CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-06 09:12:45 +01:00
Code Issues Packages Projects Releases Wiki Activity
11,156 Commits 24 Branches 119 Tags
8051fc70eba77529b9fba1ae60a16dab0fa488e4
Commit Graph

11156 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Wes
8051fc70eb Temporarily disable the loading of the RITA package policy 2023-01-26 16:03:59 +00:00
Wes
a9a119f1ab Add Elasticsearch output to 'so-elastic-fleet-setup' for Import Mode 2023-01-26 16:02:27 +00:00
Wes
6a803dfe35 Add Elastic Fleet to top file configuration for Import Mode 2023-01-26 16:01:03 +00:00
Wes
1fb6cf7bfe Add Elastic Fleet to allowed states for Import Mode 2023-01-26 15:59:49 +00:00
weslambert
211b87e7ae Merge pull request #9644 from Security-Onion-Solutions/revert-9640-fix/elastic_agent_import_mode 
Revert "Elastic Agent and Fleet - Import Mode"
 2023-01-25 17:23:27 -05:00
weslambert
6ee66a34bc Revert "Elastic Agent and Fleet - Import Mode" 2023-01-25 17:12:03 -05:00
weslambert
6785e0ec9e Merge pull request #9640 from Security-Onion-Solutions/fix/elastic_agent_import_mode 
Elastic Agent and Fleet - Import Mode
 2023-01-25 17:01:33 -05:00
weslambert
c73cd78f08 Merge pull request #9643 from Security-Onion-Solutions/2.4/dev 
Merge Dev
 2023-01-25 16:59:47 -05:00
Wes
5c58cda872 Move certificate configuration outside of conditional logic 2023-01-25 19:29:50 +00:00
Mike Reeves
31f591a098 Merge pull request #9635 from Security-Onion-Solutions/mkr24 
Ubuntu support changes
 2023-01-25 13:34:44 -05:00
Wes
c3717dae67 Add Elastic Fleet firewall configuration for Import Mode 2023-01-25 18:27:00 +00:00
Mike Reeves
498301b111 Salt for Ubuntu 2023-01-25 12:00:19 -05:00
Mike Reeves
704d99e757 Salt for Ubuntu 2023-01-25 11:50:19 -05:00
Mike Reeves
9243b01cbb Salt for Ubuntu 2023-01-25 11:44:22 -05:00
Jason Ertel
c9f18891b2 Merge pull request #9639 from Security-Onion-Solutions/kilo 
auto extract source/dest IP on case related event attachments; improve so-verify stream to console
 2023-01-25 11:37:16 -05:00
Wes
86a925e1c7 Download Elastic Agent images for Import Mode 2023-01-25 16:09:12 +00:00
Jason Ertel
31d7e05c45 refactor so-verify to ensure output streams to console 2023-01-25 10:59:50 -05:00
Wes
838beabae5 Add missing single quote for Elastic Agent Elasticsearch output 2023-01-25 15:58:06 +00:00
Wes
c46b5e734b Add 'elastic-fleet' to the list of allowed states for Import Mode 2023-01-25 14:38:23 +00:00
Wes
1414b75e01 Allow 'elastic-fleet' state to be applied for Import Mode 2023-01-25 14:07:25 +00:00
Wes
506baa854d Configure Elasticsearch output if running Import Mode 2023-01-25 13:52:54 +00:00
weslambert
4868bd8f5e Merge pull request #9638 from Security-Onion-Solutions/fix/elastic_agent_integration_kratos_data_stream_rename 
Rename Kratos Data Stream
 2023-01-25 08:45:37 -05:00
weslambert
c9f458e1e2 Set event.dataset for all Kratos logs to 'access' for now 2023-01-25 08:19:50 -05:00
weslambert
7bf9d77962 Rename Kratos data stream 2023-01-25 08:18:21 -05:00
Mike Reeves
161881efbb Salt for Ubuntu 2023-01-24 16:25:26 -05:00
Mike Reeves
d5f8ea8661 Salt for Ubuntu 2023-01-24 16:05:16 -05:00
Mike Reeves
53d6823ba7 Salt for Ubuntu 2023-01-24 16:00:03 -05:00
Mike Reeves
5a223981ca Salt for Ubuntu 2023-01-24 15:57:05 -05:00
Mike Reeves
177ddc1183 Salt for Ubuntu 2023-01-24 15:48:48 -05:00
Mike Reeves
20f7a77886 Salt for Ubuntu 2023-01-24 15:43:12 -05:00
Mike Reeves
b89e7efeea Salt for Ubuntu 2023-01-24 15:30:46 -05:00
weslambert
3f9764d22d Merge pull request #9633 from Security-Onion-Solutions/fix/elastic_agent_more_improvements 
More Elastic Agent Integration Improvements
 2023-01-24 15:16:52 -05:00
Mike Reeves
a048034f16 Salt for Ubuntu 2023-01-24 13:38:39 -05:00
Jason Ertel
7b1f867ac3 Add defaults for auto extracted observables 2023-01-24 13:17:50 -05:00
Wes
4b9c92c53d Set RITA event.dataset value explicitly 2023-01-24 18:00:34 +00:00
Wes
38ead7cb82 Remove import tag for now 2023-01-24 17:58:19 +00:00
Wes
44d149b1c3 Allow imported data to use a tag of 'import' 2023-01-24 17:01:52 +00:00
Wes
1e5377c78a Condense RITA integration policies, add ICS tags, and improve output readability 2023-01-24 16:56:20 +00:00
Jason Ertel
b0709e93fa test workflow 2023-01-24 10:50:52 -05:00
Jason Ertel
fd7d51a59b Merge pull request #9630 from Security-Onion-Solutions/kilo 
Kilo
 2023-01-24 10:45:12 -05:00
Jason Ertel
0dc5e7e714 try paths with wildcard 2023-01-24 10:38:59 -05:00
Jason Ertel
62b96c3698 rework filter for action 2023-01-24 10:31:02 -05:00
Jason Ertel
ec2e923530 Add proper spacing between headers and content 2023-01-24 10:28:39 -05:00
Jason Ertel
2bffd9b473 Merge pull request #9628 from Security-Onion-Solutions/kilo 
try paths filter on both even though docs only mention support for push
 2023-01-24 10:27:30 -05:00
Jason Ertel
cfc232eafa try paths filter on both even though docs only mention support for push 2023-01-24 10:23:42 -05:00
weslambert
7e0e5071d9 Merge pull request #9627 from Security-Onion-Solutions/fix/elastic_agent_integration_improvements 
Elastic Agent Integration Improvements
 2023-01-24 10:10:01 -05:00
Mike Reeves
2da30f42d4 Check for Ubuntu 2023-01-24 10:07:32 -05:00
Wes
7b4d8a47f0 Add copyright header to 'so-elastic-fleet-*' scripts 2023-01-24 15:07:00 +00:00
Josh Patterson
095ca29aca Merge pull request #9626 from Security-Onion-Solutions/2.4/firewall 
change MASTER to MANAGER in so-minion
 2023-01-24 09:46:17 -05:00
Wes
f19cf75311 Change how event.dataset is determined for Suricata events 2023-01-24 14:45:00 +00:00