CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-08 18:22:47 +01:00
Code Issues Packages Projects Releases Wiki Activity
16,037 Commits 24 Branches 119 Tags
d35ffef503b0933f56c65b47c25349b32caed24f
Commit Graph

1847 Commits

Author SHA1 Message Date
Jason Ertel
811bbb4cb0 Require sudo to run an import 2020-07-10 13:58:52 -04:00
Wes Lambert
6e99ca600f Move zeek_clean to so-sensor-clean 2020-07-10 17:56:40 +00:00
m0duspwnens
0a1b5f29eb merge with dev and resolv conflicts 2020-07-10 10:48:49 -04:00
m0duspwnens
1f48dc765e merge with dev and resolv conflicts 2020-07-10 10:36:48 -04:00
Jason Ertel
33179141a1 Enable PCAP pivots from imports 2020-07-09 16:11:38 -04:00
m0duspwnens
5ca3ecf4bd fix reference to master grain 2020-07-09 15:42:39 -04:00
William Wernert
c5eff1d89e [feat][WIP] Add option to run so-allow -a <ip/cidr> during setup 2020-07-09 14:47:55 -04:00
m0duspwnens
823ee42120 https://github.com/Security-Onion-Solutions/securityonion/issues/404 2020-07-09 13:45:24 -04:00
m0duspwnens
3cf31e2460 https://github.com/Security-Onion-Solutions/securityonion/issues/404 2020-07-09 11:27:06 -04:00
Josh Brower
b4b122dbd9 Fleet setup bugfix 2020-07-07 20:55:47 -04:00
Mike Reeves
c59096d9bd rename node pillar to elasticsearch 2020-07-07 10:42:12 -04:00
Mike Reeves
f05e366d49 Fix salt upgrade script 2020-07-06 15:56:55 -04:00
bryant-treacle
0b10b775c5 Additional so-container scripts 2020-07-02 07:02:35 +00:00
Jason Ertel
cf6a229f51 Import now requires execution on a sensor node due to the need for zeek and suricata; Automatically stop curator if curator is installed 2020-07-02 12:07:30 -04:00
William Wernert
c7a3cc9c17 [fix][revert] Change source in so-allow to correct path 2020-07-02 08:58:14 -04:00
Jason Ertel
4cedacf8fd Improve curator verbiage in so-import-pcap 2020-07-02 06:01:17 -04:00
Jason Ertel
ac01b8de4b Stop curator when directed on PCAP imports 2020-07-01 22:04:07 -04:00
Jason Ertel
e3126064e8 Improve usage instructions for so-import-pcap 2020-07-01 17:58:02 -04:00
Jason Ertel
96e93b012d Adjust imports for filebeat configuration to ensure import data is placed into ES 2020-07-01 17:18:01 -04:00
Jason Ertel
d6feafb12a Correct indentation in filebeat.yaml 2020-07-01 15:39:23 -04:00
Jason Ertel
930f15eea5 Introduce so-import-pcap tool - WIP 2020-06-30 14:56:08 -04:00
Josh Brower
1c0443458c so-allow spacing fix 2020-06-30 08:13:00 -04:00
William Wernert
8e15f858dd Merge branch 'dev' of github.com:Security-Onion-Solutions/securityonion-saltstack into dev 
# Conflicts:
#	salt/common/tools/sbin/so-allow
 2020-06-29 15:14:12 -04:00
Wes Lambert
ed60d48c81 Add ES REST API option for so-allow 2020-06-29 18:49:16 +00:00
William Wernert
8cbccb656d [fix] Apply shellcheck fixes 2020-06-29 11:32:25 -04:00
Wes Lambert
9ac85cf674 Add Stelka mgmt scripts 2020-06-29 13:09:14 +00:00
weslambert
6f6e8a8853 Merge pull request #897 from Security-Onion-Solutions/fix/strelka_rules 
Fix/strelka rules
 2020-06-26 16:43:21 -04:00
William Wernert
22eb81128a Merge pull request #891 from Security-Onion-Solutions/feature/navigator-to-nginx 
Feature/navigator to nginx
 2020-06-26 15:48:46 -04:00
weslambert
813c243d3d Update so-yara-update 2020-06-26 13:26:08 -04:00
William Wernert
cf7e5f1b6f [fix] Change permissions on so-yara-update + fix indents 2020-06-26 09:59:44 -04:00
Mike Reeves
65687fd28e Update saltstack update to point to correct github 2020-06-25 13:02:17 -04:00
Wes Lambert
a24402de99 More Strelka rule config 2020-06-25 16:31:04 +00:00
bryant-treacle
443332d584 Update so-elastic-clear 2020-06-24 15:03:25 -04:00
bryant-treacle
08220e3330 Issue #885: so-elastic-clear not removing so-* indices 2020-06-24 18:40:11 +00:00
bryant-treacle
0849014b24 Issue #885: so-elastic-clear not removing so-* indices 2020-06-24 17:21:58 +00:00
William Wernert
bd36749959 [feat] Remove navigator container references 2020-06-24 12:38:32 -04:00
Wes Lambert
f7eacc2b05 Add FW config for Strelka frontend 2020-06-23 18:47:23 +00:00
Mike Reeves
6dbe83a77f Update so-docker-refresh 2020-06-18 12:38:07 -04:00
Wes Lambert
6d25151ab8 Basic index read-only attr removal script 2020-06-17 18:59:13 +00:00
Josh Brower
a9df5d75b0 Beta3 Kibana dashboard updates 2020-06-16 10:16:31 -04:00
Josh Patterson
1f305352a0 Merge pull request #844 from Security-Onion-Solutions/quickfix/addfwrules 
Quickfix/addfwrules
 2020-06-12 15:04:04 -04:00
Jason Ertel
b3d2ce0e18 support applying the firewall state directly from so-firewall 2020-06-12 13:52:24 -04:00
m0duspwnens
1f0509cfd6 update so-allow for wazuh and syslog 2020-06-12 11:35:18 -04:00
Mike Reeves
032c8ca4e9 Fix Conflicts 2020-06-11 13:14:11 -04:00
Mike Reeves
a37faff850 New so-allow 2020-06-11 13:03:21 -04:00
Jason Ertel
23be399a68 Ensure host doesn't exist in both include and exclude lists; add support for port management; add support for removing host from exclude list 2020-06-10 15:19:36 -04:00
Jason Ertel
c072905717 Initial firewall management script 2020-06-10 01:18:39 -04:00
Josh Brower
3f3990ac83 Merge remote-tracking branch 'remotes/origin/dev' into feature/fleet-setup 2020-06-08 08:30:37 -04:00
Josh Brower
eaacb7b71e Fleet cleanup 2020-06-03 05:54:35 -04:00
Mike Reeves
307cbe4b77 Couple of QOL scripts 2020-06-01 20:48:25 -04:00