CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-06 09:12:45 +01:00
Code Issues Packages Projects Releases Wiki Activity
10,707 Commits 24 Branches 119 Tags
a38e312df427b89464c073a0888dfae31ee30691
Commit Graph

705 Commits

Author SHA1 Message Date
Wes
a38e312df4 Add COTP and TDS ingest pipelines 2022-11-22 13:36:27 +00:00
Wes
05b9a067fd Add additional ICS/SCADA ingest node pipelines 2022-11-17 16:03:21 +00:00
Wes
638a3568b0 Update ingest node pipelines for ICS/SCADA protocols 2022-11-16 21:11:21 +00:00
m0duspwnens
c880be8d45 use curator defaults.yaml merged with pillar for actions 2022-10-21 10:38:32 -04:00
m0duspwnens
eed3746ebc fix some globals 2022-10-12 13:39:37 -04:00
m0duspwnens
b526532ab6 use global vars in states 2022-10-11 11:57:15 -04:00
doug
fee5a7bea9 initial quick OCD pass 2022-09-23 16:29:55 -04:00
Mike Reeves
e3f4a58989 Merge pull request #8804 from Security-Onion-Solutions/funstuff 
Firewall and More
 2022-09-23 14:00:51 -04:00
Wes
0fd5fee868 Fix syntax for Fleet component templates 2022-09-22 15:07:43 +00:00
m0duspwnens
c77fcc74c1 merge in 2.4./firewall changes 2022-09-22 10:55:39 -04:00
Wes
46dd4c2749 Rename component mappings and references for Security Onion 2022-09-20 20:33:06 +00:00
Wes
7f2c5bc757 Add component templates for Fleet 2022-09-20 20:27:26 +00:00
Mike Reeves
85339d7cb1 Add helpLinks to everything 2022-09-20 15:43:34 -04:00
Doug Burks
df18f8f886 Merge pull request #8779 from Security-Onion-Solutions/2.4/dev 
2.4/dev
 2022-09-20 13:32:54 +00:00
weslambert
509c32482f Update so-elasticsearch-templates-load to allow for proper loading of differently formatted Elastic Agent index templates 2022-09-19 16:39:49 -04:00
doug
fdffac83e1 sysmon fix by bryant 2022-09-19 14:47:45 -04:00
Wes
9095bc2205 Re-establish Elasticsearch cluster (search) settings 2022-09-19 15:41:54 +00:00
Wes
12e940f809 Change managed_by value from 'fleet' to 'security_onion' for Elastic Agent templates in defaults.yaml 2022-09-16 20:55:49 +00:00
Mike Reeves
b38f0fa996 Update watermark settings 2022-09-13 12:13:45 -04:00
weslambert
030f4d228a Add back Elastic Agent default templates 2022-09-12 15:10:24 -04:00
Mike Reeves
3de4e56db9 Fix ES merge 2022-09-10 19:25:01 -04:00
Mike Reeves
74ef6c0ed0 Fix yaml for idh,es,kib,esalert 2022-09-09 15:30:28 -04:00
Wes
86d60e444d Add Elastic Agent index/template configuration to defaults file 2022-09-08 00:20:22 +00:00
Wes
b39a5061ca Load Elastic Agent component templates (managed by Security Onion) 2022-09-07 21:26:43 +00:00
Wes
eeffded248 Remove duplicate security subfield configuration from component templates 2022-09-07 21:23:04 +00:00
Wes
3c50072690 Add Elastic Agent component templates 2022-09-07 18:51:57 +00:00
Mike Reeves
2bd9dd80e2 Move In Day 2022-09-07 09:06:25 -04:00
weslambert
2914007393 Add forward slash to fix issue with missing query path 2022-07-18 09:07:34 -04:00
Wes Lambert
b06c16f750 Add ingest node pipeline for Kratos 2022-07-08 15:53:00 +00:00
Mike Reeves
8b3d5e808e Fix repo location 2022-06-30 13:30:56 -04:00
Mike Reeves
e86b7bff84 Fix repo location 2022-06-30 13:29:21 -04:00
weslambert
44595cb333 Merge pull request #8123 from Security-Onion-Solutions/foxtrot 
Merge foxtrot into dev
 2022-06-14 15:44:13 -04:00
doug
025993407e FIX: Add event.category field to pfsense firewall logs #8112 2022-06-13 08:03:44 -04:00
Josh Brower
8e368bdebe Merge in upstream dev 2022-05-06 20:01:07 -04:00
weslambert
542db5b7f5 Update defaults.yaml 2022-04-21 17:24:24 -04:00
Josh Brower
2b39570b08 Fix matching logic 2022-04-18 10:37:38 -04:00
Josh Brower
886d69fb38 Compress + Clean ES & Logstash App Logs 2022-04-11 16:09:24 -04:00
weslambert
e6599cd10e Update with changes from Abe's PR and other fixes 2022-03-25 13:57:44 -04:00
weslambert
c02d7fab50 Merge pull request #7636 from Security-Onion-Solutions/feature/rita 
Parsing of RITA Logs
 2022-03-24 13:05:22 -04:00
Wes Lambert
fe1b72655b Additional .keyword shims for process mappings 2022-03-24 16:45:06 +00:00
weslambert
1f2bca599f Check cluster health before trying to load roles for ES 2022-03-23 11:00:26 -04:00
Wes Lambert
2487d468ab Add RITA Elasticsearch ingest pipeline config 2022-03-22 17:38:22 +00:00
weslambert
7128b04636 Remove indices.query.bool.max_clause_count because it is dynamically allocated in Elastic 8 2022-03-17 21:20:41 -04:00
Wes Lambert
42d6c3a956 Replace Elastic connection check using ELASTICCURL with so-elasticsearch-query 2022-03-15 14:55:04 +00:00
Wes Lambert
5f56c7a261 Replace ELASTICCURL with so-elasticsearch-query 2022-03-15 14:32:00 +00:00
Wes Lambert
d12ff503c2 Chage role loading verbiage 2022-03-11 16:23:19 +00:00
Wes Lambert
dc258cf043 Load custom component templates in so-elasticsearch-templates-load 2022-03-11 16:22:55 +00:00
Wes Lambert
8e43a6e571 Don't generate index template if index_template definition is not present in pillar 2022-03-11 16:22:06 +00:00
m0duspwnens
e1e8a20e11 make sure values exist in data structure 2022-03-10 17:09:00 -05:00
weslambert
406267a892 Add process.name.keyword 2022-03-08 12:42:34 -05:00