CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-07 09:42:46 +01:00
Code Issues Packages Projects Releases Wiki Activity
13,429 Commits 24 Branches 119 Tags
9968d697f35db8d546908dc9074e0cbb26f1d2bc
Commit Graph

8242 Commits

Author SHA1 Message Date
m0duspwnens
e814a3409f fix rule location for rulecat.conf. run so-rule-update if rules change in /opt/so/rules/nids 2023-09-08 15:28:24 -04:00
m0duspwnens
8d269fee30 Merge remote-tracking branch 'origin/2.4/dev' into issue/11210 2023-09-07 15:46:25 -04:00
m0duspwnens
35157f2e8b add comment 2023-09-07 15:46:04 -04:00
m0duspwnens
60f1947eb4 prevent endgame_dict from being added to standard_actions if it is already present 2023-09-07 14:01:19 -04:00
m0duspwnens
ffaab4a1b4 only add endgame to action if it is populated 2023-09-06 14:19:53 -04:00
weslambert
70e1309c9f Merge pull request #11261 from Security-Onion-Solutions/fix/remove_default_templates 
Remove templates
 2023-09-06 10:57:09 -04:00
Jason Ertel
5c0045f9f8 Merge pull request #11256 from Security-Onion-Solutions/jertel/sod 
only ingest pfsense on sensor nodes
 2023-09-05 12:50:47 -04:00
Jason Ertel
b66be9c226 only ingest pfsense on sensor nodes 2023-09-05 12:46:49 -04:00
Josh Patterson
651393988a Merge pull request #11255 from Security-Onion-Solutions/issue/10975 
Issue/10975
 2023-09-05 11:57:58 -04:00
Wes
cf19c8f8c2 Remove templates 2023-09-05 13:43:41 +00:00
Mike Reeves
d2dcf7e7c1 Merge pull request #11241 from Security-Onion-Solutions/jertel/sod 2023-09-01 18:22:38 -04:00
m0duspwnens
07ed93de19 add elastic agent to desktop 2023-09-01 14:33:32 -04:00
Jason Ertel
8093e5ce7c use IP to avoid host issues 2023-09-01 13:01:17 -04:00
m0duspwnens
aebfb19ab7 add sostatus.sh to desktop for telegraf scripts 2023-09-01 12:05:28 -04:00
m0duspwnens
490669d378 add ssl to desktop for allowed_states 2023-09-01 12:03:01 -04:00
m0duspwnens
3434d0f200 add sensoroni and telegraf back to individual nodes. add seperate block for desktop 2023-09-01 12:02:30 -04:00
weslambert
765a22e6f0 Add so-elastic-agent 2023-09-01 11:31:23 -04:00
Jason Ertel
546c562ef0 expose standard relay timeout in config UI; up default to 45s to accommodate sluggish pillar.get calls 2023-09-01 10:31:02 -04:00
m0duspwnens
b64d4e3658 add telegraf pillar to desktop 2023-09-01 09:53:26 -04:00
m0duspwnens
0fb00d569e allow states for desktop. give all nodes docker_clean, order it last 2023-09-01 09:39:39 -04:00
m0duspwnens
b64fa51268 give desktop docker state and pillars 2023-09-01 09:16:24 -04:00
m0duspwnens
b010919099 add sensoroni, telegraf, common states to desktop. allow docker_registry connection to managers for desktop 2023-08-31 13:21:32 -04:00
Wes
0fed757b11 Add entropy mapping 2023-08-31 15:10:27 +00:00
Wes
1a3b3b21fb Change entropy value syntax 2023-08-31 15:09:19 +00:00
m0duspwnens
e408718230 Merge remote-tracking branch 'origin/2.4/dev' into issue/10975 2023-08-31 09:56:02 -04:00
Doug Burks
da56a421e5 Update motd.md 2023-08-31 09:17:33 -04:00
m0duspwnens
bfb0d0ddb5 Merge remote-tracking branch 'origin/2.4/dev' into issue/10975 2023-08-31 08:58:28 -04:00
m0duspwnens
c812c3991e we dont need to run convert-gnome-classic script 2023-08-31 08:54:13 -04:00
Corey Ogburn
a615fc8e47 New Config Default: longRelayTimeoutMs 
Salt is getting a second timeout for operations known to take a long time such as sending and importing files. There's also an entry in soc_soc.yaml so the value can be changed in SOC's config page.
 2023-08-30 15:33:01 -06:00
weslambert
ac38f32e32 Merge pull request #11218 from Security-Onion-Solutions/feature/soc_administration_analyzers 
Analyzer SOC Administration
 2023-08-30 16:54:02 -04:00
weslambert
41300af944 Set global to false 2023-08-30 16:30:32 -04:00
weslambert
21e91a7537 Fix api_version 2023-08-30 16:10:38 -04:00
weslambert
d090852895 Correct fortigate template name 2023-08-30 15:40:40 -04:00
weslambert
78915f900b Add fortigate package 2023-08-30 15:37:30 -04:00
Wes
8cc19b0748 Add analyzer configuration description 2023-08-30 19:16:38 +00:00
Wes
fe690922de Add analyzer configuration to the defaults file 2023-08-30 19:16:05 +00:00
Josh Patterson
257a471383 Merge pull request #11217 from Security-Onion-Solutions/issue/10975 
Issue/10975
 2023-08-30 12:28:34 -04:00
m0duspwnens
b45e114ef2 cant use GLOBALS var due to desktop nongrid install 2023-08-30 10:41:34 -04:00
m0duspwnens
8381fa1d42 cant import globals because of nongrid desktop install~ 2023-08-30 10:26:24 -04:00
Wes
60b0af5ab7 Allow external syslog 2023-08-30 13:05:30 +00:00
Wes
0e22acc255 Add tcp and udp integration 2023-08-30 13:04:32 +00:00
Wes
655eea2b00 Add port_bindings 2023-08-30 13:03:56 +00:00
Wes
ce05f29dc4 Add port_bindings for port 514 2023-08-30 13:03:28 +00:00
weslambert
706a6e2d56 Make sure a data stream is created for syslog 2023-08-30 08:34:04 -04:00
weslambert
d2063c7e11 Add auditd reference back 2023-08-29 11:14:49 -04:00
weslambert
c01a9006a6 Add Apache package 2023-08-29 11:01:22 -04:00
weslambert
f118e25e8c Add Apache references 2023-08-29 11:00:31 -04:00
weslambert
d40bbf6b09 Add Apache templates 2023-08-29 10:59:40 -04:00
m0duspwnens
a1b1294247 desktop doesnt need docker state 2023-08-29 09:05:01 -04:00
m0duspwnens
1c3d3d703c add desktop.map.jinja for global vars 2023-08-29 08:56:01 -04:00