CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-06 17:22:49 +01:00
Code Issues Packages Projects Releases Wiki Activity
5,630 Commits 24 Branches 119 Tags
d3ef46a5f68e9bc5f52cfa86bdfeeb51ea3fb5a5
Commit Graph

151 Commits

Author SHA1 Message Date
weslambert
6b4af30fc1 Change clean_removed to true cleanup tracking of Zeek logs removed from current 2020-11-18 13:47:32 -05:00
m0duspwnens
1fca5e65df redo how containers get added to so-status https://github.com/Security-Onion-Solutions/securityonion/issues/1681 2020-11-10 15:31:47 -05:00
William Wernert
6169758f4e [fix] 0 -> root so file owner is set correctly 2020-11-03 16:47:59 -05:00
m0duspwnens
10e4248cfc and node that gets filebeat state now can listen for syslog - https://github.com/Security-Onion-Solutions/securityonion/issues/1551 2020-10-19 16:10:20 -04:00
m0duspwnens
79854f111e add 514 tcp listener to filebeat docker and add syslog listener to fb config for manager and manager search - https://github.com/Security-Onion-Solutions/securityonion/issues/1551 2020-10-19 10:27:40 -04:00
Doug Burks
a106913d1a Heavy node filebeat needs extra_hosts for the heavy node itself #1521 2020-10-14 09:51:59 -04:00
Wes Lambert
4fc4913d1e Don't predefine index date for Filebeat ES outputs 2020-10-12 15:44:00 +00:00
Wes Lambert
1970d95d5f Make Filebeat registry persistent to avoid re-reading old data 2020-10-05 13:30:04 +00:00
Wes Lambert
d8f70397f7 Fix Filebeat config for Wazuh 2020-09-30 14:57:56 +00:00
Mike Reeves
0a0e00866c Upgrade Fun 2020-09-14 14:50:22 -04:00
m0duspwnens
09cc8ae1fb fail the state if it isnt in top 2020-09-09 16:48:50 -04:00
m0duspwnens
a229ae82ce only allow state to run if it is in top for the node 2020-09-02 16:15:52 -04:00
Mike Reeves
f9e5ea8ba7 Fix SSL for filebeat 2020-08-19 21:12:41 -04:00
m0duspwnens
dbe14fcbdb Merge remote-tracking branch 'remotes/origin/dev' into issue/1049 2020-08-12 16:46:03 -04:00
m0duspwnens
0f53b4d703 set esheapsize and filebeat config for import node 2020-08-12 10:39:31 -04:00
Mike Reeves
92cc176b6d Fix features logic in all states that use it 2020-08-10 20:59:41 -04:00
Mike Reeves
24ed92c9dc minio and change to global 2020-08-04 15:54:03 -04:00
Wes Lambert
958ee25f6d Move Wazuh from /opt/so/ to /nsm/wazuh 2020-07-27 11:58:12 +00:00
m0duspwnens
e3efaee864 change reference from bro to zeek 2020-07-17 14:41:44 -04:00
Jason Ertel
9dc1151347 Imported logs are sent to so-import index on eval installations 2020-07-14 22:59:42 -04:00
Jason Ertel
8f66a27f07 Refactor image repository to a single variable 2020-07-13 18:26:43 -04:00
m0duspwnens
13af4cacb0 merge with dev and resolve conflicts 2020-07-10 16:27:10 -04:00
Mike Reeves
46d572fa8c Fix Filebeat spacing 2020-07-10 15:51:12 -04:00
Mike Reeves
5eb33d5ac7 Logstash Import and Template Assignment 2020-07-10 13:53:55 -04:00
m0duspwnens
9c2dcd2318 fix reference to master grain 2020-07-09 17:06:44 -04:00
m0duspwnens
5ca3ecf4bd fix reference to master grain 2020-07-09 15:42:39 -04:00
m0duspwnens
3cf31e2460 https://github.com/Security-Onion-Solutions/securityonion/issues/404 2020-07-09 11:27:06 -04:00
m0duspwnens
5f68542241 add pillar example for filebeat inputs/output 2020-07-08 09:52:25 -04:00
m0duspwnens
fff713db85 changes for https://github.com/Security-Onion-Solutions/securityonion/issues/825 2020-07-07 15:48:47 -04:00
Wes Lambert
2fdd5fd77b Fix pillar reference for Strelka/FB 2020-07-07 13:46:57 +00:00
Jason Ertel
96e93b012d Adjust imports for filebeat configuration to ensure import data is placed into ES 2020-07-01 17:18:01 -04:00
Jason Ertel
d6feafb12a Correct indentation in filebeat.yaml 2020-07-01 15:39:23 -04:00
Jason Ertel
a3deb868ad Improve filebeat config indentation 2020-06-30 14:57:34 -04:00
Jason Ertel
930f15eea5 Introduce so-import-pcap tool - WIP 2020-06-30 14:56:08 -04:00
Mike Reeves
79adf2012a Fix log rotate on Suricata 2020-06-04 10:43:24 -04:00
Mike Reeves
7043bbae9d Merge remote-tracking branch 'remotes/origin/dev' into feature/metasuri 2020-06-04 09:10:54 -04:00
Wes Lambert
91673a5d70 Update FB config 2020-06-02 17:33:42 +00:00
Mike Reeves
d47acd1d80 Change suricata to hit suricata.common 2020-06-02 11:41:13 -04:00
weslambert
d2263db0ff Update init.sls 2020-05-28 12:11:08 -04:00
Wes Lambert
5afc05feb2 Update FB init for syslog 2020-05-28 12:35:22 +00:00
Wes Lambert
b9bdca509e update Filebeat config for syslog 2020-05-28 12:33:41 +00:00
Wes Lambert
3684cdf1c6 Update FB and LS 2020-05-27 17:00:09 +00:00
Mike Reeves
fbbacd205c Update filebeat.yml 2020-05-18 08:47:03 -04:00
m0duspwnens
766b56a944 update dockers to 1.2.2 2020-04-23 10:11:26 -04:00
Mike Reeves
d9e27a5444 Update Versions 2020-04-15 15:37:59 -04:00
Wes Lambert
e086db3de6 update key name 2020-04-13 16:09:06 +00:00
Mike Reeves
b70d19781d Fix Filebeat Yaml 2020-04-09 13:58:19 -04:00
Mike Reeves
5a985736e5 Disable Strelka for all things 2020-04-09 11:49:38 -04:00
Mike Reeves
8ffeb0a33d Fix Wazuh and Strelka 2020-04-09 11:45:45 -04:00
Wes Lambert
ad5626f407 update variables 2020-04-06 13:09:52 +00:00