securityonion

mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-06 17:22:49 +01:00

Author	SHA1	Message	Date
Wes Lambert	86e228b200	Add .template extension for future-proofing config files	2022-03-08 16:58:37 +00:00
Wes Lambert	a6fd1023b4	Fix criteria for successful execution	2022-03-08 16:57:26 +00:00
Wes Lambert	3f31f7fd41	Add .template extension to fix script behavior and not modify watched file	2022-03-08 16:43:43 +00:00
Wes Lambert	28554164cd	Remove drop file when securitySolution saved objects change	2022-03-08 14:39:23 +00:00
Wes Lambert	14dddd8649	Remove drop file when config saved objects change	2022-03-08 14:37:15 +00:00
Wes Lambert	c0f49f6fb0	Remove drop file when dashbaord saved objects change	2022-03-08 14:35:04 +00:00
Wes Lambert	d10d4acf9f	Modify Kibana config load script to drop file if successfully executed	2022-03-08 14:33:15 +00:00
Doug Burks	da8e885ede	Merge pull request #7451 from Security-Onion-Solutions/fix/docker-apparmor Update init.sls to avoid telegraf apparmor issues	2022-03-07 17:06:42 -05:00
Doug Burks	104de2a3c9	Update init.sls to avoid telegraf apparmor issues See #2560	2022-03-07 16:11:22 -05:00
Mike Reeves	fb59421f5b	Merge pull request #7446 from Security-Onion-Solutions/fixpipelineload Only load pipelines on change	2022-03-07 15:17:32 -05:00
weslambert	e2bda255cc	Merge pull request #7447 from Security-Onion-Solutions/fix/es_templates_soup Remove old Elasticsearch index templates during SOUP	2022-03-07 15:10:44 -05:00
Mike Reeves	4eb37fd5a9	Update init.sls	2022-03-07 15:09:36 -05:00
Wes Lambert	fa9be58b23	Specify index templates	2022-03-07 20:04:23 +00:00
Wes Lambert	647b316a96	Remove old ES index templates Signed-off-by: Wes Lambert <wlambertts@gmail.com>	2022-03-07 20:02:45 +00:00
Mike Reeves	d33db6fb23	Only load pipelines on change	2022-03-07 14:25:46 -05:00
weslambert	eac120f4c2	Merge pull request #7444 from Security-Onion-Solutions/fix/dtc_client_override Add DTC client mappings	2022-03-07 13:38:19 -05:00
Wes Lambert	c549b20221	Add DTC client mappings	2022-03-07 18:36:26 +00:00
Mike Reeves	e6132be4e6	Merge pull request #7443 from Security-Onion-Solutions/fixtemplates Only load templates on change	2022-03-07 10:42:51 -05:00
Mike Reeves	c67604590d	Only load templates on change	2022-03-07 09:52:18 -05:00
weslambert	5600b55f05	Merge pull request #7427 from Security-Onion-Solutions/fix/syslog_kibana_viz Replace syslog facility and severity with label fields in Kibana syslog dashboard	2022-03-07 08:14:35 -05:00
Doug Burks	a59779905f	Merge pull request #7437 from Security-Onion-Solutions/dougburks-patch-1 fix typo	2022-03-07 08:05:07 -05:00
Doug Burks	848a5c6350	fix typo	2022-03-07 08:03:41 -05:00
Wes Lambert	33ba45472f	Replace syslog facility and severity with label fields	2022-03-04 21:40:41 +00:00
weslambert	ee4035f022	Merge pull request #7426 from Security-Onion-Solutions/fix/syslog_zeek Change to label fields for syslog facility and severity	2022-03-04 16:31:45 -05:00
weslambert	f71ccadb8a	Change to label fields for Zeek syslog	2022-03-04 16:29:55 -05:00
weslambert	fc3273fa49	Change to label fields to comply with what's defined in Filebeat template	2022-03-04 16:29:01 -05:00
weslambert	3148fa0e06	Merge pull request #7422 from Security-Onion-Solutions/fix/syslog_dot_keyword .keyword additions and increase max_clause_count	2022-03-04 15:32:29 -05:00
weslambert	254cf53c2f	Increase clause count to 3500	2022-03-04 10:36:37 -05:00
Wes Lambert	ffae22beef	Add DTC syslog mappings for .keyword and add refs to defaults.yml	2022-03-04 13:04:11 +00:00
weslambert	93c2f82345	Merge pull request #7413 from Security-Onion-Solutions/fix/add_keyword_subfield Add .keyword subfield for more mappings	2022-03-03 10:42:38 -05:00
Wes Lambert	1f71816ad7	Add keyword subfield for DTC winlog mappings	2022-03-03 14:54:30 +00:00
Wes Lambert	1c086e36da	Add missing comma for file mappings	2022-03-03 13:49:54 +00:00
Wes Lambert	aa8d24b6cd	Add DTC destination, source, and winlog mapping references to templates in defaults file	2022-03-03 13:42:20 +00:00
Wes Lambert	85979cbce8	Add file, process, and winlog mapping changes	2022-03-03 13:37:27 +00:00
Wes Lambert	8f97f09c9c	Additional .keyword changes for host.hostname client.address, and event.action	2022-03-02 21:54:46 +00:00
Wes Lambert	3ee46e4c29	Add .keyword for destination/source geo.country_name	2022-03-02 21:50:03 +00:00
weslambert	a21060306c	Merge pull request #7404 from Security-Onion-Solutions/fix/field_limit_adjustment Adjust field limit for now due to component template errors	2022-03-02 11:41:35 -05:00
Wes Lambert	c5b16fdf3b	Adjust field limit for now	2022-03-02 16:33:39 +00:00
weslambert	b80e82aaf6	Merge pull request #7396 from Security-Onion-Solutions/fix/dot_security Revert back to usage of .security field	2022-03-02 10:42:29 -05:00
Josh Brower	2ba72791aa	Remove sigma regen cron	2022-03-02 10:31:15 -05:00
Wes Lambert	ab9b81ea39	Change match_only_text to text for mac in host mappings	2022-03-02 15:01:05 +00:00
Wes Lambert	ed620b93b7	Add custom analyzer definition to all SO/DTC mappings	2022-03-02 14:43:19 +00:00
Wes Lambert	27c8eaa630	Update all other mappings for .security where applicable	2022-03-02 14:39:23 +00:00
Wes Lambert	e925d435ff	Update event, file, and host mappings to include .security	2022-03-02 14:33:52 +00:00
Wes Lambert	496b161253	Update ECS mappings to include .security	2022-03-02 14:27:36 +00:00
Wes Lambert	aae2fd1fbb	Update DNS mappings to include .security	2022-03-02 14:27:15 +00:00
Wes Lambert	0b45cf7ae1	Update base mappings to include .security	2022-03-02 14:25:57 +00:00
Wes Lambert	d89af5f04f	Update agent mappings to include .security	2022-03-02 14:25:14 +00:00
Wes Lambert	2d2ec45029	Modify base ECS mappings to include .security where possible, as well as custom analyzer definition	2022-03-02 14:19:36 +00:00
weslambert	93386f4620	Merge pull request #7389 from Security-Onion-Solutions/fix/revert_text Fix/revert text	2022-03-02 09:17:46 -05:00

1 2 3 4 5 ...

9730 Commits