CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2026-04-30 00:17:51 +02:00
Code Issues Packages Projects Releases Wiki Activity
10,070 Commits 46 Branches 125 Tags
bee4cf4c527a755442e69220bc7b75faae7be083
Commit Graph

5987 Commits

Author SHA1 Message Date
Josh Patterson b5ce8756e9 Merge pull request #7686 from Security-Onion-Solutions/workstation_state 
dont run workstation.trusted-ca if not connected to grid
 2022-04-01 11:06:53 -04:00
m0duspwnens e14463c0ab dont run workstation.trusted-ca if not connected to grid 2022-04-01 11:05:34 -04:00
Josh Patterson f71fcdaed7 salt 3004.1 2022-04-01 09:55:55 -04:00
Josh Patterson d95391505f Update minion.defaults.yaml 2022-04-01 09:55:03 -04:00
Jason Ertel 2dc370c8b6 Add source packages to salt state 2022-03-31 18:56:38 -04:00
Jason Ertel 57dc848792 Support analyzer deps 2022-03-31 16:48:13 -04:00
Jason Ertel 9947ba6e43 Support CentOS paths 2022-03-31 16:47:56 -04:00
Jason Ertel 48fbc2290f Add dep support for analyzers 2022-03-31 13:59:35 -04:00
m0duspwnens fc60f64ddb different systemd unit files for ubuntu and centos 2022-03-31 10:11:43 -04:00
Jason Ertel 1aba4da2bb Correct analyzer path 2022-03-30 21:01:07 -04:00
Jason Ertel 45f511caab Remove extra comma 2022-03-30 13:21:35 -04:00
Jason Ertel e667bb1e59 merge 2022-03-30 10:57:40 -04:00
m0duspwnens 7a4d93f09b run salt_minion_service state last to prevent salt-minion from restarting during state run 2022-03-29 15:44:05 -04:00
Jason Ertel b2a96fab7e merge 2022-03-29 14:07:20 -04:00
Jason Ertel d2bf6d5618 Add build script to help pre-validate analyzers before pushing 2022-03-29 14:04:23 -04:00
Jason Ertel 484ef4bc31 Ensure generated python files are not pushed to version control 2022-03-29 13:51:12 -04:00
Jason Ertel cb491630ae Analyzer CI 2022-03-29 13:40:56 -04:00
Jason Ertel 0a8d24a225 Add automated CI for analyzers 2022-03-29 13:10:04 -04:00
Josh Patterson f5095b273d Merge pull request #7665 from Security-Onion-Solutions/workstation_state 
Workstation state
 2022-03-29 10:27:07 -04:00
m0duspwnens e3f3af52e1 fix spacing 2022-03-29 10:19:29 -04:00
m0duspwnens 2f489895ef top match and remove_gui state 2022-03-29 10:17:21 -04:00
weslambert 6004dde54a Add strelka_frontend to heavynode, sensor, and standalone role FW portgroups 2022-03-28 16:05:07 -04:00
Jason Ertel c23b87965f Merge branch 'dev' into kilo 2022-03-28 15:53:33 -04:00
Jason Ertel deb9b0e5ef Add analyze feature 2022-03-28 15:53:24 -04:00
m0duspwnens 0ddfaf8d74 changes for workstation 2022-03-28 15:34:15 -04:00
weslambert e6599cd10e Update with changes from Abe's PR and other fixes 2022-03-25 13:57:44 -04:00
weslambert c02d7fab50 Merge pull request #7636 from Security-Onion-Solutions/feature/rita 
Parsing of RITA Logs
 2022-03-24 13:05:22 -04:00
weslambert fbc86f43ec Add exclude filter for logs for when there are no results from analysis 2022-03-24 13:03:03 -04:00
Wes Lambert fe1b72655b Additional .keyword shims for process mappings 2022-03-24 16:45:06 +00:00
m0duspwnens 293de159db fix package names 2022-03-24 11:33:16 -04:00
m0duspwnens 7cfc52da8a fix include 2022-03-24 10:02:25 -04:00
m0duspwnens a0841ee7a7 workstation state 2022-03-24 09:57:58 -04:00
weslambert 1f2bca599f Check cluster health before trying to load roles for ES 2022-03-23 11:00:26 -04:00
Wes Lambert 8a56c88773 Adjust log file paths 2022-03-22 17:51:17 +00:00
Wes Lambert 57f01c70ec Remove extra forward slash in log path 2022-03-22 17:45:23 +00:00
Wes Lambert 2487d468ab Add RITA Elasticsearch ingest pipeline config 2022-03-22 17:38:22 +00:00
Wes Lambert f613d8ad86 Add RITA Logstash config 2022-03-22 17:36:18 +00:00
Doug Burks eda7a8d7ea FIX: Update telegraf influxdbsize.sh to collect influxdb size from influxdb_size.log #7468 2022-03-18 13:15:43 -04:00
Doug Burks f7dc5588ae FIX: Update common init.sls to create cron job to write influxdb size for telegraf #7468 2022-03-18 13:13:46 -04:00
Doug Burks c13994994b FIX: Update telegraf init.sls to run telegraf as non-root #7468 2022-03-18 13:11:56 -04:00
Doug Burks e65f2a5513 FIX: Prevent multiple instances of so-sensor-clean #6622 2022-03-16 13:28:39 -04:00
Doug Burks e56f90d83c FIX: Prevent multiple instances of so-playbook-sync #6622 2022-03-16 13:27:37 -04:00
weslambert aaded58131 Merge pull request #7565 from Security-Onion-Solutions/fix/es_template_fix 
Custom ES template fixes
 2022-03-15 11:09:46 -04:00
Doug Burks 9bf0265cea Merge pull request #7566 from Security-Onion-Solutions/feature/hunt-soc-auth 
FEATURE: Add new Hunt query for SOC logins #7327
 2022-03-15 10:58:40 -04:00
Mike Reeves e01c1398d5 Merge pull request #7564 from Security-Onion-Solutions/removethehive 
Removethehive
 2022-03-15 10:56:08 -04:00
Wes Lambert 42d6c3a956 Replace Elastic connection check using ELASTICCURL with so-elasticsearch-query 2022-03-15 14:55:04 +00:00
Doug Burks eec44a6b02 Add a SOC Auth query to hunt.queries.json 2022-03-15 10:38:46 -04:00
Doug Burks d1e1887e36 Add support for Kratos audit logs in hunt.eventfields.json 2022-03-15 10:37:58 -04:00
Wes Lambert 5f56c7a261 Replace ELASTICCURL with so-elasticsearch-query 2022-03-15 14:32:00 +00:00
weslambert d46620ea2a Merge pull request #7561 from Security-Onion-Solutions/es_template_map_fix 
Custom ES Template Fixes
 2022-03-15 10:01:42 -04:00