CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-07 09:42:46 +01:00
Code Issues Packages Projects Releases Wiki Activity
3,324 Commits 24 Branches 119 Tags
c5d638193377e28d34a245613992f40f62a6f547
Commit Graph

119 Commits

Author SHA1 Message Date
Mike Reeves
c5d6381933 SMTP for suricata 2020-06-03 11:16:43 -04:00
Mike Reeves
126d1598ee SNMP for suricata 2020-06-03 11:03:23 -04:00
Mike Reeves
25aae21cf6 Trying to get decoded packet 2020-06-02 15:06:39 -04:00
Mike Reeves
b507b87871 Trying to get decoded packet 2020-06-02 14:49:07 -04:00
Mike Reeves
fb68506418 Add mor suricata ingest parser types 2020-06-02 14:42:15 -04:00
Mike Reeves
3096d8d988 Add mor suricata ingest parser types 2020-06-02 14:34:38 -04:00
Mike Reeves
0ea2252b5b Add Suricata Flow pipeline 2020-06-02 13:40:46 -04:00
Mike Reeves
617f60d472 Fix Syntax 2020-06-02 12:01:26 -04:00
Mike Reeves
e63f39a9c4 Rename dataset 2020-06-02 11:58:14 -04:00
Mike Reeves
d47acd1d80 Change suricata to hit suricata.common 2020-06-02 11:41:13 -04:00
Wes Lambert
51f5d64ef6 Rename tunnel_parents 2020-06-01 13:51:32 +00:00
Wes Lambert
d7ce3d4719 fix naming of uid field for tunnel 2020-06-01 12:52:57 +00:00
Wes Lambert
4059121dd6 fix framed_addr field 2020-05-29 11:55:18 +00:00
Wes Lambert
d2b93d531e Basic syslog config 2020-05-28 12:36:29 +00:00
Josh Brower
8723f8785e osquery pipeline fix and fail state if errors 2020-05-26 13:05:56 -04:00
Wes Lambert
0e51ab41cf Update ES watermark settings 2020-05-26 14:18:58 +00:00
Josh Brower
56f5fbdf6b Ingest pipeline commid fix for conn logs 2020-05-22 17:11:08 -04:00
Josh Brower
bff86ea802 zeek.common ingest parser fix 2020-05-21 14:35:25 -04:00
Josh Brower
c74ace89ba Initial support - Ingest community_id 2020-05-21 14:34:00 -04:00
Doug Burks
29420da565 Only process zeek.dns.tld if dns.query.name contains a dot #734 
https://github.com/Security-Onion-Solutions/securityonion-saltstack/issues/734
 2020-05-19 10:08:30 -04:00
Doug Burks
9cc750a90f fix dns tld failures 2020-05-18 08:32:37 -04:00
Mike Reeves
329a030585 Merge remote-tracking branch 'remotes/origin/dev' into issue/140 2020-05-17 09:38:30 -04:00
Wes Lambert
4b91ade2e8 fix message_types one more time :) 2020-05-16 15:03:27 +00:00
Wes Lambert
9845ee189c fix message_types for real 2020-05-16 15:02:41 +00:00
Wes Lambert
6a2ddd4ef6 move to DNS 2020-05-16 14:58:51 +00:00
Wes Lambert
66c89abbc6 Fix DHCP message types 2020-05-16 14:58:06 +00:00
m0duspwnens
6c7f487a3e Merge remote-tracking branch 'remotes/origin/dev' into issue/140 2020-05-15 19:43:18 -04:00
Doug Burks
cc7a244d0b Create zeek.dns.tld 
https://github.com/Security-Onion-Solutions/securityonion-saltstack/issues/599
 2020-05-15 15:32:25 -04:00
Doug Burks
60d2a0818b Add to zeek.dns and have it send to zeek.dns.tld 
https://github.com/Security-Onion-Solutions/securityonion-saltstack/issues/599
 2020-05-15 15:31:17 -04:00
m0duspwnens
4e63477b98 Merge remote-tracking branch 'remotes/origin/dev' into issue/140 2020-05-15 15:21:03 -04:00
Josh Brower
e02bf2ebb5 Merge branch 'dev' of https://github.com/Security-Onion-Solutions/securityonion-saltstack into dev 2020-05-15 15:05:47 -04:00
Josh Brower
9d4536dcbe osquery ingest parsing update 2020-05-15 15:05:21 -04:00
Doug Burks
fc883745e5 add fields to conn log 
https://github.com/Security-Onion-Solutions/securityonion-saltstack/issues/599
 2020-05-15 15:02:02 -04:00
Doug Burks
58d59c6844 use null safe operator for source.port and destination.port 
https://github.com/Security-Onion-Solutions/securityonion-saltstack/issues/594
 2020-05-15 14:58:21 -04:00
Wes Lambert
03805bd6e2 remove type field 2020-05-15 18:29:49 +00:00
Wes Lambert
5d5f5cf105 update DCE/RPC parsing 2020-05-15 18:19:05 +00:00
m0duspwnens
f4db261baf change elif - https://github.com/Security-Onion-Solutions/securityonion-saltstack/issues/140 2020-05-15 10:57:25 -04:00
m0duspwnens
fdae84bb74 remove = in - https://github.com/Security-Onion-Solutions/securityonion-saltstack/issues/140 2020-05-15 10:56:16 -04:00
m0duspwnens
509188092c adding so-standalone state logic, add zeek pillar to so-standalone - https://github.com/Security-Onion-Solutions/securityonion-saltstack/issues/140 2020-05-15 10:02:25 -04:00
m0duspwnens
7f464af5fa run so-elasticsearch-pipelines only on changes - https://github.com/Security-Onion-Solutions/securityonion-saltstack/issues/682 2020-05-14 13:39:19 -04:00
Josh Brower
abd907fee1 Merge pull request #659 from Security-Onion-Solutions/bugfix/nids-parsing-alerting 
suricata parsing
 2020-05-12 14:07:51 -04:00
Josh Brower
62bec93190 suricata parsing 2020-05-12 14:04:02 -04:00
Mike Reeves
0b7568e08f Update soc.json with default search info 2020-05-12 13:57:40 -04:00
m0duspwnens
766b56a944 update dockers to 1.2.2 2020-04-23 10:11:26 -04:00
Josh Brower
6332509a33 osquery pipeline fix 2020-04-15 20:22:54 -04:00
Mike Reeves
d9e27a5444 Update Versions 2020-04-15 15:37:59 -04:00
Wes Lambert
59787a6532 update parsing for Zeek files 2020-04-14 13:08:31 +00:00
Josh Brower
634100318e osquery ingest ecs 2020-04-13 10:58:13 -04:00
Josh Brower
edae63097c fleet osquery fixes 2020-04-10 16:56:37 -04:00
Mike Reeves
6625e17bf2 Have templates applied on the master only 2020-04-09 12:22:27 -04:00