CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-09 02:32:46 +01:00
Code Issues Packages Projects Releases Wiki Activity
4,697 Commits 25 Branches 119 Tags
68f18da832f43152805bbd0bbf7400d9352d92a3
Commit Graph

91 Commits

Author SHA1 Message Date
Jason Ertel
68f18da832 Add alert query toggle filters for ack'd and escalated alerts 2020-09-25 17:03:42 -04:00
Doug Burks
11b200e9c0 Hunt - remove SMTP fields #1397 2020-09-25 14:17:14 -04:00
Doug Burks
20a56d0831 Hunt - add network.community_id column to Events table for more data types #1396 2020-09-25 13:18:28 -04:00
Jason Ertel
c0be252f9f SOC config adjustments for alerting 2020-09-24 16:37:27 -04:00
Doug Burks
62dbe425a6 Hunt - fix x509 eventFields #1387 2020-09-24 07:52:46 -04:00
Doug Burks
2b8b8e2f40 Hunt - fix file eventFields #1386 2020-09-24 07:44:28 -04:00
Doug Burks
60daacd6dc Hunt - fix DHCP eventFields #1385 2020-09-24 07:34:29 -04:00
Jason Ertel
694635a38f Add pivot to hunt as a new alerts quick action 2020-09-21 17:10:03 -04:00
Jason Ertel
8f4a6df53a Add event.module to default alert query 2020-09-21 09:06:56 -04:00
Jason Ertel
fc51c2aef4 Group by community ID on second alert quick query 2020-09-19 08:39:01 -04:00
Jason Ertel
5b38acb64b Add alerting configuration for soc container 2020-09-18 13:51:23 -04:00
Mike Reeves
5910fe642c Fix Update XML 2020-09-16 13:08:21 -04:00
Mike Reeves
a0f64440e0 Update changes.json 2020-09-16 13:06:26 -04:00
Mike Reeves
3e0e41be32 Update changes.json 2020-09-16 11:41:21 -04:00
Mike Reeves
1801361cf8 Update changes.json 2020-09-16 11:40:05 -04:00
Jason Ertel
f86780a0db Open PCAPs in same tab, but open external sites in new tabs 2020-09-14 10:41:39 -04:00
Doug Burks
18dc7a915a Hunt: Fix Tunnel query #1335 2020-09-13 08:26:33 -04:00
Jason Ertel
89c38541ee Force all SOC quick actions to open in new tab 2020-09-13 02:52:25 -04:00
Doug Burks
311d67b934 Hunt: fix RFB groupby #1332 2020-09-12 06:14:58 -04:00
Doug Burks
8c280221da Hunt: Fix Intel groupby #1131 2020-09-10 07:00:54 -04:00
Doug Burks
7161a662aa improve Wazuh support in Hunt 2020-09-10 06:03:33 -04:00
Jason Ertel
fc4ad1d556 Add Google search quick action to Hunt; Change VirusTotal quick action to be applicable to all field values 2020-09-09 12:22:38 -04:00
Jason Ertel
9babc445ce Add Google search quick action to Hunt; Change VirusTotal quick action to be applicable to all field values 2020-09-09 12:07:23 -04:00
Jason Ertel
ad05e75ce7 Add new quick actions to SOC config template 2020-09-09 00:46:23 -04:00
Jason Ertel
f27e5164d0 Update to latest kratos; add support for a custom status trait to represent whether a user is locked or not; refactor so-user to use new enable/disable capabilities in SOC; remove 'delete' option from so-user usage to avoid having user lists out of sync across SOC and external apps 2020-09-04 17:01:52 -04:00
Doug Burks
77b3ebdabe Hunt Events table should show ssl.server_name when searching for ssl 
Hunt Events table should show ssl.server_name when searching for ssl #1267
 2020-08-30 06:56:15 -04:00
Mike Reeves
05d727e599 Final changes.json update 2020-08-20 19:18:39 -04:00
Jason Ertel
d1e5649a68 Corrected JSON typo and improved formatting 2020-08-20 13:46:20 -04:00
Mike Reeves
3eea2c6b10 2.1.0 Release notes in changes.json 2020-08-20 13:26:14 -04:00
m0duspwnens
e6da423dc3 change reference from manager:url_base to global:url_base - https://github.com/Security-Onion-Solutions/securityonion/issues/1039 2020-08-14 17:55:30 -04:00
Mike Reeves
32f8ea3158 Removes https from rest port 2020-08-11 10:02:00 -04:00
Mike Reeves
e659af3466 ES basic SSL 2020-08-10 14:26:56 -04:00
Jason Ertel
31fd0b6407 Update the Hunt event fields lookups to reflect the latest ingest configs 2020-08-06 14:59:39 -04:00
Mike Reeves
4936da9b5d Merge pull request #1146 from Security-Onion-Solutions/feature/minio 
Feature/minio
 2020-08-05 23:01:58 -04:00
Jason Ertel
30ff6d2b93 Update event fields to reflect new ECS terms - WIP 2020-08-05 16:28:36 -04:00
Mike Reeves
cd766753eb Merge branch 'dev' of https://github.com/Security-Onion-Solutions/securityonion into feature/minio 2020-08-05 14:34:22 -04:00
Mike Reeves
407160b729 Update changes.json 2020-08-04 16:23:03 -04:00
Mike Reeves
24ed92c9dc minio and change to global 2020-08-04 15:54:03 -04:00
Mike Reeves
79c45156c2 Update changes.json 2020-07-23 22:13:02 -04:00
Mike Reeves
4b127010ee Update changes.json 2020-07-23 11:59:20 -04:00
Mike Reeves
75477fe9bf Update changes.json 2020-07-23 11:56:14 -04:00
Jason Ertel
beda859207 Update changes.json sub-bullets to improve communication of the content 2020-07-20 08:47:39 -04:00
Jason Ertel
bd70fdbb33 Corrected JSON syntax to avoid a blank Overview screen in SOC; Applied HTML formatting of changes.json summaries for better markup handling. 2020-07-19 08:11:57 -04:00
Mike Reeves
517edf1938 Update Release Notes 2020-07-18 17:55:35 -04:00
Mike Reeves
64bd70bb48 Update Release Notes 2020-07-18 17:50:25 -04:00
Josh Brower
8647944ae6 Parsing & Hunt query updates 2020-07-14 16:59:06 -04:00
m0duspwnens
1f48dc765e merge with dev and resolv conflicts 2020-07-10 10:36:48 -04:00
Doug Burks
2ce254dfb0 add new DPD query to Hunt 2020-07-10 06:00:36 -04:00
Doug Burks
f5114c034d change Log Type query in Hunt to include event.dataset in the groupby 2020-07-10 05:52:10 -04:00
m0duspwnens
3cf31e2460 https://github.com/Security-Onion-Solutions/securityonion/issues/404 2020-07-09 11:27:06 -04:00