CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-24 18:03:10 +01:00
Code Issues Packages Projects Releases Wiki Activity
16,531 Commits 19 Branches 120 Tags
5e62d3ecb230f1a2afbce32fab147e30dec15d90
Commit Graph

10489 Commits

Author SHA1 Message Date
Josh Patterson
bc24a6c574 Revert "change salt upgrade process" 2025-06-25 12:19:45 -04:00
Josh Patterson
b25bb0faf0 Merge pull request #14770 from Security-Onion-Solutions/saltupgradechange 
change salt upgrade process
 2025-06-25 11:31:57 -04:00
Josh Patterson
38c74b46b6 change salt upgrade process 2025-06-25 11:05:28 -04:00
Jason Ertel
21d9964827 fix logging 2025-06-24 11:03:08 -04:00
Jason Ertel
b052a75e64 refactor airgap playbook to eliminate dupe code and shrink ISO 2025-06-24 09:34:57 -04:00
Josh Brower
31cd5b1365 Add support for dns.resolved_ip 2025-06-20 15:02:59 -04:00
Josh Brower
92e9bd43ca Merge pull request #14723 from Security-Onion-Solutions/2.4/airgapfix 
Create dir if needed
 2025-06-09 07:47:59 -04:00
Josh Brower
a600c64229 Create dir if needed 2025-06-09 07:33:02 -04:00
Josh Brower
121dec0180 Merge pull request #14722 from Security-Onion-Solutions/2.4/airgapfix 
Add nsm bind
 2025-06-08 12:30:58 -04:00
Josh Brower
dbdbffa4b0 Add nsm bind 2025-06-08 08:23:09 -04:00
Josh Brower
f360c6ecbc Supress alerts 2025-06-07 09:29:59 -04:00
Josh Brower
b428573a0a Airgap tweaks 2025-06-06 17:48:49 -04:00
Josh Brower
a3b5db5945 Add support for Airgap for Playbooks 2025-06-06 16:17:14 -04:00
Jason Ertel
643afeeae7 enable STS for browser redirects 2025-06-05 16:02:27 -04:00
Jason Ertel
ab89858d04 update to new config location 2025-06-04 17:19:53 -04:00
Jason Ertel
832d66052e upgrade registry to 3.0.0 2025-06-04 09:13:54 -04:00
Corey Ogburn
fc9107f129 Updated Playbook Repo Config 
The repo and folder have changed. We're splitting out playbooks into their own repo: github.com/security-onion-solutions/securityonion-resources-playbooks.
 2025-06-03 13:33:30 -06:00
Jorge Reyes
d9790b04f6 Merge pull request #14676 from Security-Onion-Solutions/reyesj2/fixsystemtime 
fix system integration time overwrite and delete unused ingest pipeline
 2025-06-03 14:01:42 -05:00
Jorge Reyes
88fa04b0f6 Merge pull request #14698 from Security-Onion-Solutions/reyesj2/esidxinfo 
add so-elasticsearch-index-growth
 2025-06-03 09:37:54 -05:00
reyesj2
d240fca721 remove usage of temp file 2025-06-03 08:45:04 -05:00
reyesj2
4d6171bde6 rename script 
Signed-off-by: reyesj2 <94730068+reyesj2@users.noreply.github.com>
 2025-06-03 07:32:12 -05:00
reyesj2
6238a5b3ed tighten up search timeframe 2025-06-02 16:31:26 -05:00
reyesj2
061600fa7a shebang line 2025-06-02 15:55:46 -05:00
reyesj2
1b89cc6818 so-elasticsearch-index-growth script 2025-06-02 15:41:03 -05:00
Josh Brower
0277891392 Use Stable branch 2025-06-02 13:10:13 -04:00
Doug Burks
bf38055a6c add echo to end of so-elasticsearch-ilm-stop 2025-05-30 11:41:50 -04:00
Doug Burks
90b8d6b2f7 add echo to end of so-elasticsearch-ilm-start 2025-05-30 11:41:11 -04:00
Doug Burks
45d541d4f2 FIX: so-elasticsearch-ilm-start needs shebang #14688 2025-05-30 09:55:53 -04:00
Doug Burks
27358137f2 FIX: so-suricata-testrule should disable pcap logging #14685 2025-05-30 09:24:41 -04:00
Doug Burks
58936b31d5 FIX: Improve annotation for Elasticsearch index deletion #14682 2025-05-29 15:19:21 -04:00
reyesj2
fcdacc3b0d fix system integration time overwrite and delete unused ingest pipeline 2025-05-29 12:21:28 -05:00
Jorge Reyes
d3ee5ed7b8 use zeek network.community_id when available 2025-05-28 09:20:41 -05:00
Jason Ertel
db08ac9022 Merge pull request #14651 from Security-Onion-Solutions/jertel/mhf 
Backport Hotfix to dev
 2025-05-22 13:44:36 -04:00
Mike Reeves
ddd023c69a Update so-docker-prune 2025-05-21 13:47:45 -04:00
Josh Brower
b753d40861 Tighten parsing 2025-05-20 17:06:11 -04:00
Josh Brower
2fff6232c1 Merge pull request #14638 from Security-Onion-Solutions/2.4/playbooks-parsing 
Add parsing for Playbook
 2025-05-19 18:06:05 -04:00
Corey Ogburn
39f74fe547 Use the new JSON object editor for RulesRepos config entries 2025-05-19 15:38:45 -06:00
Corey Ogburn
11fb33fdeb Add RulesetName to Rule Repos 
Fill in `rulesetName` in the rules repos of the ElastAlert and Strelka engines. These will act as an example to anybody adding their repos to these lists. The field is not required, but helps avoid collisions when managing repos as the value is used for the folder name. When not present, the final folder of the repo url is used as the rulesetName and as the folder name on disk.

Note that rulesetNames including a `/` will create extra folders in the path but the rulesetName will contain the slash, i.e. `rulesetName="joesecurity/sigma-rules"` will create the nested structure of `reposFolder/joesecurity/sigma-rules" containing the contents of the repo. All rules imported from this repo will have the ruleset of `joesecurity/sigma-rules`.
 2025-05-19 14:19:56 -06:00
Josh Brower
58f4db95ea Create playbooks dir 2025-05-19 15:31:50 -04:00
Josh Brower
b55cb257b6 Add parsing for Playbook 2025-05-19 13:25:27 -04:00
reyesj2
870a9ff80c dedup 2025-05-16 10:24:09 -05:00
reyesj2
689db57f5f logstash isn't running on receivers or manager when kafka is the global.pipeline 2025-05-16 10:05:38 -05:00
Josh Brower
df103b3dca Spacing 2025-05-14 16:36:59 -04:00
Josh Brower
0542c77137 Remove wip config 2025-05-14 16:35:09 -04:00
Josh Brower
9022dc24fb Add Parsing for Playbooks 2025-05-14 13:19:50 -06:00
Corey Ogburn
78b7068638 Playbook Settings 
Map a folder from the manager's soc config folder to soc's sensoroni folder for storing the playbook repo.

Added playbook module section with default values.
 2025-05-14 13:19:49 -06:00
Mike Reeves
5c8460fd26 Update soup 2025-05-14 13:47:26 -04:00
Mike Reeves
69e90e1e70 Update soup 
Souper Duper!
 2025-05-14 13:41:08 -04:00
Jason Ertel
8c5ea19d3c Merge pull request #14619 from Security-Onion-Solutions/jertel/wip 
improve consistency
 2025-05-14 09:31:56 -04:00
Jason Ertel
82562f89f6 improve consistency 2025-05-14 09:23:35 -04:00