CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-19 15:33:06 +01:00
Code Issues Packages Projects Releases Wiki Activity
12,255 Commits 18 Branches 120 Tags
67a608ea565d3fca9563aa64ae87ea6671adb14f
Commit Graph

461 Commits

Author SHA1 Message Date
Jason Ertel
ba0ec18a33 Ignore Synchronize button clicks when an active salt job is running and another is already in queue 2023-05-22 14:52:07 -04:00
Jason Ertel
4930ae4ba6 add missing var for local dev 2023-05-17 18:14:21 -04:00
m0duspwnens
e15c14cc2e fix indent 2023-05-17 15:50:31 -04:00
m0duspwnens
f7ddf57f39 move files out of config 2023-05-17 15:49:22 -04:00
m0duspwnens
05a81596e5 place and access sensoronikey from sensoroni.config 2023-05-12 14:38:39 -04:00
m0duspwnens
fa1a428133 fix import 2023-05-11 15:36:20 -04:00
m0duspwnens
8e18986671 enabled/disable soc in ui 2023-05-11 15:33:16 -04:00
Mike Reeves
cbd1c05929 Sbin Changes 2023-05-04 10:36:03 -04:00
Mike Reeves
2d4f4791e0 Move files out of common 2023-05-01 15:21:31 -04:00
Doug Burks
4dcc79d245 FIX: Overview Customization link #10173 2023-04-20 16:26:51 -04:00
m0duspwnens
1047462898 add identifiers for all cron.present 2023-04-13 16:25:47 -04:00
Jason Ertel
7f28cdd2a3 provide means for using salt-relay with local development against remove VMs 2023-04-10 14:04:03 -04:00
Doug Burks
5be5466efe fix GeoIP queries 2023-03-24 14:03:12 -04:00
Doug Burks
a9dc7a14cb fix GeoIP queries 2023-03-24 13:56:51 -04:00
Doug Burks
aa9d44ab09 Add four new GeoIP dashboards 2023-03-24 13:51:13 -04:00
Josh Brower
bad905f54c SOC Logs & Hunt Query 2023-03-23 16:22:59 -04:00
Josh Brower
2fe8668f1b Merge pull request #9891 from Security-Onion-Solutions/2.4/huntqueries 
Initial updates for 2.4 fieldnames
 2023-03-09 14:37:50 -05:00
Josh Brower
73abf8dbfd Generic host dashboard 2023-03-09 14:32:52 -05:00
Josh Brower
1493806040 Change host dashboard titles 2023-03-08 17:03:02 -05:00
Josh Brower
a5c89bfaa1 update sysmon dashboards 2023-03-08 16:49:34 -05:00
m0duspwnens
0f9803120e Merge remote-tracking branch 'remotes/origin/2.4/dev' into 2.4/heavynode 2023-03-06 13:55:09 -05:00
m0duspwnens
b6d55bedc8 make influxdb token accessible to all nodes 2023-03-06 13:50:17 -05:00
Doug Burks
a2bda07820 add VLAN dashboard 2023-03-05 15:24:11 -05:00
Josh Brower
9db6df0f14 Initial updates for 2.4 fieldnames 2023-03-04 15:19:19 -05:00
Doug Burks
e24296d536 add SOC Dashboards groupby for Zeek conn vlan field 2023-03-03 15:23:43 -05:00
m0duspwnens
052e0dea2e create and manage metrics_link in a file for soc 2023-02-28 14:47:44 -05:00
Josh Patterson
cbcd3c9dd9 Update defaults.map.jinja 2023-02-27 15:39:03 -05:00
Josh Patterson
8632606a24 Update defaults.map.jinja 2023-02-27 15:37:35 -05:00
Josh Patterson
8d33f01936 Update defaults.map.jinja 2023-02-27 15:01:31 -05:00
Jason Ertel
aed41404fc Merge pull request #9852 from Security-Onion-Solutions/kilo 
Remove FleetDM tool from SOC instead of deactivating it; generate SRV key during setup
 2023-02-24 13:05:58 -05:00
Jason Ertel
316db85584 Generate SOC SRVKey during setup 2023-02-24 10:20:23 -05:00
Jason Ertel
d3c5d0569a Remove FleetDM tool instead of deactivating it 2023-02-24 10:20:02 -05:00
m0duspwnens
8f46e4aa30 set docker extra_hosts for soc 2023-02-23 12:26:58 -05:00
Jason Ertel
4222b09970 Merge branch '2.4/dev' into reposync 2023-02-23 12:15:03 -05:00
Mike Reeves
148b0b1c4c use hostnames please 2023-02-23 11:11:29 -05:00
weslambert
ecf70847fd Change 'GLOBALS.minion_id' to 'GLOBALS.hostname' for 'analyzerNodeId' value to ensure SOC creates analyzer jobs in the correct directory 2023-02-22 16:23:48 -05:00
Jason Ertel
8746f55834 influx upgrade 2023-02-15 08:03:22 -05:00
Jason Ertel
cd27ae89cc influx upgrade 2023-02-10 16:34:06 -05:00
Jason Ertel
ea0c3db8e1 upgrade influxdb 2023-02-08 13:23:45 -05:00
m0duspwnens
e0e094cd95 rename sosbip and sosrange to sobip and sorange 2023-02-03 10:10:51 -05:00
m0duspwnens
a37f0fd0c0 rename sosbridge to sobridge 2023-02-03 10:07:07 -05:00
Doug Burks
a44d83d69b Improve Suricata DHCP parsing and dashboard 2023-01-31 08:33:38 -05:00
m0duspwnens
1d2f491084 Merge remote-tracking branch 'remotes/origin/2.4/dev' into 2.4/firewall 2023-01-26 10:49:00 -05:00
m0duspwnens
d1460ae01f add node_data.ips pillar. grab influx host ip for soc extra_hosts 2023-01-24 17:05:40 -05:00
Jason Ertel
7b1f867ac3 Add defaults for auto extracted observables 2023-01-24 13:17:50 -05:00
Jason Ertel
b0709e93fa test workflow 2023-01-24 10:50:52 -05:00
m0duspwnens
6033e9a0de use port_bindings from docker defaults in docker states 2023-01-13 10:15:10 -05:00
m0duspwnens
d4c6834cd0 merge with 2.4/dev 2023-01-06 14:01:58 -05:00
m0duspwnens
cb1822a62d change ref to DOCKER.sosrange 2023-01-05 15:57:06 -05:00
Doug Burks
5754365c6d Improve default sysmon fields and add new network_connection fields 2023-01-04 07:42:24 -05:00