CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-09 02:32:46 +01:00
Code Issues Packages Projects Releases Wiki Activity
9,182 Commits 25 Branches 119 Tags
8e2f500b9c5ffcd69c2047aeb43e5aa24748dd07
Commit Graph

5441 Commits

Author SHA1 Message Date
weslambert
8e2f500b9c Add config option for ECS compatibility (default of disabled) 2022-01-06 11:24:04 -05:00
weslambert
900d12b556 Add logger stanza to suppress deprecation warning messages for now due to current system index access warning messages flooding the ES log 2022-01-06 10:35:50 -05:00
Jason Ertel
8cf7ea8b87 Merge pull request #6772 from Security-Onion-Solutions/kilo 
Prevent PCAP action from showing up outside of hunt/alerts
 2022-01-05 19:15:02 -05:00
Josh Patterson
eaa6597cd7 Merge pull request #6773 from Security-Onion-Solutions/issue/6765 
Issue/6765
 2022-01-05 18:11:06 -05:00
Wes Lambert
1cafacfa51 Update saved objects to reflect removal of TheHive scripted field and replacement of PCAP pivot with Hunt pivot 2022-01-05 20:36:23 +00:00
weslambert
c1a88977cf Disable fielddata for _id field by default (since it is deprecated and can be memory-intensive) 2022-01-05 15:23:52 -05:00
m0duspwnens
0ff5e3cf6f require so-elasticsearch container to be running to run the scripts 2022-01-05 14:48:41 -05:00
Jason Ertel
4f8524e0ac Prevent PCAP action from showing up outside of hunt/alerts 2022-01-05 11:13:12 -05:00
weslambert
db43e21378 Fix indentation 2022-01-05 10:46:41 -05:00
weslambert
4d8b417fc9 Denote which branch is being used in SOUP if BRANCH is specified 2022-01-05 10:41:27 -05:00
Jason Ertel
89415b12ce Merge pull request #6762 from Security-Onion-Solutions/kilo 
Switch soc.json to use lowercase labels in default queries; Also enab…
 2022-01-05 09:59:39 -05:00
Jason Ertel
4bfdfffe21 Switch soc.json to use lowercase labels in default queries; Also enable the 'Add Case' feature 2022-01-05 09:54:13 -05:00
Josh Patterson
4247a3a816 Merge pull request #6730 from Security-Onion-Solutions/fix/ub1804ssl 
more detailed logging for the retry command
 2021-12-30 13:19:58 -05:00
m0duspwnens
cc2f6e23ca more detailed logging for the retry command 2021-12-30 13:09:29 -05:00
Josh Patterson
064355dfb5 Merge pull request #6729 from Security-Onion-Solutions/fix/ub1804ssl 
change exitCode to exitcode. set exitcode to 1 if failed output found
 2021-12-30 11:38:32 -05:00
m0duspwnens
d274615376 change exitCode to exitcode. set exitcode to 1 if failed output found 2021-12-30 10:45:30 -05:00
Josh Patterson
78eda75c0f Merge pull request #6725 from Security-Onion-Solutions/fix/ub1804ssl 
add option to look for failed outout in retry function in so-common. …
 2021-12-29 18:18:12 -05:00
m0duspwnens
200736a118 add option to look for failed outout in retry function in so-common. look for Err: when running soapt-get update in setup 2021-12-29 18:15:16 -05:00
Jason Ertel
1d136b611a Merge pull request #6723 from Security-Onion-Solutions/kilo 
Uniform presets
 2021-12-29 16:49:41 -05:00
Jason Ertel
e6051cb653 Switch all presets to lowercase for uniformity 2021-12-29 16:42:34 -05:00
Jason Ertel
74dbc4bf67 Merge pull request #6720 from Security-Onion-Solutions/kilo 
Add case template to eval install types; also improve clarity of case queries
 2021-12-29 11:41:06 -05:00
Jason Ertel
fb02d0d35c clarify case filters 2021-12-29 11:07:36 -05:00
Jason Ertel
d4f3615cae Merge pull request #6717 from Security-Onion-Solutions/kilo 
Support CCS in CM
 2021-12-29 09:12:13 -05:00
Jason Ertel
e5110ac4e8 Use CCS compatible index 2021-12-29 09:08:10 -05:00
Jason Ertel
e87cbc37a4 Add case template 2021-12-28 19:17:15 -05:00
Doug Burks
e56a9a5f22 Merge pull request #6711 from Security-Onion-Solutions/dougburks-patch-1 
fix typo in so-analyst-install
 2021-12-28 15:24:19 -05:00
Doug Burks
463925686d fix typo in so-analyst-install 2021-12-28 15:23:17 -05:00
m0duspwnens
2a5b4ef276 add mine function to signing_policies.conf. no longer need to check if mine in ca during manager install 2021-12-28 15:19:06 -05:00
m0duspwnens
487ac24306 revert back to getting ca from mine 2021-12-28 11:16:01 -05:00
m0duspwnens
2405de4b82 fix require 2021-12-28 11:00:35 -05:00
m0duspwnens
f2adcf4ca5 ensure /etc/pki is created and simplify ca logic for non manager in ssl state 2021-12-28 10:41:57 -05:00
Jason Ertel
5a4473ecd6 fix indent 2021-12-28 08:33:31 -05:00
Jason Ertel
f335670b3f Add new client-side param for cases 2021-12-27 21:53:30 -05:00
Jason Ertel
194e4119f0 Correct missing json vars 2021-12-27 20:36:28 -05:00
Jason Ertel
09626deb05 Correct var names for jinja 2021-12-27 18:01:15 -05:00
Jason Ertel
ae7a4b6528 More syntax corrections 2021-12-27 16:18:12 -05:00
Jason Ertel
0a255e5765 Resolve syntax error 2021-12-27 15:15:33 -05:00
Jason Ertel
789719d25e Correct preset file syntax 2021-12-27 13:21:13 -05:00
Jason Ertel
7140255d95 Add missing presets file 2021-12-27 12:27:04 -05:00
Jason Ertel
ab3319b472 Add artifact support 2021-12-27 10:49:10 -05:00
Jason Ertel
b0d36f2ed2 Ensure update timestamp is updated when changing passwords; this ensures the sync will automatically follow 2021-12-21 13:38:35 -05:00
Jason Ertel
62e5914ab8 Merge branch 'dev' into kilo 2021-12-21 13:37:37 -05:00
Jason Ertel
9aeaa1fccc resolved merge conflicts 2021-12-21 09:35:57 -05:00
Jason Ertel
2c9062efb7 resolved merge conflicts 2021-12-21 09:34:39 -05:00
Jason Ertel
35617acaeb Update cacerts to reflect new path; this changed due to ES 7.16.2 2021-12-20 12:12:00 -05:00
Jason Ertel
6f116a2d01 Switch to new Ubuntu SSL dir 2021-12-20 09:43:59 -05:00
Jason Ertel
d6c651af1c Remove old patch dir from previously-patched installations 2021-12-20 09:42:27 -05:00
Jason Ertel
b8fcec04b8 Remove patched jar due to upgrade of Elastic images to 7.16.2 2021-12-20 09:27:03 -05:00
Jason Ertel
6556a37869 Merge branch 'master' into patch/1.3.91 2021-12-20 09:20:03 -05:00
Jason Ertel
5af2bd8fa4 Upgrade to Elastic 7.16.2 2021-12-20 09:16:28 -05:00