CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-06 17:22:49 +01:00
Code Issues Packages Projects Releases Wiki Activity
7,392 Commits 24 Branches 119 Tags
a6a4c03029567d8d008e82c60dbb44f2fb6d9049
Commit Graph

369 Commits

Author SHA1 Message Date
Jason Ertel
a6a4c03029 Improve error scenarios for user sync; Ensure user sync runs before Elastic container starts 2021-05-26 12:08:10 -04:00
Jason Ertel
8c6489a49a Initial pass at synchronizing users file 2021-05-24 15:48:05 -04:00
Wes Lambert
a1a79719fc Add ignore above for message keyword field 2021-05-05 12:07:30 +00:00
Wes Lambert
619402cc67 Add event_data to common template so elastalert/playbook event_data fields can be indexed and searchable 2021-05-03 17:03:30 +00:00
Jason Ertel
44ad8ce888 Switch to the ES-included community_id plugin 2021-04-29 12:08:07 -04:00
Josh Brower
7cbeed985a Differentiate between event & ingest timestamp 2021-04-13 12:55:40 -04:00
Josh Brower
cf4de255ec Fix Wazuh WEL Shipping 2021-04-12 15:18:18 -04:00
Wes Lambert
942de130ca Enforce date type for ingest.timestamp 2021-03-31 12:24:51 +00:00
Josh Brower
71ae5b60ea Update Sigmac mappings and config for IPs and ports 2021-03-16 09:32:40 -04:00
Josh Brower
44c75122ed Update Sigmac mappings and config for IPs and ports 2021-03-16 09:05:35 -04:00
Josh Brower
5fe025318b Update Sigmac mappings and config for IPs and ports 2021-03-15 15:53:00 -04:00
doug
adbc7436b6 FIX: Populate http.status_message field #3408 2021-03-11 16:42:20 -05:00
doug
b4ad7e7359 FIX: Improve Suricata DHCP logging and parsing #3397 2021-03-11 11:01:51 -05:00
Josh Brower
00da549430 Merge pull request #3358 from Security-Onion-Solutions/delta 
FEATURE: Initial support for viewing Osquery Live Query results in Hunt
 2021-03-09 09:18:57 -05:00
Mike Reeves
1ecb079066 Fix Kibana Script for loading dashboards 2021-03-08 17:36:07 -05:00
Josh Brower
fe8788c09a Merge remote-tracking branch 'remotes/origin/dev' into delta 2021-03-08 12:56:47 -05:00
Josh Brower
548f67ca6f Initial support for Live Queries in Hunt 2021-03-04 18:21:13 -05:00
Mike Reeves
c2b347e4bb Security Enable for only nodes and heavy 2021-03-04 10:52:01 -05:00
Mike Reeves
a0a8d12526 Enable SSL and Features 2021-03-04 10:08:28 -05:00
Mike Reeves
4de62c878c turn on elastic security 2021-03-03 12:51:29 -05:00
Mike Reeves
4f867e5375 Fix all scripts for ssl elastic 2021-03-03 10:02:23 -05:00
Mike Reeves
e0d9212e55 Make https default for all things 2021-03-02 14:01:05 -05:00
Mike Reeves
80574d3c20 Make https default for all things 2021-03-02 13:59:43 -05:00
Mike Reeves
3219f4cd12 Remove Features Option 2021-03-02 11:04:50 -05:00
doug
71c7ffae3e Improve support for Suricata metadata #2200 2021-02-22 13:49:29 -05:00
doug
bcce205430 Improve support for Suricata metadata #2200 2021-02-22 13:00:14 -05:00
doug
3467f30603 Improve support for Suricata metadata #2200 2021-02-22 10:27:24 -05:00
Josh Brower
5ca3dc492c Merge pull request #3061 from Security-Onion-Solutions/foxtrot 
Fix Playbook Fields & Mappings
 2021-02-21 09:40:59 -05:00
Mike Reeves
0ea29144a8 Merge pull request #3047 from Security-Onion-Solutions/surifile2 
Suricata as Meta Data, File Extraction, And Parsing changes
 2021-02-19 14:09:38 -05:00
Mike Reeves
b4b449aa14 Pull in Suricata changes 2021-02-19 11:01:15 -05:00
doug
88eb5b1d61 Update syslog ingest parser to accomodate pfSense filterlog changes #3033 2021-02-19 08:02:32 -05:00
Josh Brower
d2a74c80e2 Update .security analyzer 2021-02-17 16:37:31 -05:00
Mike Reeves
160d307f4a Disable ML for features #2788 2021-01-30 20:00:41 -05:00
Mike Reeves
4212afe0c9 Add features option back 2021-01-30 19:57:18 -05:00
Josh Brower
13ab4c66eb Update Osquery Windows Eventlog Parsing 2021-01-27 09:15:54 -05:00
Mike Reeves
4ef38f8d04 Add EPS and RAID status collection for telegraf 2021-01-25 19:14:46 -05:00
Mike Reeves
636687ac59 Merge pull request #2702 from Security-Onion-Solutions/essecurity 
SSL with Elastic Basic license. Remove features option.
 2021-01-21 13:57:28 -05:00
Mike Reeves
9408d62c65 Remove features 2021-01-21 13:55:53 -05:00
Mike Reeves
f85ecf254e Fix dupe 2021-01-21 13:21:08 -05:00
Mike Reeves
9f984036c5 Use the internmediate cert 2021-01-21 13:00:46 -05:00
Mike Reeves
b0914fa604 try .p12 2021-01-21 12:46:00 -05:00
Mike Reeves
9759990233 Switch to java key store 2021-01-21 12:29:45 -05:00
Mike Reeves
bb523c44e6 Enable features temporarily 2021-01-21 12:19:41 -05:00
Mike Reeves
013b706ce4 Enable http ssl 2021-01-21 12:13:23 -05:00
Mike Reeves
84b75a38a3 Fix error in init.sls for ES 2021-01-21 11:21:04 -05:00
Mike Reeves
6de70ec820 Update docker mappings for ES 2021-01-21 11:12:12 -05:00
Mike Reeves
35c741ae63 Turn on Xpack SSL 2021-01-21 09:49:31 -05:00
m0duspwnens
b693373d8d change how we allow or disallow states to be run https://github.com/Security-Onion-Solutions/securityonion/issues/2679 2021-01-20 15:09:53 -05:00
Wes Lambert
875908dc90 Set @timestamp to winlog.systemTime 2021-01-06 16:47:35 +00:00
Mike Reeves
575098e368 Update init.sls 2020-12-17 20:23:38 -05:00