CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-07 17:52:46 +01:00
Code Issues Packages Projects Releases Wiki Activity
7,230 Commits 24 Branches 119 Tags
b80dd1ef3eb0f34df9a1f5642f08ba8da36abe02
Commit Graph

237 Commits

Author SHA1 Message Date
Jason Ertel
44ad8ce888 Switch to the ES-included community_id plugin 2021-04-29 12:08:07 -04:00
Josh Brower
7cbeed985a Differentiate between event & ingest timestamp 2021-04-13 12:55:40 -04:00
Josh Brower
cf4de255ec Fix Wazuh WEL Shipping 2021-04-12 15:18:18 -04:00
Josh Brower
44c75122ed Update Sigmac mappings and config for IPs and ports 2021-03-16 09:05:35 -04:00
doug
adbc7436b6 FIX: Populate http.status_message field #3408 2021-03-11 16:42:20 -05:00
doug
b4ad7e7359 FIX: Improve Suricata DHCP logging and parsing #3397 2021-03-11 11:01:51 -05:00
Josh Brower
00da549430 Merge pull request #3358 from Security-Onion-Solutions/delta 
FEATURE: Initial support for viewing Osquery Live Query results in Hunt
 2021-03-09 09:18:57 -05:00
Mike Reeves
1ecb079066 Fix Kibana Script for loading dashboards 2021-03-08 17:36:07 -05:00
Josh Brower
fe8788c09a Merge remote-tracking branch 'remotes/origin/dev' into delta 2021-03-08 12:56:47 -05:00
Josh Brower
548f67ca6f Initial support for Live Queries in Hunt 2021-03-04 18:21:13 -05:00
Mike Reeves
c2b347e4bb Security Enable for only nodes and heavy 2021-03-04 10:52:01 -05:00
Mike Reeves
a0a8d12526 Enable SSL and Features 2021-03-04 10:08:28 -05:00
Mike Reeves
4de62c878c turn on elastic security 2021-03-03 12:51:29 -05:00
Mike Reeves
4f867e5375 Fix all scripts for ssl elastic 2021-03-03 10:02:23 -05:00
Mike Reeves
80574d3c20 Make https default for all things 2021-03-02 13:59:43 -05:00
Mike Reeves
3219f4cd12 Remove Features Option 2021-03-02 11:04:50 -05:00
doug
71c7ffae3e Improve support for Suricata metadata #2200 2021-02-22 13:49:29 -05:00
doug
bcce205430 Improve support for Suricata metadata #2200 2021-02-22 13:00:14 -05:00
doug
3467f30603 Improve support for Suricata metadata #2200 2021-02-22 10:27:24 -05:00
Mike Reeves
0ea29144a8 Merge pull request #3047 from Security-Onion-Solutions/surifile2 
Suricata as Meta Data, File Extraction, And Parsing changes
 2021-02-19 14:09:38 -05:00
Mike Reeves
b4b449aa14 Pull in Suricata changes 2021-02-19 11:01:15 -05:00
doug
88eb5b1d61 Update syslog ingest parser to accomodate pfSense filterlog changes #3033 2021-02-19 08:02:32 -05:00
Mike Reeves
160d307f4a Disable ML for features #2788 2021-01-30 20:00:41 -05:00
Mike Reeves
4212afe0c9 Add features option back 2021-01-30 19:57:18 -05:00
Josh Brower
13ab4c66eb Update Osquery Windows Eventlog Parsing 2021-01-27 09:15:54 -05:00
Mike Reeves
9f984036c5 Use the internmediate cert 2021-01-21 13:00:46 -05:00
Mike Reeves
b0914fa604 try .p12 2021-01-21 12:46:00 -05:00
Mike Reeves
9759990233 Switch to java key store 2021-01-21 12:29:45 -05:00
Mike Reeves
013b706ce4 Enable http ssl 2021-01-21 12:13:23 -05:00
Mike Reeves
84b75a38a3 Fix error in init.sls for ES 2021-01-21 11:21:04 -05:00
Mike Reeves
6de70ec820 Update docker mappings for ES 2021-01-21 11:12:12 -05:00
Mike Reeves
35c741ae63 Turn on Xpack SSL 2021-01-21 09:49:31 -05:00
Wes Lambert
875908dc90 Set @timestamp to winlog.systemTime 2021-01-06 16:47:35 +00:00
William Wernert
d670f96dc0 [fix] Exit on command failure in so-catrust 2020-12-16 11:07:00 -05:00
Doug Burks
7a314b5935 Prevent Wazuh "last -n 20" logs from going to Alerts queue #2321 2020-12-12 11:35:29 -05:00
Doug Burks
61ae187d03 revert previous commit #2321 2020-12-12 10:12:23 -05:00
Mike Reeves
b5ed973abd Merge pull request #2138 from OmerTirosh/OmerTirosh-fix-win.eventlog 
Fix Error: SO elasticsearch ingest failed to convert 'winlog.event_data.SubjectUserName' to 'user.name'
 2020-12-12 10:00:27 -05:00
Doug Burks
85aac4ad75 Prevent Wazuh "last -n 20" logs from going to Alerts queue #2321 2020-12-12 09:22:08 -05:00
Mike Reeves
cd6a945a24 Merge pull request #2298 from Security-Onion-Solutions/escluster 
Traditional ES Clustering Support
 2020-12-10 12:07:17 -05:00
TOoSmOotH
42833b2086 Make non clustered node attributes 2020-12-10 11:14:32 -05:00
TOoSmOotH
d9d7f49b96 Adjust elasticsearch.yml 2020-12-10 11:09:38 -05:00
Wes Lambert
f689722559 Add initial suricata.ftp_data pipeline 2020-12-10 14:14:50 +00:00
TOoSmOotH
af15f0eb38 remove ml node.role 2020-12-09 16:23:38 -05:00
Mike Reeves
30e69bf7b2 Merge branch 'escluster' into newescluster 2020-12-09 15:23:49 -05:00
Mike Reeves
94253e92a6 Adjust the elasticsearch config 2020-12-03 10:38:18 -05:00
weslambert
95570976a8 Add indices.query.bool.max_clause_count to allow for wildcard searches targeting more than 1024 fields 2020-12-03 09:29:44 -05:00
Mike Reeves
3e322c38eb Fix config for single cluster mode 2020-12-02 15:33:35 -05:00
Mike Reeves
d004263b71 Add Elastic Clustering 2020-12-02 14:33:22 -05:00
Mike Reeves
ddca9563e5 Merge branch 'mkrmerge' into escluster 2020-11-24 10:29:57 -05:00
OmerTirosh
e2ee0db727 Ignore failure for rename processor 
Ignore failure for winlog.event_data.SubjectUserName rename processor.
For some event ids (for example 4688), this field already been added in winlogbeat JS processor.
Therefor, elastic throw [user.name] already exists error.
 2020-11-24 17:21:47 +02:00