CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-15 21:52:47 +01:00
Code Issues Packages Projects Releases Wiki Activity
13,486 Commits 28 Branches 119 Tags
c4fea9cb9da5a5044ad1c7be9aeca417b4e6ab96
Commit Graph

8278 Commits

Author SHA1 Message Date
Mike Reeves
c4fea9cb9d Update nginx.conf 2023-09-27 11:03:58 -04:00
Jason Ertel
b47d915cb6 don't inspect imported zeek output 2023-09-27 09:30:19 -04:00
Jason Ertel
9c854a13cc skip zeek spool logs due to test data false positives 2023-09-26 21:41:44 -04:00
Jason Ertel
2c8d413f16 log check tool initial 2023-09-26 18:14:37 -04:00
Jason Ertel
48801da44e log check tool initial 2023-09-26 18:12:20 -04:00
m0duspwnens
036a21ff17 Merge remote-tracking branch 'origin/2.4/dev' into issue/11390 2023-09-26 11:01:44 -04:00
m0duspwnens
2abf434ebe create snapshots of default, local salt and pillars during soup. rsync soup with --delete 2023-09-26 10:56:20 -04:00
Wes
0bba68769b Make scan.pe.image_version type of 'float' 2023-09-26 14:05:12 +00:00
m0duspwnens
e25d1c0ff3 so-salt-minion-check is jinja template 2023-09-26 10:01:21 -04:00
weslambert
7cb9b5f257 Add the blank line that was removed from the previous commit 2023-09-25 14:41:20 -04:00
weslambert
c95af6b992 Add a note about testing analyzers outside of the Sensoroni Docker container 2023-09-25 14:39:33 -04:00
weslambert
2fc4d2923d Merge pull request #11289 from Security-Onion-Solutions/fix/elastic_agent_404 
/app/dashboards to /kibana/app/dashboards
 2023-09-25 09:11:50 -04:00
Wes
eeeae08ec8 /app/ to /app/dashboards/ 2023-09-21 18:39:06 +00:00
Jason Ertel
fa3a79a787 Update soup to prune in background 2023-09-21 09:41:44 -04:00
Doug Burks
3fa3f83007 Update soc_sensoroni.yaml 2023-09-20 08:22:52 -04:00
Wes
2e0ea3f374 Set final pipeline 2023-09-19 13:33:12 +00:00
Wes
508260bd46 Use event.created for timestamp 2023-09-19 13:32:03 +00:00
Wes
a1e963f834 Reverse timestamps where necessary 2023-09-19 13:28:20 +00:00
Wes
5bac1e4d15 Show correct dates and Kibana URL for already processed EVTX files 2023-09-18 21:31:15 +00:00
Jason Ertel
ad025b9683 Merge pull request #11345 from Security-Onion-Solutions/jertel/auto 
ensure all binds are present to avoid volume sprawl
 2023-09-18 15:34:57 -04:00
m0duspwnens
151e8bfc4e fix idstool extra_env for container 2023-09-18 15:21:45 -04:00
Jason Ertel
a914a02273 prune unused volumes during upgrade 2023-09-18 14:43:02 -04:00
Jason Ertel
bb3632d1b2 fix bind if statement 2023-09-18 14:38:15 -04:00
Jason Ertel
66bb1272ae avoid volume sprawl 2023-09-18 13:39:56 -04:00
Jason Ertel
bbef96ac25 use unique name 2023-09-18 12:12:57 -04:00
Jason Ertel
f9cbde10a6 avoid volume sprawl 2023-09-18 11:19:21 -04:00
weslambert
fe1bae96ed Merge pull request #11297 from Security-Onion-Solutions/fix/soc_idh 
Change description to indicate that opencanary modules only apply to IDH nodes
 2023-09-15 11:16:06 -04:00
Wes
98499c3963 Clean component template directory 2023-09-15 13:51:46 +00:00
defensivedepth
0c11a9b733 Add transform role 2023-09-14 09:33:17 -04:00
defensivedepth
59d077f3ff Fix regex 2023-09-14 08:32:17 -04:00
Mike Reeves
33d68478b6 Update so-minion 2023-09-13 11:48:16 -04:00
Mike Reeves
22c0323bda Update so-minion 2023-09-13 10:57:45 -04:00
Doug Burks
11b8e13418 FIX: SOC Config pcap doc links should point to steno docs #11302 2023-09-13 07:37:54 -04:00
m0duspwnens
30c3255cb2 dont manage sorules 2023-09-12 08:39:42 -04:00
Wes
35ebbc974c Change description to indicate that opencanary modules only apply to IDH nodes 2023-09-11 13:52:16 +00:00
Wes
f1d0db8171 /app to /kibana/app 2023-09-11 13:30:11 +00:00
m0duspwnens
e814a3409f fix rule location for rulecat.conf. run so-rule-update if rules change in /opt/so/rules/nids 2023-09-08 15:28:24 -04:00
m0duspwnens
8d269fee30 Merge remote-tracking branch 'origin/2.4/dev' into issue/11210 2023-09-07 15:46:25 -04:00
m0duspwnens
35157f2e8b add comment 2023-09-07 15:46:04 -04:00
m0duspwnens
60f1947eb4 prevent endgame_dict from being added to standard_actions if it is already present 2023-09-07 14:01:19 -04:00
m0duspwnens
ffaab4a1b4 only add endgame to action if it is populated 2023-09-06 14:19:53 -04:00
weslambert
70e1309c9f Merge pull request #11261 from Security-Onion-Solutions/fix/remove_default_templates 
Remove templates
 2023-09-06 10:57:09 -04:00
Jason Ertel
5c0045f9f8 Merge pull request #11256 from Security-Onion-Solutions/jertel/sod 
only ingest pfsense on sensor nodes
 2023-09-05 12:50:47 -04:00
Jason Ertel
b66be9c226 only ingest pfsense on sensor nodes 2023-09-05 12:46:49 -04:00
Josh Patterson
651393988a Merge pull request #11255 from Security-Onion-Solutions/issue/10975 
Issue/10975
 2023-09-05 11:57:58 -04:00
Wes
cf19c8f8c2 Remove templates 2023-09-05 13:43:41 +00:00
Mike Reeves
d2dcf7e7c1 Merge pull request #11241 from Security-Onion-Solutions/jertel/sod 2023-09-01 18:22:38 -04:00
m0duspwnens
07ed93de19 add elastic agent to desktop 2023-09-01 14:33:32 -04:00
Jason Ertel
8093e5ce7c use IP to avoid host issues 2023-09-01 13:01:17 -04:00
m0duspwnens
aebfb19ab7 add sostatus.sh to desktop for telegraf scripts 2023-09-01 12:05:28 -04:00