CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-07 01:32:47 +01:00
Code Issues Packages Projects Releases Wiki Activity
10,597 Commits 24 Branches 119 Tags
9cd6273bebad4788a8e9cbf72a57c33ccb883ff6
Commit Graph

10597 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Doug Burks
9cd6273beb update ecat_log_address in hunt.eventfields.json 2022-11-22 13:10:46 -05:00
Doug Burks
724b26228c add ecat_log_address to hunt.eventfields.json 2022-11-22 13:09:27 -05:00
Doug Burks
24ee38369f add cotp to hunt.eventfields.json 2022-11-22 12:49:33 -05:00
Doug Burks
10ac789fbf add profinet_dce_rpc to hunt.eventfields.json 2022-11-22 11:08:24 -05:00
Doug Burks
db58a35562 add profinet to hunt.eventfields.json 2022-11-22 11:07:03 -05:00
Doug Burks
1ad7a0db59 add bacnet_property to hunt.eventfields.json 2022-11-22 11:05:26 -05:00
Doug Burks
af626fe3a1 add bacnet to hunt.eventfields.json 2022-11-22 11:03:45 -05:00
Doug Burks
073f5ed789 add dnp3_objects to hunt.eventfields.json 2022-11-22 11:02:21 -05:00
Doug Burks
bbcefea417 add s7comm_plus to hunt.eventfields.json 2022-11-22 10:58:42 -05:00
Doug Burks
73c282595d update dnp3 in hunt.eventfields.json 2022-11-22 10:57:06 -05:00
Doug Burks
07a53db09a add cip_identity to hunt.evenfields.json 2022-11-22 10:55:39 -05:00
Doug Burks
80e50fa7b4 add ecat_arp_info to hunt.eventfields.json 2022-11-22 10:53:48 -05:00
Doug Burks
84d333e915 add s7comm to hunt.eventfields.json 2022-11-22 10:51:06 -05:00
Doug Burks
ae582caa55 Add modbus_detailed to hunt.eventfields.json 2022-11-22 10:48:33 -05:00
Doug Burks
264ae2b9ac add enip to hunt.eventfields.json 2022-11-22 10:45:20 -05:00
Doug Burks
b522c9eea4 reorder fields in hunt.eventfields.json 2022-11-22 10:43:01 -05:00
Doug Burks
51cc047933 add cip to hunt.eventfields.json 2022-11-22 10:40:22 -05:00
Doug Burks
2a805ac1a6 Add tds entries to hunt.eventfields.json 2022-11-22 10:29:55 -05:00
Doug Burks
595f615ed9 Add ICS dashboard 2022-11-22 10:22:55 -05:00
Doug Burks
aa7c39d312 Add dashboards for stun, tds, and wireguard 2022-11-22 10:08:39 -05:00
weslambert
2170d498c5 Merge pull request #9195 from Security-Onion-Solutions/fix/missing_ics_pipelines 
Add COTP and TDS ingest pipelines
 2022-11-22 08:44:02 -05:00
Wes
95a6f9aa7d Add COTP and TDS ingest pipelines 2022-11-22 13:35:19 +00:00
weslambert
ba65b351a2 Merge pull request #9193 from Security-Onion-Solutions/fix/ics_tag_syntax_error 
Fix syntax error for 'ics' tag logic
 2022-11-22 07:32:40 -05:00
weslambert
4c09c8856b Fix syntax error for 'ics' tag logic 2022-11-22 07:23:56 -05:00
weslambert
3afa8bd9da Merge pull request #9188 from Security-Onion-Solutions/feature/filebeat_config_ics_event_tag 
Add 'ics' tag to events generated from ICS protocol logs
 2022-11-21 17:06:25 -05:00
weslambert
72eccd2649 Fix indentation 2022-11-21 17:01:16 -05:00
weslambert
310ea633b6 Add 'ics' tag to events generated from ICS protocol logs 2022-11-21 16:43:43 -05:00
Doug Burks
