CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-10 03:02:58 +01:00
Code Issues Packages Projects Releases Wiki Activity
14,476 Commits 26 Branches 119 Tags
a63fca727ce144a90d6fd01a82707ecfcf32a39f
Commit Graph

14476 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Josh Brower
0c423c9329 Merge pull request #12333 from Security-Onion-Solutions/fix/shell 
Fixup shell
 2024-02-09 09:31:47 -05:00
Josh Brower
654602bf80 Fixup shell 2024-02-09 09:30:18 -05:00
reyesj2
3c9d6da1d8 add putty to sod packages.sls 
Signed-off-by: reyesj2 <94730068+reyesj2@users.noreply.github.com>
 2024-02-08 22:05:37 -05:00
Josh Brower
683abf0179 Rework naming 2024-02-08 13:24:25 -05:00
Corey Ogburn
29174566f3 WIP: Updated Detection Mappings, Changed Engine to Language 
Detection mappings updated to include the removal of Note and the addition of Tags, Ruleset, and Language.

SOC defaults updated to use language based queries rather than engine and show the language column instead of the engine column in results.
 2024-02-08 09:44:56 -07:00
Josh Brower
8d0e8789bd Use salt file roots 2024-02-08 09:54:51 -05:00
Josh Brower
503a09f150 Merge remote-tracking branch 'origin/2.4/dev' into feature/fleet-artifacts 2024-02-08 09:45:21 -05:00
Josh Brower
81a3e95914 Fixup sigma pipelines 2024-02-07 16:42:16 -05:00
Josh Patterson
f02f61c6dd Merge pull request #12325 from Security-Onion-Solutions/salt3006.6 
Salt3006.6
 2024-02-07 16:33:56 -05:00
Doug Burks
8c5dafa058 Merge pull request #12324 from Security-Onion-Solutions/feature/dashboards-communityid-firewall 
FEATURE: Add new dashboards for community_id and firewall auth #12323
 2024-02-07 16:15:21 -05:00
Doug Burks
d3d2305f00 FEATURE: Add new dashboards for community_id and firewall auth #12323 2024-02-07 16:08:27 -05:00
Josh Brower
7e3187c0b8 Fixup sigma pipelines 2024-02-07 15:35:31 -05:00
Josh Brower
b7b501d289 Add Sigma pipelines 2024-02-07 15:02:52 -05:00
m0duspwnens
6534f392a9 update backup filename 2024-02-07 14:25:28 -05:00
m0duspwnens
478fb6261e Merge remote-tracking branch 'origin/2.4/dev' into salt3006.6 2024-02-07 14:15:11 -05:00
m0duspwnens
e42e07b245 update salt mine after salt-master restarts 2024-02-07 13:05:45 -05:00
m0duspwnens
f97d0f2f36 add /opt/so/rules/ to files_roots 2024-02-07 09:25:56 -05:00
m0duspwnens
24fd3ef8cc uopdate error message 2024-02-06 16:22:13 -05:00
m0duspwnens
b3f6153667 update so-yaml tests 2024-02-06 16:15:54 -05:00
Doug Burks
d800d59304 Merge pull request #12316 from Security-Onion-Solutions/feature/improve-soc-actions 
FEATURE: Improve Correlate and Hunt actions on SOC Actions menu #12315
 2024-02-06 15:46:31 -05:00
Doug Burks
7106095128 FEATURE: Improve Correlate and Hunt actions on SOC Actions menu #12315 2024-02-06 15:39:23 -05:00
m0duspwnens
9d62ade32e update so-yaml tests 2024-02-06 11:14:27 -05:00
m0duspwnens
2643ae08a7 add append to list 2024-02-05 17:54:30 -05:00
Josh Brower
378c99ae88 Fix bindings 2024-02-02 18:27:49 -05:00
Corey Ogburn
8f81c9eb68 Updating config for Detection(s) 2024-02-02 11:49:58 -07:00
Pete
cf83d1cb86 feat: use mountpoint for Elastic log limit 
Instead of just existence, this checks if the directories are separate mountpoints when determining disk size and log_size_limit calculations.

It also sets the percentage to 80 if /nsm/elasticsearch is a separate mountpoint.  This allows for better disk utilization on server configurations where /nsm is based on large slow HDDs for increased PCAP retention but /nsm/elasticsearch is based on SSDs for faster Elasticsearch performance.
 2024-02-02 12:25:16 -05:00
Pete
7a29b3a529 call salt before stopping salt services 
salt-call does not work when the salt-master is not running.  If these calls are to succeed, they should occur before the salt services are stopped.
 2024-02-02 08:45:01 -05:00
Josh Brower
fe196b5661 Add SOC Config for Detections 2024-02-01 12:22:50 -05:00
m0duspwnens
61ee41e431 Merge remote-tracking branch 'origin/2.4/dev' into salt3006.6 2024-02-01 11:07:06 -05:00
m0duspwnens
0d5db58c86 upgrade salt3006.6 2024-02-01 10:32:41 -05:00
Josh Brower
3d478b92b2 Merge pull request #12294 from Security-Onion-Solutions/jppffa 
Jppffa
 2024-02-01 09:47:18 -05:00
Josh Brower
e090518b59 Refactor script 2024-02-01 09:46:53 -05:00
weslambert
91c1e595ef Merge pull request #12297 from Security-Onion-Solutions/feature/pipeline_config_ui 
Manage custom Elasticsearch and Logstash pipelines in UI
 2024-02-01 09:18:30 -05:00
Wes
1818e134ca Change numbers for Logstash 2024-02-01 14:01:55 +00:00
Wes
182667bafb Change numbers for Elasticsearch 2024-02-01 13:59:23 +00:00
Josh Brower
49b5788ac1 add bindings 2024-02-01 07:21:49 -05:00
Josh Brower
881d6b313e Update VERSION - kilo 2024-01-31 17:04:11 -05:00
Josh Brower
db057b4dfa Merge pull request #12296 from Security-Onion-Solutions/cogburn/detection_playbooks 
Cogburn/detection playbooks
 2024-01-31 16:48:51 -05:00
Wes
136097f981 Custom Logstash pipeline annotations 2024-01-31 21:47:09 +00:00
Wes
bc502cc065 Custom Elasticserach pipeline annotations 2024-01-31 21:46:33 +00:00
m0duspwnens
ae32ac40c2 add fleet node nginx to docker annotations 2024-01-31 16:28:45 -05:00
m0duspwnens
2f03248612 use different nginx defaults for so-fleet node hosting artifacts 2024-01-31 16:25:09 -05:00
Mike Reeves
a094d1007b Merge pull request #12293 from Security-Onion-Solutions/TOoSmOotH-patch-3 
fix salt lock for airgap version mismatches
 2024-01-31 16:21:16 -05:00
Mike Reeves
341ff5b564 Update so-functions 2024-01-31 16:18:51 -05:00
Josh Brower
0fe96bfc2d switch to symlink 2024-01-31 16:17:40 -05:00
Wes
4672a5b8eb Custom pipeline configuration in UI 2024-01-31 20:18:17 +00:00
Wes
1853dc398b Custom pipeline configuration 2024-01-31 20:17:33 +00:00
Wes
bc75be9402 Custom pipelines in UI 2024-01-31 20:16:48 +00:00
Wes
cd4bd6460a Custom pipelines 2024-01-31 20:16:18 +00:00
Corey Ogburn
585147d1de Added so-detection mapping in elasticsearch 2024-01-31 10:39:47 -07:00