CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-09 10:42:54 +01:00
Code Issues Packages Projects Releases Wiki Activity
8,375 Commits 25 Branches 119 Tags
6a2e1df7d47cb1f85c41f686bae2c9a0848d2f6b
Commit Graph

8375 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
William Wernert
bf40a1038e Whiptail changes 
* Update wording of ip mask prompt + so-allow question for clarity
* Remove old ip+mask prompts
 2021-08-12 10:32:27 -04:00
William Wernert
3312a66e75 Fix indent 2021-08-11 16:37:22 -04:00
William Wernert
4a31d6b3bc Specify images are also verified 2021-08-11 16:35:33 -04:00
William Wernert
64dfc6e191 Fix pull logic and properly hide output 2021-08-11 16:33:45 -04:00
William Wernert
95bd7f9861 Merge branch 'dev' into foxtrot 2021-08-11 13:47:38 -04:00
William Wernert
983549711c Pull image if missing when enabling module in so-learn 2021-08-11 13:47:31 -04:00
Josh Patterson
5922dbdf22 Merge pull request #5120 from Security-Onion-Solutions/issue/4674 
Issue/4674
 2021-08-10 12:29:51 -04:00
m0duspwnens
9e48a5b57b fix the pillar.get 2021-08-10 10:29:29 -04:00
m0duspwnens
3c1114403e fix the pillar.get 2021-08-10 10:25:05 -04:00
m0duspwnens
8d2f614af6 Merge remote-tracking branch 'remotes/origin/dev' into issue/4674 2021-08-10 10:16:30 -04:00
m0duspwnens
1415de858c delete old dashboard folders via api - https://github.com/Security-Onion-Solutions/securityonion/issues/4674 2021-08-10 10:16:14 -04:00
Josh Patterson
59e9fddf18 Merge pull request #5109 from Security-Onion-Solutions/issue/4674 
remove old dashboard dirs
 2021-08-09 13:37:45 -04:00
m0duspwnens
ad3b6cf629 remove old dashboard dirs - https://github.com/Security-Onion-Solutions/securityonion/issues/4674 2021-08-09 13:34:02 -04:00
William Wernert
b12e2eded5 Merge pull request #5086 from Security-Onion-Solutions/foxtrot 
Add conditional check for logscan log + add log folder to logrotate config
 2021-08-06 11:32:23 -04:00
William Wernert
26030d83eb Merge branch 'dev' into foxtrot 2021-08-06 09:44:10 -04:00
William Wernert
3b01f6431e Add logscan to logrotate config 2021-08-06 09:43:58 -04:00
Jason Ertel
a646867593 Merge branch 'dev' into kilo 2021-08-06 09:14:45 -04:00
Josh Patterson
768e61e11a Merge pull request #5080 from Security-Onion-Solutions/issue/2806 
Issue/2806
 2021-08-05 12:02:42 -04:00
m0duspwnens
e72ad9eb5a allow curator 2021-08-05 11:54:49 -04:00
m0duspwnens
ac4faf673d add so-manager to curator.yml 2021-08-05 11:11:59 -04:00
William Wernert
dd1769fbef Only check for logscan on manager-type and import 2021-08-05 11:02:09 -04:00
m0duspwnens
853a986082 add reqs to docker add manager to so-curator-closed-delete-delte 2021-08-05 10:36:18 -04:00
m0duspwnens
727a3742f5 run only on manager if truecluster enabled 2021-08-05 09:50:51 -04:00
Doug Burks
478a0b6a3f Merge pull request #5075 from Security-Onion-Solutions/fix/typo 
fix typo
 2021-08-05 07:43:46 -04:00
Doug Burks
771688a70f fix typo 2021-08-05 07:34:07 -04:00
Josh Patterson
40fa549353 Merge pull request #5066 from Security-Onion-Solutions/issue/2806 
dont run curator on searchnode if truecluster is enabled
 2021-08-04 15:01:11 -04:00
Jason Ertel
84fdc1e690 Merge pull request #5057 from Security-Onion-Solutions/bravo 
Several Suricata things
 2021-08-04 12:26:11 -04:00
Mike Reeves
71bbb41b5f Merge branch 'dev' into bravo 2021-08-04 10:57:10 -04:00
m0duspwnens
52cb72ba67 dont run curator on searchnode if truecluster is enabled - https://github.com/Security-Onion-Solutions/securityonion/issues/2806 2021-08-04 09:40:34 -04:00
William Wernert
54a3b754e0 Merge pull request #5050 from Security-Onion-Solutions/foxtrot 
Add logscan state, related pipeline config, and initial so-learn script
 2021-08-03 16:30:07 -04:00
William Wernert
2bc88e7750 Remove learn from allowed states for helixsensor 2021-08-03 15:29:37 -04:00
William Wernert
ef59cb47dd Use print_err function 2021-08-03 15:26:57 -04:00
William Wernert
9e5d3aa286 Fix removed root check in so-rule 2021-08-03 15:25:53 -04:00
William Wernert
25bf25eae6 Allowed states remove typo'd logscan 2021-08-03 15:24:32 -04:00
William Wernert
24f5fa66f3 Merge branch 'dev' into foxtrot 2021-08-03 13:02:29 -04:00
Mike Reeves
1aeb2d7d4f Merge pull request #5040 from Security-Onion-Solutions/kilo 
Condense cloud automations
 2021-08-03 10:59:28 -04:00
Jason Ertel
ee176f5bfd Condense cloud automations 2021-08-03 07:40:50 -04:00
Jason Ertel
eb093b8e6c Condense cloud automations 2021-08-02 21:52:42 -04:00
Jason Ertel
f88fa6e3b2 Condense cloud automations 2021-08-02 21:51:26 -04:00
Jason Ertel
724f7d4f3d Merge pull request #5036 from Security-Onion-Solutions/kilo 
Condense cloud automations
 2021-08-02 18:04:05 -04:00
Jason Ertel
19816d8814 Condense cloud automations 2021-08-02 17:55:27 -04:00
William Wernert
d3b170c6df Add logscan automation file + fix enable command in setup 2021-08-02 12:37:37 -04:00
William Wernert
757091beeb Add log_level to logscan.conf 2021-08-02 10:35:39 -04:00
William Wernert
8a49039b85 Only append source.ip to logscan.source.ips if it's been created 2021-08-02 09:50:49 -04:00
William Wernert
4f39cd1d7f Add logscan dynamic object to so-common template mappings 2021-07-30 16:02:02 -04:00
William Wernert
2a6277c0c3 Fix field names in logscan pipeline 2021-07-30 15:46:39 -04:00
William Wernert
33bd6aed20 Fix logscan pipeline on eval 
* Rename logscan pipeline to logscan.alert
* Add module to indices array in filebeat.yml
 2021-07-30 14:41:15 -04:00
William Wernert
b9980c9d30 Fix pipeline name 2021-07-30 13:09:09 -04:00
William Wernert
01bb94514c Correct mod_so_status to only act on single string 2021-07-30 11:05:48 -04:00
William Wernert
d71967ea1d Fix incorrect writing of so-status.conf 2021-07-30 10:28:39 -04:00