CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-06 09:12:45 +01:00
Code Issues Packages Projects Releases Wiki Activity
11,809 Commits 24 Branches 119 Tags
b2a2dc5aea98fe577460f25bb81e8d47373baec8
Commit Graph

26 Commits

Author SHA1 Message Date
m0duspwnens
64446f585c change #/bin/bash to #!/bin/bash 2023-03-28 11:55:47 -04:00
Josh Brower
bad905f54c SOC Logs & Hunt Query 2023-03-23 16:22:59 -04:00
weslambert
68380d7ecb Change data_stream.dataset from 'file' to 'strelka' 2023-03-22 11:02:38 -04:00
Josh Brower
df036206a8 Fix Kratos parsing 2023-03-20 16:53:25 -04:00
Josh Brower
5b9ff06a85 Setup Kibana default space 2023-03-19 09:17:12 -04:00
Josh Brower
d78128dbf4 Formatting 2023-03-16 13:11:12 -04:00
Josh Brower
a96473554d Add IDH log ingest 2023-03-16 12:56:04 -04:00
weslambert
d242050627 Disable loading of Kibana and Logstash logs for now since there are issues with the packages from the registry 2023-02-01 15:59:35 -05:00
Wes
0156784687 Add EVTX integration policy for 'so-import-evtx' 2023-01-30 21:22:37 +00:00
weslambert
8240e5b20d Remove 'prospector.scanner' prefix from 'exclude_files' configuration 2023-01-27 16:46:43 -05:00
Doug Burks
b160d0add5 Fix typos in so-elastic-fleet-integration-policy-load 2023-01-27 15:45:58 -05:00
weslambert
68fac4488e Fix syntax for Zeek integration policies 2023-01-27 15:27:15 -05:00
weslambert
e47f64bd04 Change event.category from 'file' to 'network' 2023-01-27 12:00:30 -05:00
weslambert
f49627cec1 Update Zeek file exclusions and add a minor output formatting change 2023-01-27 11:47:14 -05:00
weslambert
6b251a2596 Change 'pipeline' to 'import.file' so that ICS tag conditional is applied to the correct field 2023-01-27 11:30:06 -05:00
Wes
8051fc70eb Temporarily disable the loading of the RITA package policy 2023-01-26 16:03:59 +00:00
weslambert
7bf9d77962 Rename Kratos data stream 2023-01-25 08:18:21 -05:00
Wes
38ead7cb82 Remove import tag for now 2023-01-24 17:58:19 +00:00
Wes
1e5377c78a Condense RITA integration policies, add ICS tags, and improve output readability 2023-01-24 16:56:20 +00:00
Wes
7b4d8a47f0 Add copyright header to 'so-elastic-fleet-*' scripts 2023-01-24 15:07:00 +00:00
Wes
40c6b380df Update Import and Zeek integration policies; also update Zeek ingest node pipelines to set event.dataset. 2023-01-23 21:44:46 +00:00
Wes
0e437f84e7 Add back echo statement to print the import policy being loaded 2023-01-11 21:13:30 +00:00
Wes
ea01e68846 Fix Zeek import policies and remove unnecessary dash in RITAENABLED statement 2023-01-11 21:01:31 +00:00
weslambert
4391c22335 Move Suricata import policy definition so that it does not get caught in the for loop for Zeek policies 2023-01-11 12:23:50 -05:00
Wes
33e2affb1d Remove newlines from end of Syslog processor definitions 2023-01-11 14:08:28 +00:00
Wes
a146f1134e Add Elastic Agent utility scripts 2023-01-11 13:54:42 +00:00