CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2026-04-25 14:07:49 +02:00
Code Issues Packages Projects Releases Wiki Activity
10,114 Commits 40 Branches 125 Tags
92dee14ee8e482b366eea23b9d3416e40dfcb10f
Commit Graph

243 Commits

Author SHA1 Message Date
Jason Ertel 20e896cacf Update all configs to pass user/pass to ES 2021-06-02 12:17:15 -04:00
m0duspwnens b23ce7462e add depenency 2021-05-27 11:26:25 -04:00
m0duspwnens 842aa97f7e load filebeat modules when es container starts and if fb container is running 2021-05-26 11:00:18 -04:00
Mike Reeves 34d4eedf67 Remove old modules 2021-05-26 10:11:47 -04:00
m0duspwnens 525d4325c7 define ZEEKLOGLOOKUP in the yaml 2021-05-25 17:18:58 -04:00
m0duspwnens ecf7e25a51 fix merge conflict 2021-05-25 17:16:44 -04:00
m0duspwnens dfaf40f583 add zeekloglookup to translate zeeklogs to filebeat filesets 2021-05-25 17:14:26 -04:00
Mike Reeves 543154f037 Remove old modules 2021-05-25 16:58:18 -04:00
m0duspwnens 2eee6b45bc Merge branch 'pipeline' of https://github.com/Security-Onion-Solutions/securityonion into pipeline 2021-05-25 16:52:08 -04:00
m0duspwnens 0de5c6f204 fix sodefault modules 2021-05-25 16:52:02 -04:00
Mike Reeves 9363fc153c Fix pillar for module 2021-05-25 16:44:13 -04:00
m0duspwnens 2aacd5b9b6 so defaults filebeat modules 2021-05-25 16:40:50 -04:00
Mike Reeves 5e5d30a377 Fix 3rd party modules 2021-05-25 08:26:25 -04:00
Mike Reeves 71a74a6656 Added updated script and core modules 2021-05-13 13:07:16 -04:00
Mike Reeves 68a667ee7c Add thirfpartydefaults.yml 2021-05-12 15:31:19 -04:00
m0duspwnens ad67167e97 remove whitespace control 2021-05-11 12:58:21 -04:00
m0duspwnens 4012a8276c add template for module .yml file 2021-05-11 12:22:25 -04:00
m0duspwnens efc028d0a5 handle the docker port bindings for filebeat modules 2021-05-10 18:08:47 -04:00
Mike Reeves 01a121e029 Add defaults.yml 2021-05-10 15:29:50 -04:00
Wes Lambert 728d1f7540 Make Zeek and Suricata great again 2021-05-06 14:06:17 +00:00
Wes Lambert ee92ba20b0 Add modules path reference 2021-05-06 13:56:39 +00:00
Wes Lambert 1b749cf004 Additional config 2021-05-06 13:55:07 +00:00
Wes Lambert 37929dbd7d Add additional config for Filebeat modules 2021-05-06 13:54:28 +00:00
Mike Reeves 0622c77a7f Add filebeat modules 2021-05-04 10:50:13 -04:00
Mike Reeves aa66b6226f Add hostname to the listener 2021-04-13 20:22:51 -04:00
Mike Reeves db7dcd76cd Add hostname to the listener 2021-04-13 20:21:32 -04:00
Mike Reeves 7153f58a03 Add Firewall for Beats port 2021-04-13 20:17:26 -04:00
Mike Reeves 621e5c1cf8 Enable Filebeat Stats 2021-04-13 19:18:10 -04:00
Mike Reeves 18203513ab Update cert location for eval.import 2021-03-10 09:14:14 -05:00
Mike Reeves 1ecb079066 Fix Kibana Script for loading dashboards 2021-03-08 17:36:07 -05:00
Mike Reeves bf4ac2a312 Fix some merge conflicts 2021-03-08 11:43:24 -05:00
Mike Reeves a0a8d12526 Enable SSL and Features 2021-03-04 10:08:28 -05:00
Mike Reeves 4f867e5375 Fix all scripts for ssl elastic 2021-03-03 10:02:23 -05:00
Mike Reeves 3219f4cd12 Remove Features Option 2021-03-02 11:04:50 -05:00
Jason Ertel 58e4205602 Revert "Make filebeat retry forever" 2021-02-03 21:46:29 -05:00
Mike Reeves 55a8f6aa7a Make filebeat retry forever 2021-02-02 16:41:52 -05:00
Mike Reeves 4212afe0c9 Add features option back 2021-01-30 19:57:18 -05:00
Mike Reeves 4ef38f8d04 Add EPS and RAID status collection for telegraf 2021-01-25 19:14:46 -05:00
Mike Reeves 636687ac59 Merge pull request #2702 from Security-Onion-Solutions/essecurity 
SSL with Elastic Basic license. Remove features option.
 2021-01-21 13:57:28 -05:00
Mike Reeves 9408d62c65 Remove features 2021-01-21 13:55:53 -05:00
Wes Lambert 19d22e1f8a Allow for Filebeat queue/output adjustments via pillar 2021-01-21 15:34:54 +00:00
m0duspwnens b693373d8d change how we allow or disallow states to be run https://github.com/Security-Onion-Solutions/securityonion/issues/2679 2021-01-20 15:09:53 -05:00
weslambert 6b4af30fc1 Change clean_removed to true cleanup tracking of Zeek logs removed from current 2020-11-18 13:47:32 -05:00
m0duspwnens 1fca5e65df redo how containers get added to so-status https://github.com/Security-Onion-Solutions/securityonion/issues/1681 2020-11-10 15:31:47 -05:00
William Wernert 6169758f4e [fix] 0 -> root so file owner is set correctly 2020-11-03 16:47:59 -05:00
m0duspwnens 10e4248cfc and node that gets filebeat state now can listen for syslog - https://github.com/Security-Onion-Solutions/securityonion/issues/1551 2020-10-19 16:10:20 -04:00
m0duspwnens 79854f111e add 514 tcp listener to filebeat docker and add syslog listener to fb config for manager and manager search - https://github.com/Security-Onion-Solutions/securityonion/issues/1551 2020-10-19 10:27:40 -04:00
Doug Burks a106913d1a Heavy node filebeat needs extra_hosts for the heavy node itself #1521 2020-10-14 09:51:59 -04:00
Wes Lambert 4fc4913d1e Don't predefine index date for Filebeat ES outputs 2020-10-12 15:44:00 +00:00
Wes Lambert 1970d95d5f Make Filebeat registry persistent to avoid re-reading old data 2020-10-05 13:30:04 +00:00