CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-06 17:22:49 +01:00
Code Issues Packages Projects Releases Wiki Activity
4,808 Commits 24 Branches 119 Tags
d0c267ca90d0df3af7d913764648cd3dba659dd7
Commit Graph

247 Commits

Author SHA1 Message Date
Wes Lambert
02d2e5e2c6 Fix isue with null Zeek server IP 2020-09-30 17:53:30 +00:00
Wes Lambert
36019727b3 Ensure IPs are typed as IP and ports as integer 2020-09-29 18:20:15 +00:00
Wes Lambert
869767d9d9 Add initial parsing for Wazuh WEL/Sysmon 2020-09-28 19:04:21 +00:00
m0duspwnens
dd56d7d2d1 change how we determine the ip. run script on search and import nodes as well 2020-09-16 09:48:38 -04:00
weslambert
fbf037f460 Ensure templates are loaded for heavy nodes 2020-09-15 17:14:06 -04:00
Josh Patterson
ca26548b2c Merge pull request #1310 from Security-Onion-Solutions/issue/1281 
Issue/1281
 2020-09-10 10:08:25 -04:00
Doug Burks
24c325e9a1 Fix Elasticsearch parsing for Zeek Intel Indicator #1309 2020-09-10 06:41:19 -04:00
Josh Brower
c3b2d98ffb Add event.category to WEL 2020-09-10 06:15:30 -04:00
m0duspwnens
09cc8ae1fb fail the state if it isnt in top 2020-09-09 16:48:50 -04:00
m0duspwnens
a229ae82ce only allow state to run if it is in top for the node 2020-09-02 16:15:52 -04:00
Josh Brower
a79d0319cd Initial support for evtx import 2020-09-01 13:47:27 -04:00
Josh Brower
b7dd14b8f0 Set event.code to string for WEL 2020-08-28 13:40:04 -04:00
Josh Brower
1cf7301db4 Adds new .security analyzed subfield 2020-08-26 05:11:42 -04:00
Josh Brower
d4f7a07f85 Osquery Parsing fix 2020-08-18 15:54:11 -04:00
Mike Reeves
a3d8b7d0d3 Add watch statements 2020-08-14 09:40:38 -04:00
m0duspwnens
3387114389 Merge remote-tracking branch 'remotes/origin/dev' into issue/1049 2020-08-13 08:21:43 -04:00
Mike Reeves
5a53194313 Update sotls.yml 2020-08-12 21:12:48 -04:00
Mike Reeves
59ddac57bf Rename sotls.yaml to sotls.yml 2020-08-12 17:48:37 -04:00
m0duspwnens
a746d597bb rename to .yml 2020-08-12 17:42:45 -04:00
m0duspwnens
dbe14fcbdb Merge remote-tracking branch 'remotes/origin/dev' into issue/1049 2020-08-12 16:46:03 -04:00
Mike Reeves
9980d02844 Elastic Transport TLSgit add . 2020-08-12 15:38:19 -04:00
Mike Reeves
69e7285e30 Fix a bug where minio passwrods cause issues 2020-08-12 12:44:55 -04:00
Mike Reeves
32083132e5 Back out some ES settings 2020-08-12 11:10:36 -04:00
m0duspwnens
5a0df27193 rename importpcap node to import 2020-08-12 10:27:15 -04:00
Mike Reeves
0f7074a499 SSL intraca 2020-08-11 15:49:04 -04:00
Mike Reeves
65d535d893 SSL intraca 2020-08-11 15:45:17 -04:00
Mike Reeves
f862133323 SSL intraca 2020-08-11 15:37:55 -04:00
Mike Reeves
e8b61a3828 SSL intraca 2020-08-11 15:14:29 -04:00
Mike Reeves
5f30c947c9 SSL intraca 2020-08-11 15:12:23 -04:00
Mike Reeves
42c9653669 anon user hack 2020-08-11 14:45:55 -04:00
Mike Reeves
f553a8e27a anon user hack 2020-08-11 14:40:34 -04:00
Mike Reeves
348f7f39cc strip node suffix 2020-08-11 11:37:53 -04:00
Mike Reeves
7e0249c377 ES cleanup 2020-08-11 10:28:21 -04:00
Mike Reeves
b84d7d818f Fix for loop 2020-08-11 10:20:02 -04:00
Mike Reeves
d941209479 Walk nodes tab 2020-08-11 10:17:28 -04:00
Mike Reeves
59292425c0 Add transport hostname 2020-08-10 23:03:54 -04:00
Mike Reeves
ac3f490299 Add transport hostname 2020-08-10 23:02:03 -04:00
Mike Reeves
730e389aae Add transport hostname 2020-08-10 22:57:49 -04:00
Mike Reeves
52cc56bebb Add transport hostname 2020-08-10 22:56:15 -04:00
Mike Reeves
c3d8c599cc Turn off user auth 2020-08-10 22:13:17 -04:00
Mike Reeves
6007a6c4d8 Things like this are why I hate Java 2020-08-10 22:10:03 -04:00
Mike Reeves
d00231af06 Things like this are why I hate Java 2020-08-10 22:05:46 -04:00
Mike Reeves
31ab1e8ed8 Things like this are why I hate Java 2020-08-10 22:03:24 -04:00
Mike Reeves
6d2be9af7e Things like this are why I hate Java 2020-08-10 21:58:44 -04:00
Mike Reeves
cdda46ce58 ca typeo 2020-08-10 21:54:36 -04:00
Mike Reeves
811da5732a Elastic logic fix 2020-08-10 21:51:29 -04:00
Mike Reeves
cf5c29d01c Change certs path on elstic 2020-08-10 21:30:53 -04:00
Mike Reeves
e28619604c Change certs path on elstic 2020-08-10 21:26:00 -04:00
Mike Reeves
e7cd527d49 Enable SSL in elastic 2020-08-10 21:18:03 -04:00
Mike Reeves
92cc176b6d Fix features logic in all states that use it 2020-08-10 20:59:41 -04:00