CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-07 17:52:46 +01:00
Code Issues Packages Projects Releases Wiki Activity
9,041 Commits 24 Branches 119 Tags
c68efd56c2f60107553a7e285dd07ef9f0723b7c
Commit Graph

9041 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
weslambert
7590728a0b Merge pull request #5915 from Security-Onion-Solutions/feature/ti_module 
Add TI module
 2021-10-15 17:17:33 -04:00
weslambert
bb36fc1ed8 Add TI module defaults 2021-10-15 17:16:38 -04:00
weslambert
d0a6dafc8b Add TI module 2021-10-15 17:09:59 -04:00
m0duspwnens
76097476d3 remove includes 2021-10-15 16:57:38 -04:00
m0duspwnens
8b3b0bf160 fix opts 2021-10-15 16:51:11 -04:00
m0duspwnens
f19680b3e6 fix opts 2021-10-15 16:50:03 -04:00
m0duspwnens
7e1bbe3cc2 define MAANGER 2021-10-15 16:14:14 -04:00
m0duspwnens
947285e932 update cmd.run amd s_o files 2021-10-15 16:06:25 -04:00
m0duspwnens
1741f5068a update config-load to do an update or import 2021-10-15 15:35:30 -04:00
Mike Reeves
a9f6c84d7c Add Steno Tuning Options 2021-10-15 14:17:54 -04:00
weslambert
59852841ff Add keyword subfield for event.module 2021-10-15 13:29:50 -04:00
weslambert
6f1f7d2a63 Merge pull request #5905 from Security-Onion-Solutions/feature/soc_es_index_pattern 
Allow setting ES index patterns for SOC in pillar
 2021-10-15 13:28:04 -04:00
Jason Ertel
8de8d58155 Upgrade to ES 7.15.1 2021-10-15 13:27:08 -04:00
Wes Lambert
8feeff97b5 Add EG index pattern during setup (if enabled) 2021-10-15 16:19:19 +00:00
Wes Lambert
032373187c Allow setting ES index patterns for SOC in pillar 2021-10-15 16:02:53 +00:00
William Wernert
db2b70f655 Merge pull request #5900 from Security-Onion-Solutions/foxtrot 
Replace rather than append to Kibana misc log
 2021-10-15 10:27:25 -04:00
Jason Ertel
1800ec4570 Upgrade to Elastalert 2 v2.2.2 2021-10-15 09:25:44 -04:00
Mike Reeves
8a5960c220 Merge pull request #5896 from Security-Onion-Solutions/kilo 2021-10-14 18:05:33 -04:00
Jason Ertel
9797a15218 Fix issue with 'so-user delete' resetting all user roles - note that this function is not technically supported or published since it's not intended for production use 2021-10-14 17:23:18 -04:00
William Wernert
c7b15a9b1f Replace rather than append to Kibana misc log 2021-10-14 15:13:55 -04:00
William Wernert
cba97802fe Fix indent 2021-10-14 15:13:34 -04:00
William Wernert
025256aeaf Merge pull request #5890 from Security-Onion-Solutions/foxtrot 
Misc setup changes
 2021-10-14 14:55:24 -04:00
weslambert
490f7eaf81 Merge pull request #5886 from Security-Onion-Solutions/feature/eg_pivot 
Add EG pivot
 2021-10-14 14:49:38 -04:00
m0duspwnens
6a2bf11a75 change format of file 2021-10-14 13:43:39 -04:00
m0duspwnens
78d30285b1 seperate securitySolutions load 2021-10-14 13:24:51 -04:00
Wes Lambert
f1fafa015e Add EG to list of groups to include 127.0.0.1 2021-10-14 16:27:28 +00:00
Wes Lambert
6cdc214582 Add pillar in setup and change name of EG variable 2021-10-14 15:33:37 +00:00
Wes Lambert
15049f44b9 Add EG pivot 2021-10-14 15:15:23 +00:00
Doug Burks
42a642b85c Merge pull request #5873 from petiepooo/enh-rediscount-tty 
featreq: remove tty flag in redis-count script
 2021-10-14 10:07:07 -04:00
weslambert
3b45e68ead Merge pull request #5885 from Security-Onion-Solutions/feature/jinjafy_soc_actions 
Allow SOC actions to use Jinja
 2021-10-14 10:03:12 -04:00
Wes Lambert
5ee0ea3fe7 Allow SOC actions to use Jinja 2021-10-14 13:59:55 +00:00
weslambert
55c60f485c Merge pull request #5884 from Security-Onion-Solutions/feature/hl_eg 
Add EG firewall allowance via setup
 2021-10-14 09:55:07 -04:00
Wes Lambert
78e88e0765 Add EG firewall allowance via setup 2021-10-13 21:42:54 +00:00
Wes Lambert
a9b250c0f4 Add EG firewall config 2021-10-13 21:37:59 +00:00
m0duspwnens
ae9753326a fix var, quote vars 2021-10-13 16:38:01 -04:00
m0duspwnens
c8fb504ee0 Revert "Merge remote-tracking branch 'remotes/origin/dev' into issue/3933" 
This reverts commit 54eec92621, reversing
changes made to 7832e59629.
 2021-10-13 15:22:46 -04:00
m0duspwnens
54eec92621 Merge remote-tracking branch 'remotes/origin/dev' into issue/3933 2021-10-13 15:19:33 -04:00
m0duspwnens
7832e59629 only load default kibana saved_objects during setup 2021-10-13 15:19:20 -04:00
weslambert
f9001654bb Merge pull request #5871 from Security-Onion-Solutions/feature/hl_eg 
Initial EG stuff
 2021-10-13 15:07:03 -04:00
Wes Lambert
2a504a061b Add Curator action files for EG indices 2021-10-13 18:40:34 +00:00
m0duspwnens
bb9c6446e4 Merge remote-tracking branch 'remotes/origin/dev' into issue/3933 2021-10-13 14:01:36 -04:00
Pete
e7581036f7 remove tty/interactive flags 
This call to docker exec simply returns a number.  No interaction (stdin) or tty is required.  Specifically, having the -t option prevents running via salt using a command such as:

> salt '*' cmd.run 'so-redis-count'
 2021-10-13 13:51:05 -04:00
Wes Lambert
e1629d7ec4 Initial EG stuff 2021-10-13 17:13:07 +00:00
Josh Patterson
b4873bd296 Merge pull request #5868 from Security-Onion-Solutions/issue/5818 
Issue/5818
 2021-10-13 12:52:48 -04:00
m0duspwnens
3044edb104 update comment 2021-10-13 12:38:58 -04:00
m0duspwnens
a495779552 only 3 attempts with 120s max attemps 2021-10-13 12:34:56 -04:00
m0duspwnens
880c1b97b0 remove $ from var 2021-10-13 12:25:11 -04:00
m0duspwnens
7a4fa8879c change count, attempts and timeout 2021-10-13 12:13:24 -04:00
m0duspwnens
adb8292814 add missing ) 2021-10-13 10:37:18 -04:00
m0duspwnens
6e7a5fa326 add timeouts to check_salt_minion_status and check_salt_master_status - https://github.com/Security-Onion-Solutions/securityonion/issues/5818 2021-10-13 09:45:15 -04:00