 Jason Ertel
|
890bcd58f9
|
Merge branch 'dev' into kilo
|
2022-05-04 19:25:08 -04:00 |
|
 weslambert
|
a96c665d04
|
Change test name for EmailRep
|
2022-05-03 14:13:25 -04:00 |
|
|
weslambert
|
f3a91d9fcd
|
Add EmailRep analyzer to observable support matrix
|
2022-05-03 10:10:57 -04:00 |
|
|
Wes Lambert
|
5a9acb3857
|
Add EmailRep analyzer and tests
|
2022-05-03 14:06:32 +00:00 |
|
|
Wes Lambert
|
8b5666b238
|
Ensure API key is used
|
2022-05-03 12:48:06 +00:00 |
|
|
weslambert
|
efb229cfcb
|
Update to match configuration in analyzer dir
|
2022-05-02 16:35:21 -04:00 |
|
|
weslambert
|
2fcb2b081d
|
Update allowed complexity to 12
|
2022-05-02 16:14:43 -04:00 |
|
|
weslambert
|
25f17a5efd
|
Update allowed complexity to 11
|
2022-04-29 09:42:57 -04:00 |
|
|
weslambert
|
66b4fe9f58
|
Add additional information around URI and User Agent
|
2022-04-28 17:14:36 -04:00 |
|
|
Wes Lambert
|
c001708707
|
Add Pulsedive analyzer and tests
|
2022-04-28 20:56:03 +00:00 |
|
|
weslambert
|
4edd729596
|
Add initial supported observable matrix/table
|
2022-04-27 08:58:34 -04:00 |
|
|
Wes Lambert
|
76f183b112
|
Add Greynoise analyzer and tests
|
2022-04-26 17:25:35 +00:00 |
|
|
Wes Lambert
|
bd63753d80
|
Update analyzer name/description
|
2022-04-25 19:27:10 +00:00 |
|
|
Wes Lambert
|
15fcaa7030
|
Add localfile analyzer and tests
|
2022-04-25 19:23:35 +00:00 |
|
 Jason Ertel
|
71a86b0a3c
|
Merge pull request #7856 from Security-Onion-Solutions/bumpver
Bump version
|
2022-04-25 13:01:19 -04:00 |
|
|
Jason Ertel
|
e2145720bd
|
Bump version
|
2022-04-25 12:10:29 -04:00 |
|
 Mike Reeves
|
b4aa59c619
|
Merge pull request #7853 from Security-Onion-Solutions/dev
2.3.120
2.3.120
|
2022-04-25 11:33:05 -04:00 |
|
|
Mike Reeves
|
6975153cf4
|
Merge pull request #7852 from Security-Onion-Solutions/2.3.120
2.3.120
|
2022-04-25 08:59:52 -04:00 |
|
|
Mike Reeves
|
0935f51667
|
2.3.120
|
2022-04-25 08:57:35 -04:00 |
|
|
Mike Reeves
|
f92d65737b
|
2.3.120
|
2022-04-25 08:53:04 -04:00 |
|
 Josh Patterson
|
8f5967911b
|
Merge pull request #7847 from Security-Onion-Solutions/m0duspwnens-patch-1
add eval
|
2022-04-22 16:06:01 -04:00 |
|
|
Josh Patterson
|
80eb31368a
|
add eval
|
2022-04-22 16:04:29 -04:00 |
|
|
Jason Ertel
|
d8fdf2b701
|
Merge branch 'dev' into kilo
|
2022-04-22 15:11:24 -04:00 |
|
|
Jason Ertel
|
459d388614
|
Only override nameservers if the first nameserver given is non empty
|
2022-04-22 15:08:56 -04:00 |
|
|
Wes Lambert
|
fbf6e64e67
|
Add initial OTX analyzer and tests
|
2022-04-22 17:13:40 +00:00 |
|
|
weslambert
|
677db7c563
|
Merge pull request #7841 from Security-Onion-Solutions/weslambert-patch-2
Update shard count for Zeek in setup
|
2022-04-21 17:27:57 -04:00 |
|
|
weslambert
|
1bb216954c
|
Merge pull request #7840 from Security-Onion-Solutions/weslambert-patch-1
Update shards for Zeek
|
2022-04-21 17:26:57 -04:00 |
|
|
weslambert
|
c81988ab00
