CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2026-04-25 14:07:49 +02:00
Code Issues Packages Projects Releases Wiki Activity
14,877 Commits 40 Branches 125 Tags
796eefc2f041fc7f9314804e46fd5e5bd066d4fb
Commit Graph

9301 Commits

Author SHA1 Message Date
DefensiveDepth dbfb178556 Add test 2024-04-16 12:22:53 -04:00
Josh Brower 5e8b16569f Merge pull request #12793 from Security-Onion-Solutions/2.4/detectiondefaults 
Add docs for ruleset change
 2024-04-12 13:54:06 -04:00
DefensiveDepth f5e42e73af Add docs for ruleset change 2024-04-12 13:30:20 -04:00
Josh Brower 5b81a73e58 Merge pull request #12791 from Security-Onion-Solutions/2.4/detectiondefaults 
Fix fingerprint paths
 2024-04-12 09:01:38 -04:00
DefensiveDepth 49ccd86c39 Fix fingerprint paths 2024-04-12 08:35:44 -04:00
reyesj2 55cf90f477 merge 2.4/dev 
Signed-off-by: reyesj2 <94730068+reyesj2@users.noreply.github.com>
 2024-04-11 14:44:59 -04:00
reyesj2 c269fb90ac Added a Kismet Wifi devices dashboard for an overview of kismet data 
Signed-off-by: reyesj2 <94730068+reyesj2@users.noreply.github.com>
 2024-04-11 14:41:54 -04:00
Mike Reeves 1250a728ac Merge pull request #12769 from Security-Onion-Solutions/TOoSmOotH-patch-3 
Update analyst.json
 2024-04-11 14:30:17 -04:00
reyesj2 68e016090b Fix network.wireless.ssid not parsing 
Signed-off-by: reyesj2 <94730068+reyesj2@users.noreply.github.com>
 2024-04-11 13:21:54 -04:00
reyesj2 fd689a4607 Fix typo in ingest pipeline 
Test to fix duplicate events in SOC, by removing conflicting field event.created

