CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2026-04-25 05:57:49 +02:00
Code Issues Packages Projects Releases Wiki Activity
15,574 Commits 40 Branches 125 Tags
d29727c869d6bb740098cd5cef71e2db8a4fa833
Commit Graph

82 Commits

Author SHA1 Message Date
Jason Ertel 48f1e24bf5 notification updates 2024-08-22 09:04:43 -04:00
Jason Ertel cf47508185 notification updates 2024-08-22 09:02:32 -04:00
Corey Ogburn c71b9f6e8f Fix CopyPasta 
Strelka annotations referenced ElastAlert. Fixed.
 2024-08-08 13:31:08 -06:00
Corey Ogburn 5328f55322 Remove new config value 2024-08-08 11:43:15 -06:00
Corey Ogburn ccd7d86302 More AI Summaries Config/Annotations 
Added aiRepoBranch to all 3 detection engines.

Added showUnreviewedAiSummaries to client parameters.

Added annotations.
 2024-08-08 10:46:41 -06:00
Corey Ogburn fc89604982 New Config Values/Annotations for Ai Summaries 
Each engine pulls the same repo into the same location and shows the summaries.

Which repo and where to keep them is advanced, but turning AI summaries on or off is not.
 2024-08-06 13:55:54 -06:00
Jason Ertel 3130b56d58 Provide new setting to require OTP 2024-07-30 10:39:57 -04:00
Corey Ogburn 45b2413175 Removed Allow/Deny Regexes, Added Enable/Disable Regex 
Update config and annotations for new regex support for suricata.
 2024-07-19 12:45:24 -06:00
Corey Ogburn 022df966c7 Remove Allow/Deny Regex, Add Suricata Enable/Disable Regex 2024-07-19 12:28:04 -06:00
Corey Ogburn d0565baaa3 New Config Values for Detections Bulk Indexer 
`maxScrollSize` defines the "page size" of each scroll request.

`bulkIndexerWorkerCount` defines how many worker threads a bulk indexer should use. 0 or fewer indicates that 1 thread per CPU core should be used.
 2024-07-15 14:43:47 -06:00
DefensiveDepth c89f1c9d95 remove multiline 2024-06-14 13:48:55 -04:00
DefensiveDepth 68302e14b9 add to defaults and tweaks 2024-06-14 09:28:23 -04:00
DefensiveDepth c1abc7a7f1 Update description 2024-06-14 08:51:34 -04:00
DefensiveDepth 484717d57d initial support for custom suricata urls and local rulesets 2024-06-14 08:42:10 -04:00
Corey Ogburn 85c269e697 Added TemplateDetections To Detection ClientParams 
The UI can now insert templates when you select a Detection language. These are those templates, annotated.
 2024-05-30 15:59:03 -06:00
DefensiveDepth f90d40b471 Fix typo 2024-05-24 12:56:17 -04:00
DefensiveDepth 4344988abe Add instructions for sigma and yara repos 2024-05-24 12:54:36 -04:00
DefensiveDepth a072e34cfe Fix casing issue 2024-05-22 17:12:41 -04:00
Jason Ertel 31fdf15ce1 Merge branch '2.4/dev' into jertel/eaconfig 2024-05-20 18:59:35 -04:00
Jason Ertel 6b2219b7f2 elastalert settings 2024-05-20 18:52:37 -04:00
Corey Ogburn 6e97c39f58 Marked as Advanced 2024-05-20 14:52:05 -06:00
Corey Ogburn 026023fd0a Annotate integrityCheckFrequencySeconds per det engine 2024-05-20 14:35:11 -06:00
Jason Ertel 1c4d36760a add support for custom alerters 2024-05-17 14:49:39 -04:00
DefensiveDepth c4c38f58cb Update descriptions 2024-05-13 13:13:57 -04:00
Jason Ertel b4817fa062 Merge pull request #12956 from Security-Onion-Solutions/jertel/testcy 
test regexes for detections
 2024-05-07 08:45:38 -07:00
Jason Ertel 4ebe070cd8 test regexes for detections 2024-05-06 19:03:12 -04:00
m0duspwnens 554a203541 update airgapEnabled in map file 2024-05-06 12:59:45 -04:00
m0duspwnens 38f74d2e9e change quotes 2024-05-06 11:38:30 -04:00
m0duspwnens 5b966b83a9 change rulesRepos for airgap or not 2024-05-06 09:26:52 -04:00
DefensiveDepth 26c6a98b45 Initial airgap support for detections 2024-05-06 08:43:01 -04:00
m0duspwnens 47ba4c0f57 add new annotation for soc autoEnabledSigmaRules 2024-05-01 12:55:29 -04:00
DefensiveDepth dbfb178556 Add test 2024-04-16 12:22:53 -04:00
DefensiveDepth f5e42e73af Add docs for ruleset change 2024-04-12 13:30:20 -04:00
DefensiveDepth 1c5f02ade2 Update annotations 2024-04-11 09:21:08 -04:00
Josh Brower f72cbd5f23 Merge pull request #12755 from Security-Onion-Solutions/2.4/detections-defaults 
2.4/detections defaults
 2024-04-04 11:33:59 -04:00
DefensiveDepth 49d5fa95a2 Detections tweaks 2024-04-04 11:26:44 -04:00
Jason Ertel a7fab380b4 clarify telemetry annotation 2024-04-04 07:51:23 -04:00
Jason Ertel a9517e1291 clarify telemetry annotation 2024-04-04 07:49:30 -04:00
Jason Ertel 3aea2dec85 analytics 2024-04-01 09:50:18 -04:00
DefensiveDepth bbcd3116f7 Fixes 2024-03-26 09:31:46 -04:00
DefensiveDepth cc0f4847ba Casing and validation 2024-03-26 08:10:57 -04:00
DefensiveDepth 7c4ea8a58e Add Detections SOC Config 2024-03-26 07:39:39 -04:00
Jason Ertel 1cbac11fae detections annotations 2024-03-06 11:08:03 -05:00
Jason Ertel 167aff24f6 detections annotations 2024-03-06 11:03:52 -05:00
Jason Ertel 0f12297f50 add new pcap annotations 2024-03-06 08:19:42 -05:00
Jason Ertel 12653eec8c add new pcap annotations 2024-03-06 08:14:33 -05:00
Josh Brower 59af547838 Fix download location 2024-02-27 09:49:54 -05:00
Doug Burks 52580fb8c4 Merge pull request #12434 from Security-Onion-Solutions/feature/improve-endpoint-columns 
Add multiple endpoint features
 2024-02-26 12:05:30 -05:00
Josh Brower a6bb7216f9 Add Detection AutoUpdate config 2024-02-26 08:18:42 -05:00
Doug Burks 58f4fb87d0 fix new eventFields in soc_soc.yaml 2024-02-23 17:06:29 -05:00