CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-06 09:12:45 +01:00
Code Issues Packages Projects Releases Wiki Activity
12,426 Commits 24 Branches 119 Tags
932054e9dacf7cb315ce3ecac31798e209cd5cb8
Commit Graph

12426 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
weslambert
932054e9da Update version to 2.4.0 2023-06-08 11:04:45 -04:00
Josh Brower
8b35002169 EQL Refactor 2023-06-07 13:44:37 -04:00
weslambert
96b60fa39a Restore original URL syntax, but use data stream 2023-06-06 20:53:05 -04:00
weslambert
f172a74fbc Remove EQL setting 2023-06-06 20:51:29 -04:00
weslambert
c4be56ec7b Update host syntax 2023-06-06 20:51:03 -04:00
weslambert
96195806ab Update version to 2.4.0-kilo 2023-06-06 20:50:10 -04:00
weslambert
88bbd3440d Merge pull request #10522 from Security-Onion-Solutions/fix/playbook_index 
Change Playbook index to a data stream and update mapping for event.severity_label
 2023-06-06 09:03:49 -04:00
Wes
495a9c0783 Add mapping for event.severity_label 2023-06-05 21:19:37 +00:00
Wes
905bc564fc Change data stream name 2023-06-05 21:18:47 +00:00
Wes
f6f387428f Update Playbook alerter to write to a data stream 2023-06-05 21:17:10 +00:00
Jason Ertel
db5abcb3cf Merge pull request #10503 from Security-Onion-Solutions/jertel/pcap 
add ability to output PCAP import results in JSON format
 2023-06-05 14:32:32 -04:00
Jason Ertel
27e310c2a1 add json output option to so-import-evtx; clean up other issues 2023-06-05 13:54:44 -04:00
weslambert
236eb0cbcc Merge pull request #10515 from Security-Onion-Solutions/fix/analyzers 
Update requests and whoisit
 2023-06-05 12:12:59 -04:00
Wes
841d0b4b1f Update dependencies after git add 2023-06-05 15:42:55 +00:00
Wes
272f97e2d7 Update dependencies 2023-06-05 15:42:38 +00:00
Wes
eac9a3fc86 Update requests and whoisit 2023-06-05 15:41:01 +00:00
Doug Burks
32dc26f2e7 Merge pull request #10514 from Security-Onion-Solutions/2.4/fix-VERIFY_ISO 
Rename VERIFY_ISO.md to DOWNLOAD_AND_VERIFY_ISO.md
 2023-06-05 10:12:43 -04:00
Doug Burks
1b14142e4c Rename VERIFY_ISO.md to DOWNLOAD_AND_VERIFY_ISO.md 2023-06-05 10:08:20 -04:00
Jason Ertel
2fef1d5fa7 silence grep output 2023-06-02 15:43:48 -04:00
Jason Ertel
3bbfc3865d use proper URL spacing 2023-06-02 15:26:14 -04:00
Jason Ertel
6947fd6414 add ability to output PCAP import results in JSON format 2023-06-02 15:21:41 -04:00
Doug Burks
d3e5be78fd Merge pull request #10500 from Security-Onion-Solutions/dougburks-patch-1 
Update soc_zeek.yaml
 2023-06-02 07:54:11 -04:00
Doug Burks
09e005127e Update soc_zeek.yaml 2023-06-02 07:41:55 -04:00
Mike Reeves
d3ea596deb Merge pull request #10491 from Security-Onion-Solutions/TOoSmOotH-patch-1 
Update VERSION
 2023-06-01 09:44:13 -04:00
Mike Reeves
d6d315e8d5 Update VERSION 2023-06-01 09:43:32 -04:00
Mike Reeves
8c9186d8dd Merge pull request #10489 from Security-Onion-Solutions/2.4.2 
2.4.2
 2023-06-01 09:27:56 -04:00
Mike Reeves
aee842b912 2.4.2 2023-06-01 09:26:24 -04:00
weslambert
3a5a59af59 Merge pull request #10485 from Security-Onion-Solutions/fix/elastic_fleet_dedicated 
Add so-fleet role logic
 2023-05-31 16:04:40 -04:00
Josh Patterson
8f3a874e61 Merge pull request #10483 from Security-Onion-Solutions/dedfleetES 
exclude elasticsearch.ca state from fleet and receiver nodes
 2023-05-31 16:02:57 -04:00
m0duspwnens
66dc6274e6 exclude elasticsearch.ca state from fleet and receiver nodes 2023-05-31 15:59:36 -04:00
Wes
302e580d8f Add so-fleet role logic 2023-05-31 19:56:17 +00:00
Mike Reeves
4cf60a6054 Merge pull request #10480 from Security-Onion-Solutions/mreeves/mergefrommain 
Mreeves/mergefrommain
 2023-05-31 15:32:30 -04:00
Mike Reeves
8f6d82af97 Merge branch '2.4/main' into mreeves/mergefrommain 2023-05-31 15:28:07 -04:00
Mike Reeves
8ab54dcead Merge pull request #10477 from Security-Onion-Solutions/2.4.2 
2.4.2
 2023-05-31 14:49:34 -04:00
Mike Reeves
9704c8917e 2.4.2 2023-05-31 14:47:34 -04:00
weslambert
540ee156db Merge pull request #10469 from Security-Onion-Solutions/fix/elastic_fleet_dynamic_configuration 
Use Fleet pillar instead of Zeek
 2023-05-31 12:36:39 -04:00
Wes
344e2bf1d0 Update defaults file 2023-05-31 15:30:03 +00:00
Wes
3441c0684e Create elasticfleet pillar dir 2023-05-31 15:10:35 +00:00
Wes
ed560f19d3 Remove where not applicable 2023-05-31 14:28:43 +00:00
Wes
b3f6012856 Change ordering 2023-05-31 14:22:47 +00:00
Wes
9ae26ec866 Add Fleet to top file 2023-05-31 14:21:39 +00:00
Wes
20aaa79476 Add pillar files for Fleet 2023-05-31 13:45:19 +00:00
Wes
2bb77251b0 Move Elastic Fleet logging exclusions to the Fleet pillar 2023-05-31 13:38:58 +00:00
weslambert
36791665f3 Merge pull request #10462 from Security-Onion-Solutions/feature/elastic_agent_zeek_logging 
Dynamic integration configuration and Zeek log exclusions for Elastic Agent
 2023-05-30 19:27:13 -04:00
Josh Patterson
4d4744a89b Merge pull request #10465 from Security-Onion-Solutions/suricataimport 
dont apply suricata.enabled on import nodes
 2023-05-30 16:51:17 -04:00
Wes
f3be63051b Remove Fleet configuration 2023-05-30 20:48:43 +00:00
m0duspwnens
743ed316f8 dont apply suricata.enabled on import nodes 2023-05-30 16:10:41 -04:00
Wes
e4b4bbcfdc Use ZEEKMERGED from zeek/config.map.jinja 2023-05-30 19:51:13 +00:00
Wes
b6e090f29f Move Elastic Fleet logic in so-common to so-elastic-fleet-common 2023-05-30 18:43:56 +00:00
weslambert
25006ed20b Merge pull request #10455 from Security-Onion-Solutions/fix/curator_cluster_delete_delete 
Update so-elasticsearch-cluster-space-used and so-curator-cluster-delete-delete
 2023-05-30 14:28:22 -04:00