CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-23 01:13:09 +01:00
Code Issues Packages Projects Releases Wiki Activity
11,471 Commits 18 Branches 120 Tags
a79c380e2b928e1ce13d79c4c3a99bc4af71fac5
Commit Graph

436 Commits

Author SHA1 Message Date
m0duspwnens
052e0dea2e create and manage metrics_link in a file for soc 2023-02-28 14:47:44 -05:00
Josh Patterson
cbcd3c9dd9 Update defaults.map.jinja 2023-02-27 15:39:03 -05:00
Josh Patterson
8632606a24 Update defaults.map.jinja 2023-02-27 15:37:35 -05:00
Josh Patterson
8d33f01936 Update defaults.map.jinja 2023-02-27 15:01:31 -05:00
Jason Ertel
aed41404fc Merge pull request #9852 from Security-Onion-Solutions/kilo 
Remove FleetDM tool from SOC instead of deactivating it; generate SRV key during setup
 2023-02-24 13:05:58 -05:00
Jason Ertel
316db85584 Generate SOC SRVKey during setup 2023-02-24 10:20:23 -05:00
Jason Ertel
d3c5d0569a Remove FleetDM tool instead of deactivating it 2023-02-24 10:20:02 -05:00
m0duspwnens
8f46e4aa30 set docker extra_hosts for soc 2023-02-23 12:26:58 -05:00
Jason Ertel
4222b09970 Merge branch '2.4/dev' into reposync 2023-02-23 12:15:03 -05:00
Mike Reeves
148b0b1c4c use hostnames please 2023-02-23 11:11:29 -05:00
weslambert
ecf70847fd Change 'GLOBALS.minion_id' to 'GLOBALS.hostname' for 'analyzerNodeId' value to ensure SOC creates analyzer jobs in the correct directory 2023-02-22 16:23:48 -05:00
Jason Ertel
8746f55834 influx upgrade 2023-02-15 08:03:22 -05:00
Jason Ertel
cd27ae89cc influx upgrade 2023-02-10 16:34:06 -05:00
Jason Ertel
ea0c3db8e1 upgrade influxdb 2023-02-08 13:23:45 -05:00
m0duspwnens
e0e094cd95 rename sosbip and sosrange to sobip and sorange 2023-02-03 10:10:51 -05:00
m0duspwnens
a37f0fd0c0 rename sosbridge to sobridge 2023-02-03 10:07:07 -05:00
Doug Burks
a44d83d69b Improve Suricata DHCP parsing and dashboard 2023-01-31 08:33:38 -05:00
m0duspwnens
1d2f491084 Merge remote-tracking branch 'remotes/origin/2.4/dev' into 2.4/firewall 2023-01-26 10:49:00 -05:00
m0duspwnens
d1460ae01f add node_data.ips pillar. grab influx host ip for soc extra_hosts 2023-01-24 17:05:40 -05:00
Jason Ertel
7b1f867ac3 Add defaults for auto extracted observables 2023-01-24 13:17:50 -05:00
Jason Ertel
b0709e93fa test workflow 2023-01-24 10:50:52 -05:00
m0duspwnens
6033e9a0de use port_bindings from docker defaults in docker states 2023-01-13 10:15:10 -05:00
m0duspwnens
d4c6834cd0 merge with 2.4/dev 2023-01-06 14:01:58 -05:00
m0duspwnens
cb1822a62d change ref to DOCKER.sosrange 2023-01-05 15:57:06 -05:00
Doug Burks
5754365c6d Improve default sysmon fields and add new network_connection fields 2023-01-04 07:42:24 -05:00
doug
4e5d1d587e update sysmon ingest parser and Sysmon File dashboard 2023-01-03 09:02:17 -05:00
Mike Reeves
058b4013aa Merge pull request #9470 from Security-Onion-Solutions/kilo 
Kilo
 2022-12-23 10:37:22 -05:00
m0duspwnens
24876eecd9 change refs from sosnet to sosbridge 2022-12-22 14:02:40 -05:00
Mike Reeves
3f0ded0638 Merge pull request #9464 from Security-Onion-Solutions/mkr24 
Add global annotation and influx support
 2022-12-22 13:57:56 -05:00
Mike Reeves
308228620a Specify Influxdb host 2022-12-22 13:05:33 -05:00
Jason Ertel
b6f37f8499 Correct indentation of client section 2022-12-22 10:26:51 -05:00
Jason Ertel
3fd210463e fix redis defaults to force string keys instead of numeric 2022-12-21 18:11:39 -05:00
Doug Burks
69415a0d8d Improve Strelka dashboard 2022-12-21 15:34:35 -05:00
Doug Burks
506556f0d2 Improve Firewall dashboard 2022-12-21 15:29:09 -05:00
Doug Burks
d7b2c88201 Improve Software dashboard 2022-12-21 15:24:58 -05:00
Doug Burks
4519c533a2 Improve Intel dashboard 2022-12-21 15:20:27 -05:00
m0duspwnens
accc293c8a 2.4 firewall changes 2022-12-21 15:03:45 -05:00
Doug Burks
3a367d69f4 Improve FTP dashboard 2022-12-21 14:37:17 -05:00
Doug Burks
a4f1f75306 Improve NIDS Alerts dashboard 2022-12-21 14:33:01 -05:00
Doug Burks
3d1ce4ef10 Improve SOC dashboards 2022-12-21 13:26:04 -05:00
Jason Ertel
fa7488effb change format of license key for compat with config alignment 2022-12-16 15:56:02 -05:00
Jason Ertel
b37697e95d Switch license key to single line to avoid multiline/list conflicts 2022-12-16 12:50:22 -05:00
Jason Ertel
7853d972b6 Set default key to empty string to ensure new keys are type aligned correctly 2022-12-15 18:31:47 -05:00
Jason Ertel
f84ceca03e consolidate eventFields from hunt and dashbaords into a single setting 2022-12-15 14:22:23 -05:00
Doug Burks
e1d200e6ce Remove duplicate TDS dashboard from defaults.yaml 2022-12-11 14:39:08 -05:00
Doug Burks
72f71ba695 Fix TDS dashboard in defaults.yaml 2022-12-11 14:36:27 -05:00
Doug Burks
cb16bd36fb fix descriptions in defaults.yaml 2022-12-10 14:31:59 -05:00
Doug Burks
cf7d8076e9 remove old Wazuh Hunt queries in defaults.yaml 2022-12-10 14:21:58 -05:00
Doug Burks
cd664b2d39 remove old Modbus dashboard from defaults.yaml 2022-12-10 14:16:39 -05:00
Doug Burks
7f07a94a98 remove old DNP3 and Wazuh dashboards from defaults.yaml 2022-12-10 14:14:24 -05:00