CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-06 09:12:45 +01:00
Code Issues Packages Projects Releases Wiki Activity
14,388 Commits 24 Branches 119 Tags
d04aa06455e7e96b5cbdac6c09953e01bd718c81
Commit Graph

14388 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Josh Brower
d04aa06455 Fix source.ip 2024-02-22 14:01:02 -05:00
Josh Brower
c886e72793 Imphash mappings 2024-02-22 08:59:33 -05:00
Josh Brower
0a9022ba6a Add hash mappings 2024-02-21 17:07:08 -05:00
Josh Patterson
d2f7946377 Merge pull request #12411 from Security-Onion-Solutions/issue/12382 
nest under policy
 2024-02-21 16:28:04 -05:00
coreyogburn
eb3432fb8b Merge pull request #12412 from Security-Onion-Solutions/kilo 
Initial Support for Detections Module
 2024-02-21 14:08:11 -07:00
Josh Brower
927ea0c9ec Update VERSION 2024-02-21 15:56:12 -05:00
m0duspwnens
162785575c nest under policy 2024-02-21 15:28:24 -05:00
Jason Ertel
152e7937db Merge pull request #12408 from Security-Onion-Solutions/jertel/24template 
add missing template
 2024-02-21 13:24:34 -05:00
Jason Ertel
25570e6ec2 add missing template 2024-02-21 13:18:39 -05:00
Josh Brower
1952f0f232 Merge remote-tracking branch 'origin/2.4/dev' into kilo 2024-02-21 13:11:49 -05:00
Jason Ertel
29778438f0 Merge pull request #12396 from Security-Onion-Solutions/jertel/glm 
add lock threads
 2024-02-21 07:18:05 -05:00
Jason Ertel
6c6a362fcc add lock threads 2024-02-20 19:14:18 -05:00
Mike Reeves
89010dacab Merge pull request #12348 from Security-Onion-Solutions/TOoSmOotH-patch-4 
Update soup
 2024-02-20 12:10:09 -05:00
Jason Ertel
78d41c5342 Merge pull request #12386 from Security-Onion-Solutions/jertel/corricon 
replace correlate icon to avoid confusion with searcheng.in
 2024-02-20 10:39:38 -05:00
Jason Ertel
4b314c8715 replace correlate icon to avoid confusion with searcheng.in 2024-02-20 10:30:09 -05:00
Mike Reeves
ed0773604c Merge pull request #12385 from Security-Onion-Solutions/TOoSmOotH-patch-1 
Update VERSION
 2024-02-20 10:14:45 -05:00
Mike Reeves
07fcfab7ec Update VERSION 2024-02-20 10:14:11 -05:00
Mike Reeves
5c96e30087 Merge pull request #12383 from Security-Onion-Solutions/2.4.50 
2.4.50
 2024-02-20 09:50:09 -05:00
Mike Reeves
18b4fcca75 2.4.50 2024-02-20 09:47:05 -05:00
Josh Brower
ffb3cc87b7 Default ruleset; Descriptions 2024-02-16 11:55:10 -05:00
Josh Brower
e4dcb4a8dd Merge remote-tracking branch 'origin/cogburn/detection_playbooks' into kilo 2024-02-15 17:50:37 -05:00
Corey Ogburn
c64f37ab67 sigmaRulePackages is now a string array 2024-02-15 10:34:07 -07:00
Josh Brower
686304f24a Merge remote-tracking branch 'origin/2.4/dev' into kilo 2024-02-15 09:47:51 -05:00
Josh Patterson
0765320839 Merge pull request #12360 from Security-Onion-Solutions/2450soup 
`2450soup
 2024-02-14 14:37:28 -05:00
m0duspwnens
a2b17d2348 move jinja to top 2024-02-14 14:27:41 -05:00
m0duspwnens
c1f467a068 handle airgap 2024-02-14 14:22:18 -05:00
m0duspwnens
7d5932ee5e Merge remote-tracking branch 'origin/2.4/dev' into 2450soup 2024-02-14 13:29:39 -05:00
m0duspwnens
79e98e508f pass in UPDATE_DIR as a pillar 2024-02-14 13:28:12 -05:00
Josh Patterson
cf6266a92b Merge pull request #12354 from Security-Onion-Solutions/2450soup 
modify soup to update soup scripts using salt
 2024-02-13 16:23:57 -05:00
m0duspwnens
2e9fa2438b add back comment 2024-02-13 16:19:50 -05:00
Corey Ogburn
a5db9f87dd Merge branch 'kilo' into cogburn/detection_playbooks 2024-02-13 14:08:44 -07:00
Corey Ogburn
f321e734eb Added so-detection mapping in elasticsearch 2024-02-13 14:05:27 -07:00
Corey Ogburn
8800b7e878 WIP: Detections Changes 
Removed some strelka/yara rules from salt.

Removed yara scripts for downloading and updating rules. This will be managed by SOC.

Added a new compile_yara.py script.

Added the strelka repos folder.
 2024-02-13 14:05:27 -07:00
Corey Ogburn
031ee078c5 socsigmarepo 
Need write permissions on the /opt/so/rules dir so I can clone the sigma repo there.
 2024-02-13 14:05:27 -07:00
m0duspwnens
00f2374582 fix path for so-firewall 2024-02-13 15:43:02 -05:00
m0duspwnens
468eedfaeb add soup script update retru 2024-02-13 15:30:24 -05:00
m0duspwnens
88786e8342 use file.copy to preserve perms 2024-02-13 15:05:09 -05:00
Corey Ogburn
c933627a71 Merge branch 'kilo' of github.com:security-onion-solutions/securityonion into kilo 2024-02-13 12:53:29 -07:00
Corey Ogburn
0d297274c8 DetectionComment Mapping Defined 2024-02-13 12:53:18 -07:00
m0duspwnens
141fd49f02 use rsync 2024-02-13 14:27:22 -05:00
m0duspwnens
7112337c85 fix copy 2024-02-13 13:52:14 -05:00
Josh Brower
0c6c6ba2d5 Various UI tweaks 2024-02-13 13:38:43 -05:00
m0duspwnens
d6ac7a3286 fix the jinja 2024-02-13 13:31:34 -05:00
m0duspwnens
9175a73456 dont need $ for vars 2024-02-13 13:08:09 -05:00
Doug Burks
14209ad99d Merge pull request #12355 from Security-Onion-Solutions/dougburks-patch-1 
Add table columns to process dashboard in defaults.yaml
 2024-02-13 12:59:34 -05:00
m0duspwnens
1bde002f20 update case 2024-02-13 12:51:53 -05:00
Doug Burks
0741ae370a Update defaults.yaml 2024-02-13 12:51:26 -05:00
m0duspwnens
d7f853b5b2 comment out script copy in soup 2024-02-13 12:50:22 -05:00
m0duspwnens
5c9b1ab38b copy with cp 2024-02-13 12:48:31 -05:00
m0duspwnens
b713771494 add back common soup_scripts state 2024-02-13 12:30:36 -05:00