securityonion

mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-06 09:12:45 +01:00

Author	SHA1	Message	Date
Corey Ogburn	c64f37ab67	sigmaRulePackages is now a string array	2024-02-15 10:34:07 -07:00
Corey Ogburn	a5db9f87dd	Merge branch 'kilo' into cogburn/detection_playbooks	2024-02-13 14:08:44 -07:00
Corey Ogburn	f321e734eb	Added so-detection mapping in elasticsearch	2024-02-13 14:05:27 -07:00
Corey Ogburn	8800b7e878	WIP: Detections Changes Removed some strelka/yara rules from salt. Removed yara scripts for downloading and updating rules. This will be managed by SOC. Added a new compile_yara.py script. Added the strelka repos folder.	2024-02-13 14:05:27 -07:00
Corey Ogburn	031ee078c5	socsigmarepo Need write permissions on the /opt/so/rules dir so I can clone the sigma repo there.	2024-02-13 14:05:27 -07:00
Corey Ogburn	c933627a71	Merge branch 'kilo' of github.com:security-onion-solutions/securityonion into kilo	2024-02-13 12:53:29 -07:00
Corey Ogburn	0d297274c8	DetectionComment Mapping Defined	2024-02-13 12:53:18 -07:00
Josh Brower	0c6c6ba2d5	Various UI tweaks	2024-02-13 13:38:43 -05:00
Doug Burks	14209ad99d	Merge pull request #12355 from Security-Onion-Solutions/dougburks-patch-1 Add table columns to process dashboard in defaults.yaml	2024-02-13 12:59:34 -05:00
Doug Burks	0741ae370a	Update defaults.yaml	2024-02-13 12:51:26 -05:00
Doug Burks	8060751a66	Add table columns to process dashboard in defaults.yaml	2024-02-13 12:24:33 -05:00
Doug Burks	d072d431b3	Merge pull request #12350 from Security-Onion-Solutions/feature/process-ancestry-action FEATURE: Add new SOC action to show process ancestry #12345	2024-02-13 08:51:38 -05:00
Josh Brower	ea80469c2d	Detection Default queries	2024-02-12 19:39:55 -05:00
Doug Burks	0ad39a7e32	FEATURE: Add new SOC action to show process ancestry #12345	2024-02-12 19:18:29 -05:00
Doug Burks	20d2f3b97e	Update Sublime action in defaults.yaml to use i18n	2024-02-12 19:13:32 -05:00
Josh Brower	64726a2785	Merge pull request #12349 from Security-Onion-Solutions/2.4/conflictingfix Fix conflicting id	2024-02-12 19:07:07 -05:00
Josh Brower	ccb14485a3	Fix conflicting id	2024-02-12 19:06:19 -05:00
Josh Brower	5102269440	Update defaults	2024-02-12 16:44:54 -05:00
Mike Reeves	e713b4c660	Merge pull request #12346 from Security-Onion-Solutions/reyesj2-patch-1 Remove unused file	2024-02-12 16:07:31 -05:00
Mike Reeves	2db5f4dd41	Merge pull request #12308 from petiepooo/feat-es-ownfs FEATURE: Check for mountpoint during Elastic size limit calculations	2024-02-12 16:03:36 -05:00
Mike Reeves	f91cb5b81f	Merge pull request #12290 from petiepooo/fix-remove-intca-symlink fix: also remove intca symlink	2024-02-12 12:33:13 -05:00
Jorge Reyes	4b697b2406	Remove unused file	2024-02-12 09:28:48 -05:00
Josh Brower	c04f5a3f0f	Merge pull request #12268 from Security-Onion-Solutions/feature/fleet-artifacts Feature/fleet artifacts	2024-02-12 08:58:14 -05:00
