CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-06 09:12:45 +01:00
Code Issues Packages Projects Releases Wiki Activity
10,345 Commits 24 Branches 119 Tags
8c694a7ca3f4b09f25f06e5d6eb2f2d3722bbf55
Commit Graph

30 Commits

Author SHA1 Message Date
weslambert
8c694a7ca3 Disable ingest.geoip.downloader by default 2022-08-03 09:21:40 -04:00
Wes Lambert
839cfcaefa Update Elasticsearch defaults file and config.map.jinja to allow for local GeoIP database use when airgap is enabled 2022-08-02 14:32:17 +00:00
Josh Brower
8e368bdebe Merge in upstream dev 2022-05-06 20:01:07 -04:00
weslambert
542db5b7f5 Update defaults.yaml 2022-04-21 17:24:24 -04:00
weslambert
7128b04636 Remove indices.query.bool.max_clause_count because it is dynamically allocated in Elastic 8 2022-03-17 21:20:41 -04:00
Wes Lambert
c549b20221 Add DTC client mappings 2022-03-07 18:36:26 +00:00
weslambert
254cf53c2f Increase clause count to 3500 2022-03-04 10:36:37 -05:00
Wes Lambert
ffae22beef Add DTC syslog mappings for .keyword and add refs to defaults.yml 2022-03-04 13:04:11 +00:00
Wes Lambert
aa8d24b6cd Add DTC destination, source, and winlog mapping references to templates in defaults file 2022-03-03 13:42:20 +00:00
Wes Lambert
c5b16fdf3b Adjust field limit for now 2022-03-02 16:33:39 +00:00
Wes Lambert
038dc49098 Temporarily increase field limit before trimming efforts 2022-03-01 15:06:28 +00:00
Wes Lambert
08097fe9ec Add Playbook override mappings 2022-02-25 17:58:51 +00:00
weslambert
6a0ecb9e9c Add IDH and Kratos index templates 2022-02-23 12:13:46 -05:00
weslambert
6ee3287d2d Update component -> index association for file/scan mappings for Strelka 2022-02-18 08:12:34 -05:00
weslambert
185ea2fd99 Fix indent for so-netflow component template references 2022-02-16 14:46:12 -05:00
weslambert
1a53ec4372 Fix malformed copy/paste 2022-02-15 11:14:10 -05:00
Wes Lambert
dce3b7a874 Update defaults file to include ES index templates 2022-02-15 15:53:07 +00:00
Wes Lambert
ebce67060f Initial template refactor 2022-02-14 15:20:33 +00:00
Wes Lambert
9db1510b0e Initial composable template configuration and base mappings 2022-02-02 02:08:31 +00:00
weslambert
900d12b556 Add logger stanza to suppress deprecation warning messages for now due to current system index access warning messages flooding the ES log 2022-01-06 10:35:50 -05:00
weslambert
c1a88977cf Disable fielddata for _id field by default (since it is deprecated and can be memory-intensive) 2022-01-05 15:23:52 -05:00
m0duspwnens
0d074dafd4 add missing defaults 2021-09-17 09:52:50 -04:00
m0duspwnens
5526a2bc3a reduce defaults.yaml 2021-09-16 15:32:08 -04:00
m0duspwnens
e3e2e1d851 logic for truecluster to map file 2021-09-15 13:09:04 -04:00
m0duspwnens
551dba955c set roles empty list 2021-09-15 09:20:33 -04:00
m0duspwnens
f8ab0ac8a9 config changes 2021-09-13 15:04:39 -04:00
m0duspwnens
0ae09cc630 config changes 2021-09-13 09:49:56 -04:00
m0duspwnens
f06ab8b77d testing defaults.yaml 2021-09-09 08:55:36 -04:00
m0duspwnens
fd1e632386 cleanup yaml 2021-08-25 12:08:43 -04:00
m0duspwnens
0681d29bb0 starting es pillarization 2021-08-25 10:23:06 -04:00