CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-06 09:12:45 +01:00
Code Issues Packages Projects Releases Wiki Activity
11,026 Commits 24 Branches 119 Tags
ba8f729976f08c6520db77caae4be3abdb751b5a
Commit Graph

11026 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Doug Burks
6f27c1b21e fix zeek logs in so-whiptail 2022-11-25 09:26:54 -05:00
Doug Burks
0afb20ffa8 fix ics entries in so-functions 2022-11-25 09:19:11 -05:00
Doug Burks
40688a6076 add Zeek software to so-functions 2022-11-25 07:36:41 -05:00
Doug Burks
9431bf1c2a add Zeek software log to so-whiptail 2022-11-25 07:28:48 -05:00
Doug Burks
9f5e75b302 add software to so-zeek-logs 2022-11-25 07:27:50 -05:00
Doug Burks
3f62cddc3b change . to _ 2022-11-23 12:21:12 -05:00
Doug Burks
085420997c move status_code before status_code.link_id 2022-11-23 12:11:04 -05:00
Doug Burks
723e145eeb Merge pull request #9221 from Security-Onion-Solutions/dougburks-patch-1 
fix descriptions
 2022-11-23 11:43:12 -05:00
Doug Burks
0a1d0d35c8 fix description 2022-11-23 11:33:31 -05:00
Doug Burks
9ee96f2280 fix description 2022-11-23 11:32:09 -05:00
Doug Burks
3871268c19 Merge pull request #9220 from Security-Onion-Solutions/fix/zeek-opcua-parsing 
fix zeek opcua pipelines
 2022-11-23 11:17:47 -05:00
doug
bc620b7def fix zeek opcua pipelines 2022-11-23 10:56:32 -05:00
Josh Brower
5950771003 Merge remote-tracking branch 'remotes/origin/dev' into idhskins 2022-11-22 18:04:38 -05:00
Josh Brower
7c8ce7899b Initial support for custom IDH http skins 2022-11-22 17:57:51 -05:00
Doug Burks
08d5f494ab Merge pull request #9208 from Security-Onion-Solutions/dougburks-patch-1 
Initial dashboards for stun, tds, wireguard, and ics
 2022-11-22 16:04:12 -05:00
weslambert
13827f3be5 Merge pull request #9209 from Security-Onion-Solutions/fix/add_missing_opcua_activate_session_pipelines 
Add Missing OPCUA Activate Session Pipelines
 2022-11-22 16:01:33 -05:00
weslambert
3a64362887 Remove extra space used during testing 2022-11-22 15:47:16 -05:00
Wes
e77a60bcbf Add missing OPCUA 'activate_session' pipelines 2022-11-22 20:44:48 +00:00
weslambert
e560edf493 Merge pull request #9206 from Security-Onion-Solutions/fix/ingest_typos 
Fix spelling of 'wireguard.responses' field name
 2022-11-22 15:35:55 -05:00
Doug Burks
7caf827b77 add ecat_aoe_info to hunt.eventfields.json 2022-11-22 13:33:06 -05:00
Doug Burks
f40ccb7eff add bacnet_discovery to hunt.eventfields.json 2022-11-22 13:27:26 -05:00
Doug Burks
e0cd550820 update ecat_arp_info in hunt.eventfields.json 2022-11-22 13:23:45 -05:00
Doug Burks
4e5106c863 update ecat_arp_info in hunt.eventfields.json 2022-11-22 13:21:33 -05:00
Doug Burks
5a107c63b8 add source.mac and destination.mac to dashboards.queries.json 2022-11-22 13:16:47 -05:00
Doug Burks
8a9a13865c add ecat_registers to hunt.eventfields.json 2022-11-22 13:12:24 -05:00
Doug Burks
9cd6273beb update ecat_log_address in hunt.eventfields.json 2022-11-22 13:10:46 -05:00
Doug Burks
724b26228c add ecat_log_address to hunt.eventfields.json 2022-11-22 13:09:27 -05:00
weslambert
3c054fd133 Fix spelling of 'wireguard.responses' field name 2022-11-22 13:02:43 -05:00
Doug Burks
24ee38369f add cotp to hunt.eventfields.json 2022-11-22 12:49:33 -05:00
weslambert
0bbe642d20 Merge pull request #9203 from Security-Onion-Solutions/fix/ics_ingest_field_names 
Fix ICS Ingest Field Names
 2022-11-22 12:30:10 -05:00
weslambert
8e17c23659 Fix format/speliing for 'enip.status_code' field name 2022-11-22 12:05:03 -05:00
weslambert
92170941f0 Fix spelling for 'stun.class' field name 2022-11-22 12:04:07 -05:00
Doug Burks
10ac789fbf add profinet_dce_rpc to hunt.eventfields.json 2022-11-22 11:08:24 -05:00
Doug Burks
db58a35562 add profinet to hunt.eventfields.json 2022-11-22 11:07:03 -05:00
Doug Burks
1ad7a0db59 add bacnet_property to hunt.eventfields.json 2022-11-22 11:05:26 -05:00
Doug Burks
af626fe3a1 add bacnet to hunt.eventfields.json 2022-11-22 11:03:45 -05:00
Doug Burks
073f5ed789 add dnp3_objects to hunt.eventfields.json 2022-11-22 11:02:21 -05:00
Doug Burks
bbcefea417 add s7comm_plus to hunt.eventfields.json 2022-11-22 10:58:42 -05:00
Doug Burks
73c282595d update dnp3 in hunt.eventfields.json 2022-11-22 10:57:06 -05:00
Doug Burks
07a53db09a add cip_identity to hunt.evenfields.json 2022-11-22 10:55:39 -05:00
Doug Burks
80e50fa7b4 add ecat_arp_info to hunt.eventfields.json 2022-11-22 10:53:48 -05:00
Doug Burks
84d333e915 add s7comm to hunt.eventfields.json 2022-11-22 10:51:06 -05:00
Doug Burks
ae582caa55 Add modbus_detailed to hunt.eventfields.json 2022-11-22 10:48:33 -05:00
Doug Burks
264ae2b9ac add enip to hunt.eventfields.json 2022-11-22 10:45:20 -05:00
Doug Burks
b522c9eea4 reorder fields in hunt.eventfields.json 2022-11-22 10:43:01 -05:00
Doug Burks
51cc047933 add cip to hunt.eventfields.json 2022-11-22 10:40:22 -05:00
Doug Burks
2a805ac1a6 Add tds entries to hunt.eventfields.json 2022-11-22 10:29:55 -05:00
Doug Burks
595f615ed9 Add ICS dashboard 2022-11-22 10:22:55 -05:00
Doug Burks
aa7c39d312 Add dashboards for stun, tds, and wireguard 2022-11-22 10:08:39 -05:00
weslambert
2170d498c5 Merge pull request #9195 from Security-Onion-Solutions/fix/missing_ics_pipelines 
Add COTP and TDS ingest pipelines
 2022-11-22 08:44:02 -05:00