CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2026-04-25 14:07:49 +02:00
Code Issues Packages Projects Releases Wiki Activity
11,394 Commits 40 Branches 125 Tags
c20a7e6cf949a122eb87f6e3c9cbd589415ea74e
Commit Graph

49 Commits

Author SHA1 Message Date
Jason Ertel cd27ae89cc influx upgrade 2023-02-10 16:34:06 -05:00
Jason Ertel ea0c3db8e1 upgrade influxdb 2023-02-08 13:23:45 -05:00
Doug Burks a44d83d69b Improve Suricata DHCP parsing and dashboard 2023-01-31 08:33:38 -05:00
Jason Ertel 7b1f867ac3 Add defaults for auto extracted observables 2023-01-24 13:17:50 -05:00
Doug Burks 5754365c6d Improve default sysmon fields and add new network_connection fields 2023-01-04 07:42:24 -05:00
doug 4e5d1d587e update sysmon ingest parser and Sysmon File dashboard 2023-01-03 09:02:17 -05:00
Doug Burks 69415a0d8d Improve Strelka dashboard 2022-12-21 15:34:35 -05:00
Doug Burks 506556f0d2 Improve Firewall dashboard 2022-12-21 15:29:09 -05:00
Doug Burks d7b2c88201 Improve Software dashboard 2022-12-21 15:24:58 -05:00
Doug Burks 4519c533a2 Improve Intel dashboard 2022-12-21 15:20:27 -05:00
Doug Burks 3a367d69f4 Improve FTP dashboard 2022-12-21 14:37:17 -05:00
Doug Burks a4f1f75306 Improve NIDS Alerts dashboard 2022-12-21 14:33:01 -05:00
Doug Burks 3d1ce4ef10 Improve SOC dashboards 2022-12-21 13:26:04 -05:00
Jason Ertel b37697e95d Switch license key to single line to avoid multiline/list conflicts 2022-12-16 12:50:22 -05:00
Jason Ertel 7853d972b6 Set default key to empty string to ensure new keys are type aligned correctly 2022-12-15 18:31:47 -05:00
Jason Ertel f84ceca03e consolidate eventFields from hunt and dashbaords into a single setting 2022-12-15 14:22:23 -05:00
Doug Burks e1d200e6ce Remove duplicate TDS dashboard from defaults.yaml 2022-12-11 14:39:08 -05:00
Doug Burks 72f71ba695 Fix TDS dashboard in defaults.yaml 2022-12-11 14:36:27 -05:00
Doug Burks cb16bd36fb fix descriptions in defaults.yaml 2022-12-10 14:31:59 -05:00
Doug Burks cf7d8076e9 remove old Wazuh Hunt queries in defaults.yaml 2022-12-10 14:21:58 -05:00
Doug Burks cd664b2d39 remove old Modbus dashboard from defaults.yaml 2022-12-10 14:16:39 -05:00
Doug Burks 7f07a94a98 remove old DNP3 and Wazuh dashboards from defaults.yaml 2022-12-10 14:14:24 -05:00
Doug Burks 187ca4c453 Update soc defaults.yaml to include dnp3_control and dnp3_objects eventfields 2022-12-10 07:33:09 -05:00
weslambert a626acced0 Add new ICS/SCADA event fields to the dashboards section of the configuration and remove extra space in key names. 2022-12-06 13:11:55 -05:00
Wes 1b5c1fecd4 Revert SOC default 'alerts' event fields and specify additional event fields for ICS/SCADA events 2022-12-06 17:28:30 +00:00
Wes b048eec3c0 Add STUN, TDS, WireGuard, and ICS/SCADA dashboard queries 2022-12-06 17:17:49 +00:00
Wes f44eee134a Add default queries and ICS/SCADA queries 2022-12-06 16:52:20 +00:00
Jason Ertel 0ffef75d7b Move background jobs to cron 2022-11-17 09:50:41 -05:00
Doug Burks f6151b3895 Remove destination_geo.organization_name from Sysmon Network sankey diagram 2022-10-13 09:03:10 -04:00
doug d65fde9536 improve sysmon dashboards 2022-10-07 12:23:40 -04:00
Jason Ertel 30a23a4cd0 Add SOC annotations 2022-09-30 15:00:08 -04:00
Jason Ertel e519548557 add logLevel default and annotation for quick access to enabling debug logs 2022-09-27 16:55:28 -04:00
m0duspwnens 42b03ca6df add missing soc things 2022-09-27 09:53:48 -04:00
Doug Burks 0137004344 Fix releaseNotesUrl in defaults.yaml 2022-09-20 15:16:53 -04:00
Doug Burks df18f8f886 Merge pull request #8779 from Security-Onion-Solutions/2.4/dev 
2.4/dev
 2022-09-20 13:32:54 +00:00
Josh Brower 120fdef173 Hunt Query - Elastic Agent Live Osquery Logs 2022-09-20 08:27:47 -04:00
Josh Brower 3eb4adc5c3 Hunt Query - Elastic Agent Live Osquery Logs 2022-09-19 20:12:47 -04:00
Josh Brower b38804840d Merge pull request #8772 from Security-Onion-Solutions/2.4/grafana-ids 
Grafana SOC Redirect
 2022-09-19 16:02:41 -04:00
Josh Brower 80919827c6 Fixup index patterns 2022-09-19 15:55:23 -04:00
Josh Patterson 0367365225 Merge pull request #8773 from Security-Onion-Solutions/fix/soc2.4 
fix some soc defaults
 2022-09-19 15:54:25 -04:00
m0duspwnens 30afc88322 fix some soc defaults 2022-09-19 15:51:29 -04:00
Josh Brower ea7979cfdd Add Elastic Agent datastreams to SOC index 2022-09-19 15:33:15 -04:00
doug fdffac83e1 sysmon fix by bryant 2022-09-19 14:47:45 -04:00
Jason Ertel d1eb7ef849 Always use local docs 2022-09-13 14:23:50 -04:00
Josh Brower 9f99939bda Add links to tools menu 2022-09-12 09:28:10 -04:00
m0duspwnens 0f2e9764ab add saltPipe 2022-09-09 14:39:20 -04:00
m0duspwnens 5ccc103083 fix soc dashboards and things 2022-09-09 14:31:04 -04:00
m0duspwnens 5bb001281b soc defaults changes - client child of server 2022-09-08 15:57:18 -04:00
Mike Reeves 2bd9dd80e2 Move In Day 2022-09-07 09:06:25 -04:00