 Doug Burks
|
6c2437f8ef
|
FEATURE: Add Events table columns for event.module playbook #12703
|
2024-04-02 09:55:56 -04:00 |
|
|
Doug Burks
|
505eeea66a
|
Update defaults.yaml
|
2024-04-02 09:39:54 -04:00 |
|
 DefensiveDepth
|
7f488422b0
|
Add default columns
|
2024-04-02 09:13:27 -04:00 |
|
 Jason Ertel
|
9d2b40f366
|
Merge branch '2.4/dev' into jertel/ana
|
2024-04-01 09:50:38 -04:00 |
|
|
Jason Ertel
|
3aea2dec85
|
analytics
|
2024-04-01 09:50:18 -04:00 |
|
 Corey Ogburn
|
e5a3a54aea
|
Proper YAML
|
2024-03-29 14:31:43 -06:00 |
|
|
Doug Burks
|
b64ed5535e
|
FEATURE: Add individual dashboards for Zeek SSL and Suricata SSL logs #12699
|
2024-03-29 15:29:38 -04:00 |
|
|
Doug Burks
|
5be56703e9
|
Merge pull request #12698 from Security-Onion-Solutions/dougburks-patch-1
FEATURE: Add Events table columns for zeek ssl and suricata ssl #12697
|
2024-03-29 14:46:39 -04:00 |
|
|
Doug Burks
|
0c7ba62867
|
FEATURE: Add Events table columns for zeek ssl and suricata ssl #12697
|
2024-03-29 14:44:29 -04:00 |
|
|
Corey Ogburn
|
e747a4e3fe
|
New Settings for Manual Sync in Detections
|
2024-03-29 12:25:03 -06:00 |
|
|
Doug Burks
|
102c3271d1
|
FEATURE: Add process.command_line to Process Info and Process Ancestry dashboards #12694
|
2024-03-29 12:04:47 -04:00 |
|
|
Doug Burks
|
e2caf4668e
|
FEATURE: Add Events table columns for event.module elastic_agent #12666
|
2024-03-26 16:08:41 -04:00 |
|
|
Josh Brower
|
63a58efba4
|
Merge pull request #12656 from Security-Onion-Solutions/2.4/detections-fixes
Add bindings for sigma repos
|
2024-03-26 09:33:38 -04:00 |
|
|
DefensiveDepth
|
bbcd3116f7
|
Fixes
|
2024-03-26 09:31:46 -04:00 |
|
|
Josh Brower
|
9c12aa261e
|
Merge pull request #12660 from Security-Onion-Solutions/kilo
Initial cut to remove Playbook and deps
|
2024-03-26 08:31:11 -04:00 |
|
|
DefensiveDepth
|
cc0f4847ba
|
Casing and validation
|
2024-03-26 08:10:57 -04:00 |
|
|
DefensiveDepth
|
7c4ea8a58e
|
Add Detections SOC Config
|
2024-03-26 07:39:39 -04:00 |
|
|
Doug Burks
|
20bd9a9701
|
FEATURE: Include additional groupby fields in Dashboards relating to sankey diagrams #12657
|
2024-03-26 07:39:24 -04:00 |
|
|
DefensiveDepth
|
94ee761207
|
Remove Playbook ref
|
2024-03-25 21:11:47 -04:00 |
|
|
DefensiveDepth
|
d7ecad4333
|
Initial cut to remove Playbook and deps
|
2024-03-25 19:42:31 -04:00 |
|
|
DefensiveDepth
|
49fa800b2b
|
Add bindings for sigma repos
|
2024-03-25 14:45:50 -04:00 |
|
|
Josh Brower
|
b8d33ab983
|
Merge pull request #12639 from Security-Onion-Solutions/2.4/enable-detections
Enable Detections
|
2024-03-25 09:30:01 -04:00 |
|
|
Corey Ogburn
|
237946e916
|
Specify Folder in Rule Repo
|
2024-03-22 13:52:20 -06:00 |
|
|
Corey Ogburn
|
3d04d37030
|
Update ElastAlert Config with Default Repos
|
2024-03-22 13:52:20 -06:00 |
|
|
Doug Burks
|
