securityonion

mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-06 09:12:45 +01:00

Author	SHA1	Message	Date
Mike Reeves	c656bec9c0	Merge branch 'dev' into feature/espillarz	2020-07-10 11:35:12 -04:00
Mike Reeves	3706aa76d8	Add jinja extension	2020-07-10 10:35:31 -04:00
Doug Burks	2ce254dfb0	add new DPD query to Hunt	2020-07-10 06:00:36 -04:00
Doug Burks	f5114c034d	change Log Type query in Hunt to include event.dataset in the groupby	2020-07-10 05:52:10 -04:00
Mike Reeves	1a6c4c12b4	Fix elasticsearch yaml	2020-07-09 21:56:32 -04:00
Jason Ertel	6bfd777d25	Enabled elastalert log	2020-07-09 21:34:35 -04:00
Mike Reeves	8ef18f9044	Fiz pillar	2020-07-09 18:51:59 -04:00
Mike Reeves	9a7035326d	Update Logstash pillar	2020-07-09 17:09:20 -04:00
Mike Reeves	ad6c9e7fe9	recurse actions for curator	2020-07-09 16:58:35 -04:00
Mike Reeves	6094d19b0b	Make hot default	2020-07-09 16:54:31 -04:00
Mike Reeves	3c6465bb7f	ES Jinja the config	2020-07-09 16:42:39 -04:00
Jason Ertel	33179141a1	Enable PCAP pivots from imports	2020-07-09 16:11:38 -04:00
Josh Brower	7b91704894	Merge pull request #970 from Security-Onion-Solutions/defensivedepth-patch-2-host-pillar Update so-setup	2020-07-09 15:32:38 -04:00
Josh Brower	58d290aa57	Update so-setup	2020-07-09 15:32:19 -04:00
Josh Brower	206bdc60f3	Merge pull request #967 from Security-Onion-Solutions/feature/low-level-alerts Feature - low level alerts	2020-07-09 13:56:31 -04:00
Josh Brower	52f7111e1d	Feature - low level alerts	2020-07-09 13:53:55 -04:00
Mike Reeves	7c6677916a	Curator actions	2020-07-09 12:56:29 -04:00
Mike Reeves	357efac873	Add index specific curator settings	2020-07-09 12:10:53 -04:00
Mike Reeves	ca20279a09	Add curator to static pillar	2020-07-09 12:00:07 -04:00
Mike Reeves	96bcf9d9f3	Add temaplte files per index	2020-07-09 11:51:55 -04:00
Mike Reeves	9c2f7d574d	Add ES settings to pillar	2020-07-09 11:19:02 -04:00
Mike Reeves	2c32c24bf0	Fix logstash logic	2020-07-09 09:16:48 -04:00
Josh Patterson	2bfdb09674	Merge pull request #966 from Security-Onion-Solutions/issue/959 fix typo	2020-07-09 08:52:30 -04:00
m0duspwnens	d539f1ddf8	fix typo	2020-07-09 08:51:53 -04:00
Doug Burks	8dfafffef0	remove duplicate line for message2.conn_uids	2020-07-09 06:44:08 -04:00
weslambert	818f7f56b2	Merge pull request #965 from Security-Onion-Solutions/feature/add_gcp_check Add GCP and make cloud check more generic	2020-07-08 23:31:37 -04:00
weslambert	c01047fad2	Add /dev/null	2020-07-08 23:30:50 -04:00
weslambert	889ba67d85	Move EC2 to more generic cloud verbiage	2020-07-08 23:27:46 -04:00
weslambert	ce00d829e1	Move EC2 to more generic cloud verbiage and check for GCP	2020-07-08 23:26:48 -04:00
weslambert	67fb46f519	Merge pull request #963 from Security-Onion-Solutions/fix/curator_logsizelimit Add standalone evaluation for log_size_limit	2020-07-08 15:40:54 -04:00
Josh Patterson	99ce77e9bd	Merge pull request #962 from Security-Onion-Solutions/issue/959 pillarize yum.conf installonly_limit and proxy	2020-07-08 15:39:22 -04:00
Wes Lambert	f2cea273b6	Add standalone evaluation for log_size_limit	2020-07-08 19:39:14 +00:00
m0duspwnens	59061926f0	pillarize yum.conf installonly_limit and proxy	2020-07-08 15:37:20 -04:00
weslambert	beda67d2a9	Merge pull request #955 from Security-Onion-Solutions/fix/strelka_message_drop Drop message field and original exiftool keys	2020-07-08 10:56:06 -04:00
weslambert	4cf31e1ee7	Drop message field and original exiftool keys	2020-07-08 10:55:40 -04:00
Doug Burks	fef803a86c	Add ignore_failure to geoip processor calls #942	2020-07-08 10:41:14 -04:00
Josh Patterson	3352eb77e9	Merge pull request #954 from Security-Onion-Solutions/issue/825 add pillar example for filebeat inputs/output	2020-07-08 09:53:18 -04:00
m0duspwnens	5f68542241	add pillar example for filebeat inputs/output	2020-07-08 09:52:25 -04:00
weslambert	9c11de5455	Merge pull request #953 from Security-Onion-Solutions/fix/zeek_files_uid Rename uids to uid	2020-07-08 09:40:04 -04:00
weslambert	b25a3b6986	Rename uids to uid	2020-07-08 09:39:37 -04:00
weslambert	88b7a31195	Merge pull request #952 from Security-Onion-Solutions/fix/wazuh_authdport Add Wazuh Authd Port	2020-07-08 09:26:28 -04:00
weslambert	987acaeb7b	Add Wazuh Authd Port	2020-07-08 09:26:04 -04:00
Josh Brower	10cbc96f48	Merge pull request #948 from Security-Onion-Solutions/fix/fleet Fleet setup bugfix	2020-07-07 20:56:43 -04:00
Josh Brower	b4b122dbd9	Fleet setup bugfix	2020-07-07 20:55:47 -04:00
William Wernert	4231fb1d1a	Merge branch 'dev' of github.com:Security-Onion-Solutions/securityonion-saltstack into dev	2020-07-07 17:38:30 -04:00
William Wernert	72a98b33a7	[fix] Change test to check value of `$SO_ERROR`	2020-07-07 17:38:23 -04:00
Mike Reeves	cdce804c9f	Update 9700_output_strelka.conf.jinja	2020-07-07 17:36:49 -04:00
weslambert	2992938596	Merge pull request #947 from Security-Onion-Solutions/fix/strelka_exiftool Add fields for exiftool keys	2020-07-07 17:13:57 -04:00
Mike Reeves	fc377cd3c1	Merge pull request #945 from Security-Onion-Solutions/issue/929 SSL Lockdown	2020-07-07 16:31:33 -04:00
Mike Reeves	1954a389b0	Update so-functions	2020-07-07 16:12:07 -04:00

1 2 3 4 5 ...

3714 Commits