CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2026-04-25 22:17:49 +02:00
Code Issues Packages Projects Releases Wiki Activity
12,254 Commits 40 Branches 125 Tags
8995012c8035ed8adcd215d27af84391cb4af223
Commit Graph

7495 Commits

Author SHA1 Message Date
m0duspwnens 8995012c80 fix suricata sostatus 2023-05-24 09:52:07 -04:00
m0duspwnens 732d2aadf8 rename state to resolve conflicting / duplicate state ids 2023-05-24 08:58:43 -04:00
m0duspwnens e65214b097 Merge remote-tracking branch 'origin/2.4/dev' into issue/10229 2023-05-23 12:10:29 -04:00
m0duspwnens cc47f9a595 fix suricata thresholding 2023-05-23 11:16:32 -04:00
m0duspwnens eb633be437 enable/disable suricata in ui. assign threads properly 2023-05-22 17:48:22 -04:00
Jason Ertel f53fb69ffb Merge pull request #10407 from Security-Onion-Solutions/kilo 
Ignore Synchronize button clicks when an active salt job is running and another is already in queue
 2023-05-22 14:59:42 -04:00
Jason Ertel ba0ec18a33 Ignore Synchronize button clicks when an active salt job is running and another is already in queue 2023-05-22 14:52:07 -04:00
weslambert 79182cecfd Merge pull request #10397 from Security-Onion-Solutions/fix/elastic_exclude_zeek_reporter_log 
Exclude Zeek's reporter.log from being picked up by Elastic Agent
 2023-05-22 07:56:54 -04:00
weslambert 8cf82c4b6a Merge pull request #10398 from Security-Onion-Solutions/fix/elasticsearch_ingest_dns_query 
Check if 'dns.query' is null
 2023-05-22 07:56:44 -04:00
weslambert 78d4586033 Merge pull request #10399 from Security-Onion-Solutions/fix/elastalert_playbook_alerter 
Update 'url' to use 'es_hosts'
 2023-05-22 07:56:31 -04:00
Jason Ertel a881cab469 use the same requests version that's already packaged with the analyzer 2023-05-19 23:54:30 -04:00
weslambert 00bd93c026 Update 'url' to use 'es_hosts' 2023-05-19 17:14:13 -04:00
weslambert 2c10ad7eec Check if 'dns.query' is null 2023-05-19 15:50:33 -04:00
weslambert 167051af28 Exclude Zeek's reporter.log from being picked up by Elastic Agent 2023-05-19 15:44:09 -04:00
weslambert eb9c5e9af0 Merge pull request #10307 from Security-Onion-Solutions/fix/elastic_fleet_ignore_zeek_logs 
Don't read from 'known_hosts.log', 'known_services.log', or 'ntp.log'
 2023-05-19 15:09:15 -04:00
Jason Ertel 03f97b309a fix lib dependency issue with whoisit 2023-05-19 14:18:19 -04:00
weslambert 1ddf45bbbe Change Elastalert writeback index name from 'elastalert_status' to 'elastalert' 2023-05-19 12:39:27 -04:00
Doug Burks 87c42ece00 Update so-kibana-config-load 2023-05-19 12:21:09 -04:00
Doug Burks 4f8fcd3369 Update config_saved_objects.ndjson 2023-05-19 12:19:44 -04:00
Josh Patterson 0027385da9 Merge pull request #10389 from Security-Onion-Solutions/issue/10229 
enable playbook on eval in pillar during setup
 2023-05-18 17:38:05 -04:00
m0duspwnens 4ef77f9050 enable playbook on eval in pillar during setup 2023-05-18 17:34:59 -04:00
Wes d3c7ea4805 Add EQL option 2023-05-18 16:55:26 +00:00
Wes 82c3d78672 Change Elasticsearch host syntax 2023-05-18 16:52:27 +00:00
Josh Brower 97b68609bc Merge pull request #10381 from Security-Onion-Solutions/2.4/smallfixes 
2.4/ElasticFleetPunchList
 2023-05-18 09:04:30 -04:00
Josh Patterson 1d611e618f Merge pull request #10383 from Security-Onion-Solutions/issue/10229 
remove conditional on cacertz and capemz
 2023-05-18 08:45:41 -04:00
m0duspwnens f4b8d385ee remove conditional on cacertz and capemz 2023-05-18 08:36:24 -04:00
Jason Ertel 4930ae4ba6 add missing var for local dev 2023-05-17 18:14:21 -04:00
Josh Brower d11479ec5f Merge remote-tracking branch 'remotes/origin/2.4/dev' into 2.4/smallfixes 2023-05-17 16:11:46 -04:00
Josh Brower 901e3c4a20 Set Fleet Host timeouts to 120 seconds 2023-05-17 16:07:59 -04:00
m0duspwnens e15c14cc2e fix indent 2023-05-17 15:50:31 -04:00
m0duspwnens f7ddf57f39 move files out of config 2023-05-17 15:49:22 -04:00
Josh Brower 47e67fda46 Rework restart scripts for Elastic Fleet 2023-05-17 15:37:39 -04:00
Josh Brower 7d0251952c Filter out uneeded Logstash metadata 2023-05-17 11:06:16 -04:00
Josh Brower 5536f5a8c2 Add Fleet node to other roles 2023-05-17 09:32:20 -04:00
Josh Brower 24445cf36a Rename Fleet pipelines 2023-05-16 16:43:21 -04:00
m0duspwnens 77834c1e58 fix grep logic for so-elastic-fleet sostatus.sls 2023-05-16 15:05:14 -04:00
m0duspwnens 6aff526d9e Merge remote-tracking branch 'origin/2.4/dev' into salt3006.1 2023-05-16 13:08:28 -04:00
Josh Brower 000507c366 Update Integrations 2023-05-16 12:50:40 -04:00
m0duspwnens 2419fa43b6 cwd for catrustscript 2023-05-16 12:08:44 -04:00
m0duspwnens acc7619023 salt 3006.1 2023-05-16 12:04:02 -04:00
m0duspwnens b253cd45ca Merge remote-tracking branch 'origin/2.4/dev' into issue/10229 2023-05-16 09:22:48 -04:00
Mike Reeves fb298224fc Update defaults.yaml 2023-05-16 08:17:50 -04:00
Josh Brower 1feed47185 Merge pull request #10360 from Security-Onion-Solutions/2.4/retry 
2.4/retry
 2023-05-16 08:15:42 -04:00
Josh Brower 923de356e1 Fix typos 2023-05-16 08:06:31 -04:00
Josh Brower 9f879164ec Fix broken loop 2023-05-16 06:45:17 -04:00
m0duspwnens a0e08e4f41 enable elasticfleet via pillar, fix sostatus for elasticfleet 2023-05-15 17:41:09 -04:00
m0duspwnens 2813d67670 import GLOBALS 2023-05-15 16:47:33 -04:00
m0duspwnens c49b134122 move so-catrust 2023-05-15 16:43:47 -04:00
Josh Brower 40de01e8c4 Temp fix 2023-05-15 15:56:21 -04:00
Mike Reeves 214117e0e0 Fix verify so copying sigma rules isnt fail 2023-05-15 15:33:32 -04:00