CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2026-04-24 21:47:48 +02:00
Code Issues Packages Projects Releases Wiki Activity
10,905 Commits 41 Branches 125 Tags
a0ac1d2274bb19c98241cfbf36d8dcf5dcd60e2f
Commit Graph

6464 Commits

Author SHA1 Message Date
Doug Burks 4ed757916e add opcua_binary_status_code_detail to hunt.eventfields.json 2022-11-25 15:35:17 -05:00
Doug Burks 676c543178 add opcua_binary to hunt.eventfields.json 2022-11-25 15:33:13 -05:00
Doug Burks 33a478ff59 fix zeek ics logs in so-zeek-logs 2022-11-25 09:40:48 -05:00
Doug Burks 2ada4712bc fix zeek ics logs in so-zeek-logs 2022-11-25 09:37:52 -05:00
Doug Burks fad6c46e7c fix zeek ics logs in so-zeek-logs 2022-11-25 09:35:00 -05:00
Doug Burks 9f5e75b302 add software to so-zeek-logs 2022-11-25 07:27:50 -05:00
Doug Burks 3f62cddc3b change . to _ 2022-11-23 12:21:12 -05:00
Doug Burks 085420997c move status_code before status_code.link_id 2022-11-23 12:11:04 -05:00
Doug Burks 0a1d0d35c8 fix description 2022-11-23 11:33:31 -05:00
Doug Burks 9ee96f2280 fix description 2022-11-23 11:32:09 -05:00
doug bc620b7def fix zeek opcua pipelines 2022-11-23 10:56:32 -05:00
Josh Brower 5950771003 Merge remote-tracking branch 'remotes/origin/dev' into idhskins 2022-11-22 18:04:38 -05:00
Josh Brower 7c8ce7899b Initial support for custom IDH http skins 2022-11-22 17:57:51 -05:00
Doug Burks 08d5f494ab Merge pull request #9208 from Security-Onion-Solutions/dougburks-patch-1 
Initial dashboards for stun, tds, wireguard, and ics
 2022-11-22 16:04:12 -05:00
weslambert 3a64362887 Remove extra space used during testing 2022-11-22 15:47:16 -05:00
Wes e77a60bcbf Add missing OPCUA 'activate_session' pipelines 2022-11-22 20:44:48 +00:00
Doug Burks 7caf827b77 add ecat_aoe_info to hunt.eventfields.json 2022-11-22 13:33:06 -05:00
Doug Burks f40ccb7eff add bacnet_discovery to hunt.eventfields.json 2022-11-22 13:27:26 -05:00
Doug Burks e0cd550820 update ecat_arp_info in hunt.eventfields.json 2022-11-22 13:23:45 -05:00
Doug Burks 4e5106c863 update ecat_arp_info in hunt.eventfields.json 2022-11-22 13:21:33 -05:00
Doug Burks 5a107c63b8 add source.mac and destination.mac to dashboards.queries.json 2022-11-22 13:16:47 -05:00
Doug Burks 8a9a13865c add ecat_registers to hunt.eventfields.json 2022-11-22 13:12:24 -05:00
Doug Burks 9cd6273beb update ecat_log_address in hunt.eventfields.json 2022-11-22 13:10:46 -05:00
Doug Burks 724b26228c add ecat_log_address to hunt.eventfields.json 2022-11-22 13:09:27 -05:00
weslambert 3c054fd133 Fix spelling of 'wireguard.responses' field name 2022-11-22 13:02:43 -05:00
Doug Burks 24ee38369f add cotp to hunt.eventfields.json 2022-11-22 12:49:33 -05:00
weslambert 8e17c23659 Fix format/speliing for 'enip.status_code' field name 2022-11-22 12:05:03 -05:00
weslambert 92170941f0 Fix spelling for 'stun.class' field name 2022-11-22 12:04:07 -05:00
Doug Burks 10ac789fbf add profinet_dce_rpc to hunt.eventfields.json 2022-11-22 11:08:24 -05:00
Doug Burks db58a35562 add profinet to hunt.eventfields.json 2022-11-22 11:07:03 -05:00
Doug Burks 1ad7a0db59 add bacnet_property to hunt.eventfields.json 2022-11-22 11:05:26 -05:00
Doug Burks af626fe3a1 add bacnet to hunt.eventfields.json 2022-11-22 11:03:45 -05:00
Doug Burks 073f5ed789 add dnp3_objects to hunt.eventfields.json 2022-11-22 11:02:21 -05:00
Doug Burks bbcefea417 add s7comm_plus to hunt.eventfields.json 2022-11-22 10:58:42 -05:00
Doug Burks 73c282595d update dnp3 in hunt.eventfields.json 2022-11-22 10:57:06 -05:00
Doug Burks 07a53db09a add cip_identity to hunt.evenfields.json 2022-11-22 10:55:39 -05:00
Doug Burks 80e50fa7b4 add ecat_arp_info to hunt.eventfields.json 2022-11-22 10:53:48 -05:00
Doug Burks 84d333e915 add s7comm to hunt.eventfields.json 2022-11-22 10:51:06 -05:00
Doug Burks ae582caa55 Add modbus_detailed to hunt.eventfields.json 2022-11-22 10:48:33 -05:00
Doug Burks 264ae2b9ac add enip to hunt.eventfields.json 2022-11-22 10:45:20 -05:00
Doug Burks b522c9eea4 reorder fields in hunt.eventfields.json 2022-11-22 10:43:01 -05:00
Doug Burks 51cc047933 add cip to hunt.eventfields.json 2022-11-22 10:40:22 -05:00
Doug Burks 2a805ac1a6 Add tds entries to hunt.eventfields.json 2022-11-22 10:29:55 -05:00
Doug Burks 595f615ed9 Add ICS dashboard 2022-11-22 10:22:55 -05:00
Doug Burks aa7c39d312 Add dashboards for stun, tds, and wireguard 2022-11-22 10:08:39 -05:00
Wes 95a6f9aa7d Add COTP and TDS ingest pipelines 2022-11-22 13:35:19 +00:00
weslambert 4c09c8856b Fix syntax error for 'ics' tag logic 2022-11-22 07:23:56 -05:00
weslambert 72eccd2649 Fix indentation 2022-11-21 17:01:16 -05:00
weslambert 310ea633b6 Add 'ics' tag to events generated from ICS protocol logs 2022-11-21 16:43:43 -05:00
Doug Burks 0536d174fe Fix opcua_binary reference in so-zeek-logs 2022-11-21 14:03:22 -05:00