securityonion

mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-06 17:22:49 +01:00

Author	SHA1	Message	Date
Wes Lambert	4b91ade2e8	fix message_types one more time :)	2020-05-16 15:03:27 +00:00
Wes Lambert	9845ee189c	fix message_types for real	2020-05-16 15:02:41 +00:00
Wes Lambert	6a2ddd4ef6	move to DNS	2020-05-16 14:58:51 +00:00
Wes Lambert	66c89abbc6	Fix DHCP message types	2020-05-16 14:58:06 +00:00
Doug Burks	cc7a244d0b	Create zeek.dns.tld https://github.com/Security-Onion-Solutions/securityonion-saltstack/issues/599	2020-05-15 15:32:25 -04:00
Doug Burks	60d2a0818b	Add to zeek.dns and have it send to zeek.dns.tld https://github.com/Security-Onion-Solutions/securityonion-saltstack/issues/599	2020-05-15 15:31:17 -04:00
Josh Brower	e02bf2ebb5	Merge branch 'dev' of https://github.com/Security-Onion-Solutions/securityonion-saltstack into dev	2020-05-15 15:05:47 -04:00
Josh Brower	9d4536dcbe	osquery ingest parsing update	2020-05-15 15:05:21 -04:00
Doug Burks	fc883745e5	add fields to conn log https://github.com/Security-Onion-Solutions/securityonion-saltstack/issues/599	2020-05-15 15:02:02 -04:00
Doug Burks	58d59c6844	use null safe operator for source.port and destination.port https://github.com/Security-Onion-Solutions/securityonion-saltstack/issues/594	2020-05-15 14:58:21 -04:00
Wes Lambert	03805bd6e2	remove type field	2020-05-15 18:29:49 +00:00
Wes Lambert	5d5f5cf105	update DCE/RPC parsing	2020-05-15 18:19:05 +00:00
m0duspwnens	7f464af5fa	run so-elasticsearch-pipelines only on changes - https://github.com/Security-Onion-Solutions/securityonion-saltstack/issues/682	2020-05-14 13:39:19 -04:00
Josh Brower	abd907fee1	Merge pull request #659 from Security-Onion-Solutions/bugfix/nids-parsing-alerting suricata parsing	2020-05-12 14:07:51 -04:00
Josh Brower	62bec93190	suricata parsing	2020-05-12 14:04:02 -04:00
Mike Reeves	0b7568e08f	Update soc.json with default search info	2020-05-12 13:57:40 -04:00
m0duspwnens	766b56a944	update dockers to 1.2.2	2020-04-23 10:11:26 -04:00
Josh Brower	6332509a33	osquery pipeline fix	2020-04-15 20:22:54 -04:00
Mike Reeves	d9e27a5444	Update Versions	2020-04-15 15:37:59 -04:00
Wes Lambert	59787a6532	update parsing for Zeek files	2020-04-14 13:08:31 +00:00
Josh Brower	634100318e	osquery ingest ecs	2020-04-13 10:58:13 -04:00
Josh Brower	edae63097c	fleet osquery fixes	2020-04-10 16:56:37 -04:00
Mike Reeves	6625e17bf2	Have templates applied on the master only	2020-04-09 12:22:27 -04:00
Mike Reeves	ac52c014d1	Remove ES watch	2020-04-09 11:30:24 -04:00
Mike Reeves	0b07d0f25f	Fix ES Watch	2020-04-09 11:25:46 -04:00
Mike Reeves	5692f2a672	Make Kibana run faster on checkins	2020-04-09 11:16:36 -04:00
Wes Lambert	9e50387eec	update ingest files	2020-04-05 20:40:00 +00:00
Wes Lambert	e023aeb9be	use agent name for observer name	2020-04-01 21:27:25 +00:00
weslambert	f13093dc51	Add message rename	2020-04-01 11:31:57 -04:00
Josh Brower	0e76447d11	osquery ingest - initial support	2020-04-01 10:17:36 -04:00
Wes Lambert	eacd3c9bfd	update zeek.common	2020-03-31 00:36:42 +00:00
Wes Lambert	ad50093315	add community_id parsing for ingest	2020-03-30 15:49:36 +00:00
Wes Lambert	93c3c86e2f	update wazuh fields and category	2020-03-30 14:24:01 +00:00
Wes Lambert	ef808875f4	fix ossec fields	2020-03-24 15:42:31 +00:00
Wes Lambert	083c588a87	add some more fields	2020-03-24 03:43:31 +00:00
Wes Lambert	a5ff21c528	remove agent field for non-Wazuh logs	2020-03-17 15:20:46 +00:00
Wes Lambert	b80e7fedcb	remove agent field for non-Wazuh logs	2020-03-17 15:20:31 +00:00
Wes Lambert	488858f8bc	remove beat field removal	2020-03-17 15:19:08 +00:00
Wes Lambert	faea67c9cf	update env vars	2020-03-17 15:17:13 +00:00
Wes Lambert	b6ba8e483d	update ES init	2020-03-14 12:06:32 +00:00
Wes Lambert	c52220330b	modify pipelines	2020-03-14 12:03:32 +00:00
Wes Lambert	648b0ba790	remove old config	2020-03-11 12:14:22 +00:00
Wes Lambert	9ad16e8c71	upadte ingest config	2020-03-11 12:13:53 +00:00
Wes Lambert	b1203cfb9f	add initial Strelka ingest config	2020-03-03 21:20:45 +00:00
Wes Lambert	ec6638a276	src/dst ip/port fields to ECS	2020-03-02 19:10:18 +00:00
Wes Lambert	e4fee51ed6	Change Bro Files source to file_source	2020-03-02 19:09:24 +00:00
m0duspwnens	306cc1127b	heavynode	2020-01-29 12:56:25 -05:00
Wes Lambert	fbb9f099f9	Update Elastic state files	2020-01-28 14:49:58 +00:00
Mike Reeves	e038a8b731	Merge branch 'dev' into feature/issue124	2020-01-21 16:48:26 -05:00
m0duspwnens	a39edad3f6	changes for multipipelines / mastersearch node - https://github.com/Security-Onion-Solutions/securityonion-saltstack/issues/124	2020-01-21 16:39:42 -05:00

1 2

92 Commits