CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-21 16:33:08 +01:00
Code Issues Packages Projects Releases Wiki Activity
16,037 Commits 18 Branches 120 Tags
d35ffef503b0933f56c65b47c25349b32caed24f
Commit Graph

805 Commits

Author SHA1 Message Date
Corey Ogburn
cbb4d6846f Detection Engine Status Queries 
A few for testing
 2024-10-24 11:18:45 -06:00
Jason Ertel
cacd5b0643 connect 2024-10-24 09:36:09 -04:00
Jason Ertel
7c405ff9d7 connect 2024-10-24 08:47:52 -04:00
Jason Ertel
5e6dd2e8b3 connect 2024-10-23 16:49:02 -04:00
Jason Ertel
f713dbacf8 connect 2024-10-16 17:53:57 -04:00
defensivedepth
dcdfaf66f4 Add process and file creation mappings 2024-10-16 15:20:52 -04:00
Jason Ertel
647f057714 Merge branch '2.4/dev' into jertel/wip 2024-10-16 13:44:20 -04:00
Jason Ertel
523ff66389 connect work 2024-10-16 13:44:01 -04:00
Corey Ogburn
d2bd9c0e26 Changes to allow reviews to start showing 2024-10-10 09:48:59 -06:00
defensivedepth
778d5be407 Change summaries branch 2024-09-25 15:35:08 -04:00
Jason Ertel
cce9e162d4 remove colon to avoid yaml parsing problems 2024-09-16 15:30:14 -04:00
Jason Ertel
217bb388a0 Clarify enabled settings 2024-09-16 10:05:17 -04:00
Jason Ertel
8b8737221d mark specific settings as allowed to include Jinja 2024-09-11 09:28:17 -04:00
Jason Ertel
f19a35ff06 move custom alerters to subgroup; avoid false positives on log check 2024-08-28 09:32:25 -04:00
Jason Ertel
6043da4424 annotation updates 2024-08-27 13:04:43 -04:00
Jason Ertel
48f1e24bf5 notification updates 2024-08-22 09:04:43 -04:00
Jason Ertel
cf47508185 notification updates 2024-08-22 09:02:32 -04:00
Jason Ertel
caa8d9ecb0 fix repo path 2024-08-09 06:58:40 -04:00
Corey Ogburn
c71b9f6e8f Fix CopyPasta 
Strelka annotations referenced ElastAlert. Fixed.
 2024-08-08 13:31:08 -06:00
Corey Ogburn
8c1feccbe0 Tweak value 2024-08-08 12:53:51 -06:00
Corey Ogburn
5ee15c8b41 Tweak value 2024-08-08 12:00:07 -06:00
Corey Ogburn
5328f55322 Remove new config value 2024-08-08 11:43:15 -06:00
Corey Ogburn
712f904c43 Config for Repo Folder 
The folder we checkout the AI Summary repo into should definitely exist.
 2024-08-08 10:57:07 -06:00
Corey Ogburn
ccd7d86302 More AI Summaries Config/Annotations 
Added aiRepoBranch to all 3 detection engines.

Added showUnreviewedAiSummaries to client parameters.

Added annotations.
 2024-08-08 10:46:41 -06:00
Corey Ogburn
fc89604982 New Config Values/Annotations for Ai Summaries 
Each engine pulls the same repo into the same location and shows the summaries.

Which repo and where to keep them is advanced, but turning AI summaries on or off is not.
 2024-08-06 13:55:54 -06:00
Jason Ertel
3130b56d58 Provide new setting to require OTP 2024-07-30 10:39:57 -04:00
Corey Ogburn
45b2413175 Removed Allow/Deny Regexes, Added Enable/Disable Regex 
Update config and annotations for new regex support for suricata.
 2024-07-19 12:45:24 -06:00
Corey Ogburn
022df966c7 Remove Allow/Deny Regex, Add Suricata Enable/Disable Regex 2024-07-19 12:28:04 -06:00
Corey Ogburn
d0565baaa3 New Config Values for Detections Bulk Indexer 
`maxScrollSize` defines the "page size" of each scroll request.

`bulkIndexerWorkerCount` defines how many worker threads a bulk indexer should use. 0 or fewer indicates that 1 thread per CPU core should be used.
 2024-07-15 14:43:47 -06:00
Doug Burks
3991c7b5fe FEATURE: Add new action to SOC Actions list to allow users to more easily add their own actions #13346 2024-07-15 15:52:00 -04:00
Doug Burks
dfd8ac3626 FIX: Update SOC MOTD #13320 2024-07-09 12:55:58 -04:00
m0duspwnens
50f0c43212 merge dev 2024-06-26 12:33:32 -04:00
weslambert
bf91030204 Add option for detections without license 2024-06-21 15:33:11 -04:00
m0duspwnens
469ca44016 fix maps 2024-06-20 16:53:12 -04:00
m0duspwnens
81fcd68e9b create and use redis:nodes and elasticsearch:nodes pillars 2024-06-20 16:42:11 -04:00
Doug Burks
07b9011636 Update defaults.yaml to put Process actions in logical order 2024-06-20 10:09:27 -04:00
Matthew Wright
bc2b3b7f8f Merge pull request #13236 from Security-Onion-Solutions/mwright/licenseDropdown 
Added license presets to defaults.yaml file
 2024-06-18 18:05:15 -04:00
unknown
ea02a2b868 Added license presets to defaults.yaml file 2024-06-18 16:52:00 -04:00
Doug Burks
de18bf06c3 FEATURE: Add new Process actions #13226 2024-06-18 10:36:41 -04:00
DefensiveDepth
521cccaed6 Update defaults 2024-06-18 08:43:00 -04:00
Doug Burks
93ced0959c FEATURE: Add more links and descriptions to SOC MOTD #13216 2024-06-17 09:25:01 -04:00
Doug Burks
6f13fa50bf FEATURE: Add more links and descriptions to SOC MOTD #13216 2024-06-17 09:24:32 -04:00
Doug Burks
3bface12e0 FEATURE: Add more links and descriptions to SOC MOTD #13216 2024-06-17 09:23:14 -04:00
Doug Burks
b584c8e353 FEATURE: Add more links and descriptions to SOC MOTD #13216 2024-06-17 09:13:17 -04:00
DefensiveDepth
7af94c172f Change spelling 2024-06-14 16:00:22 -04:00
DefensiveDepth
7556587e35 Update rule templates 2024-06-14 15:47:57 -04:00
DefensiveDepth
c89f1c9d95 remove multiline 2024-06-14 13:48:55 -04:00
DefensiveDepth
b7ac599a42 set to empty 2024-06-14 13:21:36 -04:00
DefensiveDepth
68302e14b9 add to defaults and tweaks 2024-06-14 09:28:23 -04:00
DefensiveDepth
c1abc7a7f1 Update description 2024-06-14 08:51:34 -04:00