CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-06 09:12:45 +01:00
Code Issues Packages Projects Releases Wiki Activity
10,916 Commits 24 Branches 119 Tags
af85c6261be6b7b6b830ed4cb51f0c549150826c
Commit Graph

157 Commits

Author SHA1 Message Date
doug
7dcdcc18a5 fix so-common references 2023-01-04 14:28:47 -05:00
doug
a67a254edc update Copyright year 2023-01-04 12:44:18 -05:00
Jason Ertel
f06443f3dd add suricata to socore group 2022-12-05 09:57:24 -05:00
Jason Ertel
fe798138e3 add suricata to socore group 2022-12-05 09:50:35 -05:00
Mike Reeves
388486ec08 Update init.sls 2022-11-02 10:06:13 -04:00
Mike Reeves
cf8c6a6e94 Update defaults.yaml 2022-07-14 15:17:27 -04:00
m0duspwnens
53d6e1d30d simplfy 2022-05-26 11:51:17 -04:00
m0duspwnens
1bfde852f5 manage suricata classifications.config https://github.com/Security-Onion-Solutions/securityonion/issues/7918 2022-05-26 11:43:31 -04:00
m0duspwnens
53883e4ade manage suricata classifications.config https://github.com/Security-Onion-Solutions/securityonion/issues/7918 2022-05-26 11:40:33 -04:00
Doug Burks
db4f138a78 FIX: surilogcompress cron job not running 
The suricata user was originally created with `/opt/so/conf/suricata` as its home directory. I think at some point we changed permissions on `/opt/so/conf` and at that point the `surilogcompress` cron job stopped working. Changing the home directory to `/nsm/suricata` works on all of my PROD systems (including Ubuntu and CentOS).

For more information, please see:
https://github.com/Security-Onion-Solutions/securityonion/issues/7133
 2022-03-15 07:10:02 -04:00
Jason Ertel
eefcc929c2 Update copyright pattern to match other repos 2022-01-24 10:09:23 -05:00
Jason Ertel
7c22f46a55 Update copyright year for 2022 2022-01-24 09:35:29 -05:00
m0duspwnens
d7e5377a44 more requires 2021-10-22 16:46:45 -04:00
Josh Brower
4d307c53e8 Add support for disabling Zeek and Suricata 2021-09-17 13:01:50 -04:00
Mike Reeves
09165daab8 Several Suricata things 2021-07-21 09:10:33 -04:00
m0duspwnens
ebea9a7198 remove space 2021-06-16 08:07:28 -04:00
m0duspwnens
ad9441bb60 prevent suricata state from running on manager and managersearch https://github.com/Security-Onion-Solutions/securityonion/issues/2977 2021-06-16 08:06:26 -04:00
Mike Reeves
0a2d44131b Merge pull request #3939 from Security-Onion-Solutions/soupmkr 
send suricata compress to dev/null
 2021-04-21 18:00:03 -04:00
Mike Reeves
c337be8f4f send suricata compress to dev/null 2021-04-21 17:27:52 -04:00
bryant-treacle
f14df24ddc Update threading.map.jinja 2021-04-21 11:49:29 -04:00
m0duspwnens
e87fb013dc prevent salt warning - The 'file_mode' argument will be ignored. Please use 'mode' instead to set file permissions. 2021-03-19 16:21:18 -04:00
m0duspwnens
ec179f8e9b https://github.com/Security-Onion-Solutions/securityonion/issues/3515 2021-03-17 18:44:25 -04:00
doug
b4ad7e7359 FIX: Improve Suricata DHCP logging and parsing #3397 2021-03-11 11:01:51 -05:00
Jason Ertel
7222f1faa5 fix merge issue 2021-02-20 16:41:12 -05:00
Mike Reeves
b4b449aa14 Pull in Suricata changes 2021-02-19 11:01:15 -05:00
Josh Patterson
79e7b1da4d Merge pull request #3021 from Security-Onion-Solutions/issue/2989 
change suricata clean cron to run once a day
 2021-02-18 14:07:40 -05:00
m0duspwnens
03487c2a31 change suricata clean cron to run once a day 2021-02-18 14:06:45 -05:00
Josh Patterson
0ab9577863 Merge pull request #3018 from Security-Onion-Solutions/all_rules_dont_show_changes 
dont show changes since file can be large
 2021-02-18 12:23:54 -05:00
m0duspwnens
bf100a2310 dont show changes since file can be large 2021-02-18 12:23:22 -05:00
m0duspwnens
95df18c545 limit eve logs and gz files based on days 2021-02-18 10:45:20 -05:00
m0duspwnens
a4d5f58256 fix surilogcompress 2021-02-18 10:33:47 -05:00
m0duspwnens
74ca4487de ensure at least 2 eve files are kept https://github.com/Security-Onion-Solutions/securityonion/issues/2989 2021-02-18 09:51:40 -05:00
m0duspwnens
4b07d5e457 add identifier to eve clean cron 2021-02-18 09:39:54 -05:00
m0duspwnens
041d193f2d fix brackets 2021-02-18 09:37:37 -05:00
m0duspwnens
0bef8b6662 limit number of eve.json files for suricata https://github.com/Security-Onion-Solutions/securityonion/issues/2989 2021-02-18 09:26:59 -05:00
Masaya-A
995d618ff5 Add cron.absent to remove old cron job if present 2021-01-25 15:45:33 +09:00
William Wernert
59a4b148bc Merge branch 'dev' into logrotate-fix 2021-01-22 15:20:55 -05:00
Masaya-A
249651edc7 Delete suri-rotate.conf 2021-01-22 10:08:23 +09:00
Masaya-A
e0bbc8cc51 Delete surirotate 2021-01-22 10:08:07 +09:00
Masaya-A
bcdf826204 Update init.sls 2021-01-22 09:26:52 +09:00
m0duspwnens
b693373d8d change how we allow or disallow states to be run https://github.com/Security-Onion-Solutions/securityonion/issues/2679 2021-01-20 15:09:53 -05:00
Mike Reeves
1154b533d6 Remove ERSPAN so log doesn't show a warning 2021-01-05 13:56:56 -05:00
m0duspwnens
96b72d46be show steno,zeek,suricata as disabled in so-status on import node 2020-12-16 12:01:48 -05:00
William Wernert
c7c3d004ca [fix] More helix -> helixsensor 2020-12-15 14:01:19 -05:00
m0duspwnens
1fca5e65df redo how containers get added to so-status https://github.com/Security-Onion-Solutions/securityonion/issues/1681 2020-11-10 15:31:47 -05:00
weslambert
71a260a000 Match max-pending-packets size 2020-11-02 08:38:45 -05:00
m0duspwnens
34dfc809c7 handle thread count for suricata and default max-pending-packets to 5000 - https://github.com/Security-Onion-Solutions/securityonion/issues/1460 2020-10-06 13:57:50 -04:00
m0duspwnens
63884b73e1 enable suricata threshold-file and point to proper file - https://github.com/Security-Onion-Solutions/securityonion/issues/1441 2020-10-05 12:10:52 -04:00
Mike Reeves
0a0e00866c Upgrade Fun 2020-09-14 14:50:22 -04:00
m0duspwnens
09cc8ae1fb fail the state if it isnt in top 2020-09-09 16:48:50 -04:00