00
Peter Di Giorgio
1ea6feca37 Add icsnpp-bacnet 2022-10-27 15:31:38 -07:00
Peter Di Giorgio
61d36d584f Add Modbus, DNP3, BZAR, and oui-logging 2022-10-25 07:10:52 -07:00
Peter Di Giorgio
beb67847f9 Remove modbus,bzar,dnp3,oui-logging 2022-10-24 23:14:32 -07:00
Peter Di Giorgio
01d177366d Fix Zeek Pillar 2022-10-24 12:00:43 -07:00
Peter Di Giorgio
4a60310dc8 Add Modbus, DNP3, BZAR, and oui-logging 
This is an initial proof of concept.  Need to migrate these entries behind a flag.
 2022-10-21 14:04:40 -07:00
Wes Lambert
5c90fce3a1 Add Kratos Logstash output to search pipeline for Logstash 2022-07-08 15:58:00 +00:00
m0duspwnens
d8abc0a195 if in dmz_nodes dont add to filebeta 2022-05-11 11:51:18 -04:00
m0duspwnens
a641346c02 prevent nodes with logstash:dmz:true from being added to logstash:nodes pillar 2022-05-10 17:28:19 -04:00
Josh Patterson
f5095b273d Merge pull request #7665 from Security-Onion-Solutions/workstation_state 
Workstation state
 2022-03-29 10:27:07 -04:00
m0duspwnens
0ddfaf8d74 changes for workstation 2022-03-28 15:34:15 -04:00
Wes Lambert
f613d8ad86 Add RITA Logstash config 2022-03-22 17:36:18 +00:00
Wes Lambert
ba24f75893 Fix index typo 2022-03-11 18:11:16 +00:00
Wes Lambert
70ed20f691 Add new sls file for custom ES index templates 2022-03-11 18:07:23 +00:00
Josh Brower
3610b0cd30 merge in dev 2022-02-21 16:52:53 -05:00
Wes Lambert
de731fc05d Remove default templates from ES template pillar since they are now managed in the defaults file. 2022-02-15 17:04:57 +00:00
Josh Brower
37b17b8821 Initial support - IDH Node 2022-02-07 19:27:51 -05:00
m0duspwnens
797d769661 use actual hostname in logstash:nodes pillar 2022-02-03 10:36:18 -05:00
Jason Ertel
1d885a5419 Add case template to eval installs 2021-12-29 11:38:38 -05:00
Jason Ertel
e87cbc37a4 Add case template 2021-12-28 19:17:15 -05:00
m0duspwnens
759bf9837e pillar top clean up for receiver and logstash.nodes 2021-12-15 09:31:03 -05:00
m0duspwnens
d9a384cc29 remove global:pipeline pillar call from logstash pipeline pillars 2021-12-15 09:30:15 -05:00
m0duspwnens
c490a3be36 move node_data pillar to logstash:nodes, set extra hosts for filebeat docker 2021-12-14 13:32:42 -05:00
m0duspwnens
8d0872bce5 create node_data pillar from mine data, use node_data pillar for filebeat config 2021-12-13 15:48:30 -05:00
m0duspwnens
f3ec5df447 add receiver node 2021-12-07 11:13:51 -05:00
m0duspwnens
96666ab307 add receiver node 2021-12-07 10:19:32 -05:00
m0duspwnens
8da2133cff give kibana.secrets pillar to import node 2021-11-11 11:31:07 -05:00
m0duspwnens
392305e4ed add engame changes that were missing from merge somehow 2021-11-10 09:01:42 -05:00
m0duspwnens
57c6e26634 encrypt kibana saved objects - https://github.com/Security-Onion-Solutions/securityonion/issues/6146 2021-11-09 16:41:25 -05:00
m0duspwnens
c8fb504ee0 Revert "Merge remote-tracking branch 'remotes/origin/dev' into issue/3933" 
This reverts commit 54eec92621, reversing
changes made to 7832e59629.
 2021-10-13 15:22:46 -04:00
Wes Lambert
e1629d7ec4 Initial EG stuff 2021-10-13 17:13:07 +00:00
Mike Reeves
6ae2fba71f Update search.sls 2021-09-14 13:57:26 -04:00
Mike Reeves
2cc25587d9 Update eval.sls 2021-09-14 13:57:04 -04:00
Mike Reeves
614a6dc9fe Update manager.sls 2021-09-14 13:56:43 -04:00
William Wernert
e41811fbd0 [fix] Typo 2021-07-13 15:14:13 -04:00
William Wernert
80525ee736 [wip] Add logscan pipeline 2021-07-08 12:29:50 -04:00
m0duspwnens
c9ee28ce01 adding elasticsearch.auth to heavynode and searchnode 2021-06-21 14:47:24 -04:00
Jason Ertel
fca1c6e957 Merge branch 'dev' into kilo 2021-06-14 10:40:04 -04:00
Mike Reeves
7fba904f75 Dynamix Pipelines take 1 2021-06-09 15:32:39 -04:00
Mike Reeves
33db9023eb Revert to SO taxonomy for zeek and suricata 2021-06-08 13:50:39 -04:00
m0duspwnens
d25a439bd4 more changes 2021-06-01 10:53:58 -04:00
m0duspwnens
0134ceef16 merge and resolve conflict in elasticsearch state 2021-05-27 11:33:44 -04:00