CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2026-04-25 14:07:49 +02:00
Code Issues Packages Projects Releases Wiki Activity
16,502 Commits 40 Branches 125 Tags
832d66052e92d9de36a3494bc486dc8e7bdc5c99
Commit Graph

16502 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Jason Ertel 832d66052e upgrade registry to 3.0.0 2025-06-04 09:13:54 -04:00
coreyogburn add538f6dd Merge pull request #14700 from Security-Onion-Solutions/cogburn/new-playbooks-repo 
Updated Playbook Repo Config
 2025-06-03 14:21:23 -06:00
Corey Ogburn fc9107f129 Updated Playbook Repo Config 
The repo and folder have changed. We're splitting out playbooks into their own repo: github.com/security-onion-solutions/securityonion-resources-playbooks.
 2025-06-03 13:33:30 -06:00
Jorge Reyes d9790b04f6 Merge pull request #14676 from Security-Onion-Solutions/reyesj2/fixsystemtime 
fix system integration time overwrite and delete unused ingest pipeline
 2025-06-03 14:01:42 -05:00
Jorge Reyes 88fa04b0f6 Merge pull request #14698 from Security-Onion-Solutions/reyesj2/esidxinfo 
add so-elasticsearch-index-growth
 2025-06-03 09:37:54 -05:00
reyesj2 d240fca721 remove usage of temp file 2025-06-03 08:45:04 -05:00
reyesj2 4d6171bde6 rename script 
Signed-off-by: reyesj2 <94730068+reyesj2@users.noreply.github.com>
 2025-06-03 07:32:12 -05:00
reyesj2 6238a5b3ed tighten up search timeframe 2025-06-02 16:31:26 -05:00
reyesj2 061600fa7a shebang line 2025-06-02 15:55:46 -05:00
reyesj2 1b89cc6818 so-elasticsearch-index-growth script 2025-06-02 15:41:03 -05:00
Josh Brower 7f8bf850a2 Merge pull request #14697 from Security-Onion-Solutions/2.4/playbook-updates 
Use Stable branch
 2025-06-02 13:13:43 -04:00
Josh Brower 0277891392 Use Stable branch 2025-06-02 13:10:13 -04:00
Doug Burks 773606d876 Merge pull request #14691 from Security-Onion-Solutions/dougburks-patch-1 
add echo to end of so-elasticsearch-ilm-start and so-elasticsearch-ilm-stop
 2025-05-30 12:03:32 -04:00
Doug Burks bf38055a6c add echo to end of so-elasticsearch-ilm-stop 2025-05-30 11:41:50 -04:00
Doug Burks 90b8d6b2f7 add echo to end of so-elasticsearch-ilm-start 2025-05-30 11:41:11 -04:00
Doug Burks 2d78fa1a41 Merge pull request #14689 from Security-Onion-Solutions/dougburks-patch-1 
FIX: so-elasticsearch-ilm-start needs shebang #14688
 2025-05-30 09:58:18 -04:00
Doug Burks 45d541d4f2 FIX: so-elasticsearch-ilm-start needs shebang #14688 2025-05-30 09:55:53 -04:00
Doug Burks 8d42739030 Merge pull request #14687 from Security-Onion-Solutions/dougburks-patch-1 
FIX: so-suricata-testrule should disable pcap logging #14685
 2025-05-30 09:26:37 -04:00
Doug Burks 27358137f2 FIX: so-suricata-testrule should disable pcap logging #14685 2025-05-30 09:24:41 -04:00
Doug Burks a54b9ddbe4 Merge pull request #14683 from Security-Onion-Solutions/dougburks-patch-1 
FIX: Improve annotation for Elasticsearch index deletion #14682
 2025-05-29 15:26:35 -04:00
Doug Burks 58936b31d5 FIX: Improve annotation for Elasticsearch index deletion #14682 2025-05-29 15:19:21 -04:00
reyesj2 fcdacc3b0d fix system integration time overwrite and delete unused ingest pipeline 2025-05-29 12:21:28 -05:00
Jorge Reyes 9df9cc2247 Merge pull request #14668 from Security-Onion-Solutions/reyesj2-patch-1 
use zeek network.community_id when available
 2025-05-28 12:15:18 -05:00
Jorge Reyes d3ee5ed7b8 use zeek network.community_id when available 2025-05-28 09:20:41 -05:00
Jason Ertel db08ac9022 Merge pull request #14651 from Security-Onion-Solutions/jertel/mhf 
Backport Hotfix to dev
 2025-05-22 13:44:36 -04:00
Jason Ertel ad5a27f991 clear out hf 2025-05-22 13:39:59 -04:00
Mike Reeves 07ec302267 Merge pull request #14650 from Security-Onion-Solutions/hotfix/2.4.150 
Hotfix 2.4.150
2.4.150-20250522 		2025-05-22 13:35:33 -04:00
Mike Reeves 112704e340 Merge pull request #14649 from Security-Onion-Solutions/hf24150 
2.4.150 Hotfix
 2025-05-22 13:25:50 -04:00
Mike Reeves e6753440f8 2.4.150 Hotfix 2025-05-22 13:18:13 -04:00
Mike Reeves 00f811ce31 Merge pull request #14646 from Security-Onion-Solutions/hotfix4150 
Update HOTFIX
 2025-05-21 14:38:00 -04:00
Mike Reeves ddd023c69a Update so-docker-prune 2025-05-21 13:47:45 -04:00
Mike Reeves 2911025c0c Update HOTFIX 2025-05-21 13:45:32 -04:00
Josh Brower 2e8ab648fd Merge pull request #14643 from Security-Onion-Solutions/2.4/parsingfix 
Tighten parsing
 2025-05-21 12:08:10 -04:00
Josh Brower b753d40861 Tighten parsing 2025-05-20 17:06:11 -04:00
Josh Brower 2fff6232c1 Merge pull request #14638 from Security-Onion-Solutions/2.4/playbooks-parsing 
Add parsing for Playbook
 2025-05-19 18:06:05 -04:00
coreyogburn f751c82e1c Merge pull request #14639 from Security-Onion-Solutions/cogburn/ruleset-name 
Add RulesetName to Rule Repos
 2025-05-19 15:40:02 -06:00
Corey Ogburn 39f74fe547 Use the new JSON object editor for RulesRepos config entries 2025-05-19 15:38:45 -06:00
Corey Ogburn 11fb33fdeb Add RulesetName to Rule Repos 
Fill in `rulesetName` in the rules repos of the ElastAlert and Strelka engines. These will act as an example to anybody adding their repos to these lists. The field is not required, but helps avoid collisions when managing repos as the value is used for the folder name. When not present, the final folder of the repo url is used as the rulesetName and as the folder name on disk.

