CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-07 17:52:46 +01:00
Code Issues Packages Projects Releases Wiki Activity
14,812 Commits 24 Branches 119 Tags
84abfa688181c0eb878e26c7e87cdce79861825c
Commit Graph

131 Commits

Author SHA1 Message Date
Josh Brower
5a72c558cb Tag at top level 2023-07-11 08:35:47 -04:00
Josh Brower
a6e907f76c Tag Playbook Alerts 2023-07-11 08:03:15 -04:00
weslambert
96b60fa39a Restore original URL syntax, but use data stream 2023-06-06 20:53:05 -04:00
weslambert
f172a74fbc Remove EQL setting 2023-06-06 20:51:29 -04:00
weslambert
c4be56ec7b Update host syntax 2023-06-06 20:51:03 -04:00
Wes
905bc564fc Change data stream name 2023-06-05 21:18:47 +00:00
Wes
f6f387428f Update Playbook alerter to write to a data stream 2023-06-05 21:17:10 +00:00
Mike Reeves
cace817c79 Merge branch '2.4/dev' of https://github.com/Security-Onion-Solutions/securityonion into airgaps 2023-05-24 08:43:03 -04:00
weslambert
00bd93c026 Update 'url' to use 'es_hosts' 2023-05-19 17:14:13 -04:00
weslambert
1ddf45bbbe Change Elastalert writeback index name from 'elastalert_status' to 'elastalert' 2023-05-19 12:39:27 -04:00
Mike Reeves
5315c51197 Allow additional docker parameters 2023-05-18 16:52:38 -04:00
Mike Reeves
c0dc05f26a Allow additional docker parameters 2023-05-18 16:39:42 -04:00
Mike Reeves
0fd9fb9294 Allow additional docker parameters 2023-05-18 15:19:09 -04:00
Wes
d3c7ea4805 Add EQL option 2023-05-18 16:55:26 +00:00
Wes
82c3d78672 Change Elasticsearch host syntax 2023-05-18 16:52:27 +00:00
m0duspwnens
9049f9cf03 enabled/disable elastalert via web ui 2023-05-08 15:56:26 -04:00
Mike Reeves
7595072e85 Fix some files 2023-05-02 12:15:05 -04:00
Mike Reeves
2d4f4791e0 Move files out of common 2023-05-01 15:21:31 -04:00
Mike Reeves
3d7f2bc691 Fix annotations and file locations 2023-04-27 13:23:53 -04:00
Mike Reeves
148b0b1c4c use hostnames please 2023-02-23 11:11:29 -05:00
Mike Reeves
95f254dc63 Change elastalert ip 2023-02-23 09:37:20 -05:00
Mike Reeves
dc2fed5b04 Change elastalert ip 2023-02-23 09:34:16 -05:00
Mike Reeves
0ec0983d7b Chane Elastalert to use hosntame 2023-02-23 08:57:30 -05:00
m0duspwnens
a37f0fd0c0 rename sosbridge to sobridge 2023-02-03 10:07:07 -05:00
m0duspwnens
ac157432de include docker 2023-01-09 14:58:36 -05:00
m0duspwnens
ec5c565cec put elastalert on sosbridge 2023-01-09 14:49:33 -05:00
m0duspwnens
b526532ab6 use global vars in states 2022-10-11 11:57:15 -04:00
doug
fee5a7bea9 initial quick OCD pass 2022-09-23 16:29:55 -04:00
Mike Reeves
85339d7cb1 Add helpLinks to everything 2022-09-20 15:43:34 -04:00
Mike Reeves
064b64f68a Add Grafana annotation 2022-09-13 14:00:04 -04:00
Mike Reeves
de047cea8e Add Grafana annotation 2022-09-13 13:56:37 -04:00
Mike Reeves
3de4e56db9 Fix ES merge 2022-09-10 19:25:01 -04:00
Mike Reeves
037d5d1c46 Fix yaml for idh,es,kib,esalert 2022-09-09 15:55:51 -04:00
Mike Reeves
e2eaefab6e Fix yaml for idh,es,kib,esalert 2022-09-09 15:45:13 -04:00
Mike Reeves
74ef6c0ed0 Fix yaml for idh,es,kib,esalert 2022-09-09 15:30:28 -04:00
Mike Reeves
2bd9dd80e2 Move In Day 2022-09-07 09:06:25 -04:00
m0duspwnens
7d7cf42d9a use onlyif requisite instead 2022-07-13 15:21:34 -04:00
m0duspwnens
086cf3996d do not start elastalert if elasticsearch is not v8 2022-07-13 11:21:27 -04:00
Jason Ertel
eefcc929c2 Update copyright pattern to match other repos 2022-01-24 10:09:23 -05:00
m0duspwnens
7ebba1f325 use show_changes: False to prevent es pw from being shown when running the state 2022-01-19 12:11:38 -05:00
m0duspwnens
4d078046d6 quote ES_PASS due to new characters in random string for elasticsearch:auth pw generation 2022-01-19 11:55:25 -05:00
m0duspwnens
f93c6146f5 docker binds requires 2021-10-21 15:24:55 -04:00
Jason Ertel
d0592c4293 Update ElastAlert to use ElastAlert 2 2021-09-28 00:51:29 -04:00
Josh Brower
591ef540a6 esalerter ES creds fix 2021-06-21 10:50:09 -04:00
Jason Ertel
059b016c62 Fix require statement 2021-06-16 21:48:31 -04:00
Jason Ertel
2d34208269 Elastic auth: Fun with Salt 2021-06-16 17:52:22 -04:00
Jason Ertel
dd14235e31 Accept either 200 or 401 instead of wasting 3 minutes waiting for this to timeout 2021-06-16 11:39:21 -04:00
Jason Ertel
09fbb045a1 If ES auth disabled ensure user/pass are blank 2021-06-16 09:59:57 -04:00
Jason Ertel
dd8eb29a18 Continue merge of ECS into Elastic Auth 2021-06-15 09:11:58 -04:00
Jason Ertel
62187807f0 Specify elastic creds for playbook alert templates 2021-06-14 14:08:14 -04:00