CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2026-04-25 14:07:49 +02:00
Code Issues Packages Projects Releases Wiki Activity
6,464 Commits 40 Branches 125 Tags
bdfec5176d99e663ccde2464610e69b5a37e7a45
Commit Graph

3672 Commits

Author SHA1 Message Date
William Wernert c73970620d [fix] Correct indent 2021-02-19 14:38:43 -05:00
William Wernert 34174a3290 Print relevant help if no/partial command passed 2021-02-19 14:34:32 -05:00
Mike Reeves 0ea29144a8 Merge pull request #3047 from Security-Onion-Solutions/surifile2 
Suricata as Meta Data, File Extraction, And Parsing changes
 2021-02-19 14:09:38 -05:00
Mike Reeves b4b449aa14 Pull in Suricata changes 2021-02-19 11:01:15 -05:00
William Wernert 4689e32ce4 Add sed for curly braces in minion pillars to soup 2021-02-19 10:18:06 -05:00
William Wernert 2184c6d59f [fix] Create dict value if it doesn't exist 2021-02-19 09:31:22 -05:00
William Wernert 9183c0a92c [feat] Initial so-rules script 
* Quote curly braces in minion pillar, need to add sed function in soup
 2021-02-19 09:24:12 -05:00
doug 88eb5b1d61 Update syslog ingest parser to accomodate pfSense filterlog changes #3033 2021-02-19 08:02:32 -05:00
Jason Ertel faa78c0e26 Salt doesn't like a name starting with a non alpha-numeric char. Switch back to long if/then format 2021-02-18 14:51:09 -05:00
Josh Patterson 79e7b1da4d Merge pull request #3021 from Security-Onion-Solutions/issue/2989 
change suricata clean cron to run once a day
 2021-02-18 14:07:40 -05:00
m0duspwnens 03487c2a31 change suricata clean cron to run once a day 2021-02-18 14:06:45 -05:00
Josh Patterson 0ab9577863 Merge pull request #3018 from Security-Onion-Solutions/all_rules_dont_show_changes 
dont show changes since file can be large
 2021-02-18 12:23:54 -05:00
m0duspwnens bf100a2310 dont show changes since file can be large 2021-02-18 12:23:22 -05:00
Josh Patterson 2092044335 Merge pull request #3017 from Security-Onion-Solutions/issue/1237 
load templates all the time
 2021-02-18 12:13:49 -05:00
m0duspwnens e730efb4ec load templates all the time 2021-02-18 12:12:18 -05:00
Josh Patterson 76cdc45fad Merge pull request #3016 from Security-Onion-Solutions/all_rules_dont_show_changes 
Don't show changes because all.rules can be large
 2021-02-18 12:00:08 -05:00
m0duspwnens 069997a65c Don't show changes because all.rules can be large 2021-02-18 11:56:25 -05:00
Jason Ertel 6f7bc650a0 Apply reserved ports if the existing file is 0 bytes 2021-02-18 11:20:13 -05:00
Josh Patterson a9da761fab Merge pull request #3012 from Security-Onion-Solutions/issue/2989 
Issue/2989
 2021-02-18 10:52:23 -05:00
m0duspwnens 95df18c545 limit eve logs and gz files based on days 2021-02-18 10:45:20 -05:00
m0duspwnens a4d5f58256 fix surilogcompress 2021-02-18 10:33:47 -05:00
Josh Patterson 3f7cdb933f Merge pull request #3010 from Security-Onion-Solutions/issue/2989 
Issue/2989
 2021-02-18 09:58:35 -05:00
m0duspwnens 74ca4487de ensure at least 2 eve files are kept https://github.com/Security-Onion-Solutions/securityonion/issues/2989 2021-02-18 09:51:40 -05:00
m0duspwnens 4b07d5e457 add identifier to eve clean cron 2021-02-18 09:39:54 -05:00
m0duspwnens 041d193f2d fix brackets 2021-02-18 09:37:37 -05:00
m0duspwnens 0bef8b6662 limit number of eve.json files for suricata https://github.com/Security-Onion-Solutions/securityonion/issues/2989 2021-02-18 09:26:59 -05:00
Josh Brower b5087b815a Merge pull request #3002 from Security-Onion-Solutions/feature/sigma-tweaks 
Update .security analyzer
 2021-02-17 16:38:22 -05:00
Josh Brower d2a74c80e2 Update .security analyzer 2021-02-17 16:37:31 -05:00
m0duspwnens 7a595df5b6 strelka logrotate - https://github.com/Security-Onion-Solutions/securityonion/issues/2736 2021-02-17 11:17:41 -05:00
m0duspwnens 2b07d89b5a error: /opt/so/conf/sensor-rotate.conf:8 unknown option 'endscript' -- ignoring line 2021-02-17 11:01:18 -05:00
m0duspwnens e6ae1af85f test rotating strelka log at 100k 2021-02-17 10:47:06 -05:00
Josh Patterson fddef1a6f4 Merge pull request #2985 from Security-Onion-Solutions/issue/2915 
remove old backup files
 2021-02-17 09:43:58 -05:00
Josh Patterson bec437c2cf Merge pull request #2984 from Security-Onion-Solutions/issue/2737 
Issue/2737
 2021-02-16 15:41:46 -05:00
Josh Patterson eb18ec552c Merge pull request #2980 from Security-Onion-Solutions/issue/2915 
Issue/2915
 2021-02-16 12:01:37 -05:00
doug fabe3c87f2 Hunt: improve Wazuh queries #2383 2021-02-16 11:56:14 -05:00
m0duspwnens 7099ed4bf5 delete many backup files 2021-02-16 11:55:49 -05:00
m0duspwnens 1ccc5480e1 remove oldest backup 2021-02-16 11:40:45 -05:00
doug 397d8d0964 Kibana 7.10.2 config changes #2954 2021-02-14 07:04:51 -05:00
doug 3248edea8b Update Kibana dashboard hyperlinks to new url format #2361 2021-02-12 17:25:42 -05:00
m0duspwnens 100601c452 only laod templates if they change https://github.com/Security-Onion-Solutions/securityonion/issues/1237 2021-02-12 16:03:45 -05:00
doug 31a0c2bc82 Update Kibana dashboard hyperlinks to new url format #2361 2021-02-12 15:37:25 -05:00
doug 797d2c4dba Kibana 7.10.2 config changes #2954 2021-02-12 15:35:06 -05:00
Doug Burks fd4cb0b7a8 Kibana 7.10.2 config changes #2954 2021-02-12 14:05:29 -05:00
Doug Burks c717773fc3 Kibana 7.10.2 config changes #2954 2021-02-12 14:04:00 -05:00
Josh Patterson a8598a50e4 Merge pull request #2953 from Security-Onion-Solutions/issue/2756 
remove /etc/yum.repos.d/salt-2019-2-5.repo if present
 2021-02-12 12:05:21 -05:00
m0duspwnens 3b0c2b3e91 remove /etc/yum.repos.d/salt-2019-2-5.repo if present https://github.com/Security-Onion-Solutions/securityonion/issues/2756 2021-02-12 12:04:08 -05:00
m0duspwnens 7e4d7a6985 drop icmp timestamp replies https://github.com/Security-Onion-Solutions/securityonion/issues/1704 2021-02-11 11:09:21 -05:00
m0duspwnens 3cfbc61f4e only save at the end 2021-02-10 11:15:39 -05:00
Mike Reeves 125f7d6262 add warm node action for hot/warm 2021-02-08 11:49:49 -05:00
Mike Reeves 5043b970ef Fix tar syntax 2021-02-06 19:14:44 -05:00