Signed-off-by: reyesj2 <94730068+reyesj2@users.noreply.github.com>
 2024-04-11 11:18:04 -04:00
DefensiveDepth 1c5f02ade2 Update annotations 2024-04-11 09:21:08 -04:00
DefensiveDepth ed97aa4e78 Enable Detections Adv by default 2024-04-11 08:21:20 -04:00
reyesj2 7124f04138 Update ingest pipelines to match updated mappings 
Signed-off-by: reyesj2 <94730068+reyesj2@users.noreply.github.com>
 2024-04-10 16:13:06 -04:00
reyesj2 2ab9cbba61 Update wording for Kismet poll interval annotation 
Signed-off-by: reyesj2 <94730068+reyesj2@users.noreply.github.com>
 2024-04-10 16:12:22 -04:00
reyesj2 4097e1d81a Create mappings for Kismet integration 
Signed-off-by: reyesj2 <94730068+reyesj2@users.noreply.github.com>
 2024-04-10 16:10:27 -04:00
Mike Reeves 2206553e03 Update analyst.json 2024-04-10 09:49:21 -04:00
DefensiveDepth 376efab40c Ship Defender logs 2024-04-08 14:01:38 -04:00
Corey Ogburn 00cea6fb80 Detection Author as a Keyword instead of Text 
With Quick Actions added to Detections, as many fields should be usable as possible.
 2024-04-05 11:22:47 -06:00
Mike Reeves 21f86be8ee Update so-log-check 2024-04-05 08:03:42 -04:00
Josh Brower 8e38c3763e Merge pull request #12756 from Security-Onion-Solutions/2.4/detections-defaults 
Use list not string
 2024-04-04 17:00:38 -04:00
DefensiveDepth ca807bd6bd Use list not string 2024-04-04 16:58:39 -04:00
Josh Brower f72cbd5f23 Merge pull request #12755 from Security-Onion-Solutions/2.4/detections-defaults 
2.4/detections defaults
 2024-04-04 11:33:59 -04:00
Josh Brower 1d7e47f589 Merge pull request #12682 from Security-Onion-Solutions/2.4/soup-playbook 
2.4/soup playbook
 2024-04-04 11:28:09 -04:00
DefensiveDepth 49d5fa95a2 Detections tweaks 2024-04-04 11:26:44 -04:00
Doug Burks b0aee238b1 Merge pull request #12753 from Security-Onion-Solutions/dougburks-patch-1 
FEATURE: Add dashboards specific to Elastic Agent #12746
 2024-04-04 09:35:21 -04:00
Doug Burks d8ac3f1292 FEATURE: Add dashboards specific to Elastic Agent #12746 2024-04-04 09:30:05 -04:00
Mike Reeves 784ec54795 2.3 updates 2024-04-04 09:24:17 -04:00
Mike Reeves 54fce4bf8f 2.3 updates 2024-04-04 09:21:16 -04:00
Mike Reeves c4ebe25bab Attempt to fix 2.3 when main repo changes 2024-04-04 09:18:37 -04:00
Doug Burks 5ec3b834fb FEATURE: Add Events table columns for event.module sigma #12743 2024-04-04 09:11:41 -04:00
Mike Reeves 7668fa1396 Attempt to fix 2.3 when main repo changes 2024-04-04 09:03:29 -04:00
Mike Reeves 470b0e4bf6 Attempt to fix 2.3 when main repo changes 2024-04-04 08:55:13 -04:00
Mike Reeves d3f163bf9e Attempt to fix 2.3 when main repo changes 2024-04-04 08:54:04 -04:00
Mike Reeves 4b31632dfc Attempt to fix 2.3 when main repo changes 2024-04-04 08:52:37 -04:00
DefensiveDepth c2f7f7e3a5 Remove dup line 2024-04-04 08:52:30 -04:00
DefensiveDepth 07cb0c7d46 Merge remote-tracking branch 'origin/2.4/dev' into 2.4/soup-playbook 2024-04-04 08:51:09 -04:00
Mike Reeves 14c824143b Attempt to fix 2.3 when main repo changes 2024-04-04 08:48:44 -04:00
Jason Ertel c75c411426 Merge pull request #12749 from Security-Onion-Solutions/jertel/ana 
Clarify annotation description re: Airgap
 2024-04-04 07:53:18 -04:00
Jason Ertel a7fab380b4 clarify telemetry annotation 2024-04-04 07:51:23 -04:00
Jason Ertel a9517e1291 clarify telemetry annotation 2024-04-04 07:49:30 -04:00
DefensiveDepth 1d221a574b Exclude Elastalert EQL errors 2024-04-04 06:48:25 -04:00
DefensiveDepth f66cca96ce YARA casing 2024-04-03 16:17:29 -04:00
Mike Reeves 12da7db22c Attempt to fix 2.3 when main repo changes 2024-04-03 15:38:23 -04:00
Mike Reeves 9c59f42c16 Attempt to fix 2.3 when main repo changes 2024-04-03 15:23:09 -04:00
Mike Reeves 9db9af27ae Attempt to fix 2.3 when main repo changes 2024-04-03 15:14:50 -04:00
Corey Ogburn 0f50a265cf Update SOC Config with State File Paths 
Each detection engine is getting a state file to help manage the timer over restarts. By default, the files will go in soc's config folder inside a fingerprints folder.
 2024-04-03 13:12:18 -06:00
Jason Ertel 3e05c04aa1 Merge pull request #12731 from Security-Onion-Solutions/jertel/ana 
SOC Telemetry
 2024-04-03 14:51:41 -04:00
Jason Ertel 8f8896c505 fix link 2024-04-03 14:45:39 -04:00
Jason Ertel 941a841da0 fix link 2024-04-03 14:41:57 -04:00
Jason Ertel 2b8a051525 fix link 2024-04-03 14:30:09 -04:00