CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2026-02-16 12:13:30 +01:00
Code Issues Packages Projects Releases Wiki Activity
15,513 Commits 27 Branches 121 Tags
aaf5d76071d7e1ea713e4e82cf8b47f8cb347aa1
Commit Graph

76 Commits

Author SHA1 Message Date
Jason Ertel
3130b56d58 Provide new setting to require OTP 2024-07-30 10:39:57 -04:00
Corey Ogburn
45b2413175 Removed Allow/Deny Regexes, Added Enable/Disable Regex 
Update config and annotations for new regex support for suricata.
 2024-07-19 12:45:24 -06:00
Corey Ogburn
022df966c7 Remove Allow/Deny Regex, Add Suricata Enable/Disable Regex 2024-07-19 12:28:04 -06:00
Corey Ogburn
d0565baaa3 New Config Values for Detections Bulk Indexer 
`maxScrollSize` defines the "page size" of each scroll request.

`bulkIndexerWorkerCount` defines how many worker threads a bulk indexer should use. 0 or fewer indicates that 1 thread per CPU core should be used.
 2024-07-15 14:43:47 -06:00
DefensiveDepth
c89f1c9d95 remove multiline 2024-06-14 13:48:55 -04:00
DefensiveDepth
68302e14b9 add to defaults and tweaks 2024-06-14 09:28:23 -04:00
DefensiveDepth
c1abc7a7f1 Update description 2024-06-14 08:51:34 -04:00
DefensiveDepth
484717d57d initial support for custom suricata urls and local rulesets 2024-06-14 08:42:10 -04:00
Corey Ogburn
85c269e697 Added TemplateDetections To Detection ClientParams 
The UI can now insert templates when you select a Detection language. These are those templates, annotated.
 2024-05-30 15:59:03 -06:00
DefensiveDepth
f90d40b471 Fix typo 2024-05-24 12:56:17 -04:00
DefensiveDepth
4344988abe Add instructions for sigma and yara repos 2024-05-24 12:54:36 -04:00
DefensiveDepth
a072e34cfe Fix casing issue 2024-05-22 17:12:41 -04:00
Jason Ertel
31fdf15ce1 Merge branch '2.4/dev' into jertel/eaconfig 2024-05-20 18:59:35 -04:00
Jason Ertel
6b2219b7f2 elastalert settings 2024-05-20 18:52:37 -04:00
Corey Ogburn
6e97c39f58 Marked as Advanced 2024-05-20 14:52:05 -06:00
Corey Ogburn
026023fd0a Annotate integrityCheckFrequencySeconds per det engine 2024-05-20 14:35:11 -06:00
Jason Ertel
1c4d36760a add support for custom alerters 2024-05-17 14:49:39 -04:00
DefensiveDepth
c4c38f58cb Update descriptions 2024-05-13 13:13:57 -04:00
Jason Ertel
b4817fa062 Merge pull request #12956 from Security-Onion-Solutions/jertel/testcy 
test regexes for detections
 2024-05-07 08:45:38 -07:00
Jason Ertel
4ebe070cd8 test regexes for detections 2024-05-06 19:03:12 -04:00
m0duspwnens
554a203541 update airgapEnabled in map file 2024-05-06 12:59:45 -04:00
m0duspwnens
38f74d2e9e change quotes 2024-05-06 11:38:30 -04:00
m0duspwnens
5b966b83a9 change rulesRepos for airgap or not 2024-05-06 09:26:52 -04:00
DefensiveDepth
26c6a98b45 Initial airgap support for detections 2024-05-06 08:43:01 -04:00
m0duspwnens
47ba4c0f57 add new annotation for soc autoEnabledSigmaRules 2024-05-01 12:55:29 -04:00
DefensiveDepth
dbfb178556 Add test 2024-04-16 12:22:53 -04:00
DefensiveDepth
f5e42e73af Add docs for ruleset change 2024-04-12 13:30:20 -04:00
DefensiveDepth
1c5f02ade2 Update annotations 2024-04-11 09:21:08 -04:00
Josh Brower
f72cbd5f23 Merge pull request #12755 from Security-Onion-Solutions/2.4/detections-defaults 
2.4/detections defaults
 2024-04-04 11:33:59 -04:00
DefensiveDepth
49d5fa95a2 Detections tweaks 2024-04-04 11:26:44 -04:00
Jason Ertel
a7fab380b4 clarify telemetry annotation 2024-04-04 07:51:23 -04:00
Jason Ertel
a9517e1291 clarify telemetry annotation 2024-04-04 07:49:30 -04:00
Jason Ertel
3aea2dec85 analytics 2024-04-01 09:50:18 -04:00
DefensiveDepth
bbcd3116f7 Fixes 2024-03-26 09:31:46 -04:00
DefensiveDepth
cc0f4847ba Casing and validation 2024-03-26 08:10:57 -04:00
DefensiveDepth
7c4ea8a58e Add Detections SOC Config 2024-03-26 07:39:39 -04:00
Jason Ertel
1cbac11fae detections annotations 2024-03-06 11:08:03 -05:00
Jason Ertel
167aff24f6 detections annotations 2024-03-06 11:03:52 -05:00
Jason Ertel
0f12297f50 add new pcap annotations 2024-03-06 08:19:42 -05:00
Jason Ertel
12653eec8c add new pcap annotations 2024-03-06 08:14:33 -05:00
Josh Brower
59af547838 Fix download location 2024-02-27 09:49:54 -05:00
Doug Burks
52580fb8c4 Merge pull request #12434 from Security-Onion-Solutions/feature/improve-endpoint-columns 
Add multiple endpoint features
 2024-02-26 12:05:30 -05:00
Josh Brower
a6bb7216f9 Add Detection AutoUpdate config 2024-02-26 08:18:42 -05:00
Doug Burks
58f4fb87d0 fix new eventFields in soc_soc.yaml 2024-02-23 17:06:29 -05:00
Doug Burks
b7ef1e8af1 add more endpoint.events.x fields to soc_soc.yaml 2024-02-23 15:38:53 -05:00
m0duspwnens
573d565976 convert _x_ to . for soc ui to config 2024-02-23 15:03:44 -05:00
Josh Brower
ffb3cc87b7 Default ruleset; Descriptions 2024-02-16 11:55:10 -05:00
Josh Brower
5102269440 Update defaults 2024-02-12 16:44:54 -05:00
Josh Brower
7e3187c0b8 Fixup sigma pipelines 2024-02-07 15:35:31 -05:00
Josh Brower
b7b501d289 Add Sigma pipelines 2024-02-07 15:02:52 -05:00