CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-09 02:32:46 +01:00
Code Issues Packages Projects Releases Wiki Activity
10,253 Commits 25 Branches 119 Tags
c00d33632aa96c3551283ad4c9f7f1a38c7f5dcc
Commit Graph

10253 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Mike Reeves
3ace55dfe5 Add initial analyst install code 2022-03-29 12:49:30 -04:00
Mike Reeves
102d2507cb Add initial analyst install code 2022-03-29 12:48:52 -04:00
Mike Reeves
0d23688aa0 Add initial analyst install code 2022-03-29 12:46:45 -04:00
Mike Reeves
80af497f95 Add initial analyst install code 2022-03-29 12:43:20 -04:00
Mike Reeves
990470a765 Add initial analyst install option to so-setup 2022-03-29 10:41:45 -04:00
Josh Patterson
f5095b273d Merge pull request #7665 from Security-Onion-Solutions/workstation_state 
Workstation state
 2022-03-29 10:27:07 -04:00
m0duspwnens
e3f3af52e1 fix spacing 2022-03-29 10:19:29 -04:00
m0duspwnens
2f489895ef top match and remove_gui state 2022-03-29 10:17:21 -04:00
weslambert
7f7eaf173b Merge pull request #7663 from Security-Onion-Solutions/fix/strelka_fw 
Add strelka_frontend to heavynode, sensor, and standalone role FW por…
 2022-03-28 16:14:25 -04:00
weslambert
6004dde54a Add strelka_frontend to heavynode, sensor, and standalone role FW portgroups 2022-03-28 16:05:07 -04:00
Jason Ertel
c23b87965f Merge branch 'dev' into kilo 2022-03-28 15:53:33 -04:00
Jason Ertel
deb9b0e5ef Add analyze feature 2022-03-28 15:53:24 -04:00
m0duspwnens
0ddfaf8d74 changes for workstation 2022-03-28 15:34:15 -04:00
weslambert
fb7160cba5 Merge pull request #7644 from Security-Onion-Solutions/fix/syslog_pr_adjustment 
Update with changes from Abe's PR and other fixes
 2022-03-25 13:59:20 -04:00
weslambert
e6599cd10e Update with changes from Abe's PR and other fixes 2022-03-25 13:57:44 -04:00
weslambert
c02d7fab50 Merge pull request #7636 from Security-Onion-Solutions/feature/rita 
Parsing of RITA Logs
 2022-03-24 13:05:22 -04:00
weslambert
fbc86f43ec Add exclude filter for logs for when there are no results from analysis 2022-03-24 13:03:03 -04:00
weslambert
4c93217aac Merge pull request #7635 from Security-Onion-Solutions/fix/process_mappings_keyword 
Additional .keyword shims for process mappings
 2022-03-24 12:53:16 -04:00
Wes Lambert
fe1b72655b Additional .keyword shims for process mappings 2022-03-24 16:45:06 +00:00
m0duspwnens
293de159db fix package names 2022-03-24 11:33:16 -04:00
m0duspwnens
7cfc52da8a fix include 2022-03-24 10:02:25 -04:00
m0duspwnens
a0841ee7a7 workstation state 2022-03-24 09:57:58 -04:00
weslambert
5160a55dcf Merge pull request #7629 from Security-Onion-Solutions/fix/roles_load_check_cluster_health 
Check ES cluster health before trying to load roles
 2022-03-23 11:07:24 -04:00
weslambert
1f2bca599f Check cluster health before trying to load roles for ES 2022-03-23 11:00:26 -04:00
Wes Lambert
8a56c88773 Adjust log file paths 2022-03-22 17:51:17 +00:00
Wes Lambert
57f01c70ec Remove extra forward slash in log path 2022-03-22 17:45:23 +00:00
Wes Lambert
2487d468ab Add RITA Elasticsearch ingest pipeline config 2022-03-22 17:38:22 +00:00
Wes Lambert
f613d8ad86 Add RITA Logstash config 2022-03-22 17:36:18 +00:00
weslambert
bb9d6673ec Fix casing 2022-03-21 12:38:50 -04:00
weslambert
9afa949623 Don't rotate Filebeat log on startup 2022-03-21 12:38:12 -04:00
weslambert
b2c26807a3 Add xpack.reporting.kibanaServer.hostname to defaults file 2022-03-21 09:30:25 -04:00
Wes Lambert
faeaa948c8 Remove extra Salt logic and clean up output format of resultant script 2022-03-19 04:31:48 +00:00
Wes Lambert
1a6ef0cc6b Re-enable FB module load 2022-03-19 03:55:40 +00:00
Wes Lambert
a18b38de4d Update so-filebeat-module-setup to use new load style to avoid having to explicitly enabled filesets 2022-03-19 03:54:41 +00:00
Wes Lambert
2e7d314650 Remove Cyberark module 2022-03-19 03:43:55 +00:00
Wes Lambert
c97847f0e2 Remove Threat Intel Recored Future fileset 2022-03-19 03:43:34 +00:00
Wes Lambert
59a2ac38f5 Disable FB module load for now 2022-03-18 22:12:09 +00:00
Wes Lambert
543bf9a7a7 Update Kibana version to 8 2022-03-18 22:07:21 +00:00
Wes Lambert
d111c08fb3 Update Curator commands with new Filebeat module variables 2022-03-18 21:45:33 +00:00
Doug Burks
a3f8a10eb9 Merge pull request #7608 from Security-Onion-Solutions/fix/telegraf-non-root 
FIX: Run telegraf as non-root #7468
 2022-03-18 15:17:28 -04:00
weslambert
a9ea99daa8 Switch from so_elastic user to so_kibana user for Elastic 8 2022-03-18 15:09:50 -04:00
weslambert
cb0d4acd57 Remove X-Pack ML entry for Elastic 8 2022-03-18 14:46:28 -04:00
Doug Burks
eda7a8d7ea FIX: Update telegraf influxdbsize.sh to collect influxdb size from influxdb_size.log #7468 2022-03-18 13:15:43 -04:00
Doug Burks
f7dc5588ae FIX: Update common init.sls to create cron job to write influxdb size for telegraf #7468 2022-03-18 13:13:46 -04:00
Doug Burks
c13994994b FIX: Update telegraf init.sls to run telegraf as non-root #7468 2022-03-18 13:11:56 -04:00
weslambert
e0374be4aa Update version from 7.16.2 to 8.1.0 for Kibana config 2022-03-18 11:57:33 -04:00
weslambert
6f294cc0c2 Change Kibana user role from superuser to kibana_system for Elastic 8 2022-03-18 11:54:08 -04:00
weslambert
5ec5b9a2ee Remove older module config files 2022-03-18 10:14:13 -04:00
weslambert
c659a443b0 Update from search.remote to cluster.remote for Elastic 8 2022-03-17 21:25:10 -04:00
weslambert
99430fddeb Update from search.remote to cluster.remote for Elastic 8 2022-03-17 21:24:39 -04:00