CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-06 17:22:49 +01:00
Code Issues Packages Projects Releases Wiki Activity
10,697 Commits 24 Branches 119 Tags
d44f8e495bde52c6031a517e87f4eb45d3fb0aa3
Commit Graph

723 Commits

Author SHA1 Message Date
Wes
d44f8e495b Check if connection.state is populated before trying to assess its value 2022-11-29 19:00:47 +00:00
Wes
13a8cbdabb Add convert processor for opcua.encoding_mask 2022-11-29 18:59:30 +00:00
weslambert
1cc5961c07 Change 'write' to 'read' to correct name and avoid pipeline failure 2022-11-29 12:54:55 -05:00
Wes
5db643e53b Add Zeek dnp3_control ingest pipeline 2022-11-29 17:18:24 +00:00
doug
1bb76bb251 update zeek s7comm parsers 2022-11-29 07:50:21 -05:00
doug
4251331bd4 update zeek tds parsers and dashboard 2022-11-29 07:43:20 -05:00
doug
124d56f4b9 update zeek cip parsers 2022-11-29 07:36:30 -05:00
doug
02821b97ad update bacnet parsers 2022-11-29 07:26:11 -05:00
doug
9a50832669 fix more typos 2022-11-29 07:16:30 -05:00
doug
cffbe757a6 fix bsap typos 2022-11-29 06:56:51 -05:00
doug
8462e66873 fix opcua_binary_browse_description 2022-11-28 13:50:24 -05:00
doug
6d814d3909 add more zeek opcua parsers 2022-11-26 17:43:58 -05:00
doug
73adc571de add more zeek ics parsers 2022-11-26 10:36:49 -05:00
Doug Burks
3f62cddc3b change . to _ 2022-11-23 12:21:12 -05:00
Doug Burks
085420997c move status_code before status_code.link_id 2022-11-23 12:11:04 -05:00
Doug Burks
0a1d0d35c8 fix description 2022-11-23 11:33:31 -05:00
Doug Burks
9ee96f2280 fix description 2022-11-23 11:32:09 -05:00
doug
bc620b7def fix zeek opcua pipelines 2022-11-23 10:56:32 -05:00
weslambert
3a64362887 Remove extra space used during testing 2022-11-22 15:47:16 -05:00
Wes
e77a60bcbf Add missing OPCUA 'activate_session' pipelines 2022-11-22 20:44:48 +00:00
weslambert
3c054fd133 Fix spelling of 'wireguard.responses' field name 2022-11-22 13:02:43 -05:00
weslambert
8e17c23659 Fix format/speliing for 'enip.status_code' field name 2022-11-22 12:05:03 -05:00
weslambert
92170941f0 Fix spelling for 'stun.class' field name 2022-11-22 12:04:07 -05:00
Wes
95a6f9aa7d Add COTP and TDS ingest pipelines 2022-11-22 13:35:19 +00:00
Peter Di Giorgio
33bf0c6902 Merge pull request #9163 from Security-Onion-Solutions/dev 
Update Foxtrot from Dev
 2022-11-17 10:44:24 -06:00
Wes
a278194037 Add additional ICS/SCADA ingest node pipelines 2022-11-17 16:16:33 +00:00
Wes
35e131b888 Update ingest node pipelines for ICS/SCADA protocols 2022-11-16 21:09:30 +00:00
lock-wire
73b1e5949b Add ecat, enip, cip, and opcua 2022-11-11 12:15:54 -08:00
lock-wire
85d30520ce Add BSAP protocol 2022-11-11 07:22:55 -08:00
Peter Di Giorgio
5ebf470a86 Update zeek.bacnet_discovery 2022-11-03 22:27:04 -07:00
Peter Di Giorgio
4b39ccec6d Update zeek.bacnet_property 2022-11-03 15:30:20 -07:00
Peter Di Giorgio
b97c822800 Add zeek.bacnet_discovery and zeek.bacnet_property 2022-10-27 15:40:52 -07:00
Peter Di Giorgio
71e3b2d1fb Create zeek.bacnet 2022-10-27 15:40:07 -07:00
Peter Di Giorgio
2b51d72585 Rename zeek.read_write_multiple_registers to zeek.modbus_read_write_multiple_registers 2022-10-25 17:20:01 -07:00
Peter Di Giorgio
7a60d0987c Update zeek.conn to include client.oui 2022-10-21 13:02:01 -07:00
Peter Di Giorgio
9ac06057c1 Create zeek.read_write_multiple_registers 2022-10-21 13:00:12 -07:00
Peter Di Giorgio
e5c69c3236 Create zeek.modbus_mask_write_register 2022-10-21 12:58:36 -07:00
Peter Di Giorgio
39f050c6e4 Rename modbus_detailed to zeek.modbus_detailed 2022-10-21 12:56:59 -07:00
Peter Di Giorgio
4ee083759c Rename dnp3_objects to zeek.dnp3_objects 2022-10-21 12:56:35 -07:00
Peter Di Giorgio
072bfd87b7 Create Ingest for Modbus Detailed 2022-10-21 12:53:30 -07:00
Peter Di Giorgio
b7aaaa80bb Create Ingest for DNP3 Objects extension 2022-10-21 12:51:13 -07:00
bryant-treacle
82dff3e9da Fix issues: 8591-8953 2022-08-30 13:48:53 +00:00
weslambert
8c694a7ca3 Disable ingest.geoip.downloader by default 2022-08-03 09:21:40 -04:00
weslambert
9ac640fa67 Remove airgap-specific logic for ingest.geoip.downloader 2022-08-03 09:21:03 -04:00
Wes Lambert
839cfcaefa Update Elasticsearch defaults file and config.map.jinja to allow for local GeoIP database use when airgap is enabled 2022-08-02 14:32:17 +00:00
weslambert
2914007393 Add forward slash to fix issue with missing query path 2022-07-18 09:07:34 -04:00
Wes Lambert
b06c16f750 Add ingest node pipeline for Kratos 2022-07-08 15:53:00 +00:00
Mike Reeves
8b3d5e808e Fix repo location 2022-06-30 13:30:56 -04:00
Mike Reeves
e86b7bff84 Fix repo location 2022-06-30 13:29:21 -04:00
weslambert
44595cb333 Merge pull request #8123 from Security-Onion-Solutions/foxtrot 
Merge foxtrot into dev
 2022-06-14 15:44:13 -04:00