CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-27 03:13:15 +01:00
Code Issues Packages Projects Releases Wiki Activity
16,352 Commits 19 Branches 120 Tags
6c472dd383669a82ce2d4efbc7bc4ccf2db78069
Commit Graph

843 Commits

Author SHA1 Message Date
Josh Patterson
6c472dd383 Merge remote-tracking branch 'origin/2.4/dev' into vlb2 2025-03-05 08:58:03 -05:00
Josh Patterson
2c5861a0c2 ensure local hypervisor dir when new hypervisor key accepted. apply soc.dyanno.hypervisor when hypervisor key accepted 2025-03-05 08:51:10 -05:00
Doug Burks
c6c67f4d06 FEATURE: Add sankey chart to Elastic Agent API dashboard to show relationship between process.name and process.Ext.api.name #14339 2025-03-05 06:31:16 -05:00
Jason Ertel
85450693a2 Merge branch '2.4/dev' into jertel/wip 2025-03-04 10:55:29 -05:00
Jason Ertel
0047246cf2 reduce stdout verbosity 2025-03-04 10:55:12 -05:00
Doug Burks
44535cba8c FIX: Elastic Agent Security Events dashboard should reference user.effective.name #14325 2025-03-04 06:46:56 -05:00
Doug Burks
e53f4fd1f1 Update defaults.yaml to quote the process.entity_id value 2025-03-02 05:54:30 -05:00
Josh Patterson
c8a1c8377a vm power operations 2025-02-27 16:04:44 -05:00
Josh Patterson
4e954c24f7 handle cpu, copper and sfp as options 2025-02-26 17:58:09 -05:00
Josh Patterson
52839e2a7d implement regex for cpu and mem 2025-02-26 15:22:36 -05:00
Josh Patterson
1a9d5f151f change description formatting. include full vm name in HYPERVISORS 2025-02-26 14:28:31 -05:00
Josh Patterson
d6f527881a allow for destroyed vms to be displayed in ui. VNM cleanup destroyed status files after 48h 2025-02-26 09:06:45 -05:00
Jason Ertel
9dafa062f8 annotation/config updates 2025-02-25 17:00:41 -05:00
Josh Patterson
5811b184be enhance annotations. account for line separation instead of comma for hardware 2025-02-25 11:13:35 -05:00
Josh Patterson
e0a3b51ca2 md in description 2025-02-25 08:54:04 -05:00
Josh Patterson
c896785480 fix vm deletion 2025-02-24 14:20:09 -05:00
Josh Patterson
6ac14f832e only allow first process step to overwrite last 2025-02-24 12:22:52 -05:00
Josh Patterson
3246176c0a comments 2025-02-21 14:34:08 -05:00
Josh Patterson
b68f561e6f progress and hw tracking for soc hypervisor dynamic annotations 2025-02-21 09:50:01 -05:00
Josh Patterson
8ffd4fc664 new examples 2025-02-16 02:31:52 -05:00
Josh Patterson
f46548ed88 remove free hw from description 2025-02-16 02:25:18 -05:00
Josh Patterson
0d335e3056 free and totals in labels 2025-02-16 02:23:11 -05:00
Josh Patterson
6ff701bd5c soc ui improvements for hypervisor layout. show free hardware for a hypervisor in the description 2025-02-16 01:33:50 -05:00
Josh Patterson
eb4cd75218 virtual_node_manager lookup hardware from defaults. allocate hw in vm file 2025-02-15 11:29:47 -05:00
Josh Patterson
ad27c8674b no longer need add_* nodes 2025-02-15 10:50:09 -05:00
Josh Patterson
5123a86062 start of dynamic annotations for hypervisor 2025-02-12 13:21:39 -05:00
Josh Patterson
160c84ec1a Merge pull request #14200 from Security-Onion-Solutions/2.4/dev 
2.4/dev
 2025-02-06 17:41:22 -05:00
Jason Ertel
bf19c6e730 ca download; ignore shard errors on startup; clarify oidc id 2025-02-05 15:04:04 -05:00
Corey Ogburn
23ebe966e0 Added Large Values Warning 
maxBulkEscalateEvents now has a warning that large values may run into other limits.
 2025-02-04 10:33:04 -07:00
Corey Ogburn
d0fa6eaf83 New Limit on Bulk Creating Related Events 
Used by the UI and API to hint at a user that not every event will be attached to a case. Supports values up to 10,000 (the default limit on the number of documents returned by a single ES search).
 2025-02-03 14:20:33 -07:00
m0duspwnens
213df68d04 merge with 120 dev and fix conflicts 2025-01-23 10:56:48 -05:00
Jorge Reyes
107ca38268 fix http query for "includes" function 2025-01-14 08:24:07 -06:00
Jorge Reyes
35547b476f update http query 2025-01-14 08:13:27 -06:00
Jorge Reyes
ad765200c3 Merge pull request #14105 from Security-Onion-Solutions/reyesj2/moarzeekparse 
Additional Zeek parsing & cloudflare_logpush integration
 2025-01-13 11:37:21 -06:00
reyesj2
14c920a258 fix hidden ldap menu subtitle 2025-01-13 09:23:32 -06:00
Joshua Brower
dcdf31eee8 Fix folder perm 2025-01-10 16:15:17 -05:00
reyesj2
e60a1e4357 zeek ldap & ldap_search parsing 
Signed-off-by: reyesj2 <94730068+reyesj2@users.noreply.github.com>
 2025-01-09 16:06:10 -06:00
Joshua Brower
a2caf7425d Add config options 2025-01-07 13:22:14 -05:00
Joshua Brower
6fa11a38ef Update defaults 2025-01-07 13:14:50 -05:00
Josh Brower
8408a53b82 Merge remote-tracking branch 'origin/2.4/dev' into 2.4/navigator 2025-01-02 16:13:34 -05:00
Doug Burks
927b618ec9 Update Zeek QUIC dashboard, add Hunt query, add quic.server.name as column in Events table 2025-01-02 06:57:56 -05:00
reyesj2
9f83853922 Zeek QUIC support 
Signed-off-by: reyesj2 <94730068+reyesj2@users.noreply.github.com>
 2024-12-31 13:44:20 -06:00
defensivedepth
7237b8971e Refactor pipeline for hash changes 2024-12-23 15:41:13 -05:00
defensivedepth
9475211417 Refactor Navigator for Detections 2024-12-09 16:31:51 -05:00
m0duspwnens
5649986834 Merge branch '2.4/dev' into vlb2 2024-12-09 15:35:57 -05:00
reyesj2
754d28e95d add openvpn & ipsec support to Zeek 2024-12-05 09:52:55 -06:00
Josh Brower
04ffdf9b15 Merge pull request #13958 from Security-Onion-Solutions/2.4/autoenablesigma 
More flexibility for AutoEnable Sigma rules
 2024-11-21 09:47:49 -05:00
defensivedepth
f61bf1bd67 Remove adv 2024-11-21 09:15:29 -05:00
defensivedepth
b1c4e32123 Remove duplicate option 2024-11-21 09:11:44 -05:00
defensivedepth
8958da83b3 Deprecate instead 2024-11-20 18:00:26 -05:00