CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-07 17:52:46 +01:00
Code Issues Packages Projects Releases Wiki Activity
10,597 Commits 24 Branches 119 Tags
9cd6273bebad4788a8e9cbf72a57c33ccb883ff6
Commit Graph

10597 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Mike Reeves
db9b93a96c Update init.sls 2022-10-31 14:35:02 -04:00
Mike Reeves
5635375d8d Update init.sls 2022-10-31 14:30:11 -04:00
Mike Reeves
07e72e4013 Update filecheck 2022-10-31 13:47:49 -04:00
Mike Reeves
518d2aaa9c Update filecheck.yaml 2022-10-31 13:45:00 -04:00
Mike Reeves
e93e2995b7 Update filecheck 2022-10-31 13:42:18 -04:00
Mike Reeves
d2eb61a830 Update filecheck.yaml 2022-10-31 13:41:45 -04:00
Mike Reeves
4c5a2c0610 Update filecheck 2022-10-31 13:36:42 -04:00
Mike Reeves
e9e7362005 Add Filechecks 2022-10-31 12:57:08 -04:00
Peter Di Giorgio
b97c822800 Add zeek.bacnet_discovery and zeek.bacnet_property 2022-10-27 15:40:52 -07:00
Peter Di Giorgio
71e3b2d1fb Create zeek.bacnet 2022-10-27 15:40:07 -07:00
Peter Di Giorgio
326ba710ce Add logs for bacnet 
bacnet
bacnet_discovery
bacnet_property
 2022-10-27 15:38:32 -07:00
Peter Di Giorgio
1ea6feca37 Add icsnpp-bacnet 2022-10-27 15:31:38 -07:00
Peter Di Giorgio
c524442172 Merge pull request #9008 from Security-Onion-Solutions/master 
Synch Foxtrot with 2.3.181 Release
 2022-10-26 13:10:01 -07:00
weslambert
8e4d0db738 Merge pull request #9002 from Security-Onion-Solutions/fix/remove_ja3er_references 
Remove JA3er references
 2022-10-26 10:21:54 -04:00
weslambert
a170c194c8 Remove JA3er references 2022-10-26 10:18:10 -04:00
Peter Di Giorgio
2b51d72585 Rename zeek.read_write_multiple_registers to zeek.modbus_read_write_multiple_registers 2022-10-25 17:20:01 -07:00
weslambert
0d71006f40 Merge pull request #8997 from Security-Onion-Solutions/fix/sensoroni_analyzers_pyyaml_wheel_name 
Fix PyYAML .whl file name and remove JA3er analyzer
 2022-10-25 14:57:35 -04:00
Wes
a91e3b601c Remove JA3er since it is no longer a valid service 2022-10-25 18:48:37 +00:00
Wes
4940421297 Add PyYAML .whl files back since they were 'deleted' in the previous commit 2022-10-25 18:47:51 +00:00
Wes
58b4a8fbab Change PyYAML .whl file name to comply with Joliet's 240-character limit 2022-10-25 18:47:02 +00:00
Mike Reeves
bd7e12f682 Merge pull request #8952 from Njinx/dev 
FEATURE: so-pcap-export can run without needing to be attached to a TTY
 2022-10-25 14:38:48 -04:00
Mike Reeves
64e43f07b9 Merge pull request #8993 from Security-Onion-Solutions/TOoSmOotH-patch-3 
Update VERSION
 2022-10-25 14:36:45 -04:00
Mike Reeves
2d84e2e977 Update VERSION 2022-10-25 14:35:52 -04:00
Mike Reeves
465a1a82d7 Merge pull request #8981 from Security-Onion-Solutions/dev 
2.3.181
2.3.181-20221021 		2022-10-25 14:30:50 -04:00
Peter Di Giorgio
61d36d584f Add Modbus, DNP3, BZAR, and oui-logging 2022-10-25 07:10:52 -07:00
Peter Di Giorgio
2d343110cc Add DNP3 and Modbus extensions to zeeklogs.sls 2022-10-25 07:09:11 -07:00
Peter Di Giorgio
