CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-25 10:23:20 +01:00
Code Issues Packages Projects Releases Wiki Activity
14,779 Commits 19 Branches 120 Tags
89cb8b79fdad0d1fdcb46c09bb4f6cd322cdeed7
Commit Graph

642 Commits

Author SHA1 Message Date
DefensiveDepth
3c3ed8b5c5 Add runtime status logs 2024-04-24 16:33:47 -04:00
Jorge Reyes
d402943403 Merge pull request #12773 from Security-Onion-Solutions/reyesj2/kismet 
Kismet integration for WiFi devices
 2024-04-22 15:59:22 -04:00
DefensiveDepth
a237ef5d96 Update default queries 2024-04-19 16:33:35 -04:00
DefensiveDepth
ff28476191 Fix compile_yara path 2024-04-16 13:10:17 -04:00
DefensiveDepth
8cc4d2668e Move compile_yara 2024-04-16 12:52:14 -04:00
DefensiveDepth
dbfb178556 Add test 2024-04-16 12:22:53 -04:00
DefensiveDepth
f5e42e73af Add docs for ruleset change 2024-04-12 13:30:20 -04:00
DefensiveDepth
49ccd86c39 Fix fingerprint paths 2024-04-12 08:35:44 -04:00
reyesj2
55cf90f477 merge 2.4/dev 
Signed-off-by: reyesj2 <94730068+reyesj2@users.noreply.github.com>
 2024-04-11 14:44:59 -04:00
reyesj2
c269fb90ac Added a Kismet Wifi devices dashboard for an overview of kismet data 
Signed-off-by: reyesj2 <94730068+reyesj2@users.noreply.github.com>
 2024-04-11 14:41:54 -04:00
DefensiveDepth
1c5f02ade2 Update annotations 2024-04-11 09:21:08 -04:00
DefensiveDepth
ed97aa4e78 Enable Detections Adv by default 2024-04-11 08:21:20 -04:00
DefensiveDepth
376efab40c Ship Defender logs 2024-04-08 14:01:38 -04:00
Josh Brower
8e38c3763e Merge pull request #12756 from Security-Onion-Solutions/2.4/detections-defaults 
Use list not string
 2024-04-04 17:00:38 -04:00
DefensiveDepth
ca807bd6bd Use list not string 2024-04-04 16:58:39 -04:00
Josh Brower
f72cbd5f23 Merge pull request #12755 from Security-Onion-Solutions/2.4/detections-defaults 
2.4/detections defaults
 2024-04-04 11:33:59 -04:00
DefensiveDepth
49d5fa95a2 Detections tweaks 2024-04-04 11:26:44 -04:00
Doug Burks
d8ac3f1292 FEATURE: Add dashboards specific to Elastic Agent #12746 2024-04-04 09:30:05 -04:00
Doug Burks
5ec3b834fb FEATURE: Add Events table columns for event.module sigma #12743 2024-04-04 09:11:41 -04:00
Jason Ertel
a7fab380b4 clarify telemetry annotation 2024-04-04 07:51:23 -04:00
Jason Ertel
a9517e1291 clarify telemetry annotation 2024-04-04 07:49:30 -04:00
DefensiveDepth
f66cca96ce YARA casing 2024-04-03 16:17:29 -04:00
Corey Ogburn
0f50a265cf Update SOC Config with State File Paths 
Each detection engine is getting a state file to help manage the timer over restarts. By default, the files will go in soc's config folder inside a fingerprints folder.
 2024-04-03 13:12:18 -06:00
Jason Ertel
3e05c04aa1 Merge pull request #12731 from Security-Onion-Solutions/jertel/ana 
SOC Telemetry
 2024-04-03 14:51:41 -04:00
Doug Burks
9078b2bad2 FEATURE: Add Events table columns for event.module kratos #12740 2024-04-03 12:46:29 -04:00
Doug Burks
66844af1c2 FEATURE: Add dashboard for SOC Login Failures #12738 2024-04-03 11:54:53 -04:00
Josh Brower
fbdcc53fe0 Merge pull request #12732 from Security-Onion-Solutions/2.4/detections-defaults 
Feature - auto-enabled Sigma rules
 2024-04-03 09:01:09 -04:00
DefensiveDepth
a8f25150f6 Feature - auto-enabled Sigma rules 2024-04-03 08:21:50 -04:00
Doug Burks
2f03cbf115 FEATURE: Add Events table columns for event.module strelka #12716 2024-04-02 10:42:20 -04:00
Doug Burks
b2b54ccf60 FEATURE: Add Events table columns for event.module strelka #12716 2024-04-02 10:11:16 -04:00
Doug Burks
6c2437f8ef FEATURE: Add Events table columns for event.module playbook #12703 2024-04-02 09:55:56 -04:00
Doug Burks
505eeea66a Update defaults.yaml 2024-04-02 09:39:54 -04:00
DefensiveDepth
7f488422b0 Add default columns 2024-04-02 09:13:27 -04:00
Jason Ertel
9d2b40f366 Merge branch '2.4/dev' into jertel/ana 2024-04-01 09:50:38 -04:00
Jason Ertel
3aea2dec85 analytics 2024-04-01 09:50:18 -04:00
Corey Ogburn
e5a3a54aea Proper YAML 2024-03-29 14:31:43 -06:00
Doug Burks
b64ed5535e FEATURE: Add individual dashboards for Zeek SSL and Suricata SSL logs #12699 2024-03-29 15:29:38 -04:00
Doug Burks
5be56703e9 Merge pull request #12698 from Security-Onion-Solutions/dougburks-patch-1 
FEATURE: Add Events table columns for zeek ssl and suricata ssl #12697
 2024-03-29 14:46:39 -04:00
Doug Burks
0c7ba62867 FEATURE: Add Events table columns for zeek ssl and suricata ssl #12697 2024-03-29 14:44:29 -04:00
Corey Ogburn
e747a4e3fe New Settings for Manual Sync in Detections 2024-03-29 12:25:03 -06:00
Doug Burks
102c3271d1 FEATURE: Add process.command_line to Process Info and Process Ancestry dashboards #12694 2024-03-29 12:04:47 -04:00
Doug Burks
e2caf4668e FEATURE: Add Events table columns for event.module elastic_agent #12666 2024-03-26 16:08:41 -04:00
Josh Brower
63a58efba4 Merge pull request #12656 from Security-Onion-Solutions/2.4/detections-fixes 
Add bindings for sigma repos
 2024-03-26 09:33:38 -04:00
DefensiveDepth
bbcd3116f7 Fixes 2024-03-26 09:31:46 -04:00
Josh Brower
9c12aa261e Merge pull request #12660 from Security-Onion-Solutions/kilo 
Initial cut to remove Playbook and deps
 2024-03-26 08:31:11 -04:00
DefensiveDepth
cc0f4847ba Casing and validation 2024-03-26 08:10:57 -04:00
DefensiveDepth
7c4ea8a58e Add Detections SOC Config 2024-03-26 07:39:39 -04:00
Doug Burks
20bd9a9701 FEATURE: Include additional groupby fields in Dashboards relating to sankey diagrams #12657 2024-03-26 07:39:24 -04:00
DefensiveDepth
94ee761207 Remove Playbook ref 2024-03-25 21:11:47 -04:00
DefensiveDepth
d7ecad4333 Initial cut to remove Playbook and deps 2024-03-25 19:42:31 -04:00