CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-06 09:12:45 +01:00
Code Issues Packages Projects Releases Wiki Activity
12,449 Commits 24 Branches 119 Tags
c7c4e65df1e12f5d174a77ea506c70dc8af40e13
Commit Graph

12449 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
m0duspwnens
c7c4e65df1 single-node for heavynode 2023-06-13 09:22:17 -04:00
m0duspwnens
49b150797d 2.4 heavynode changes 2023-06-12 16:25:51 -04:00
Doug Burks
a90aed25fb Merge pull request #10570 from Security-Onion-Solutions/dougburks-patch-1 
FIX: Add Zeek ocsp.log to excluded list #10569
 2023-06-12 08:46:49 -04:00
Doug Burks
ae14e4870d Add ocsp to logging.zeek.exclued in defaults.yaml 2023-06-12 08:44:46 -04:00
Doug Burks
273a1d7e9c Merge pull request #10568 from Security-Onion-Solutions/2.4/fix-suricata-dhcp 
FIX: Suricata DHCP logs not ingesting #10565
 2023-06-12 07:50:44 -04:00
Doug Burks
b3f8ed7dcd FIX: Suricata DHCP logs not ingesting #10565 2023-06-10 11:42:41 -04:00
Jason Ertel
e06787445c Merge pull request #10561 from Security-Onion-Solutions/jertel/pcap 
Node description config setting should not accept a grid-wide value
 2023-06-09 12:02:51 -04:00
Jason Ertel
8a4f5d6dcb Merge branch '2.4/dev' into jertel/pcap 2023-06-09 11:51:37 -04:00
Doug Burks
81dd951064 Merge pull request #10560 from Security-Onion-Solutions/dougburks-patch-1 
FIX: Setup re-runs when SSH'ing into a successfully installed minion …
 2023-06-09 11:49:54 -04:00
Doug Burks
c12f138899 FIX: Setup re-runs when SSH'ing into a successfully installed minion node #10498 2023-06-09 11:20:54 -04:00
Jason Ertel
884a7041af Merge branch '2.4/dev' into jertel/pcap 2023-06-09 10:47:26 -04:00
Jason Ertel
023008c54c do not allow node_description to be set at global grid-wide level 2023-06-09 10:46:56 -04:00
Jason Ertel
6f7de954d9 Merge pull request #10559 from Security-Onion-Solutions/jertel/pcap 
Telegraf should monitor all mount points
 2023-06-09 09:18:54 -04:00
Jason Ertel
46371aaaf5 Monitor all mount points for simplicity 2023-06-09 09:14:36 -04:00
Doug Burks
1fde2e2755 Merge pull request #10553 from Security-Onion-Solutions/2.4/update-readme 
2.4/update readme
 2023-06-08 13:44:39 -04:00
Doug Burks
1aad9d1b2f Update README.md 2023-06-08 13:41:08 -04:00
Doug Burks
9703e70163 Update README.md 2023-06-08 13:38:11 -04:00
Doug Burks
f6735207d7 Merge pull request #10552 from Security-Onion-Solutions/2.4/fix-suricata-dataset 
FIX: Suricata dataset values for certain types of metadata#10551
 2023-06-08 13:33:53 -04:00
Doug Burks
e5f76a9c6e change suricata parsers from dataset to event.dataset 2023-06-08 12:31:31 -04:00
weslambert
d1c86cb9ff Merge pull request #10550 from Security-Onion-Solutions/kilo 
Elastalert and EQL
 2023-06-08 11:21:18 -04:00
weslambert
8ccb24dda2 Update version to 2.4.3 2023-06-08 11:05:05 -04:00
weslambert
932054e9da Update version to 2.4.0 2023-06-08 11:04:45 -04:00
Josh Brower
8b35002169 EQL Refactor 2023-06-07 13:44:37 -04:00
weslambert
f68527d366 Merge pull request #10541 from Security-Onion-Solutions/fix/curator_action_ignore_empty_list 
Use ignore_empty_list
 2023-06-07 10:36:38 -04:00
Wes
81e3d26540 Ignore empty list 2023-06-07 13:14:52 +00:00
weslambert
96b60fa39a Restore original URL syntax, but use data stream 2023-06-06 20:53:05 -04:00
weslambert
f172a74fbc Remove EQL setting 2023-06-06 20:51:29 -04:00
weslambert
c4be56ec7b Update host syntax 2023-06-06 20:51:03 -04:00
weslambert
96195806ab Update version to 2.4.0-kilo 2023-06-06 20:50:10 -04:00
weslambert
88bbd3440d Merge pull request #10522 from Security-Onion-Solutions/fix/playbook_index 
Change Playbook index to a data stream and update mapping for event.severity_label
 2023-06-06 09:03:49 -04:00
Wes
495a9c0783 Add mapping for event.severity_label 2023-06-05 21:19:37 +00:00
Wes
905bc564fc Change data stream name 2023-06-05 21:18:47 +00:00
Wes
f6f387428f Update Playbook alerter to write to a data stream 2023-06-05 21:17:10 +00:00
Jason Ertel
db5abcb3cf Merge pull request #10503 from Security-Onion-Solutions/jertel/pcap 
add ability to output PCAP import results in JSON format
 2023-06-05 14:32:32 -04:00
Jason Ertel
27e310c2a1 add json output option to so-import-evtx; clean up other issues 2023-06-05 13:54:44 -04:00
weslambert
236eb0cbcc Merge pull request #10515 from Security-Onion-Solutions/fix/analyzers 
Update requests and whoisit
 2023-06-05 12:12:59 -04:00
Wes
841d0b4b1f Update dependencies after git add 2023-06-05 15:42:55 +00:00
Wes
272f97e2d7 Update dependencies 2023-06-05 15:42:38 +00:00
Wes
eac9a3fc86 Update requests and whoisit 2023-06-05 15:41:01 +00:00
Doug Burks
32dc26f2e7 Merge pull request #10514 from Security-Onion-Solutions/2.4/fix-VERIFY_ISO 
Rename VERIFY_ISO.md to DOWNLOAD_AND_VERIFY_ISO.md
 2023-06-05 10:12:43 -04:00
Doug Burks
1b14142e4c Rename VERIFY_ISO.md to DOWNLOAD_AND_VERIFY_ISO.md 2023-06-05 10:08:20 -04:00
Jason Ertel
2fef1d5fa7 silence grep output 2023-06-02 15:43:48 -04:00
Jason Ertel
3bbfc3865d use proper URL spacing 2023-06-02 15:26:14 -04:00
Jason Ertel
6947fd6414 add ability to output PCAP import results in JSON format 2023-06-02 15:21:41 -04:00
Doug Burks
d3e5be78fd Merge pull request #10500 from Security-Onion-Solutions/dougburks-patch-1 
Update soc_zeek.yaml
 2023-06-02 07:54:11 -04:00
Doug Burks
09e005127e Update soc_zeek.yaml 2023-06-02 07:41:55 -04:00
Mike Reeves
d3ea596deb Merge pull request #10491 from Security-Onion-Solutions/TOoSmOotH-patch-1 
Update VERSION
 2023-06-01 09:44:13 -04:00
Mike Reeves
d6d315e8d5 Update VERSION 2023-06-01 09:43:32 -04:00
Mike Reeves
8c9186d8dd Merge pull request #10489 from Security-Onion-Solutions/2.4.2 
2.4.2
 2023-06-01 09:27:56 -04:00
Mike Reeves
aee842b912 2.4.2 2023-06-01 09:26:24 -04:00