CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-09 18:52:52 +01:00
Code Issues Packages Projects Releases Wiki Activity
4,763 Commits 26 Branches 119 Tags
72c6fe2184bf42cb79c00d720edd38e190bc7abd
Commit Graph

4763 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
m0duspwnens
72c6fe2184 analyst node changes 2020-10-01 17:05:59 -04:00
m0duspwnens
76c98200f3 analyst node changes 2020-10-01 16:21:51 -04:00
m0duspwnens
964bad4657 analyst node changes 2020-10-01 13:53:38 -04:00
m0duspwnens
75d49845f2 changes to analyst setup script 2020-10-01 10:43:33 -04:00
Jason Ertel
1454201505 Disable thehivealerter 2020-09-30 15:26:29 -04:00
Jason Ertel
3af6e9e1fe Remove mount point for SOCtopus generated playbook rules to avoid them activating and sending alerts to TheHive 2020-09-30 15:14:45 -04:00
Mike Reeves
8b5ff31351 Merge pull request #1430 from Security-Onion-Solutions/redis 
Add Redis pillar and fix idstools
 2020-09-30 15:09:59 -04:00
Mike Reeves
7314e2dea8 Add Redis pillar and fix idstools 2020-09-30 15:08:44 -04:00
Jason Ertel
ff04bb507a Remove default Elastalert rules to stop automated alerts from being sent to thehive 2020-09-30 15:06:54 -04:00
weslambert
5b16a65422 Merge pull request #1429 from Security-Onion-Solutions/fix/zeek_server_ip 
Fix issue with null Zeek server IP
 2020-09-30 13:54:50 -04:00
Wes Lambert
02d2e5e2c6 Fix isue with null Zeek server IP 2020-09-30 17:53:30 +00:00
William Wernert
f3b8da1f9d Fix Engrish (can causing -> can cause) 2020-09-30 13:40:57 -04:00
William Wernert
25d4bde33b Merge pull request #1428 from Security-Onion-Solutions/feature/warn-dhcp 
Add warning about IP address changing for network/DHCP iso installs
 2020-09-30 13:13:40 -04:00
William Wernert
1ff20f7e27 Add warning about IP address changing for network/DHCP iso installs 2020-09-30 13:11:33 -04:00
weslambert
defe832121 Merge pull request #1427 from Security-Onion-Solutions/fix/wazuh_filebeat 
Fix Filebeat config for Wazuh
 2020-09-30 10:59:01 -04:00
Wes Lambert
d8f70397f7 Fix Filebeat config for Wazuh 2020-09-30 14:57:56 +00:00
weslambert
dac2ad5dbf Merge pull request #1425 from Security-Onion-Solutions/feature/soctopus_pillar 
Add initial implementation of SOCtopus pillar
 2020-09-30 10:25:26 -04:00
Wes Lambert
c62acf5e4e Add initial implmentation of SOCtopus pillar 2020-09-30 14:24:15 +00:00
Josh Patterson
10f4e09b70 Merge pull request #1424 from Security-Onion-Solutions/issue/1070 
Issue/1070
 2020-09-30 10:11:37 -04:00
William Wernert
00785c6ba5 Merge pull request #1418 from Security-Onion-Solutions/feature/replace-hardcoded-pass 
Feature/replace hardcoded pass
 2020-09-30 08:56:35 -04:00
Doug Burks
0a995f4a7a Update README.md 2020-09-30 07:43:20 -04:00
m0duspwnens
85969dc16d add quotes and remove quotes 2020-09-29 16:29:05 -04:00
m0duspwnens
bf99bab6c0 add quotes and remove quotes 2020-09-29 16:26:45 -04:00
weslambert
401764437f Merge pull request #1421 from Security-Onion-Solutions/fix/ip_type 
Ensure IPs are typed as IP and ports as integer
 2020-09-29 14:21:25 -04:00
Wes Lambert
36019727b3 Ensure IPs are typed as IP and ports as integer 2020-09-29 18:20:15 +00:00
m0duspwnens
547c3ff52c single quote inputs to yaml files 2020-09-29 13:59:16 -04:00
William Wernert
7d43d48aca Remove bad line in playbook_db_init.sh 2020-09-29 11:13:09 -04:00
William Wernert
55058a11aa Generate passwords for Grafana + Playbook default users 2020-09-29 11:12:09 -04:00
William Wernert
ebe00822f8 Merge pull request #1417 from Security-Onion-Solutions/bugfix/local_zeeklogs 
Bugfix/local zeeklogs
 2020-09-29 08:58:02 -04:00
Doug Burks
60134829d5 Alerts - Drilldown should display rule.uuid #1416 2020-09-29 07:51:45 -04:00
Doug Burks
c7b43ac220 Update soc.json 2020-09-29 07:41:49 -04:00
Doug Burks
a7f24b62e6 Hunt - improve NIDS query and eventFields #1415 2020-09-29 07:34:44 -04:00
Josh Patterson
9ca13ebccd Merge pull request #1414 from Security-Onion-Solutions/issue/1404 
change so salt module to /usr/sbin/so-status
 2020-09-28 18:31:26 -04:00
Mike Reeves
c828a2ea75 Merge pull request #1413 from Security-Onion-Solutions/experimental 
Airgap SOUP!
 2020-09-28 17:47:38 -04:00
m0duspwnens
8741520263 change so salt module to /usr/sbin/so-status 2020-09-28 17:31:05 -04:00
Mike Reeves
6b8b0f1b26 Change add registry 2020-09-28 16:48:02 -04:00
William Wernert
f77305e22f Generate zeeklogs sls earlier to avoid error 2020-09-28 16:45:06 -04:00
William Wernert
f782299281 Remove preconfigured zeeklog + create it during setup 2020-09-28 15:12:36 -04:00
Josh Patterson
fa6396b121 Merge pull request #1410 from Security-Onion-Solutions/fix/disable_auto_start 
send to dev/null to prevent output
 2020-09-28 15:07:40 -04:00
weslambert
3d6c956e02 Merge pull request #1409 from Security-Onion-Solutions/feature/wazuh_wel 
Add initial parsing for Wazuh WEL/Sysmon
 2020-09-28 15:07:15 -04:00
m0duspwnens
0bb1ba2853 send to dev/null to prevent output 2020-09-28 15:06:43 -04:00
Wes Lambert
869767d9d9 Add initial parsing for Wazuh WEL/Sysmon 2020-09-28 19:04:21 +00:00
Josh Patterson
0944cd1bcd Merge pull request #1408 from Security-Onion-Solutions/issue/1093 
Issue/1093
 2020-09-28 14:45:18 -04:00
m0duspwnens
3b709e7877 remove cleaning of webpasswd1 2020-09-28 14:44:14 -04:00
Doug Burks
6e9e4dc99c Hunt third magnifying glass should group output by event.module and event.dataset #1407 2020-09-28 14:19:55 -04:00
Mike Reeves
2cdf76473c Add Registry back from cleanup 2020-09-28 14:19:43 -04:00
m0duspwnens
053b19de11 Merge remote-tracking branch 'remotes/origin/dev' into issue/1093 2020-09-28 13:25:42 -04:00
m0duspwnens
bda9078843 check for invalid characters in fleet user password 2020-09-28 13:25:23 -04:00
Doug Burks
0516a9ddd5 Alerts page "Hunt for this field" action should quote field and group output #1406 2020-09-28 12:35:08 -04:00
m0duspwnens
85e53c53af reject passwords with single or double quotes or backslashes 2020-09-28 11:51:19 -04:00