CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-21 08:23:08 +01:00
Code Issues Packages Projects Releases Wiki Activity
16,037 Commits 18 Branches 120 Tags
d35ffef503b0933f56c65b47c25349b32caed24f
Commit Graph

805 Commits

Author SHA1 Message Date
Doug Burks
5be56703e9 Merge pull request #12698 from Security-Onion-Solutions/dougburks-patch-1 
FEATURE: Add Events table columns for zeek ssl and suricata ssl #12697
 2024-03-29 14:46:39 -04:00
Doug Burks
0c7ba62867 FEATURE: Add Events table columns for zeek ssl and suricata ssl #12697 2024-03-29 14:44:29 -04:00
Corey Ogburn
e747a4e3fe New Settings for Manual Sync in Detections 2024-03-29 12:25:03 -06:00
Doug Burks
102c3271d1 FEATURE: Add process.command_line to Process Info and Process Ancestry dashboards #12694 2024-03-29 12:04:47 -04:00
Doug Burks
e2caf4668e FEATURE: Add Events table columns for event.module elastic_agent #12666 2024-03-26 16:08:41 -04:00
Josh Brower
63a58efba4 Merge pull request #12656 from Security-Onion-Solutions/2.4/detections-fixes 
Add bindings for sigma repos
 2024-03-26 09:33:38 -04:00
DefensiveDepth
bbcd3116f7 Fixes 2024-03-26 09:31:46 -04:00
Josh Brower
9c12aa261e Merge pull request #12660 from Security-Onion-Solutions/kilo 
Initial cut to remove Playbook and deps
 2024-03-26 08:31:11 -04:00
DefensiveDepth
cc0f4847ba Casing and validation 2024-03-26 08:10:57 -04:00
DefensiveDepth
7c4ea8a58e Add Detections SOC Config 2024-03-26 07:39:39 -04:00
Doug Burks
20bd9a9701 FEATURE: Include additional groupby fields in Dashboards relating to sankey diagrams #12657 2024-03-26 07:39:24 -04:00
DefensiveDepth
94ee761207 Remove Playbook ref 2024-03-25 21:11:47 -04:00
DefensiveDepth
d7ecad4333 Initial cut to remove Playbook and deps 2024-03-25 19:42:31 -04:00
DefensiveDepth
49fa800b2b Add bindings for sigma repos 2024-03-25 14:45:50 -04:00
Josh Brower
b8d33ab983 Merge pull request #12639 from Security-Onion-Solutions/2.4/enable-detections 
Enable Detections
 2024-03-25 09:30:01 -04:00
Corey Ogburn
237946e916 Specify Folder in Rule Repo 2024-03-22 13:52:20 -06:00
Corey Ogburn
3d04d37030 Update ElastAlert Config with Default Repos 2024-03-22 13:52:20 -06:00
Doug Burks
a78a304d4f FEATURE: Add event.dataset to all Events column layouts #12641 2024-03-22 13:19:31 -04:00
DefensiveDepth
5ca9ec4b17 Enable Detections 2024-03-22 10:12:26 -04:00
Doug Burks
2b019ec8fe Merge pull request #12634 from Security-Onion-Solutions/dougburks-patch-1 
FEATURE: Add Events column layout for event.module system #12628
 2024-03-22 05:52:23 -04:00
DefensiveDepth
4a33234c34 Default update to 24 hours 2024-03-21 07:26:19 -04:00
Doug Burks
778997bed4 FEATURE: Add Events column layout for event.module system #12628 2024-03-20 17:07:37 -04:00
DefensiveDepth
d84af803a6 Enable Autoupdates 2024-03-20 08:48:31 -04:00
DefensiveDepth
020eb47026 Change Detections defaults 2024-03-19 13:53:37 -04:00
Jason Ertel
844cfe55cd handle airgap when detections not enabled 2024-03-13 20:52:17 -04:00
Jason Ertel
927fe9039d handle airgap when detections not enabled 2024-03-13 20:50:03 -04:00
m0duspwnens
1a829190ac remove modules if detections disabled 2024-03-13 09:46:44 -04:00
DefensiveDepth
61a183b7fc Add regex defaults 2024-03-11 15:55:39 -04:00
Corey Ogburn
6f05c3976b Updated RulesRepo for New Strelka Structure 2024-03-08 11:29:46 -07:00
Jason Ertel
8f36a8a4b6 Merge pull request #12514 from Security-Onion-Solutions/jertel/annotations 
detections annotations
 2024-03-06 11:10:21 -05:00
Jason Ertel
1cbac11fae detections annotations 2024-03-06 11:08:03 -05:00
Jason Ertel
167aff24f6 detections annotations 2024-03-06 11:03:52 -05:00
Josh Brower
9e671621db Merge pull request #12510 from Security-Onion-Solutions/2.4/excludedetections 
Add Exclusion toggle
 2024-03-06 10:56:29 -05:00
Jason Ertel
0f12297f50 add new pcap annotations 2024-03-06 08:19:42 -05:00
Jason Ertel
12653eec8c add new pcap annotations 2024-03-06 08:14:33 -05:00
Josh Brower
1b47537a3f Add Exclusion toggle 2024-03-06 07:16:50 -05:00
Josh Brower
f3dce66f03 Merge pull request #12482 from Security-Onion-Solutions/2.4/sigma-pipeline 
2.4/sigma pipeline
 2024-03-01 15:29:13 -05:00
Josh Brower
d832158cc5 Drop Hashes field 2024-03-01 15:26:02 -05:00
Josh Brower
b017157d21 Add antivirus mapping 2024-03-01 14:04:56 -05:00
Josh Brower
59af547838 Fix download location 2024-02-27 09:49:54 -05:00
Josh Brower
c6baa4be1b Airgap Support - Detections module 2024-02-26 16:19:32 -05:00
Doug Burks
52580fb8c4 Merge pull request #12434 from Security-Onion-Solutions/feature/improve-endpoint-columns 
Add multiple endpoint features
 2024-02-26 12:05:30 -05:00
Doug Burks
f8424f3dad Update defaults.yaml 2024-02-26 11:22:09 -05:00
Doug Burks
c8a95a8706 FEATURE: Add new endpoint dashboards #12428 2024-02-26 09:59:07 -05:00
Doug Burks
4df21148fc FEATURE: Add default columns for endpoint.events datasets #12425 2024-02-26 09:40:51 -05:00
Doug Burks
ca249312ba FEATURE: Add new SOC action for Process Info #12421 2024-02-26 09:38:14 -05:00
Josh Brower
66b815d4b2 Merge pull request #12431 from Security-Onion-Solutions/feature/brower-detections 
Add Detection AutoUpdate config
 2024-02-26 08:43:33 -05:00
Josh Brower
a6bb7216f9 Add Detection AutoUpdate config 2024-02-26 08:18:42 -05:00
Doug Burks
d6cb8ab928 update events_x_process in defaults.yaml 2024-02-23 17:09:40 -05:00
Doug Burks
daf96d7934 fix new eventFields in merged.map.jinja 2024-02-23 17:07:48 -05:00