31b4d9cd70 Merge pull request #9187 from Security-Onion-Solutions/dougburks-patch-1 
Remove descriptions from so-zeek-logs and so-whiptail
 2022-11-21 14:13:04 -05:00
Doug Burks
0536d174fe Fix opcua_binary reference in so-zeek-logs 2022-11-21 14:03:22 -05:00
Doug Burks
96d7429a1c Remove descriptions from so-whiptail 2022-11-21 13:32:51 -05:00
Doug Burks
a54bb2bad4 Remove descriptions from so-zeek-logs 2022-11-21 13:23:53 -05:00
Doug Burks
d4abbd89ca Merge pull request #9185 from Security-Onion-Solutions/dougburks-patch-1 
Update so-functions to enable ICS/SCADA for EVAL and IMPORT
 2022-11-21 12:33:06 -05:00
Peter Di Giorgio
bdfab6858d Merge pull request #9184 from Security-Onion-Solutions/foxtrot 
Shorten Zeek Log Descriptions for formatting
 2022-11-21 11:20:15 -06:00
lock-wire
f80c8b89e4 Shorten Log Descriptions 2022-11-21 09:49:31 -07:00
Peter Di Giorgio
29384d33e1 Merge pull request #9183 from Security-Onion-Solutions/dev 
Synch Foxtrot from dev
 2022-11-21 10:06:44 -06:00
Doug Burks
aebedf9ac6 Update so-functions to enable ICS/SCADA for EVAL and IMPORT 2022-11-21 10:05:18 -05:00
Doug Burks
40ee529c7e Merge pull request #9178 from Security-Onion-Solutions/dougburks-patch-1 
Simplify version in README.md to just 2.3
 2022-11-21 08:46:22 -05:00
Doug Burks
b9ee2f1e38 Simplify version in README.md to just 2.3 2022-11-21 08:38:27 -05:00
weslambert
089b403a3b Merge pull request #9166 from Security-Onion-Solutions/foxtrot 
Merge final protocol analyzers into dev
 2022-11-18 08:41:43 -05:00
Peter Di Giorgio
a28e5de5f4 Correct trailing \ 2022-11-18 06:29:57 -06:00
Peter Di Giorgio
2e30cefd91 Add remaining protocol parsers 
- icsnpp-bsap
      - icsnpp-s7comm
      - zeek-plugin-tds
      - zeek-plugin-profinet
      - zeek-spicy-wireguard
      - zeek-spicy-stun
 2022-11-17 10:47:00 -06:00
Peter Di Giorgio
33bf0c6902 Merge pull request #9163 from Security-Onion-Solutions/dev 
Update Foxtrot from Dev
 2022-11-17 10:44:24 -06:00
Peter Di Giorgio
13b6b43324 Update init.sls 2022-11-17 10:42:21 -06:00
weslambert
78bc2a95e5 Add icsnpp-bsap to enabled plugins 2022-11-17 11:20:24 -05:00
weslambert
5bb0e6e8c0 Merge pull request #9160 from Security-Onion-Solutions/feature/additional_ics_scada_ingest_node_pipelines 
Add additional ICS/SCADA ingest node pipelines
 2022-11-17 11:18:15 -05:00
Wes
a278194037 Add additional ICS/SCADA ingest node pipelines 2022-11-17 16:16:33 +00:00
lock-wire
1b8e546045 Add s7comm,tds,stun,profinet,wireguard 2022-11-16 21:41:02 -06:00
weslambert
7319cb07e2 Merge pull request #9153 from Security-Onion-Solutions/fix/ics_scada_ingest_pipeline_updates_2_3 
Update ingest node pipelines for ICS/SCADA protocols
 2022-11-16 16:17:08 -05:00
Wes
35e131b888 Update ingest node pipelines for ICS/SCADA protocols 2022-11-16 21:09:30 +00:00
Jason Ertel
fd34eb3c26 Merge pull request #9150 from Security-Onion-Solutions/kilo 
Increase retry count and pause to allow more time for Ubuntu updates
 2022-11-16 07:53:04 -05:00