CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-07 17:52:46 +01:00
Code Issues Packages Projects Releases Wiki Activity
11,149 Commits 24 Branches 119 Tags
c73cd78f0819b7e3b2001c110fb6be1ff379b616
Commit Graph

174 Commits

Author SHA1 Message Date
Doug Burks
554754421c Avoid unecessary Suricata processes in Import Mode 2023-01-10 16:48:06 -05:00
Jason Ertel
168cd00e1b Handle suricata extracted with filecheck 2022-12-06 12:34:02 -05:00
Mike Reeves
de19a4dc53 Add Strelka Filecheck 2022-11-02 10:04:33 -04:00
m0duspwnens
b526532ab6 use global vars in states 2022-10-11 11:57:15 -04:00
doug
fee5a7bea9 initial quick OCD pass 2022-09-23 16:29:55 -04:00
Mike Reeves
85339d7cb1 Add helpLinks to everything 2022-09-20 15:43:34 -04:00
Mike Reeves
512c044d80 Thresholding 2022-09-19 16:53:51 -04:00
Mike Reeves
9a6fe3e8de Add BPF 2022-09-16 08:36:44 -04:00
Mike Reeves
7d6e847f86 Fix Zeek PIllar 2022-09-15 13:11:03 -04:00
Mike Reeves
0351ef4ff5 Fix Suricata analyzers list 2022-09-15 10:48:08 -04:00
m0duspwnens
845d2e33bd remove dupe afpacket 2022-09-15 10:44:39 -04:00
m0duspwnens
4cb955fe8d jinja for the suricata outputs 2022-09-15 10:35:59 -04:00
Mike Reeves
8528645c2c Update suricata_config.map.jinja 2022-09-14 15:02:55 -04:00
Mike Reeves
f8c1571a91 Update suricata_config.map.jinja 2022-09-14 14:43:04 -04:00
Mike Reeves
30a469ea63 Update afpacket.map.jinja 2022-09-14 14:36:13 -04:00
Mike Reeves
90ed4fd4cb Fix Suricata 2022-09-14 14:18:10 -04:00
Mike Reeves
ee59822097 Fix Suricata 2022-09-14 14:15:50 -04:00
Mike Reeves
74a8bd17ea Fix Suricata 2022-09-14 13:56:17 -04:00
Mike Reeves
a4dc63f3a4 Change how zeek and suri are populated in the minion file 2022-09-14 09:53:57 -04:00
Mike Reeves
df1a64b5e0 Modify more defaults 2022-09-13 11:45:59 -04:00
Mike Reeves
a32ff6f403 Modify Suricata defaults 2022-09-13 11:29:31 -04:00
Mike Reeves
2bd9dd80e2 Move In Day 2022-09-07 09:06:25 -04:00
Mike Reeves
cf8c6a6e94 Update defaults.yaml 2022-07-14 15:17:27 -04:00
m0duspwnens
53d6e1d30d simplfy 2022-05-26 11:51:17 -04:00
m0duspwnens
1bfde852f5 manage suricata classifications.config https://github.com/Security-Onion-Solutions/securityonion/issues/7918 2022-05-26 11:43:31 -04:00
m0duspwnens
53883e4ade manage suricata classifications.config https://github.com/Security-Onion-Solutions/securityonion/issues/7918 2022-05-26 11:40:33 -04:00
Doug Burks
db4f138a78 FIX: surilogcompress cron job not running 
The suricata user was originally created with `/opt/so/conf/suricata` as its home directory. I think at some point we changed permissions on `/opt/so/conf` and at that point the `surilogcompress` cron job stopped working. Changing the home directory to `/nsm/suricata` works on all of my PROD systems (including Ubuntu and CentOS).

For more information, please see:
https://github.com/Security-Onion-Solutions/securityonion/issues/7133
 2022-03-15 07:10:02 -04:00
Jason Ertel
eefcc929c2 Update copyright pattern to match other repos 2022-01-24 10:09:23 -05:00
Jason Ertel
7c22f46a55 Update copyright year for 2022 2022-01-24 09:35:29 -05:00
m0duspwnens
d7e5377a44 more requires 2021-10-22 16:46:45 -04:00
Josh Brower
4d307c53e8 Add support for disabling Zeek and Suricata 2021-09-17 13:01:50 -04:00
Mike Reeves
09165daab8 Several Suricata things 2021-07-21 09:10:33 -04:00
m0duspwnens
ebea9a7198 remove space 2021-06-16 08:07:28 -04:00
m0duspwnens
ad9441bb60 prevent suricata state from running on manager and managersearch https://github.com/Security-Onion-Solutions/securityonion/issues/2977 2021-06-16 08:06:26 -04:00
Mike Reeves
0a2d44131b Merge pull request #3939 from Security-Onion-Solutions/soupmkr 
send suricata compress to dev/null
 2021-04-21 18:00:03 -04:00
Mike Reeves
c337be8f4f send suricata compress to dev/null 2021-04-21 17:27:52 -04:00
bryant-treacle
f14df24ddc Update threading.map.jinja 2021-04-21 11:49:29 -04:00
m0duspwnens
e87fb013dc prevent salt warning - The 'file_mode' argument will be ignored. Please use 'mode' instead to set file permissions. 2021-03-19 16:21:18 -04:00
m0duspwnens
ec179f8e9b https://github.com/Security-Onion-Solutions/securityonion/issues/3515 2021-03-17 18:44:25 -04:00
doug
b4ad7e7359 FIX: Improve Suricata DHCP logging and parsing #3397 2021-03-11 11:01:51 -05:00
Jason Ertel
7222f1faa5 fix merge issue 2021-02-20 16:41:12 -05:00
Mike Reeves
b4b449aa14 Pull in Suricata changes 2021-02-19 11:01:15 -05:00
Josh Patterson
79e7b1da4d Merge pull request #3021 from Security-Onion-Solutions/issue/2989 
change suricata clean cron to run once a day
 2021-02-18 14:07:40 -05:00
m0duspwnens
03487c2a31 change suricata clean cron to run once a day 2021-02-18 14:06:45 -05:00
Josh Patterson
0ab9577863 Merge pull request #3018 from Security-Onion-Solutions/all_rules_dont_show_changes 
dont show changes since file can be large
 2021-02-18 12:23:54 -05:00
m0duspwnens
bf100a2310 dont show changes since file can be large 2021-02-18 12:23:22 -05:00
m0duspwnens
95df18c545 limit eve logs and gz files based on days 2021-02-18 10:45:20 -05:00
m0duspwnens
a4d5f58256 fix surilogcompress 2021-02-18 10:33:47 -05:00
m0duspwnens
74ca4487de ensure at least 2 eve files are kept https://github.com/Security-Onion-Solutions/securityonion/issues/2989 2021-02-18 09:51:40 -05:00
m0duspwnens
4b07d5e457 add identifier to eve clean cron 2021-02-18 09:39:54 -05:00