CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-06 09:12:45 +01:00
Code Issues Packages Projects Releases Wiki Activity
10,642 Commits 24 Branches 119 Tags
a00eb9071f836d2a870ef17ec97cb174615f4804
Commit Graph

10642 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Doug Burks
a00eb9071f add opcua_binary_get_endpoints to hunt.eventfields.json 2022-11-25 15:57:35 -05:00
Doug Burks
c39cd9a290 add opcua_binary_browse_result to hunt.eventfields.json 2022-11-25 15:55:59 -05:00
Doug Burks
cb5483d401 add opcua_binary_create_session to hunt.eventfields.json 2022-11-25 15:53:09 -05:00
Doug Burks
fab0d17314 add opcua_binary_browse_description to hunt.eventfields.json 2022-11-25 15:51:49 -05:00
Doug Burks
465e6c4605 add opcua_binary_create_session_user_token to hunt.eventfields.json 2022-11-25 15:48:11 -05:00
Doug Burks
a119d6a842 add opcua_binary_get_endpoints_user_token to hunt.eventfields.json 2022-11-25 15:46:35 -05:00
Doug Burks
be8ce43b74 add opcua_binary_browse to hunt.eventfields.json 2022-11-25 15:44:22 -05:00
Doug Burks
b2a33d4800 add opcua_binary_browse_response_references to hunt.eventfields.json 2022-11-25 15:41:48 -05:00
Doug Burks
78fac49e66 add opcua_binary_read to hunt.eventfields.json 2022-11-25 15:39:58 -05:00
Doug Burks
ca08989404 add cip_io to hunt.eventfields.json 2022-11-25 15:37:21 -05:00
Doug Burks
4ed757916e add opcua_binary_status_code_detail to hunt.eventfields.json 2022-11-25 15:35:17 -05:00
Doug Burks
676c543178 add opcua_binary to hunt.eventfields.json 2022-11-25 15:33:13 -05:00
Doug Burks
aa2eab5738 fix zeek ics logs in so-functions 2022-11-25 09:53:11 -05:00
Doug Burks
fe21b8bc17 fix zeek ics logs in so-functions 2022-11-25 09:45:18 -05:00
Doug Burks
33a478ff59 fix zeek ics logs in so-zeek-logs 2022-11-25 09:40:48 -05:00
Doug Burks
62fee1f420 fix zeek ics logs in so-whiptail 2022-11-25 09:39:58 -05:00
Doug Burks
2ada4712bc fix zeek ics logs in so-zeek-logs 2022-11-25 09:37:52 -05:00
Doug Burks
fad6c46e7c fix zeek ics logs in so-zeek-logs 2022-11-25 09:35:00 -05:00
Doug Burks
6f27c1b21e fix zeek logs in so-whiptail 2022-11-25 09:26:54 -05:00
Doug Burks
0afb20ffa8 fix ics entries in so-functions 2022-11-25 09:19:11 -05:00
Doug Burks
40688a6076 add Zeek software to so-functions 2022-11-25 07:36:41 -05:00
Doug Burks
9431bf1c2a add Zeek software log to so-whiptail 2022-11-25 07:28:48 -05:00
Doug Burks
9f5e75b302 add software to so-zeek-logs 2022-11-25 07:27:50 -05:00
Doug Burks
3f62cddc3b change . to _ 2022-11-23 12:21:12 -05:00
Doug Burks
085420997c move status_code before status_code.link_id 2022-11-23 12:11:04 -05:00
Doug Burks
723e145eeb Merge pull request #9221 from Security-Onion-Solutions/dougburks-patch-1 
fix descriptions
 2022-11-23 11:43:12 -05:00
Doug Burks
0a1d0d35c8 fix description 2022-11-23 11:33:31 -05:00
Doug Burks
9ee96f2280 fix description 2022-11-23 11:32:09 -05:00
Doug Burks
3871268c19 Merge pull request #9220 from Security-Onion-Solutions/fix/zeek-opcua-parsing 
fix zeek opcua pipelines
 2022-11-23 11:17:47 -05:00
doug
bc620b7def fix zeek opcua pipelines 2022-11-23 10:56:32 -05:00
Doug Burks
08d5f494ab Merge pull request #9208 from Security-Onion-Solutions/dougburks-patch-1 
Initial dashboards for stun, tds, wireguard, and ics
 2022-11-22 16:04:12 -05:00
weslambert
13827f3be5 Merge pull request #9209 from Security-Onion-Solutions/fix/add_missing_opcua_activate_session_pipelines 
Add Missing OPCUA Activate Session Pipelines
 2022-11-22 16:01:33 -05:00
weslambert
3a64362887 Remove extra space used during testing 2022-11-22 15:47:16 -05:00
Wes
e77a60bcbf Add missing OPCUA 'activate_session' pipelines 2022-11-22 20:44:48 +00:00
weslambert
e560edf493 Merge pull request #9206 from Security-Onion-Solutions/fix/ingest_typos 
Fix spelling of 'wireguard.responses' field name
 2022-11-22 15:35:55 -05:00
Doug Burks
7caf827b77 add ecat_aoe_info to hunt.eventfields.json 2022-11-22 13:33:06 -05:00
Doug Burks
f40ccb7eff add bacnet_discovery to hunt.eventfields.json 2022-11-22 13:27:26 -05:00
Doug Burks
e0cd550820 update ecat_arp_info in hunt.eventfields.json 2022-11-22 13:23:45 -05:00
Doug Burks
4e5106c863 update ecat_arp_info in hunt.eventfields.json 2022-11-22 13:21:33 -05:00
Doug Burks
5a107c63b8 add source.mac and destination.mac to dashboards.queries.json 2022-11-22 13:16:47 -05:00
Doug Burks
8a9a13865c add ecat_registers to hunt.eventfields.json 2022-11-22 13:12:24 -05:00
Doug Burks
9cd6273beb update ecat_log_address in hunt.eventfields.json 2022-11-22 13:10:46 -05:00
Doug Burks
724b26228c add ecat_log_address to hunt.eventfields.json 2022-11-22 13:09:27 -05:00
weslambert
3c054fd133 Fix spelling of 'wireguard.responses' field name 2022-11-22 13:02:43 -05:00
Doug Burks
24ee38369f add cotp to hunt.eventfields.json 2022-11-22 12:49:33 -05:00
weslambert
0bbe642d20 Merge pull request #9203 from Security-Onion-Solutions/fix/ics_ingest_field_names 
Fix ICS Ingest Field Names
 2022-11-22 12:30:10 -05:00
weslambert
8e17c23659 Fix format/speliing for 'enip.status_code' field name 2022-11-22 12:05:03 -05:00
weslambert
92170941f0 Fix spelling for 'stun.class' field name 2022-11-22 12:04:07 -05:00
Doug Burks
10ac789fbf add profinet_dce_rpc to hunt.eventfields.json 2022-11-22 11:08:24 -05:00
Doug Burks
db58a35562 add profinet to hunt.eventfields.json 2022-11-22 11:07:03 -05:00