Josh Brower	b1de6abc17	Merge pull request #12343 from Security-Onion-Solutions/fix/anothercheck Wait for ES to be ready	2024-02-12 08:58:05 -05:00
Josh Brower	cc0f25a4f7	Wait for ES to be ready	2024-02-11 13:30:20 -05:00
Josh Brower	eafb5cf15e	Change to file_root	2024-02-11 13:18:20 -05:00
Jorge Reyes	2b2aa30ac1	Merge pull request #12332 from Security-Onion-Solutions/reyesj2/sod-putty Add putty to SOD	2024-02-10 20:41:03 -05:00
Josh Brower	66ac36a944	Update soup	2024-02-10 11:07:26 -05:00
Josh Brower	feabb7c51f	Merge remote-tracking branch 'origin/2.4/dev' into feature/fleet-artifacts	2024-02-10 10:57:46 -05:00
Corey Ogburn	64f6d0fba9	Updated Detection's ES Mappings Detection's now have a License field and the Comment model is defined now.	2024-02-09 14:20:07 -07:00
Josh Patterson	94b6e781bb	Merge pull request #12337 from Security-Onion-Solutions/salt3006.6v2 Salt3006.6v2	2024-02-09 15:45:39 -05:00
m0duspwnens	304ae49251	fix source	2024-02-09 12:41:23 -05:00
m0duspwnens	213ac822a8	create dir and chown	2024-02-09 10:54:07 -05:00
m0duspwnens	2143881c0b	specify *.rules	2024-02-09 10:22:25 -05:00
m0duspwnens	5903ae596c	move suricata rules to /opt/so/rules/nids/suri	2024-02-09 09:47:23 -05:00
Josh Brower	0c423c9329	Merge pull request #12333 from Security-Onion-Solutions/fix/shell Fixup shell	2024-02-09 09:31:47 -05:00
Josh Brower	654602bf80	Fixup shell	2024-02-09 09:30:18 -05:00
reyesj2	3c9d6da1d8	add putty to sod packages.sls Signed-off-by: reyesj2 <94730068+reyesj2@users.noreply.github.com>	2024-02-08 22:05:37 -05:00
Josh Brower	683abf0179	Rework naming	2024-02-08 13:24:25 -05:00
Corey Ogburn	29174566f3	WIP: Updated Detection Mappings, Changed Engine to Language Detection mappings updated to include the removal of Note and the addition of Tags, Ruleset, and Language. SOC defaults updated to use language based queries rather than engine and show the language column instead of the engine column in results.	2024-02-08 09:44:56 -07:00
Josh Brower	8d0e8789bd	Use salt file roots	2024-02-08 09:54:51 -05:00
Josh Brower	503a09f150	Merge remote-tracking branch 'origin/2.4/dev' into feature/fleet-artifacts	2024-02-08 09:45:21 -05:00
Josh Brower	81a3e95914	Fixup sigma pipelines	2024-02-07 16:42:16 -05:00
Josh Patterson	f02f61c6dd	Merge pull request #12325 from Security-Onion-Solutions/salt3006.6 Salt3006.6	2024-02-07 16:33:56 -05:00
Doug Burks	8c5dafa058	Merge pull request #12324 from Security-Onion-Solutions/feature/dashboards-communityid-firewall FEATURE: Add new dashboards for community_id and firewall auth #12323	2024-02-07 16:15:21 -05:00
Doug Burks	d3d2305f00	FEATURE: Add new dashboards for community_id and firewall auth #12323	2024-02-07 16:08:27 -05:00
Josh Brower	7e3187c0b8	Fixup sigma pipelines	2024-02-07 15:35:31 -05:00
Josh Brower	b7b501d289	Add Sigma pipelines	2024-02-07 15:02:52 -05:00
m0duspwnens	6534f392a9	update backup filename	2024-02-07 14:25:28 -05:00
m0duspwnens	478fb6261e	Merge remote-tracking branch 'origin/2.4/dev' into salt3006.6	2024-02-07 14:15:11 -05:00

1 2 3 4 5 ...

14344 Commits