CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-25 18:33:37 +01:00
Code Issues Packages Projects Releases Wiki Activity
11,064 Commits 19 Branches 120 Tags
8c4e00cfbda823b7a4fe19ff03ee5da2bdfe80da
Commit Graph

45 Commits

Author SHA1 Message Date
Doug Burks
5754365c6d Improve default sysmon fields and add new network_connection fields 2023-01-04 07:42:24 -05:00
doug
4e5d1d587e update sysmon ingest parser and Sysmon File dashboard 2023-01-03 09:02:17 -05:00
Doug Burks
69415a0d8d Improve Strelka dashboard 2022-12-21 15:34:35 -05:00
Doug Burks
506556f0d2 Improve Firewall dashboard 2022-12-21 15:29:09 -05:00
Doug Burks
d7b2c88201 Improve Software dashboard 2022-12-21 15:24:58 -05:00
Doug Burks
4519c533a2 Improve Intel dashboard 2022-12-21 15:20:27 -05:00
Doug Burks
3a367d69f4 Improve FTP dashboard 2022-12-21 14:37:17 -05:00
Doug Burks
a4f1f75306 Improve NIDS Alerts dashboard 2022-12-21 14:33:01 -05:00
Doug Burks
3d1ce4ef10 Improve SOC dashboards 2022-12-21 13:26:04 -05:00
Jason Ertel
b37697e95d Switch license key to single line to avoid multiline/list conflicts 2022-12-16 12:50:22 -05:00
Jason Ertel
7853d972b6 Set default key to empty string to ensure new keys are type aligned correctly 2022-12-15 18:31:47 -05:00
Jason Ertel
f84ceca03e consolidate eventFields from hunt and dashbaords into a single setting 2022-12-15 14:22:23 -05:00
Doug Burks
e1d200e6ce Remove duplicate TDS dashboard from defaults.yaml 2022-12-11 14:39:08 -05:00
Doug Burks
72f71ba695 Fix TDS dashboard in defaults.yaml 2022-12-11 14:36:27 -05:00
Doug Burks
cb16bd36fb fix descriptions in defaults.yaml 2022-12-10 14:31:59 -05:00
Doug Burks
cf7d8076e9 remove old Wazuh Hunt queries in defaults.yaml 2022-12-10 14:21:58 -05:00
Doug Burks
cd664b2d39 remove old Modbus dashboard from defaults.yaml 2022-12-10 14:16:39 -05:00
Doug Burks
7f07a94a98 remove old DNP3 and Wazuh dashboards from defaults.yaml 2022-12-10 14:14:24 -05:00
Doug Burks
187ca4c453 Update soc defaults.yaml to include dnp3_control and dnp3_objects eventfields 2022-12-10 07:33:09 -05:00
weslambert
a626acced0 Add new ICS/SCADA event fields to the dashboards section of the configuration and remove extra space in key names. 2022-12-06 13:11:55 -05:00
Wes
1b5c1fecd4 Revert SOC default 'alerts' event fields and specify additional event fields for ICS/SCADA events 2022-12-06 17:28:30 +00:00
Wes
b048eec3c0 Add STUN, TDS, WireGuard, and ICS/SCADA dashboard queries 2022-12-06 17:17:49 +00:00
Wes
f44eee134a Add default queries and ICS/SCADA queries 2022-12-06 16:52:20 +00:00
Jason Ertel
0ffef75d7b Move background jobs to cron 2022-11-17 09:50:41 -05:00
Doug Burks
f6151b3895 Remove destination_geo.organization_name from Sysmon Network sankey diagram 2022-10-13 09:03:10 -04:00
doug
d65fde9536 improve sysmon dashboards 2022-10-07 12:23:40 -04:00
Jason Ertel
30a23a4cd0 Add SOC annotations 2022-09-30 15:00:08 -04:00
Jason Ertel
e519548557 add logLevel default and annotation for quick access to enabling debug logs 2022-09-27 16:55:28 -04:00
m0duspwnens
42b03ca6df add missing soc things 2022-09-27 09:53:48 -04:00
Doug Burks
0137004344 Fix releaseNotesUrl in defaults.yaml 2022-09-20 15:16:53 -04:00
Doug Burks
df18f8f886 Merge pull request #8779 from Security-Onion-Solutions/2.4/dev 
2.4/dev
 2022-09-20 13:32:54 +00:00
Josh Brower
120fdef173 Hunt Query - Elastic Agent Live Osquery Logs 2022-09-20 08:27:47 -04:00
Josh Brower
3eb4adc5c3 Hunt Query - Elastic Agent Live Osquery Logs 2022-09-19 20:12:47 -04:00
Josh Brower
b38804840d Merge pull request #8772 from Security-Onion-Solutions/2.4/grafana-ids 
Grafana SOC Redirect
 2022-09-19 16:02:41 -04:00
Josh Brower
80919827c6 Fixup index patterns 2022-09-19 15:55:23 -04:00
Josh Patterson
0367365225 Merge pull request #8773 from Security-Onion-Solutions/fix/soc2.4 
fix some soc defaults
 2022-09-19 15:54:25 -04:00
m0duspwnens
30afc88322 fix some soc defaults 2022-09-19 15:51:29 -04:00
Josh Brower
ea7979cfdd Add Elastic Agent datastreams to SOC index 2022-09-19 15:33:15 -04:00
doug
fdffac83e1 sysmon fix by bryant 2022-09-19 14:47:45 -04:00
Jason Ertel
d1eb7ef849 Always use local docs 2022-09-13 14:23:50 -04:00
Josh Brower
9f99939bda Add links to tools menu 2022-09-12 09:28:10 -04:00
m0duspwnens
0f2e9764ab add saltPipe 2022-09-09 14:39:20 -04:00
m0duspwnens
5ccc103083 fix soc dashboards and things 2022-09-09 14:31:04 -04:00
m0duspwnens
5bb001281b soc defaults changes - client child of server 2022-09-08 15:57:18 -04:00
Mike Reeves
2bd9dd80e2 Move In Day 2022-09-07 09:06:25 -04:00