CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-10 03:02:58 +01:00
Code Issues Packages Projects Releases Wiki Activity
12,063 Commits 26 Branches 119 Tags
8b95edd91a2d4da6816a47757b51c27b57ced6aa
Commit Graph

30 Commits

Author SHA1 Message Date
Mike Reeves
5fc297b8c1 Change Elastic Logic 2023-03-21 16:52:08 -04:00
doug
fdffac83e1 sysmon fix by bryant 2022-09-19 14:47:45 -04:00
Wes Lambert
fe1b72655b Additional .keyword shims for process mappings 2022-03-24 16:45:06 +00:00
weslambert
406267a892 Add process.name.keyword 2022-03-08 12:42:34 -05:00
Wes Lambert
ffae22beef Add DTC syslog mappings for .keyword and add refs to defaults.yml 2022-03-04 13:04:11 +00:00
Wes Lambert
1f71816ad7 Add keyword subfield for DTC winlog mappings 2022-03-03 14:54:30 +00:00
Wes Lambert
1c086e36da Add missing comma for file mappings 2022-03-03 13:49:54 +00:00
Wes Lambert
85979cbce8 Add file, process, and winlog mapping changes 2022-03-03 13:37:27 +00:00
Wes Lambert
8f97f09c9c Additional .keyword changes for host.hostname client.address, and event.action 2022-03-02 21:54:46 +00:00
Wes Lambert
3ee46e4c29 Add .keyword for destination/source geo.country_name 2022-03-02 21:50:03 +00:00
Wes Lambert
ab9b81ea39 Change match_only_text to text for mac in host mappings 2022-03-02 15:01:05 +00:00
Wes Lambert
ed620b93b7 Add custom analyzer definition to all SO/DTC mappings 2022-03-02 14:43:19 +00:00
Wes Lambert
27c8eaa630 Update all other mappings for .security where applicable 2022-03-02 14:39:23 +00:00
Wes Lambert
e925d435ff Update event, file, and host mappings to include .security 2022-03-02 14:33:52 +00:00
Wes Lambert
496b161253 Update ECS mappings to include .security 2022-03-02 14:27:36 +00:00
Wes Lambert
aae2fd1fbb Update DNS mappings to include .security 2022-03-02 14:27:15 +00:00
Wes Lambert
0b45cf7ae1 Update base mappings to include .security 2022-03-02 14:25:57 +00:00
Wes Lambert
d89af5f04f Update agent mappings to include .security 2022-03-02 14:25:14 +00:00
Wes Lambert
5489b8559d Revert "Switch from .security to match_only_text" 
This reverts commit f7862af934.
 2022-03-01 18:44:00 +00:00
weslambert
e942d81433 Ensure correct formatting for source override 2022-02-25 19:14:58 -05:00
weslambert
a511fd33e9 Ensure correct formatting for destination override 2022-02-25 19:14:21 -05:00
Wes Lambert
a8bdff89ae Move files into SO component template directory 2022-02-25 18:00:16 +00:00
Wes Lambert
0f8a39002f Add .text subfield mappings for DTC where fields are defined 2022-02-24 19:39:52 +00:00
Wes Lambert
f7862af934 Switch from .security to match_only_text 2022-02-22 20:33:49 +00:00
Wes Lambert
9b841fd872 Add 'event.created' and 'event.ingested' keyword mapping 2022-02-08 21:34:32 +00:00
Wes Lambert
317f6471d8 Add additional scan and rule filset mappings 2022-02-04 19:05:09 +00:00
Wes Lambert
f3902cf77d Fix EG template and mappings 2022-02-04 16:00:16 +00:00
Wes Lambert
a3031b2b5c Additional DTC mapping changes 2022-02-04 15:38:51 +00:00
Wes Lambert
1ce386bb7f Add more DTC transition mappings 2022-02-03 17:33:05 +00:00
Wes Lambert
9db1510b0e Initial composable template configuration and base mappings 2022-02-02 02:08:31 +00:00