CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-06 17:22:49 +01:00
Code Issues Packages Projects Releases Wiki Activity
17,451 Commits 24 Branches 119 Tags
c4a70b540ebe17a99efd388c53094656bccf4cdf
Commit Graph

82 Commits

Author SHA1 Message Date
reyesj2
2baf2478da add additional elasticsearch log output in json format for elasticsearch log integration to parse 2025-10-14 12:47:03 -05:00
reyesj2
7af95317db es upgrade 8.18.8 pipeline updates 2025-10-06 16:23:22 -05:00
reyesj2
0606c0a454 agent monitor template & dataset name update 2025-09-12 14:26:22 -05:00
reyesj2
a7651b2734 lower filestream fingerprint length 2025-09-11 14:30:49 -05:00
reyesj2
8f36d2ec00 update log file name 2025-09-09 15:38:50 -05:00
reyesj2
1a32a0897c Merge remote-tracking branch 'origin/2.4/dev' into reyesj2/ea-alerter 2025-09-02 17:11:21 -05:00
reyesj2
e26310d172 elastic agent offline alerter 
Signed-off-by: reyesj2 <94730068+reyesj2@users.noreply.github.com>
 2025-09-02 17:00:03 -05:00
reyesj2
a5675a79fe es 8.18.6 pipeline upd 2025-08-28 19:45:17 -05:00
reyesj2
e8c25d157f drop empty ip fields when its a opencanary startup log (1001) to prevent elasticsearch doc ingest error 2025-07-23 15:52:50 -05:00
reyesj2
2e5682f11c 8.18.4 import evtx pipelines 2025-07-23 09:53:04 -05:00
reyesj2
a4e8e7ea53 update syslog-tcp-514 policy 2025-07-10 13:12:26 -05:00
reyesj2
d846fe55e1 typos 2025-07-09 15:40:36 -05:00
Jorge Reyes
3b2942651e Update salt/elasticfleet/files/integrations/elastic-defend/elastic-defend-endpoints.json 2025-07-09 15:14:24 -05:00
reyesj2
33e2d18aa7 endpoint policy update 2025-07-09 13:59:01 -05:00
reyesj2
bef2fa9e8d 8.18.3 pipeline updates 2025-07-08 16:09:16 -05:00
Josh Brower
5fd7bf311d Add fallback 2025-04-15 13:57:55 -04:00
Josh Brower
152fdaa7bb Support Kratos user.name lookup 2025-04-15 11:40:43 -04:00
Josh Brower
4cdfb6e3eb Fix comma 2025-04-11 07:49:35 -04:00
Josh Brower
f94c81a041 Extract log level and drop INFO level 2025-04-11 07:45:12 -04:00
reyesj2
11dc004811 ES 8.17.3 2025-03-04 14:24:38 -06:00
Jorge Reyes
fc12b1f09b Merge pull request #14272 from Security-Onion-Solutions/reyesj2-patch-1 
ES 8.17.2 pipeline version updates
 2025-02-20 17:32:20 -06:00
reyesj2
69b559fb26 ES 8.17.2 pipeline version updates 2025-02-20 17:11:28 -06:00
Josh Brower
c6d72d31cb Update Elastic Defend JSON 2025-02-19 16:16:38 -05:00
reyesj2
21ed1439e2 update udp integration policy 2025-02-18 10:40:18 -06:00
Josh Brower
97a3f130c8 Update Elastic 2025-01-23 15:32:39 -05:00
Josh Brower
9738ef382c Upgrade Elastic to 8.17.1 2025-01-23 08:12:02 -05:00
Jason Ertel
57a9992a3d Merge branch '2.4/dev' into jertel/wip 2024-11-11 10:06:44 -05:00
defensivedepth
4c5099d429 Initial support for local lookup 2024-10-29 10:27:54 -04:00
Jason Ertel
523ff66389 connect work 2024-10-16 13:44:01 -04:00
defensivedepth
ef003ffbb5 Refactor 2024-09-23 12:55:07 -04:00
defensivedepth
074cc8e6ff Initial commit 2024-09-20 11:58:21 -04:00
weslambert
af80a78406 Update pipeline version 2024-08-27 13:08:35 -04:00
DefensiveDepth
0a5725a62e Refactor for Elastic Upgrade 2024-08-23 11:36:47 -04:00
DefensiveDepth
e3ecc9d4be Directly manage the Fleet Server integration config 2024-08-20 15:06:16 -04:00
weslambert
3fa6c72620 Fix name change 2024-07-30 15:45:55 -04:00
weslambert
9594e4115c Elastic 8.14.3 2024-07-30 12:47:56 -04:00
weslambert
201e14f287 Elastic 8.14.3 2024-07-30 12:46:42 -04:00
weslambert
fe1824aedd Revert "Elastic 8.14.2" 2024-07-15 11:28:59 -04:00
weslambert
4d499be1a8 Change name 2024-07-02 08:47:29 -04:00
weslambert
847638442b Elastic 8.14.1 2024-06-27 10:48:28 -04:00
weslambert
feee80cad9 Revert back to 8.10.4 2024-06-27 09:01:55 -04:00
weslambert
abdfbba32a Elastic 8.14.1 2024-06-26 14:06:24 -04:00
DefensiveDepth
3c3ed8b5c5 Add runtime status logs 2024-04-24 16:33:47 -04:00
reyesj2
55cf90f477 merge 2.4/dev 
Signed-off-by: reyesj2 <94730068+reyesj2@users.noreply.github.com>
 2024-04-11 14:44:59 -04:00
DefensiveDepth
376efab40c Ship Defender logs 2024-04-08 14:01:38 -04:00
reyesj2
000d15a53c Kismet integration: TODO Elasticsearch mappings 
Signed-off-by: reyesj2 <94730068+reyesj2@users.noreply.github.com>
 2024-03-29 13:56:01 -04:00
Wes
5542db0aac Leave package version null 2024-01-22 21:07:46 +00:00
Wes
b08db3e05a Add RITA policy 2024-01-22 20:16:43 +00:00
Wes
22fcccef1c Add force option 2023-12-14 16:53:19 +00:00
Jonathan Race
ece3c367b5 Update import-evtx-logs.json 
version updates to match 2.4 release pipelines
 2023-11-29 09:20:37 -05:00