CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-06 09:12:45 +01:00
Code Issues Packages Projects Releases Wiki Activity
10,773 Commits 24 Branches 119 Tags
d3a8bdff5266e3bb664577593e17a799c34ed936
Commit Graph

10773 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
doug
d3a8bdff52 setup improvements 2022-12-13 11:20:00 -05:00
Doug Burks
f94eb243e4 Merge pull request #9367 from Security-Onion-Solutions/dougburks-patch-1 
Upgrade to Elastic 8.5.3
 2022-12-13 10:14:41 -05:00
Doug Burks
3dd4e31f49 Upgrade to Elastic 8.5.3 in config_saved_objects.ndjson 2022-12-13 10:07:52 -05:00
Doug Burks
2004184b72 Upgrade to Elastic 8.5.3 in so-kibana-config-load 2022-12-13 10:06:23 -05:00
Doug Burks
ed8bf884eb Merge pull request #9355 from Security-Onion-Solutions/fix/2.4-ics 
Fix ICS and other issues in 2.4
 2022-12-12 09:18:14 -05:00
Doug Burks
e1d200e6ce Remove duplicate TDS dashboard from defaults.yaml 2022-12-11 14:39:08 -05:00
Doug Burks
72f71ba695 Fix TDS dashboard in defaults.yaml 2022-12-11 14:36:27 -05:00
Doug Burks
be75062612 Update so-import-pcap 2022-12-10 15:17:02 -05:00
Doug Burks
da8e098655 update so-import-evtx 2022-12-10 15:16:32 -05:00
Doug Burks
cb16bd36fb fix descriptions in defaults.yaml 2022-12-10 14:31:59 -05:00
Doug Burks
cf7d8076e9 remove old Wazuh Hunt queries in defaults.yaml 2022-12-10 14:21:58 -05:00
Doug Burks
cd664b2d39 remove old Modbus dashboard from defaults.yaml 2022-12-10 14:16:39 -05:00
Doug Burks
7f07a94a98 remove old DNP3 and Wazuh dashboards from defaults.yaml 2022-12-10 14:14:24 -05:00
Doug Burks
8a0f94f8df increase window width to accommodate extra text in so-whiptail 2022-12-10 11:24:11 -05:00
Doug Burks
66ad10cf77 fix airgap text in so-whiptail 2022-12-10 10:41:30 -05:00
Doug Burks
de2427cabe add -p option to mkdir in so-elastic-fleet-setup 2022-12-10 08:20:38 -05:00
Doug Burks
187ca4c453 Update soc defaults.yaml to include dnp3_control and dnp3_objects eventfields 2022-12-10 07:33:09 -05:00
Doug Burks
c4ea39d1ba Merge pull request #9349 from Security-Onion-Solutions/fix/2.4-ics 
2.4: Fix multiple ICS issues and keep import indices open as in 2.3
 2022-12-09 15:09:49 -05:00
doug
c2e10a4359 remove duplicate import iteration from so-functions 2022-12-09 11:00:06 -05:00
doug
90093395b6 keep so-import indices open as in 2.3 2022-12-09 10:23:09 -05:00
doug
565ca4e94f keep so-import indices open as in 2.3 2022-12-09 08:49:25 -05:00
weslambert
69c7bb11c6 Merge pull request #9343 from Security-Onion-Solutions/fix/analyzers_localfile_file_path 
FIX: Ensure file path is ascertainable by localfile.py for localfile analyzer
 2022-12-08 17:08:19 -05:00
weslambert
9477f29432 Remove double quotes to fix issue with file path sourcing from 'localfile.py' 2022-12-08 17:06:43 -05:00
doug
5c00ab7b7f correct order in defaults.yaml 2022-12-08 16:50:34 -05:00
doug
07a4919cd3 remove old opcua files 2022-12-08 16:43:11 -05:00
doug
7cfb688890 update defaults.yaml 2022-12-08 16:32:04 -05:00
Doug Burks
cf53242cf8 Merge pull request #9334 from Security-Onion-Solutions/dougburks-patch-1 