|
Update shard count for Zeek in setup
|
2022-04-21 17:26:30 -04:00 |
|
|
weslambert
|
542db5b7f5
|
Update defaults.yaml
|
2022-04-21 17:24:24 -04:00 |
|
|
Wes Lambert
|
b2db32a2c7
|
Add function/test for non-existent VT api_key
|
2022-04-21 17:33:24 +00:00 |
|
|
Wes Lambert
|
9287d6adf7
|
Reduce size of test output for test
|
2022-04-21 16:56:22 +00:00 |
|
|
Wes Lambert
|
c8e189f35a
|
Add source-packages for JA3er
|
2022-04-21 16:46:45 +00:00 |
|
|
Wes Lambert
|
5afcc8de4f
|
Add JA3er analyzer and associated test
|
2022-04-21 16:42:46 +00:00 |
|
|
weslambert
|
d7eed52fae
|
Change -f to -r
|
2022-04-21 09:46:44 -04:00 |
|
 Doug Burks
|
2910b56ea1
|
Merge pull request #7835 from Security-Onion-Solutions/elastic-7.17.3
UPGRADE: Elastic 7.17.3 #7807
|
2022-04-21 09:02:51 -04:00 |
|
|
Doug Burks
|
e608285341
|
UPGRADE: Elastic 7.17.3 #7807
|
2022-04-21 08:57:08 -04:00 |
|
|
Doug Burks
|
04856540dc
|
UPGRADE: Elastic 7.17.3 #7807
|
2022-04-21 08:54:09 -04:00 |
|
|
Doug Burks
|
feb7eeeb8e
|
UPGRADE: Elastic 7.17.3 #7807
|
2022-04-21 08:47:40 -04:00 |
|
|
Doug Burks
|
44f4b1da7f
|
Merge pull request #7832 from Security-Onion-Solutions/fix/prevent-multiple-instances
FIX: Prevent multiple instances of so-sensor-clean and so-playbook-sync #6622
|
2022-04-20 17:00:09 -04:00 |
|
|
Doug Burks
|
1edb443c5d
|
so-playbook-sync pgrep should be more strict to avoid multiple matches on Ubuntu
|
2022-04-20 16:48:26 -04:00 |
|
|
Doug Burks
|
8fc03afdc0
|
so-sensor-clean pgrep should be more strict to avoid matching multiples on Ubuntu
|
2022-04-20 16:47:18 -04:00 |
|
|
Mike Reeves
|
fe09b5b0d1
|
Merge pull request #7831 from Security-Onion-Solutions/awlocal
Remove setup from auto starting if you choose to not enter the grid
|
2022-04-20 14:42:58 -04:00 |
|
|
Mike Reeves
|
c3952e94c8
|
Remove setup from auto starting if you choose to not enter the grid
|
2022-04-20 14:36:38 -04:00 |
|
|
Doug Burks
|
3aac644da5
|
Merge pull request #7830 from Security-Onion-Solutions/dougburks-patch-1
FIX: Improve Zeek file extraction #7829
|
2022-04-20 14:13:13 -04:00 |
|
|
Doug Burks
|
15ef0968d9
|
FIX: Improve Zeek file extraction #7829
|
2022-04-20 14:01:46 -04:00 |
|
|
Jason Ertel
|
aeb70dad8f
|
Doc updates
|
2022-04-19 14:31:21 -04:00 |
|
|
Jason Ertel
|
4129cef9fb
|
Add new spamhaus analyzer
|
2022-04-19 12:12:52 -04:00 |
|
|
Josh Patterson
|
40d9335573
|
Merge pull request #7822 from Security-Onion-Solutions/workstation_state
add securityonion-strelka-oneshot and securityonion-strelka-fileshot to workstation
|
2022-04-19 09:21:35 -04:00 |
|
|
m0duspwnens
|
807f6adf1e
|
add securityonion-strelka-oneshot and securityonion-strelka-fileshot to workstation
|
2022-04-19 09:19:09 -04:00 |
|
|
Doug Burks
|
6339ee3bf3
|
Merge pull request #7818 from Security-Onion-Solutions/dougburks-patch-1
Slight change to IDH verbiage in so-whiptail
|
2022-04-18 16:35:22 -04:00 |
|