CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-06 09:12:45 +01:00
Code Issues Packages Projects Releases Wiki Activity
10,809 Commits 24 Branches 119 Tags
5d060f98326fce11c36ab3e23bd51e80cd8e5a7b
Commit Graph

1851 Commits

Author SHA1 Message Date
Jason Ertel
865ba4264b Stop backing up kratos since it now lives in /nsm. Ensure kratos is removed when re-installing. 2022-12-14 10:57:24 -05:00
Jason Ertel
6985b0ab27 Move kratos DB to /nsm 2022-12-14 10:50:24 -05:00
Doug Burks
544d716c19 disable ecat_arp_info by default 2022-12-01 07:17:16 -05:00
Wes
16cd1080be Add dnp3_control reference in various places 2022-11-29 17:23:37 +00:00
Doug Burks
45892400cb add new zeek opcua logs to so-whiptail 2022-11-26 18:42:51 -05:00
Doug Burks
1f0c984b98 add new zeek opcua logs to so-functions 2022-11-26 18:41:12 -05:00
Doug Burks
9ea59355d5 fix opcua_binary_opensecure_channel in so-functions 2022-11-26 17:03:57 -05:00
Doug Burks
c1287a61af add opcua_binary_opensecure_channel to so-functions 2022-11-26 17:02:04 -05:00
Doug Burks
e44c94c56b add opcua_binary_opensecure_channel to so-whiptail 2022-11-26 17:01:11 -05:00
doug
62c1bb2c0c disable ecat_arp_info since it records all arp traffic 2022-11-25 18:01:53 -05:00
Doug Burks
aa2eab5738 fix zeek ics logs in so-functions 2022-11-25 09:53:11 -05:00
Doug Burks
fe21b8bc17 fix zeek ics logs in so-functions 2022-11-25 09:45:18 -05:00
Doug Burks
62fee1f420 fix zeek ics logs in so-whiptail 2022-11-25 09:39:58 -05:00
Doug Burks
6f27c1b21e fix zeek logs in so-whiptail 2022-11-25 09:26:54 -05:00
Doug Burks
0afb20ffa8 fix ics entries in so-functions 2022-11-25 09:19:11 -05:00
Doug Burks
40688a6076 add Zeek software to so-functions 2022-11-25 07:36:41 -05:00
Doug Burks
9431bf1c2a add Zeek software log to so-whiptail 2022-11-25 07:28:48 -05:00
Doug Burks
96d7429a1c Remove descriptions from so-whiptail 2022-11-21 13:32:51 -05:00
Doug Burks
d4abbd89ca Merge pull request #9185 from Security-Onion-Solutions/dougburks-patch-1 
Update so-functions to enable ICS/SCADA for EVAL and IMPORT
 2022-11-21 12:33:06 -05:00
lock-wire
f80c8b89e4 Shorten Log Descriptions 2022-11-21 09:49:31 -07:00
Doug Burks
aebedf9ac6 Update so-functions to enable ICS/SCADA for EVAL and IMPORT 2022-11-21 10:05:18 -05:00
Peter Di Giorgio
a28e5de5f4 Correct trailing \ 2022-11-18 06:29:57 -06:00
Peter Di Giorgio
33bf0c6902 Merge pull request #9163 from Security-Onion-Solutions/dev 
Update Foxtrot from Dev
 2022-11-17 10:44:24 -06:00
lock-wire
1b8e546045 Add s7comm,tds,stun,profinet,wireguard 2022-11-16 21:41:02 -06:00
Jason Ertel
02b00d2c87 Increase retry count and pause to allow more time for Ubuntu updates 2022-11-16 07:50:08 -05:00
Doug Burks
4400c77f7e Add trailing backslash to bacnet_property in so-functions 2022-11-12 09:13:20 -05:00
lock-wire
73b1e5949b Add ecat, enip, cip, and opcua 2022-11-11 12:15:54 -08:00
Peter Di Giorgio
5532577fdd Merge pull request #9071 from Security-Onion-Solutions/dev 
Merge Dev into Foxtrot
 2022-11-04 08:01:29 -07:00
Jason Ertel
c23e8e5a7b Update README.txt 2022-11-02 10:23:19 -04:00
Doug Burks
aa4a9a093f Create README.txt 2022-11-02 10:20:57 -04:00
Peter Di Giorgio
326ba710ce Add logs for bacnet 
bacnet
bacnet_discovery
bacnet_property
 2022-10-27 15:38:32 -07:00
Peter Di Giorgio
2d343110cc Add DNP3 and Modbus extensions to zeeklogs.sls 2022-10-25 07:09:11 -07:00
Peter Di Giorgio
4502e2c260 Remove logs for OT parsers 2022-10-24 23:16:18 -07:00
Peter Di Giorgio
9cdc29c482 Fix Syntax for zeeklogs pillar 2022-10-24 14:30:15 -07:00
Peter Di Giorgio
cd4e0c1f8e Add DNP3 and Modbus extensions to zeeklogs.sls 
Add DNP3 and Modbus extenstions to zeeklogs to ensure filebeat.yml is configured properly to ship lots.  Need to move these behind the OT flag.
 2022-10-21 14:19:21 -07:00
m0duspwnens
0ebd957308 point to salt3004.2 2022-06-30 11:26:03 -04:00
Mike Reeves
f36c8da1fe Update so-functions 2022-06-27 12:04:33 -04:00
Mike Reeves
080daee1d8 Update so-functions 2022-06-27 11:43:01 -04:00
Jason Ertel
ba6f716e4a Avoid failing setup due to retrying while waiting for lock file 2022-06-23 06:09:04 -04:00
Jason Ertel
210bc556db Add logscan and suricata variants for cloud tests to move from PM into the cloud and help alleviate disk contention 2022-05-28 10:29:04 -04:00
Jason Ertel
e87e672b9e Add logscan and suricata variants for cloud tests to move from PM into the cloud and help alleviate disk contention 2022-05-28 10:28:20 -04:00
Jason Ertel
8bb02763dc Exclude pkg upgrade retry error logs from failing setup 2022-05-28 08:28:10 -04:00
weslambert
c81988ab00 Update shard count for Zeek in setup 2022-04-21 17:26:30 -04:00
Mike Reeves
c3952e94c8 Remove setup from auto starting if you choose to not enter the grid 2022-04-20 14:36:38 -04:00
Doug Burks
5d62ece03b Slight change to IDH verbiage in so-whiptail 2022-04-18 16:33:54 -04:00
Doug Burks
3682754399 remove old comments from so-whiptail 2022-04-18 11:29:46 -04:00
Mike Reeves
012ff3e1bc Fix Analyst Install Loop 2022-04-18 11:02:19 -04:00
Doug Burks
400879c079 Remove distributed verbiage from other node option in so-whiptail 2022-04-18 07:53:57 -04:00
Doug Burks
ce192c2526 Update so-preflight 2022-04-15 13:11:15 -04:00
Doug Burks
a69d361d1b Improve grammar in so-whiptail 2022-04-15 10:45:34 -04:00