CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-06 17:22:49 +01:00
Code Issues Packages Projects Releases Wiki Activity
9,214 Commits 24 Branches 119 Tags
b7a90a88f99f9654515dcb7d451540877d41f8e4
Commit Graph

534 Commits

Author SHA1 Message Date
Mike Reeves
b7a90a88f9 Merge pull request #6815 from Security-Onion-Solutions/esbackup 
Add ability to specify local backup dir
 2022-01-10 13:31:24 -05:00
weslambert
1c3eeb5a34 Fix typo -- replace period with comma 2022-01-10 13:29:06 -05:00
Mike Reeves
dbba7d7226 Add ability to specify local backup dir 2022-01-10 11:31:41 -05:00
Jason Ertel
d3656a7777 Merge branch 'dev' into kilo 2022-01-07 13:41:35 -05:00
Jason Ertel
391db568b0 Update field mappings based on Wes' feedback 2022-01-07 13:28:36 -05:00
weslambert
770e53d914 Add keyword subfield for event.severity_label 2022-01-07 11:21:57 -05:00
weslambert
c69e1353d9 Add event.severity_label 2022-01-07 11:19:54 -05:00
Josh Brower
5d4ea2ba3a Revert Wazuh parser update 2022-01-07 10:51:24 -05:00
weslambert
a7e7566532 Merge pull request #6780 from Security-Onion-Solutions/feature/datatype_compliance 
Initial commit for data type compliance
 2022-01-06 16:38:17 -05:00
Josh Brower
277c7f1ef8 Uppercase first char in Wazuh WEL 2022-01-06 14:58:50 -05:00
weslambert
900d12b556 Add logger stanza to suppress deprecation warning messages for now due to current system index access warning messages flooding the ES log 2022-01-06 10:35:50 -05:00
Josh Patterson
eaa6597cd7 Merge pull request #6773 from Security-Onion-Solutions/issue/6765 
Issue/6765
 2022-01-05 18:11:06 -05:00
weslambert
c1a88977cf Disable fielddata for _id field by default (since it is deprecated and can be memory-intensive) 2022-01-05 15:23:52 -05:00
m0duspwnens
0ff5e3cf6f require so-elasticsearch container to be running to run the scripts 2022-01-05 14:48:41 -05:00
Wes Lambert
b60837e71a Initial commit for data type compliance 2022-01-05 16:38:56 +00:00
Jason Ertel
e87cbc37a4 Add case template 2021-12-28 19:17:15 -05:00
Jason Ertel
9aeaa1fccc resolved merge conflicts 2021-12-21 09:35:57 -05:00
Jason Ertel
2c9062efb7 resolved merge conflicts 2021-12-21 09:34:39 -05:00
Jason Ertel
35617acaeb Update cacerts to reflect new path; this changed due to ES 7.16.2 2021-12-20 12:12:00 -05:00
Jason Ertel
6f116a2d01 Switch to new Ubuntu SSL dir 2021-12-20 09:43:59 -05:00
Jason Ertel
d6c651af1c Remove old patch dir from previously-patched installations 2021-12-20 09:42:27 -05:00
Jason Ertel
b8fcec04b8 Remove patched jar due to upgrade of Elastic images to 7.16.2 2021-12-20 09:27:03 -05:00
Mike Reeves
465ba1b7d3 Change CA certs location 2021-12-15 17:08:36 -05:00
Mike Reeves
61955b7928 Change CA certs location 2021-12-15 13:50:19 -05:00
Mike Reeves
7cd1b1c482 Remove some previous hotfix code 2021-12-15 12:26:53 -05:00
Jason Ertel
8365b5f140 Strip JndiLookup.class from log4j-core jars, to match Elastic's mitigation approach 2021-12-13 09:02:41 -05:00
Mike Reeves
3d7b963912 Update log4j2.properties 2021-12-10 14:16:16 -05:00
Mike Reeves
8dcb64d87c Update init.sls 2021-12-10 11:56:33 -05:00
Mike Reeves
ea26e402c8 Update log4j2.properties 2021-12-10 10:17:49 -05:00
Mike Reeves
f5761c73a5 Fix for the clustername used in wrong context 2021-12-02 15:30:35 -05:00
m0duspwnens
5945326817 soup for es ingest common and watch esingestdynamicconf for so-elastic docker 2021-11-16 14:00:41 -05:00
m0duspwnens
6bf4d5a576 https://github.com/Security-Onion-Solutions/securityonion/issues/6206 2021-11-12 11:37:55 -05:00
m0duspwnens
1890c7244a set elasticsearch:auth to persist through user pw change 2021-11-09 18:25:17 -05:00
m0duspwnens
a8c4ed7bbf set elasticsearch:auth:enabled True in auth pillar 2021-11-09 18:05:05 -05:00
m0duspwnens
91f54537d7 handle elasticsearch.auth state like kibana.secrets 2021-11-09 17:52:38 -05:00
weslambert
9301b8f5b9 Add dynamic conf to config change check 2021-11-09 15:56:52 -05:00
Wes Lambert
f80b70e008 Add config for dynamically formatted ingest pipelines 2021-11-09 20:07:53 +00:00
Wes Lambert
46d3eb452d Add ECS testing pipeline 2021-11-08 20:08:56 +00:00
Mike Reeves
dc07aba63d Update so-common-template.json.jinja 2021-11-03 13:50:31 -04:00
Mike Reeves
747f14d60e Make common template honor replicas 2021-11-03 13:11:38 -04:00
Josh Brower
2ba619144c Support non-WEL Beats 2021-11-02 08:23:29 -04:00
Mike Reeves
095e6bd48c Merge pull request #6044 from Burak-PLT/patch-1 
Update auth.sls
 2021-11-01 10:22:16 -04:00
Burak-PLT
f081938be5 Update auth.sls 
Change default password lengths to 72 characters from 20.
 2021-10-28 16:00:58 -04:00
m0duspwnens
0c679b62b2 Merge remote-tracking branch 'remotes/origin/dev' into issue/5955 2021-10-25 16:29:41 -04:00
m0duspwnens
451b19dc4d change from file to x509 2021-10-22 09:53:20 -04:00
m0duspwnens
f93c6146f5 docker binds requires 2021-10-21 15:24:55 -04:00
weslambert
77ee1db44c Add .keyword subfield for conflict fields 2021-10-21 12:56:03 -04:00
weslambert
59852841ff Add keyword subfield for event.module 2021-10-15 13:29:50 -04:00
Wes Lambert
e1629d7ec4 Initial EG stuff 2021-10-13 17:13:07 +00:00
Mike Reeves
2a82373051 highlander fixes 2021-10-08 09:32:13 -04:00