CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-07 09:42:46 +01:00
Code Issues Packages Projects Releases Wiki Activity
12,255 Commits 24 Branches 119 Tags
67a608ea565d3fca9563aa64ae87ea6671adb14f
Commit Graph

7496 Commits

Author SHA1 Message Date
m0duspwnens
67a608ea56 adjust suricata defaults 2023-05-24 12:22:42 -04:00
m0duspwnens
8995012c80 fix suricata sostatus 2023-05-24 09:52:07 -04:00
m0duspwnens
732d2aadf8 rename state to resolve conflicting / duplicate state ids 2023-05-24 08:58:43 -04:00
m0duspwnens
e65214b097 Merge remote-tracking branch 'origin/2.4/dev' into issue/10229 2023-05-23 12:10:29 -04:00
m0duspwnens
cc47f9a595 fix suricata thresholding 2023-05-23 11:16:32 -04:00
m0duspwnens
eb633be437 enable/disable suricata in ui. assign threads properly 2023-05-22 17:48:22 -04:00
Jason Ertel
f53fb69ffb Merge pull request #10407 from Security-Onion-Solutions/kilo 
Ignore Synchronize button clicks when an active salt job is running and another is already in queue
 2023-05-22 14:59:42 -04:00
Jason Ertel
ba0ec18a33 Ignore Synchronize button clicks when an active salt job is running and another is already in queue 2023-05-22 14:52:07 -04:00
weslambert
79182cecfd Merge pull request #10397 from Security-Onion-Solutions/fix/elastic_exclude_zeek_reporter_log 
Exclude Zeek's reporter.log from being picked up by Elastic Agent
 2023-05-22 07:56:54 -04:00
weslambert
8cf82c4b6a Merge pull request #10398 from Security-Onion-Solutions/fix/elasticsearch_ingest_dns_query 
Check if 'dns.query' is null
 2023-05-22 07:56:44 -04:00
weslambert
78d4586033 Merge pull request #10399 from Security-Onion-Solutions/fix/elastalert_playbook_alerter 
Update 'url' to use 'es_hosts'
 2023-05-22 07:56:31 -04:00
Jason Ertel
a881cab469 use the same requests version that's already packaged with the analyzer 2023-05-19 23:54:30 -04:00
weslambert
00bd93c026 Update 'url' to use 'es_hosts' 2023-05-19 17:14:13 -04:00
weslambert
2c10ad7eec Check if 'dns.query' is null 2023-05-19 15:50:33 -04:00
weslambert
167051af28 Exclude Zeek's reporter.log from being picked up by Elastic Agent 2023-05-19 15:44:09 -04:00
weslambert
eb9c5e9af0 Merge pull request #10307 from Security-Onion-Solutions/fix/elastic_fleet_ignore_zeek_logs 
Don't read from 'known_hosts.log', 'known_services.log', or 'ntp.log'
 2023-05-19 15:09:15 -04:00
Jason Ertel
03f97b309a fix lib dependency issue with whoisit 2023-05-19 14:18:19 -04:00
weslambert
1ddf45bbbe Change Elastalert writeback index name from 'elastalert_status' to 'elastalert' 2023-05-19 12:39:27 -04:00
Doug Burks
87c42ece00 Update so-kibana-config-load 2023-05-19 12:21:09 -04:00
Doug Burks
4f8fcd3369 Update config_saved_objects.ndjson 2023-05-19 12:19:44 -04:00
Josh Patterson
0027385da9 Merge pull request #10389 from Security-Onion-Solutions/issue/10229 
enable playbook on eval in pillar during setup
 2023-05-18 17:38:05 -04:00
m0duspwnens
4ef77f9050 enable playbook on eval in pillar during setup 2023-05-18 17:34:59 -04:00
Wes
d3c7ea4805 Add EQL option 2023-05-18 16:55:26 +00:00
Wes
82c3d78672 Change Elasticsearch host syntax 2023-05-18 16:52:27 +00:00
Josh Brower
97b68609bc Merge pull request #10381 from Security-Onion-Solutions/2.4/smallfixes 
2.4/ElasticFleetPunchList
 2023-05-18 09:04:30 -04:00
Josh Patterson
1d611e618f Merge pull request #10383 from Security-Onion-Solutions/issue/10229 
remove conditional on cacertz and capemz
 2023-05-18 08:45:41 -04:00
m0duspwnens
f4b8d385ee remove conditional on cacertz and capemz 2023-05-18 08:36:24 -04:00
Jason Ertel
4930ae4ba6 add missing var for local dev 2023-05-17 18:14:21 -04:00
Josh Brower
d11479ec5f Merge remote-tracking branch 'remotes/origin/2.4/dev' into 2.4/smallfixes 2023-05-17 16:11:46 -04:00
Josh Brower
901e3c4a20 Set Fleet Host timeouts to 120 seconds 2023-05-17 16:07:59 -04:00
m0duspwnens
e15c14cc2e fix indent 2023-05-17 15:50:31 -04:00
m0duspwnens
f7ddf57f39 move files out of config 2023-05-17 15:49:22 -04:00
Josh Brower
47e67fda46 Rework restart scripts for Elastic Fleet 2023-05-17 15:37:39 -04:00
Josh Brower
7d0251952c Filter out uneeded Logstash metadata 2023-05-17 11:06:16 -04:00
Josh Brower
5536f5a8c2 Add Fleet node to other roles 2023-05-17 09:32:20 -04:00
Josh Brower
24445cf36a Rename Fleet pipelines 2023-05-16 16:43:21 -04:00
m0duspwnens
77834c1e58 fix grep logic for so-elastic-fleet sostatus.sls 2023-05-16 15:05:14 -04:00
m0duspwnens
6aff526d9e Merge remote-tracking branch 'origin/2.4/dev' into salt3006.1 2023-05-16 13:08:28 -04:00
Josh Brower
000507c366 Update Integrations 2023-05-16 12:50:40 -04:00
m0duspwnens
2419fa43b6 cwd for catrustscript 2023-05-16 12:08:44 -04:00
m0duspwnens
acc7619023 salt 3006.1 2023-05-16 12:04:02 -04:00
m0duspwnens
b253cd45ca Merge remote-tracking branch 'origin/2.4/dev' into issue/10229 2023-05-16 09:22:48 -04:00
Mike Reeves
fb298224fc Update defaults.yaml 2023-05-16 08:17:50 -04:00
Josh Brower
1feed47185 Merge pull request #10360 from Security-Onion-Solutions/2.4/retry 
2.4/retry
 2023-05-16 08:15:42 -04:00
Josh Brower
923de356e1 Fix typos 2023-05-16 08:06:31 -04:00
Josh Brower
9f879164ec Fix broken loop 2023-05-16 06:45:17 -04:00
m0duspwnens
a0e08e4f41 enable elasticfleet via pillar, fix sostatus for elasticfleet 2023-05-15 17:41:09 -04:00
m0duspwnens
2813d67670 import GLOBALS 2023-05-15 16:47:33 -04:00
m0duspwnens
c49b134122 move so-catrust 2023-05-15 16:43:47 -04:00
Josh Brower
40de01e8c4 Temp fix 2023-05-15 15:56:21 -04:00