a78a304d4f
|
FEATURE: Add event.dataset to all Events column layouts #12641
|
2024-03-22 13:19:31 -04:00 |
|
|
DefensiveDepth
|
5ca9ec4b17
|
Enable Detections
|
2024-03-22 10:12:26 -04:00 |
|
|
Doug Burks
|
2b019ec8fe
|
Merge pull request #12634 from Security-Onion-Solutions/dougburks-patch-1
FEATURE: Add Events column layout for event.module system #12628
|
2024-03-22 05:52:23 -04:00 |
|
|
DefensiveDepth
|
4a33234c34
|
Default update to 24 hours
|
2024-03-21 07:26:19 -04:00 |
|
|
Doug Burks
|
778997bed4
|
FEATURE: Add Events column layout for event.module system #12628
|
2024-03-20 17:07:37 -04:00 |
|
|
DefensiveDepth
|
d84af803a6
|
Enable Autoupdates
|
2024-03-20 08:48:31 -04:00 |
|
|
DefensiveDepth
|
020eb47026
|
Change Detections defaults
|
2024-03-19 13:53:37 -04:00 |
|
|
Jason Ertel
|
844cfe55cd
|
handle airgap when detections not enabled
|
2024-03-13 20:52:17 -04:00 |
|
|
Jason Ertel
|
927fe9039d
|
handle airgap when detections not enabled
|
2024-03-13 20:50:03 -04:00 |
|
 m0duspwnens
|
1a829190ac
|
remove modules if detections disabled
|
2024-03-13 09:46:44 -04:00 |
|
|
DefensiveDepth
|
61a183b7fc
|
Add regex defaults
|
2024-03-11 15:55:39 -04:00 |
|
|
Corey Ogburn
|
6f05c3976b
|
Updated RulesRepo for New Strelka Structure
|
2024-03-08 11:29:46 -07:00 |
|
 Jason Ertel
|
8f36a8a4b6
|
Merge pull request #12514 from Security-Onion-Solutions/jertel/annotations
detections annotations
|
2024-03-06 11:10:21 -05:00 |
|
|
Jason Ertel
|
1cbac11fae
|
detections annotations
|
2024-03-06 11:08:03 -05:00 |
|
|
Jason Ertel
|
167aff24f6
|
detections annotations
|
2024-03-06 11:03:52 -05:00 |
|
|
Josh Brower
|
9e671621db
|
Merge pull request #12510 from Security-Onion-Solutions/2.4/excludedetections
Add Exclusion toggle
|
2024-03-06 10:56:29 -05:00 |
|
|
Jason Ertel
|
0f12297f50
|
add new pcap annotations
|
2024-03-06 08:19:42 -05:00 |
|
|
Jason Ertel
|
12653eec8c
|
add new pcap annotations
|
2024-03-06 08:14:33 -05:00 |
|
|
Josh Brower
|
1b47537a3f
|
Add Exclusion toggle
|
2024-03-06 07:16:50 -05:00 |
|
|
Josh Brower
|
f3dce66f03
|
Merge pull request #12482 from Security-Onion-Solutions/2.4/sigma-pipeline
2.4/sigma pipeline
|
2024-03-01 15:29:13 -05:00 |
|
|
Josh Brower
|
d832158cc5
|
Drop Hashes field
|
2024-03-01 15:26:02 -05:00 |
|
|
Josh Brower
|
b017157d21
|
Add antivirus mapping
|
2024-03-01 14:04:56 -05:00 |
|
|
Josh Brower
|
59af547838
|
Fix download location
|
2024-02-27 09:49:54 -05:00 |
|
|
Josh Brower
|
c6baa4be1b
|
Airgap Support - Detections module
|
2024-02-26 16:19:32 -05:00 |
|
|
Doug Burks
|
52580fb8c4
|
Merge pull request #12434 from Security-Onion-Solutions/feature/improve-endpoint-columns
Add multiple endpoint features
|
2024-02-26 12:05:30 -05:00 |
|
|
Doug Burks
|
f8424f3dad
|
Update defaults.yaml
|
2024-02-26 11:22:09 -05:00 |
|