CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-06 09:12:45 +01:00
Code Issues Packages Projects Releases Wiki Activity
10,805 Commits 24 Branches 119 Tags
b1709f3ea3c829b9e3955c1d369d5e85eb88513f
Commit Graph

6426 Commits

Author SHA1 Message Date
Doug Burks
b1709f3ea3 Improve Firewall dashboard 2022-12-21 15:28:41 -05:00
Doug Burks
76a73ea35c Improve Software dashboard 2022-12-21 15:25:19 -05:00
Doug Burks
991a6ec43c Improve Intel dashboard 2022-12-21 15:19:54 -05:00
Doug Burks
e2c0607249 Improve FTP dashboard 2022-12-21 14:36:44 -05:00
Doug Burks
82c61e6bc9 improve NIDS Alerts dashboard 2022-12-21 14:32:05 -05:00
Doug Burks
37aa779095 Minor improvements 2022-12-21 13:14:38 -05:00
Doug Burks
9e631ad63d Improve SOC dashboards 2022-12-21 13:04:12 -05:00
Jason Ertel
87cebedc85 Backup the new Kratos location 2022-12-14 14:12:47 -05:00
Jason Ertel
e8a8f65ddc fix typo 2022-12-14 12:56:25 -05:00
Jason Ertel
a7a15117f0 Improve soup wording when the script itself needs updated 2022-12-14 12:03:47 -05:00
Jason Ertel
865ba4264b Stop backing up kratos since it now lives in /nsm. Ensure kratos is removed when re-installing. 2022-12-14 10:57:24 -05:00
Jason Ertel
6985b0ab27 Move kratos DB to /nsm 2022-12-14 10:50:24 -05:00
Mike Reeves
b0d934daf7 Update config.map.jinja 2022-12-13 13:52:13 -05:00
Doug Burks
aa08803f03 FIX: so-import utilities should hyperlink to dashboards #9373 2022-12-13 13:23:27 -05:00
Doug Burks
bb346d531d FIX: so-import utilities should hyperlink to dashboards #9373 2022-12-13 13:22:53 -05:00
Doug Burks
6c057d0b0a FIX: so-import utilities should hyperlink to dashboards #9373 2022-12-13 12:43:54 -05:00
Doug Burks
47e43e53d9 FIX: so-import utilities should hyperlink to dashboards #9373 2022-12-13 12:43:10 -05:00
Wes
98a1fb96c2 Add test coverage for empty list value 2022-12-13 16:23:16 +00:00
Wes
874bbd2580 Remove extra whitespace 2022-12-13 16:02:46 +00:00
Wes
90dedbb841 Update tests to account for change in 'file_path' value verification 2022-12-13 15:58:35 +00:00
Wes
df5dd5fe28 Use new list verification function for 'file_path' 2022-12-13 15:57:43 +00:00
Wes
d5ab455485 Add new test for list value verification function 2022-12-13 15:56:58 +00:00
Wes
20b79b7ab0 Add new function to verify list value 2022-12-13 15:56:26 +00:00
Jason Ertel
d7dd2d2ef8 Upgrade ES to 8.5.3 2022-12-12 13:43:28 -05:00
weslambert
f85fb5ecf9 Remove double quotes to fix issue with file path sourcing from 'localfile.py' 2022-12-08 16:35:24 -05:00
Jason Ertel
d48d473f43 Switch back to older style redirect due to incompatibility with Ub 18 2022-12-07 14:06:24 -05:00
Jason Ertel
225b7e359c Use original style due to pgrep conflict with cron 2022-12-07 11:53:42 -05:00
Jason Ertel
7b05627d5c Suricata support for filecheck; reduce cron noise 2022-12-07 07:58:32 -05:00
Mike Reeves
f0c3b876a9 Update init.sls 2022-12-06 13:35:03 -05:00
Mike Reeves
531423f49a Update init.sls 2022-12-06 13:25:03 -05:00
Jason Ertel
0dd2e51e83 Ensure Suricata move events get picked up 2022-12-06 11:39:58 -05:00
weslambert
8bb3b22993 Disable additional YARA rules there are causing compilation errors 2022-12-05 11:30:22 -05:00
Jason Ertel
69c5a9dd90 ensure tmp files are not processed 2022-12-05 10:31:09 -05:00
Jason Ertel
86c31c129a add suricata to socore group 2022-12-05 10:27:42 -05:00
Jason Ertel
483a9d477f undo filecheck location move 2022-12-05 10:15:15 -05:00
Jason Ertel
d7f60a0e58 only check files on inotify 2022-12-05 10:01:40 -05:00
Jason Ertel
f06443f3dd add suricata to socore group 2022-12-05 09:57:24 -05:00
Jason Ertel
fe798138e3 add suricata to socore group 2022-12-05 09:50:35 -05:00
Jason Ertel
e9bb60dedb fix filecheck for suricata deployments 2022-12-05 09:28:25 -05:00
Jason Ertel
992ced685f fix filecheck for suricata deployments 2022-12-05 09:27:31 -05:00
Jason Ertel
592bbf4217 fix filecheck for suricata deployments 2022-12-05 09:21:08 -05:00
Mike Reeves
a3f9859fdb Update init.sls 2022-12-02 09:38:13 -05:00
Doug Burks
7184b9cb25 disable ecat_arp_info by default in so-zeek-logs 2022-12-01 07:18:05 -05:00
weslambert
5988c12773 Change 'bsap.node.status.byte' to 'bsap.node.status_byte' 2022-11-30 13:01:30 -05:00
Mike Reeves
dc5f4ef942 Merge pull request #9253 from Security-Onion-Solutions/TOoSmOotH-patch-2 
Use shutil in case there are multiple filesystems involved.
 2022-11-30 11:04:30 -05:00
Mike Reeves
42cde0b6f0 Use shutil in case there are multiple filesystems involved. 2022-11-30 10:59:09 -05:00
Doug Burks
1279997ca9 update stun, tunnel, and wireguard dashboards in dashboards.queries.json 2022-11-30 10:59:00 -05:00
Wes
8f0547beda Change 'bsap.node.status_byte' to 'bsap.node_status_byte'. 2022-11-30 15:24:53 +00:00
Wes
6cb4c02200 More field updates 2022-11-30 15:22:02 +00:00
Wes
5d72f8d55a Additional field renames and updates 2022-11-30 15:01:41 +00:00