Note that rulesetNames including a `/` will create extra folders in the path but the rulesetName will contain the slash, i.e. `rulesetName="joesecurity/sigma-rules"` will create the nested structure of `reposFolder/joesecurity/sigma-rules" containing the contents of the repo. All rules imported from this repo will have the ruleset of `joesecurity/sigma-rules`.
 2025-05-19 14:19:56 -06:00
Josh Brower 58f4db95ea Create playbooks dir 2025-05-19 15:31:50 -04:00
Josh Brower b55cb257b6 Add parsing for Playbook 2025-05-19 13:25:27 -04:00
Jorge Reyes 2948577b0e Merge pull request #14629 from Security-Onion-Solutions/reyesj2-wt2 
logstash isn't running on receivers or manager when kafka is the glob…
 2025-05-16 10:27:18 -05:00
reyesj2 870a9ff80c dedup 2025-05-16 10:24:09 -05:00
reyesj2 689db57f5f logstash isn't running on receivers or manager when kafka is the global.pipeline 2025-05-16 10:05:38 -05:00
coreyogburn 2768722132 Merge pull request #14623 from Security-Onion-Solutions/cogburn/playbooks 
Cogburn/playbooks
 2025-05-15 13:27:02 -06:00
Josh Brower df103b3dca Spacing 2025-05-14 16:36:59 -04:00
Josh Brower 0542c77137 Remove wip config 2025-05-14 16:35:09 -04:00
Josh Brower 9022dc24fb Add Parsing for Playbooks 2025-05-14 13:19:50 -06:00
Corey Ogburn 78b7068638 Playbook Settings 
Map a folder from the manager's soc config folder to soc's sensoroni folder for storing the playbook repo.

Added playbook module section with default values.
 2025-05-14 13:19:49 -06:00
Mike Reeves 70339b9a94 Merge pull request #14621 from Security-Onion-Solutions/TOoSmOotH-patch-1 
Update soup
 2025-05-14 13:48:53 -04:00
Mike Reeves 5c8460fd26 Update soup 2025-05-14 13:47:26 -04:00