CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-12 20:22:59 +01:00
Code Issues Packages Projects Releases Wiki Activity
10,584 Commits 26 Branches 119 Tags
ae582caa5510208139de0fd7b4f035d640faad4a
Commit Graph

307 Commits

Author SHA1 Message Date
Doug Burks
ae582caa55 Add modbus_detailed to hunt.eventfields.json 2022-11-22 10:48:33 -05:00
Doug Burks
264ae2b9ac add enip to hunt.eventfields.json 2022-11-22 10:45:20 -05:00
Doug Burks
b522c9eea4 reorder fields in hunt.eventfields.json 2022-11-22 10:43:01 -05:00
Doug Burks
51cc047933 add cip to hunt.eventfields.json 2022-11-22 10:40:22 -05:00
Doug Burks
2a805ac1a6 Add tds entries to hunt.eventfields.json 2022-11-22 10:29:55 -05:00
Doug Burks
595f615ed9 Add ICS dashboard 2022-11-22 10:22:55 -05:00
Doug Burks
aa7c39d312 Add dashboards for stun, tds, and wireguard 2022-11-22 10:08:39 -05:00
doug
84b2fc9c17 FEATURE: Improve local copy of docs in SOC #9097 2022-11-08 16:26:09 -05:00
Doug Burks
f4042263a3 Remove destination_geo.organization_name from Sysmon Network sankey diagram 2022-10-13 08:59:10 -04:00
doug
454a7a4799 FEATURE: Add new Sysmon dashboards #8870 2022-10-07 11:52:49 -04:00
bryant-treacle
82dff3e9da Fix issues: 8591-8953 2022-08-30 13:48:53 +00:00
Doug Burks
32c29b28eb revert to lower case #8469 2022-08-11 15:33:30 -04:00
Doug Burks
7bf2603414 revert to lower case #8469 2022-08-11 15:32:49 -04:00
Doug Burks
4003876465 FIX: Fix TLP options in Cases to align with TLP 2.0 #8469 2022-08-11 08:49:54 -04:00
Doug Burks
4c677961c4 FIX: Fix TLP options in Cases to align with TLP 2.0 #8469 2022-08-11 08:49:25 -04:00
Doug Burks
4c1585f8d8 FIX: Display PCAP menu action on Dashboards page #8343 2022-07-29 14:50:10 -04:00
Doug Burks
94c637449d FIX: Improve default dashboards #8136 2022-06-21 12:53:06 -04:00
Doug Burks
dce415297c improve readability in motd.md 2022-06-04 06:59:09 -04:00
Doug Burks
de126647f8 Update motd.md to include links to Dashboards and Cases 2022-06-04 06:55:08 -04:00
Doug Burks
83bff5ee87 add bar and pie examples to overview dashboard in dashboards.queries.json 2022-06-03 15:02:40 -04:00
Doug Burks
4a886338c8 fix description field for default dashboard in dashboards.queries.json 2022-06-03 11:10:01 -04:00
Doug Burks
7da1802eae Add sankey diagram to default dashboard in dashboards.queries.json 2022-06-03 11:03:48 -04:00
Doug Burks
269b16bbfd https://github.com/Security-Onion-Solutions/securityonion/issues/8049 2022-05-31 16:51:05 -04:00
Doug Burks
cd382a1b25 FIX: Elastalert query in Hunt #8049 2022-05-31 16:50:32 -04:00
Doug Burks
e1c9b0d108 FIX: Elastalert query in Hunt #8049 2022-05-31 16:47:52 -04:00
Doug Burks
9a98667e85 FIX: Elastalert query in Hunt #8049 2022-05-31 16:47:11 -04:00
doug
5cbb50a781 update dashboards.queries.json and hunt.queries.json 2022-05-16 08:33:48 -04:00
Doug Burks
6ed3f42449 remove duplicate showSubtitle from hunt.queries.json 2022-05-12 09:23:00 -04:00
Jason Ertel
31c04aabdd Disable MRU queries on dashboards 2022-05-09 15:06:43 -04:00
Jason Ertel
3f35dc54d2 Disable actions on dashboards group-by tables 2022-05-09 11:44:39 -04:00
Jason Ertel
0786191fc9 Add dashboard ref to soc.json 2022-05-06 15:16:27 -04:00
Jason Ertel
105c95909c Dashboard queries 2022-05-04 19:32:06 -04:00
Jason Ertel
deb9b0e5ef Add analyze feature 2022-03-28 15:53:24 -04:00
Doug Burks
9bf0265cea Merge pull request #7566 from Security-Onion-Solutions/feature/hunt-soc-auth 
FEATURE: Add new Hunt query for SOC logins #7327
 2022-03-15 10:58:40 -04:00
Doug Burks
eec44a6b02 Add a SOC Auth query to hunt.queries.json 2022-03-15 10:38:46 -04:00
Doug Burks
d1e1887e36 Add support for Kratos audit logs in hunt.eventfields.json 2022-03-15 10:37:58 -04:00
Mike Reeves
9c80ff4f65 Remove hive from more files 2022-03-15 09:37:58 -04:00
Jason Ertel
5a28725def Add assignee to case list 2022-03-14 08:45:28 -04:00
weslambert
65f998d6f7 Remove process.name.keyword for future-proofing 2022-03-08 12:44:51 -05:00
weslambert
f71ccadb8a Change to label fields for Zeek syslog 2022-03-04 16:29:55 -05:00
Jason Ertel
14c587fca2 Add new abbreviated result limit param 2022-01-27 15:51:02 -05:00
Jason Ertel
eefcc929c2 Update copyright pattern to match other repos 2022-01-24 10:09:23 -05:00
Jason Ertel
a4d2807fbb Switch to httpcase for consistency 2022-01-24 09:45:07 -05:00
Jason Ertel
dc44a91398 Prefix all SO fields to avoid potential conflicts with future ECS changes 2022-01-19 14:26:22 -05:00
Jason Ertel
6b0b7245f0 Add default queries for cases to show user's assigned cases 2022-01-13 17:10:08 -05:00
Mike Reeves
1d94e3ac69 Fix some formatting 2022-01-12 09:38:22 -05:00
Jason Ertel
66c9e20c6a Add wilcards for CCS compatibility 2022-01-07 15:57:08 -05:00
Jason Ertel
9ef83da23f Add case exclusion toggle to Hunt to avoid hunt results getting case data hits unintentionally 2022-01-07 12:58:35 -05:00
Jason Ertel
4f8524e0ac Prevent PCAP action from showing up outside of hunt/alerts 2022-01-05 11:13:12 -05:00
Jason Ertel
4bfdfffe21 Switch soc.json to use lowercase labels in default queries; Also enable the 'Add Case' feature 2022-01-05 09:54:13 -05:00