4502e2c260 Remove logs for OT parsers 2022-10-24 23:16:18 -07:00
Peter Di Giorgio
beb67847f9 Remove modbus,bzar,dnp3,oui-logging 2022-10-24 23:14:32 -07:00
Peter Di Giorgio
9cdc29c482 Fix Syntax for zeeklogs pillar 2022-10-24 14:30:15 -07:00
weslambert
292f66138b Merge pull request #8983 from Security-Onion-Solutions/revert-8982-fix/sensoroni_analyzers_pyyaml_wheel_name 
Revert "Change PyYAML .whl file name to comply with Joliet's 240-character limit/threshold"
 2022-10-24 16:49:19 -04:00
weslambert
0087768946 Revert "Change PyYAML .whl file name to comply with Joliet's 240-character limit/threshold" 2022-10-24 16:47:30 -04:00
Peter Di Giorgio
01d177366d Fix Zeek Pillar 2022-10-24 12:00:43 -07:00
weslambert
712340a027 Merge pull request #8982 from Security-Onion-Solutions/fix/sensoroni_analyzers_pyyaml_wheel_name 
Change PyYAML .whl file name to comply with Joliet's 240-character limit/threshold
 2022-10-24 14:14:45 -04:00
Wes
1caac3f0b0 Add PyYAML .whl files back since they were 'deleted' in the previous commit. 2022-10-24 18:06:19 +00:00
Wes
54a5dd6cbd Change name of PyYAML .whl file to remain under Joliet's 240-character limit/threshold 2022-10-24 18:05:15 +00:00
Mike Reeves
6570177b0c Merge pull request #8979 from Security-Onion-Solutions/2.3.181 
2.3.181
 2022-10-24 11:39:08 -04:00
Mike Reeves
f7ed992f24 2.3.181 2022-10-24 11:33:31 -04:00
Mike Reeves
4a18f8d18a 2.3.181 2022-10-24 11:32:19 -04:00
Peter Di Giorgio
24cf481f4a Merge pull request #8973 from lock-wire/patch-3 
Add Modbus, DNP3, BZAR, and oui-logging
 2022-10-21 18:06:13 -07:00
Peter Di Giorgio
cd4e0c1f8e Add DNP3 and Modbus extensions to zeeklogs.sls 
Add DNP3 and Modbus extenstions to zeeklogs to ensure filebeat.yml is configured properly to ship lots.  Need to move these behind the OT flag.
 2022-10-21 14:19:21 -07:00
Peter Di Giorgio
4a60310dc8 Add Modbus, DNP3, BZAR, and oui-logging 
This is an initial proof of concept.  Need to migrate these entries behind a flag.
 2022-10-21 14:04:40 -07:00
weslambert
930620fce6 Merge pull request #8971 from lock-wire/patch-2 
Add Ingest pipeline for Modbus and DNP3 extensions
 2022-10-21 16:28:52 -04:00
Peter Di Giorgio
7a60d0987c Update zeek.conn to include client.oui 2022-10-21 13:02:01 -07:00
Peter Di Giorgio
9ac06057c1 Create zeek.read_write_multiple_registers 2022-10-21 13:00:12 -07:00
Peter Di Giorgio
e5c69c3236 Create zeek.modbus_mask_write_register 2022-10-21 12:58:36 -07:00
Peter Di Giorgio
39f050c6e4 Rename modbus_detailed to zeek.modbus_detailed 2022-10-21 12:56:59 -07:00
Peter Di Giorgio
4ee083759c Rename dnp3_objects to zeek.dnp3_objects 2022-10-21 12:56:35 -07:00
Peter Di Giorgio
072bfd87b7 Create Ingest for Modbus Detailed 2022-10-21 12:53:30 -07:00
Peter Di Giorgio
b7aaaa80bb Create Ingest for DNP3 Objects extension 2022-10-21 12:51:13 -07:00
Jason Ertel
b8884b6ac9 Merge pull request #8968 from Security-Onion-Solutions/181soup 
update soup for 2.3.181
 2022-10-21 12:00:58 -04:00