CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-06 17:22:49 +01:00
Code Issues Packages Projects Releases Wiki Activity
14,503 Commits 24 Branches 119 Tags
6f05c3976b45337fae4699c953345a80179b398b
Commit Graph

1020 Commits

Author SHA1 Message Date
Wes
005930f7fd Add error.message mapping for system.syslog 2024-03-07 15:41:23 +00:00
weslambert
d8e8933ea0 Add AWS Security Hub template 2024-03-05 09:25:41 -05:00
weslambert
d85ac39e28 Add AWS Inspector template 2024-03-05 09:23:17 -05:00
weslambert
1514f1291e Add AWS GuardDuty template 2024-03-05 09:21:48 -05:00
weslambert
b64d61065a Add AWS Cloudfront template 2024-03-05 09:19:43 -05:00
weslambert
df3943b465 Daily rollover 2024-02-27 17:24:27 -05:00
weslambert
1d099f97d2 Update pattern for endpoint diagnostic template 2024-02-26 11:27:56 -05:00
Josh Patterson
d2f7946377 Merge pull request #12411 from Security-Onion-Solutions/issue/12382 
nest under policy
 2024-02-21 16:28:04 -05:00
m0duspwnens
162785575c nest under policy 2024-02-21 15:28:24 -05:00
Josh Brower
686304f24a Merge remote-tracking branch 'origin/2.4/dev' into kilo 2024-02-15 09:47:51 -05:00
Corey Ogburn
0d297274c8 DetectionComment Mapping Defined 2024-02-13 12:53:18 -07:00
Corey Ogburn
64f6d0fba9 Updated Detection's ES Mappings 
Detection's now have a License field and the Comment model is defined now.
 2024-02-09 14:20:07 -07:00
Corey Ogburn
29174566f3 WIP: Updated Detection Mappings, Changed Engine to Language 
Detection mappings updated to include the removal of Note and the addition of Tags, Ruleset, and Language.

SOC defaults updated to use language based queries rather than engine and show the language column instead of the engine column in results.
 2024-02-08 09:44:56 -07:00
Wes
182667bafb Change numbers for Elasticsearch 2024-02-01 13:59:23 +00:00
Wes
bc502cc065 Custom Elasticserach pipeline annotations 2024-01-31 21:46:33 +00:00
Wes
bc75be9402 Custom pipelines in UI 2024-01-31 20:16:48 +00:00
Wes
cd4bd6460a Custom pipelines 2024-01-31 20:16:18 +00:00
Corey Ogburn
585147d1de Added so-detection mapping in elasticsearch 2024-01-31 10:39:47 -07:00
Wes
12ab6338db Add diagnostic 2024-01-25 20:16:52 +00:00
weslambert
cd54d4becb Fix indent 2024-01-25 13:57:02 -05:00
weslambert
5f1c76f6ec endpoint.diagnostic.collection 2024-01-25 09:46:25 -05:00
Wes
8426aad56d Text mapping for scan.pe.flags 2024-01-24 15:10:42 +00:00
Wes
d23d367058 Make scan.pe.flags a string 2024-01-24 15:08:38 +00:00
Wes
80a3942245 Rename RITA pipelines 2024-01-22 20:15:48 +00:00
Wes
7118cc8dee Add additional integration SOC configuration 2024-01-19 22:04:07 +00:00
Wes
05aa8b013a Add additional integration to templates 2024-01-19 22:02:39 +00:00
Mike Reeves
efe8cfda95 Update suricata.common 2024-01-19 13:39:28 -05:00
Mike Reeves
08486e279c Update suricata.common 2024-01-19 13:36:43 -05:00
Wes
e70ce50912 Change description 2024-01-17 14:06:16 +00:00
Wes
f6590ac0bf Remove Suricata IKEv2 pipeline 2024-01-16 18:10:00 +00:00
Wes
ea64ce92d3 Add Suricata IKE pipeline 2024-01-16 18:09:46 +00:00
Wes
8a92b023b2 Add interface name 2024-01-16 18:09:16 +00:00
weslambert
252c51dafb Change order of names 2024-01-12 16:45:18 -05:00
weslambert
a07e6e1058 OTX pulses 2024-01-12 16:43:33 -05:00
weslambert
3f9678056d OTX pulses template 2024-01-12 16:42:32 -05:00
Wes
418f41c7e4 Add SOC configuration for metrics 2024-01-12 15:03:18 +00:00
Wes
5eae349938 Add endpoint metrics templates 2024-01-12 13:47:35 +00:00
Wes
c89d674a92 Add settings for integrations 2024-01-11 14:18:06 +00:00
Wes
9b1ddcacb4 Add additional templates for integrations 2024-01-11 14:00:09 +00:00
Josh Brower
5513e74807 comma 2024-01-09 08:12:33 -05:00
Josh Brower
31ee365a91 Fixup FIM events 2024-01-09 08:11:05 -05:00
weslambert
7684aadb87 Merge pull request #12062 from Security-Onion-Solutions/fix/curator_remove 
Curator Remove Changes
 2023-12-20 15:16:47 -05:00
Wes
4baf4657f6 Curator cleanup 2023-12-20 19:10:22 +00:00
Doug Burks
6a1073b616 FIX: Update dashboard and hunt query for firewall logs #12021 2023-12-18 12:57:40 -05:00
Josh Patterson
45f50cc121 Merge pull request #12019 from Security-Onion-Solutions/fix/extrahosts 
fix extra_hosts
 2023-12-14 12:03:07 -05:00
m0duspwnens
3dbf97944d fix extra_hosts. https://github.com/Security-Onion-Solutions/securityonion/issues/12015 2023-12-14 10:26:29 -05:00
weslambert
5d3f2298b6 Merge pull request #12000 from Security-Onion-Solutions/feature/additional_integrations 
Additional Integrations #2
 2023-12-13 13:23:34 -05:00
weslambert
8cf5d9c1a6 Annotations 2023-12-13 11:55:40 -05:00
weslambert
cdac2bfa16 Add Anomali, Cybersixgill, Snort, and ThreatQuotient 2023-12-13 11:03:25 -05:00
Doug Burks
d49d13289e Update so-elastic-clear 2023-12-12 16:37:06 -05:00