CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-07 17:52:46 +01:00
Code Issues Packages Projects Releases Wiki Activity
15,328 Commits 24 Branches 119 Tags
af5e7cd72cd05031ecee68b494cbab8cfee5c48d
Commit Graph

1806 Commits

Author SHA1 Message Date
Mike Reeves
9577c3f59d Make soup use reposync from the repo 2024-06-21 15:24:54 -04:00
reyesj2
4581a46529 Merge remote-tracking branch 'remotes/origin/2.4/dev' into reyesj2/kafka 2024-06-05 20:47:41 -04:00
m0duspwnens
ff5773c837 move so-tcpreplay back to common. return empty string if no sensor.interface pillar 2024-06-05 08:56:32 -04:00
m0duspwnens
a2467d0418 move so-tcpreplay to sensor state 2024-06-05 08:24:57 -04:00
m0duspwnens
c0b2cf7388 add the curlys 2024-06-04 10:28:21 -04:00
reyesj2
1fd5165079 Merge remote-tracking branch 'origin/2.4/dev' into reyesj2/kafka 
Signed-off-by: reyesj2 <94730068+reyesj2@users.noreply.github.com>
 2024-05-29 23:37:40 -04:00
m0duspwnens
b5f656ae58 dont render pillar each time so-tcpreplay runs 2024-05-23 13:22:22 -04:00
Jason Ertel
8ce19a93b9 exclude false positives related to detections 2024-05-21 13:29:20 -04:00
reyesj2
6fac6eebce Helper script for enrolling tpm into luks 
Signed-off-by: reyesj2 <94730068+reyesj2@users.noreply.github.com>
 2024-05-20 14:37:54 -04:00
reyesj2
34a5985311 Create tpm enrollment script 
Signed-off-by: reyesj2 <94730068+reyesj2@users.noreply.github.com>
 2024-05-16 21:14:57 -04:00
Jason Ertel
aa32eb9c0e Merge pull request #13025 from Security-Onion-Solutions/jertel/suridp 
exclude detect-parse errors
 2024-05-15 19:21:30 -04:00
Jason Ertel
4771810361 exclude detect-parse errors 2024-05-15 19:10:50 -04:00
m0duspwnens
1ef9509aac define local_salt_dir 2024-05-13 14:34:22 -04:00
m0duspwnens
eb03858230 missed one 2024-05-13 12:44:57 -04:00
m0duspwnens
2643da978b those functions in so-functions 2024-05-13 11:51:10 -04:00
m0duspwnens
649f52dac7 create_local_directories in soup too 2024-05-13 10:37:56 -04:00
Doug Burks
d120326cb9 Merge pull request #12999 from Security-Onion-Solutions/dougburks-patch-1 
FEATURE: Add more fields to the SOC Dashboards URL for so-import-pcap #12972
 2024-05-13 09:20:01 -04:00
Jason Ertel
dff2de4527 Merge pull request #12984 from Security-Onion-Solutions/jertel/testcy 
tests will retry on any rule import failure
 2024-05-09 15:50:37 -04:00
Jason Ertel
19e1aaa1a6 exclude detection rule errors 2024-05-09 15:45:33 -04:00
reyesj2
2ad87bf1fe merge 2.4/dev 
Signed-off-by: reyesj2 <94730068+reyesj2@users.noreply.github.com>
 2024-05-08 16:30:45 -04:00
Doug Burks
5b7b6e5fb8 FEATURE: Add more fields to the SOC Dashboards URL for so-import-pcap #12972 2024-05-08 14:00:23 -04:00
Doug Burks
5a5a1e86ac FIX: Adjust so-import-pcap so that suricata works when it is pcapengine #12969 2024-05-08 13:26:36 -04:00
reyesj2
e960ae66a3 Merge remote-tracking branch 'remotes/origin/2.4/dev' into reyesj2/kafka 2024-05-02 15:12:27 -04:00
DefensiveDepth
58ddd55123 Exclude yara runtime log 2024-04-23 07:28:07 -04:00
Doug Burks
8d9aae1983 FEATURE: Add queue=True to so-checkin so that it will wait for any running states #12815 2024-04-18 09:28:30 -04:00
m0duspwnens
e9e61ea2d8 Merge remote-tracking branch 'origin/2.4/dev' into kaffytaffy 2024-04-10 13:14:13 -04:00
Mike Reeves
21f86be8ee Update so-log-check 2024-04-05 08:03:42 -04:00
DefensiveDepth
1d221a574b Exclude Elastalert EQL errors 2024-04-04 06:48:25 -04:00
Jason Ertel
3e05c04aa1 Merge pull request #12731 from Security-Onion-Solutions/jertel/ana 
SOC Telemetry
 2024-04-03 14:51:41 -04:00
Mike Reeves
8889c974b8 Change code to allow for non root 2024-04-03 12:38:59 -04:00
Mike Reeves
c31e459c2b Change metrics reporting order 2024-04-03 11:06:00 -04:00
Jason Ertel
ca57c20691 suppress soup update output for cleaner console 2024-04-03 10:31:24 -04:00
Mike Reeves
0de1f76139 add agent count to reposync 2024-04-03 10:26:59 -04:00
m0duspwnens
4e142e0212 put alphabetical 2024-04-02 16:47:35 -04:00
m0duspwnens
c9bf1c86c6 Merge remote-tracking branch 'origin/reyesj2/kafka' into kaffytaffy 2024-04-02 16:40:47 -04:00
reyesj2
b032eed22a Update kafka to use manager docker registry 
Signed-off-by: reyesj2 <94730068+reyesj2@users.noreply.github.com>
 2024-04-02 16:34:06 -04:00
m0duspwnens
f7534a0ae3 make manager download so-kafka container 2024-04-02 16:01:12 -04:00
Jason Ertel
216b8c01bf disregard errors that in removed applications that occurred before the upgrade 2024-03-28 09:31:39 -04:00
DefensiveDepth
d7ecad4333 Initial cut to remove Playbook and deps 2024-03-25 19:42:31 -04:00
Jason Ertel
f889a089bf disregard benign telegraf error 2024-03-22 09:48:27 -04:00
Jason Ertel
40574982e4 unswap files 2024-03-07 14:25:43 -05:00
Jason Ertel
fffef9b621 gracefully handle status check failure on ubuntu 2024-03-07 12:31:51 -05:00
Jason Ertel
9f17bd2255 lks/fps 2024-01-24 11:17:32 -05:00
reyesj2
350b0df3bf Handle non-zero 
Signed-off-by: reyesj2 <94730068+reyesj2@users.noreply.github.com>
 2024-01-22 22:48:15 -05:00
reyesj2
07602076f1 Update telegraf script 
Signed-off-by: reyesj2 <94730068+reyesj2@users.noreply.github.com>
 2024-01-18 16:48:16 -05:00
reyesj2
caf4036dbf Update features check 
Signed-off-by: reyesj2 <94730068+reyesj2@users.noreply.github.com>
 2024-01-18 16:06:53 -05:00
reyesj2
739feb25a4 Add telegraf script to import featuresdetected 
Signed-off-by: reyesj2 <94730068+reyesj2@users.noreply.github.com>
 2024-01-17 15:55:00 -05:00
reyesj2
4e6924610d Add additional status checks to so-common-status-check for telegraf 
Signed-off-by: reyesj2 <94730068+reyesj2@users.noreply.github.com>
 2024-01-17 15:37:52 -05:00
m0duspwnens
8c1d1c95db check needs_restarting rework 2024-01-16 17:02:27 -05:00
Jason Ertel
47eea80d03 exempt transient license check errors 2024-01-10 09:07:17 -05:00