CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-06 09:12:45 +01:00
Code Issues Packages Projects Releases Wiki Activity
10,689 Commits 24 Branches 119 Tags
5db643e53bbbd114360a833f7409431dcc3359db
Commit Graph

10689 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Wes
5db643e53b Add Zeek dnp3_control ingest pipeline 2022-11-29 17:18:24 +00:00
weslambert
745cdef538 Merge pull request #9232 from Security-Onion-Solutions/fix/filebeat_ics_tag_bsap 
Add 'ics' tag for 'bsap'-prefixed events/logs
 2022-11-29 11:37:18 -05:00
weslambert
aa767b8dc1 Add 'ics' tag for 'bsap'-prefixed events/logs 2022-11-29 11:27:41 -05:00
Doug Burks
45cdd16308 Merge pull request #9228 from Security-Onion-Solutions/fix/zeek-ics-eventfields 
More Zeek ICS changes
 2022-11-29 09:18:40 -05:00
doug
1bb76bb251 update zeek s7comm parsers 2022-11-29 07:50:21 -05:00
doug
4251331bd4 update zeek tds parsers and dashboard 2022-11-29 07:43:20 -05:00
doug
124d56f4b9 update zeek cip parsers 2022-11-29 07:36:30 -05:00
doug
02821b97ad update bacnet parsers 2022-11-29 07:26:11 -05:00
doug
9a50832669 fix more typos 2022-11-29 07:16:30 -05:00
doug
cffbe757a6 fix bsap typos 2022-11-29 06:56:51 -05:00
Doug Burks
14ff5670f7 add bsap entries to hunt.eventfields.json 2022-11-29 06:48:20 -05:00
Doug Burks
92e238aa10 Merge pull request #9227 from Security-Onion-Solutions/fix/zeek-ics-parsers 
Fix Zeek ICS parsers and add dashboards
 2022-11-28 15:58:24 -05:00
doug
8462e66873 fix opcua_binary_browse_description 2022-11-28 13:50:24 -05:00
Doug Burks
2763b5846c improve dashboard descriptions 2022-11-28 13:10:23 -05:00
Doug Burks
dd4c34397d improve dashboard descriptions 2022-11-28 13:03:54 -05:00
Doug Burks
a796fa2ff7 make sure that ICS dashboards with sankey also have separate event.dataset table 2022-11-28 12:09:57 -05:00
Doug Burks
268253ce14 update ENIP dashboard 2022-11-28 12:05:35 -05:00
Doug Burks
6a2f886fcc improve ecat dashboard 2022-11-28 12:01:35 -05:00
Doug Burks
63915b0486 consolidate DNP3 dashboards 2022-11-28 11:58:48 -05:00
Doug Burks
ce7b16a230 more ICS dashboards 2022-11-28 10:06:58 -05:00
Doug Burks
a4f5e7b2a6 add ECAT dashboard 2022-11-28 10:05:15 -05:00
Doug Burks
cfbbc3a1a3 add S7 dashboard 2022-11-28 10:02:33 -05:00
Doug Burks
11a7f051a6 organize dashboards 2022-11-28 09:57:54 -05:00
Doug Burks
cb06269b1a update DNP3 and MODBUS dashboards 2022-11-28 09:40:42 -05:00
Mike Reeves
d026414bcf Merge pull request #9226 from Security-Onion-Solutions/bgfix 
Remove BG for filecheck
 2022-11-28 09:12:45 -05:00
Mike Reeves
e15ca408e7 Remove BG for filecheck 2022-11-28 09:11:41 -05:00
Mike Reeves
0e2753393b Remove BG for filecheck 2022-11-28 09:09:25 -05:00
Doug Burks
b06e9e8477 add new zeek opcua logs to so-zeek-logs 2022-11-26 18:44:28 -05:00
Doug Burks
45892400cb add new zeek opcua logs to so-whiptail 2022-11-26 18:42:51 -05:00
Doug Burks
1f0c984b98 add new zeek opcua logs to so-functions 2022-11-26 18:41:12 -05:00
doug
6d814d3909 add more zeek opcua parsers 2022-11-26 17:43:58 -05:00
Doug Burks
9ea59355d5 fix opcua_binary_opensecure_channel in so-functions 2022-11-26 17:03:57 -05:00
Doug Burks
c1287a61af add opcua_binary_opensecure_channel to so-functions 2022-11-26 17:02:04 -05:00
Doug Burks
e44c94c56b add opcua_binary_opensecure_channel to so-whiptail 2022-11-26 17:01:11 -05:00
Doug Burks
ec0cf71c3f add opcua_binary_opensecure_channel to so-zeek-logs 2022-11-26 17:00:32 -05:00
doug
73adc571de add more zeek ics parsers 2022-11-26 10:36:49 -05:00
doug
62c1bb2c0c disable ecat_arp_info since it records all arp traffic 2022-11-25 18:01:53 -05:00
Doug Burks
692ec05b2d fix opcua_binary_activate_session in hunt.eventfields.json 2022-11-25 17:51:25 -05:00
Doug Burks
00078fd9e5 add opcua_binary_activate_session_diagnostic_info to hunt.eventfields.json 2022-11-25 17:47:41 -05:00
Doug Burks
13c8fb0004 add ecat_coe_info to hunt.eventfields.json 2022-11-25 17:45:28 -05:00
Doug Burks
920b16e494 add ecat_dev_info to hunt.eventfields.json 2022-11-25 17:42:59 -05:00
Doug Burks
d98c57510a add opcua_binary_activate_session_locale_id to hunt.eventfields.json 2022-11-25 17:39:17 -05:00
Doug Burks
58aa730437 add opcua_binary_create_session_endpoints to hunt.eventfields.json 2022-11-25 17:37:10 -05:00
Doug Burks
f36da68009 add opcua_binary_create_subscription to hunt.eventfields.json 2022-11-25 17:35:02 -05:00
Doug Burks
0091675ab6 fix opcua_binary_get_endpoints_description in hunt.eventfields.json 2022-11-25 17:32:30 -05:00
Doug Burks
83d25a97d3 add opcua_binary_get_endpoints_description to hunt.eventfields.json 2022-11-25 16:01:40 -05:00
Doug Burks
e536568c8a add opcua_binary_activate_session to hunt.eventfields.json 2022-11-25 15:59:17 -05:00
Doug Burks
a00eb9071f add opcua_binary_get_endpoints to hunt.eventfields.json 2022-11-25 15:57:35 -05:00
Doug Burks
c39cd9a290 add opcua_binary_browse_result to hunt.eventfields.json 2022-11-25 15:55:59 -05:00
Doug Burks
cb5483d401 add opcua_binary_create_session to hunt.eventfields.json 2022-11-25 15:53:09 -05:00