CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-06 17:22:49 +01:00
Code Issues Packages Projects Releases Wiki Activity
10,773 Commits 24 Branches 119 Tags
d3a8bdff5266e3bb664577593e17a799c34ed936
Commit Graph

712 Commits

Author SHA1 Message Date
doug
07a4919cd3 remove old opcua files 2022-12-08 16:43:11 -05:00
Wes
14af1d36cb Ensure ICS/SCADA pipelines are present 2022-12-06 15:58:47 +00:00
Wes
7f324bc47e Remove extra space used during testing 2022-11-22 20:52:08 +00:00
Wes
a6bc5b108f Add missing OPCUA 'activate_session' pipelines 2022-11-22 20:51:44 +00:00
weslambert
356904f751 Fix spelling of 'wireguard.responses' field name 2022-11-22 13:03:04 -05:00
weslambert
6b77843e52 Fix format/speliing for 'enip.status_code' field name 2022-11-22 12:07:55 -05:00
weslambert
13faf63770 Fix spelling for 'stun.class' field name 2022-11-22 12:07:15 -05:00
Wes
a38e312df4 Add COTP and TDS ingest pipelines 2022-11-22 13:36:27 +00:00
Wes
05b9a067fd Add additional ICS/SCADA ingest node pipelines 2022-11-17 16:03:21 +00:00
Wes
638a3568b0 Update ingest node pipelines for ICS/SCADA protocols 2022-11-16 21:11:21 +00:00
m0duspwnens
c880be8d45 use curator defaults.yaml merged with pillar for actions 2022-10-21 10:38:32 -04:00
m0duspwnens
eed3746ebc fix some globals 2022-10-12 13:39:37 -04:00
m0duspwnens
b526532ab6 use global vars in states 2022-10-11 11:57:15 -04:00
doug
fee5a7bea9 initial quick OCD pass 2022-09-23 16:29:55 -04:00
Mike Reeves
e3f4a58989 Merge pull request #8804 from Security-Onion-Solutions/funstuff 
Firewall and More
 2022-09-23 14:00:51 -04:00
Wes
0fd5fee868 Fix syntax for Fleet component templates 2022-09-22 15:07:43 +00:00
m0duspwnens
c77fcc74c1 merge in 2.4./firewall changes 2022-09-22 10:55:39 -04:00
Wes
46dd4c2749 Rename component mappings and references for Security Onion 2022-09-20 20:33:06 +00:00
Wes
7f2c5bc757 Add component templates for Fleet 2022-09-20 20:27:26 +00:00
Mike Reeves
85339d7cb1 Add helpLinks to everything 2022-09-20 15:43:34 -04:00
Doug Burks
df18f8f886 Merge pull request #8779 from Security-Onion-Solutions/2.4/dev 
2.4/dev
 2022-09-20 13:32:54 +00:00
weslambert
509c32482f Update so-elasticsearch-templates-load to allow for proper loading of differently formatted Elastic Agent index templates 2022-09-19 16:39:49 -04:00
doug
fdffac83e1 sysmon fix by bryant 2022-09-19 14:47:45 -04:00
Wes
9095bc2205 Re-establish Elasticsearch cluster (search) settings 2022-09-19 15:41:54 +00:00
Wes
12e940f809 Change managed_by value from 'fleet' to 'security_onion' for Elastic Agent templates in defaults.yaml 2022-09-16 20:55:49 +00:00
Mike Reeves
b38f0fa996 Update watermark settings 2022-09-13 12:13:45 -04:00
weslambert
030f4d228a Add back Elastic Agent default templates 2022-09-12 15:10:24 -04:00
Mike Reeves
3de4e56db9 Fix ES merge 2022-09-10 19:25:01 -04:00
Mike Reeves
74ef6c0ed0 Fix yaml for idh,es,kib,esalert 2022-09-09 15:30:28 -04:00
Wes
86d60e444d Add Elastic Agent index/template configuration to defaults file 2022-09-08 00:20:22 +00:00
Wes
b39a5061ca Load Elastic Agent component templates (managed by Security Onion) 2022-09-07 21:26:43 +00:00
Wes
eeffded248 Remove duplicate security subfield configuration from component templates 2022-09-07 21:23:04 +00:00
Wes
3c50072690 Add Elastic Agent component templates 2022-09-07 18:51:57 +00:00
Mike Reeves
2bd9dd80e2 Move In Day 2022-09-07 09:06:25 -04:00
weslambert
2914007393 Add forward slash to fix issue with missing query path 2022-07-18 09:07:34 -04:00
Wes Lambert
b06c16f750 Add ingest node pipeline for Kratos 2022-07-08 15:53:00 +00:00
Mike Reeves
8b3d5e808e Fix repo location 2022-06-30 13:30:56 -04:00
Mike Reeves
e86b7bff84 Fix repo location 2022-06-30 13:29:21 -04:00
weslambert
44595cb333 Merge pull request #8123 from Security-Onion-Solutions/foxtrot 
Merge foxtrot into dev
 2022-06-14 15:44:13 -04:00
doug
025993407e FIX: Add event.category field to pfsense firewall logs #8112 2022-06-13 08:03:44 -04:00
Josh Brower
8e368bdebe Merge in upstream dev 2022-05-06 20:01:07 -04:00
weslambert
542db5b7f5 Update defaults.yaml 2022-04-21 17:24:24 -04:00
Josh Brower
2b39570b08 Fix matching logic 2022-04-18 10:37:38 -04:00
Josh Brower
886d69fb38 Compress + Clean ES & Logstash App Logs 2022-04-11 16:09:24 -04:00
weslambert
e6599cd10e Update with changes from Abe's PR and other fixes 2022-03-25 13:57:44 -04:00
weslambert
c02d7fab50 Merge pull request #7636 from Security-Onion-Solutions/feature/rita 
Parsing of RITA Logs
 2022-03-24 13:05:22 -04:00
Wes Lambert
fe1b72655b Additional .keyword shims for process mappings 2022-03-24 16:45:06 +00:00
weslambert
1f2bca599f Check cluster health before trying to load roles for ES 2022-03-23 11:00:26 -04:00
Wes Lambert
2487d468ab Add RITA Elasticsearch ingest pipeline config 2022-03-22 17:38:22 +00:00
weslambert
7128b04636 Remove indices.query.bool.max_clause_count because it is dynamically allocated in Elastic 8 2022-03-17 21:20:41 -04:00