CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2026-04-24 21:47:48 +02:00
Code Issues Packages Projects Releases Wiki Activity
15,921 Commits 41 Branches 125 Tags
5e4f1fc27917ba279005240a9b0a9e90d1eef1a8
Commit Graph

10070 Commits

Author SHA1 Message Date
m0duspwnens 5e4f1fc279 only run fix ldap when lief installed 2024-12-16 10:23:14 -05:00
m0duspwnens e779d180f9 work around libvirt issue. add raid scripts 2024-12-13 16:03:17 -05:00
m0duspwnens 5649986834 Merge branch '2.4/dev' into vlb2 2024-12-09 15:35:57 -05:00
m0duspwnens a0a18973d8 add new salt bootstrap 2024-12-09 15:29:51 -05:00
Josh Patterson b3ce624fff Merge pull request #13921 from Security-Onion-Solutions/reposynccron 
only enable repo sync cron if OEL
 2024-11-08 16:16:48 -05:00
m0duspwnens ee4405e75e only enable repo sync cron if OEL 2024-11-08 16:13:44 -05:00
defensivedepth dcbb0e48d4 make sure its owned by socore 2024-11-08 14:34:29 -05:00
defensivedepth 74b95a0bcc Merge remote-tracking branch 'origin/2.4/dev' into 2.4/templaterepos 2024-11-08 09:20:11 -05:00
defensivedepth 8b70aa9f0e Fix socore permissions 2024-11-08 09:19:41 -05:00
Corey Ogburn 8334fd9c46 Source Dates 2024-11-07 14:44:45 -07:00
Josh Brower 47f9b0021c Merge pull request #13879 from Security-Onion-Solutions/2.4/templaterepos 
Add local custom template
 2024-11-07 15:40:36 -05:00
defensivedepth f5bd8ab585 Rewrite docs 2024-11-07 15:33:47 -05:00
defensivedepth 28d468dd41 Merge remote-tracking branch 'origin/2.4/dev' into 2.4/templaterepos 2024-11-07 07:25:01 -05:00
reyesj2 80b82b0bd6 missing replica 0 
Signed-off-by: reyesj2 <94730068+reyesj2@users.noreply.github.com>
 2024-11-06 15:24:13 -06:00
reyesj2 039d5c22ac fix: crowdstrike integration 
Signed-off-by: reyesj2 <94730068+reyesj2@users.noreply.github.com>
 2024-11-06 14:35:41 -06:00
Corey Ogburn 52a144c052 Added Help Link to Annotation for IgnoredSidRanges 2024-11-05 12:11:17 -07:00
Corey Ogburn 25d55feeef More Detailed Description 2024-11-05 11:41:14 -07:00
Corey Ogburn 5e48ccafce Update Default Value 2024-11-05 11:11:34 -07:00
Corey Ogburn 69dd35c30a Add Option for Ignoring Ranges of SIDs in Suricata Integrity Check 2024-11-04 14:31:53 -07:00
m0duspwnens efbf62f56a adding beacon 2024-11-04 08:30:40 -05:00
defensivedepth 7896f951f3 timestamp fix 2024-10-31 10:24:58 -04:00
Josh Brower 01932d873f Merge pull request #13883 from Security-Onion-Solutions/2.4/lookuprev2 
2.4/lookuprev2
 2024-10-31 08:46:01 -04:00
defensivedepth 6b468eaed3 rm eaintegration state file 2024-10-30 16:52:44 -04:00
defensivedepth c509dab5f1 Use socore user 2024-10-30 11:03:14 -04:00
reyesj2 36fc3bbd6d add so-ip-mappings index 
Signed-off-by: reyesj2 <94730068+reyesj2@users.noreply.github.com>
 2024-10-30 10:24:11 -04:00
defensivedepth 5406a263d5 Add local custom template 2024-10-29 19:42:06 -04:00
m0duspwnens 9ac5ef09ad update comment 2024-10-29 11:01:04 -04:00
m0duspwnens 3394588602 sync hypervisor state remote to local 2024-10-29 10:56:18 -04:00
defensivedepth 4c5099d429 Initial support for local lookup 2024-10-29 10:27:54 -04:00
m0duspwnens c64a05f2ff dynamic annotations 2024-10-29 10:20:31 -04:00
m0duspwnens 0c4426a55e Merge branch '2.4/dev' into vertlybimp 2024-10-29 08:32:39 -04:00
Josh Brower 6a3e5415cf Merge pull request #13832 from Security-Onion-Solutions/2.4/sigmapipelines 
Add process and file creation mappings
 2024-10-28 18:30:21 -04:00
defensivedepth f3ca5b1c42 Remove OS-specific mappings 2024-10-28 09:19:51 -04:00
m0duspwnens feb700393e merge with 2.4.120, fix merge conflicts 2024-10-25 15:09:38 -04:00
Corey Ogburn 640f53d085 Cleanup 
Fix indentation and trailing comma.
 2024-10-24 17:05:36 -06:00
Corey Ogburn 1aa9d87c5d Corrected 
Put the note on the right model this time.
 2024-10-24 17:05:36 -06:00
Corey Ogburn e11c562022 Added Note to ES Mappings 2024-10-24 17:05:35 -06:00
Corey Ogburn 6ce52bf9ab Specify Defaults for detectionEngineStatusQueries 
Specify the defaults as an example to the user.
 2024-10-24 13:11:49 -06:00
Corey Ogburn f67fcecc6e Clean up StatusQueries String 2024-10-24 11:18:48 -06:00
Corey Ogburn b7c392a244 Corrected a misspelling 2024-10-24 11:18:48 -06:00
Corey Ogburn ad0b0a5e95 Refactor to String 
To accomodate the config screen, the annotation now specifies it as a multiline string with a yaml syntax. The user can edit the yaml to add or remove queries. The UI will parse the YAML before use.

Also updated the IntegrityFailure queries to specify table columns more relevant to a sync failure than the default ones.
 2024-10-24 11:18:47 -06:00
Corey Ogburn c77b0afd8e Move to Client/Detections 
Added a basic annotation.
 2024-10-24 11:18:47 -06:00
Corey Ogburn 04ebe4efea Array to Dictionary 2024-10-24 11:18:46 -06:00
Corey Ogburn cbb4d6846f Detection Engine Status Queries 
A few for testing
 2024-10-24 11:18:45 -06:00
m0duspwnens a0558ace16 replace: False to remove state warning 2024-10-24 10:33:16 -04:00
m0duspwnens ca793966a8 set retry and interval to remove state warning 2024-10-24 10:32:42 -04:00
Josh Patterson 578a18acbe Merge pull request #13853 from Security-Onion-Solutions/agcr 
install createrepo for airgap
 2024-10-23 14:21:26 -04:00
m0duspwnens 8cc530dd4c fix HELD for debian families 2024-10-23 09:36:17 -04:00
m0duspwnens 1df104967e fix pkg name 2024-10-22 16:50:23 -04:00
m0duspwnens 7a0f6d5e93 fix pkg name 2024-10-22 16:42:01 -04:00