CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-19 23:43:07 +01:00
Code Issues Packages Projects Releases Wiki Activity
11,263 Commits 18 Branches 120 Tags
abbc92a58d6cd839459f3d20a07c0e43f3181a2c
Commit Graph

6805 Commits

Author SHA1 Message Date
Jason Ertel
22eaeb1462 upgrade influx 2023-02-08 15:00:44 -05:00
Jason Ertel
2fddcc1e99 upgrade influx 2023-02-08 14:57:57 -05:00
Jason Ertel
44e60f1e57 upgrade influx 2023-02-08 14:03:27 -05:00
Jason Ertel
51674b3a5b upgrade influx 2023-02-08 13:50:32 -05:00
Jason Ertel
4c42671a21 Merge branch '2.4/dev' into kilo 2023-02-08 13:49:07 -05:00
Jason Ertel
a1ac1785d3 upgrade influx 2023-02-08 13:40:27 -05:00
Jason Ertel
ea0c3db8e1 upgrade influxdb 2023-02-08 13:23:45 -05:00
m0duspwnens
31daeef30d 2.4 fw changes 2023-02-08 11:01:26 -05:00
m0duspwnens
fb7ebcac7e 2.4 fw changes 2023-02-08 09:18:05 -05:00
m0duspwnens
e8a1e164aa add so.version module 2023-02-03 10:58:08 -05:00
m0duspwnens
e0e094cd95 rename sosbip and sosrange to sobip and sorange 2023-02-03 10:10:51 -05:00
m0duspwnens
a37f0fd0c0 rename sosbridge to sobridge 2023-02-03 10:07:07 -05:00
m0duspwnens
6e45f1b6e1 Merge remote-tracking branch 'remotes/origin/2.4/dev' into 2.4/firewall 2023-02-03 09:55:50 -05:00
m0duspwnens
df9ef9ffc7 add managersearch 2023-02-03 09:55:33 -05:00
m0duspwnens
3e808a70fa allow managersearch. comment out localhost allow in setup 2023-02-02 12:11:03 -05:00
Wes
bc082dff99 Only run Zeek if it is defined as 'mdengine' 2023-02-02 16:22:42 +00:00
m0duspwnens
33787d345b Merge remote-tracking branch 'remotes/origin/2.4/dev' into 2.4/firewall 2023-02-02 10:04:01 -05:00
m0duspwnens
9eae31e488 add managersearch to allowed roles for so-firewall. fix setup error from so-firewall "Please specify a role with --role=" 2023-02-02 10:03:22 -05:00
Wes
5fba3c5872 Add Suricata metadata configuration 2023-02-02 14:48:01 +00:00
m0duspwnens
3ba64f7545 Merge remote-tracking branch 'remotes/origin/2.4/dev' into 2.4/firewall 2023-02-02 09:31:40 -05:00
weslambert
d242050627 Disable loading of Kibana and Logstash logs for now since there are issues with the packages from the registry 2023-02-01 15:59:35 -05:00
weslambert
2101ca60e9 Add 'configured_vulns_ext_vars.yar' to exclusion list 2023-02-01 14:25:46 -05:00
m0duspwnens
d2dd68eb44 add global vars for managersearch 2023-02-01 11:31:36 -05:00
m0duspwnens
6ec086e24a add influxdb as extra_hosts for grafana container 2023-01-31 17:10:11 -05:00
m0duspwnens
6f1438148f allow elastic agent access 2023-01-31 16:54:46 -05:00
m0duspwnens
12bede5e77 Merge remote-tracking branch 'remotes/origin/2.4/dev' into 2.4/firewall 2023-01-31 16:10:50 -05:00
weslambert
056bcd0121 Merge pull request #9683 from Security-Onion-Solutions/fix/kibana_osquery_live_query_link_remove 
Remove OSQuery live query link
 2023-01-31 13:38:07 -05:00
m0duspwnens
8cbafb52d8 Merge remote-tracking branch 'remotes/origin/2.4/dev' into 2.4/firewall 2023-01-31 13:32:51 -05:00
m0duspwnens
16e1e297a0 allow elasticsearch_rest 2023-01-31 13:32:33 -05:00
weslambert
74eed31eec Change Elasticsearch output name from 'so-manager_elasticsearch2' to 'so-manager_elasticsearch' 2023-01-31 12:55:03 -05:00
m0duspwnens
aa411e2682 allow influxdb on manager and managersearch 2023-01-31 12:42:46 -05:00
weslambert
cbf2bd1373 Remove OSQuery live query link 2023-01-31 10:59:17 -05:00
m0duspwnens
0ba193c7a4 allow docker_registry fw 2023-01-31 10:55:14 -05:00
m0duspwnens
e09a86dc30 2.4 searchnode es config 2023-01-31 10:54:40 -05:00
m0duspwnens
8dc7a9da9e add searchnode global vars 2023-01-31 10:52:35 -05:00
Doug Burks
a44d83d69b Improve Suricata DHCP parsing and dashboard 2023-01-31 08:33:38 -05:00
weslambert
0436f885b8 Set values for '@timestamp' and 'event.ingested' 2023-01-31 08:04:49 -05:00
Wes
5472f53c9f Remove bind mount and reference the correctly named entrypoint script 2023-01-30 21:24:30 +00:00
Wes
0156784687 Add EVTX integration policy for 'so-import-evtx' 2023-01-30 21:22:37 +00:00
Wes
cc100e50cd Update so-import-evtx to convert EVTX to a JSON file instead of streaming to Elasticsearch 2023-01-30 21:09:58 +00:00
weslambert
8240e5b20d Remove 'prospector.scanner' prefix from 'exclude_files' configuration 2023-01-27 16:46:43 -05:00
Doug Burks
b160d0add5 Fix typos in so-elastic-fleet-integration-policy-load 2023-01-27 15:45:58 -05:00
weslambert
68fac4488e Fix syntax for Zeek integration policies 2023-01-27 15:27:15 -05:00
weslambert
e47f64bd04 Change event.category from 'file' to 'network' 2023-01-27 12:00:30 -05:00
weslambert
f49627cec1 Update Zeek file exclusions and add a minor output formatting change 2023-01-27 11:47:14 -05:00
weslambert
6b251a2596 Change 'pipeline' to 'import.file' so that ICS tag conditional is applied to the correct field 2023-01-27 11:30:06 -05:00
weslambert
2772b03dca Change event.dataset value from 'tunnels' to 'tunnel' 2023-01-27 11:03:49 -05:00
weslambert
716ec7f936 Change event.dataset value from 'files' to 'file' 2023-01-27 11:02:44 -05:00
Doug Burks
86ca51ff99 Update to Elastic 8.6.1 2023-01-26 16:18:06 -05:00
Doug Burks
a27fc5c768 Update to Elastic 8.6.1 2023-01-26 16:17:36 -05:00