update wording in so-whiptail
 2022-12-08 10:43:22 -05:00
Doug Burks
c01486b009 update wording in so-whiptail 2022-12-08 10:32:03 -05:00
Mike Reeves
8af9dddd2e Merge pull request #9326 from Security-Onion-Solutions/config 
Switch back to older style redirect due to incompatibility with Ubuntu 18
 2022-12-07 14:10:23 -05:00
Jason Ertel
0bbc68edae Switch back to older style redirect due to incompatibility with Ub 18 2022-12-07 14:08:11 -05:00
Jason Ertel
ef3def156d Switch back to older style redirect due to incompatibility with Ubuntu 18 2022-12-07 14:03:31 -05:00
Mike Reeves
71e0d7c499 Merge pull request #9325 from Security-Onion-Solutions/config 
Switch back to grep instead of pgrep
 2022-12-07 12:13:27 -05:00
Jason Ertel
9f72cfa1fc roll back to grep instead of pgrep due to cron issue 2022-12-07 12:08:31 -05:00
Jason Ertel
fde33de030 Use original style due to pgrep conflict with cron 2022-12-07 11:51:49 -05:00
Jason Ertel
d1f554723a Merge pull request #9317 from Security-Onion-Solutions/config 
Reduce cron noise; ensure filecheck is restarted if modified
 2022-12-07 08:41:04 -05:00
Jason Ertel
e849783a86 Reduce cron noise; ensure filecheck is restarted if modified 2022-12-07 08:36:56 -05:00
weslambert
2240283457 Merge pull request #9316 from Security-Onion-Solutions/fix/ics_scada_filebeat_disable_ecat_arp_info 
Disable Filebeat input for 'ecat_arp_info' Zeek logs
 2022-12-07 08:08:42 -05:00
weslambert
def0c85349 Disable Filebeat input for 'ecat_arp_info' Zeek logs 2022-12-07 08:00:21 -05:00
weslambert
31832ae150 Merge pull request #9309 from Security-Onion-Solutions/fix/ignore_additional_strelka_rules_causing_compilation_errors 
Ignore additional rules causing YARA compilation errors
 2022-12-06 14:01:14 -05:00
weslambert
7ce0924382 Ignore additional rules causing compilation errors 2022-12-06 13:59:21 -05:00
weslambert
73304e049c Merge pull request #9304 from Security-Onion-Solutions/feature/ics_scada_additions 
Port STUN, TDS, WireGuard, and ICS/SCADA Changes from 2.3 to 2.4
 2022-12-06 13:14:47 -05:00
weslambert
a626acced0 Add new ICS/SCADA event fields to the dashboards section of the configuration and remove extra space in key names. 2022-12-06 13:11:55 -05:00
Jason Ertel
6443e702a5 Merge pull request #9305 from Security-Onion-Solutions/config 
Filecheck support for Suricata
 2022-12-06 12:53:19 -05:00
Jason Ertel
88410bc8f8 Merge branch '2.4/dev' into config 2022-12-06 12:38:43 -05:00
Jason Ertel
168cd00e1b Handle suricata extracted with filecheck 2022-12-06 12:34:02 -05:00
Wes
1b5c1fecd4 Revert SOC default 'alerts' event fields and specify additional event fields for ICS/SCADA events 2022-12-06 17:28:30 +00:00
Wes
b048eec3c0 Add STUN, TDS, WireGuard, and ICS/SCADA dashboard queries 2022-12-06 17:17:49 +00:00
Wes
f44eee134a Add default queries and ICS/SCADA queries 2022-12-06 16:52:20 +00:00
Wes
c741fe6b4d Ensure ICS/SCADA plugins/scripts are enabled 2022-12-06 16:23:26 +00:00
Wes
be5775e4a0 Ensure Filebeat defaults file is updated with ICS/SCADA log references 2022-12-06 16:15:09 +00:00