CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2026-04-25 14:07:49 +02:00
Code Issues Packages Projects Releases Wiki Activity
11,768 Commits 40 Branches 125 Tags
d886265211a54a0f88aca790c7062302a2d46842
Commit Graph

112 Commits

Author SHA1 Message Date
Mike Reeves 148b0b1c4c use hostnames please 2023-02-23 11:11:29 -05:00
Mike Reeves 95f254dc63 Change elastalert ip 2023-02-23 09:37:20 -05:00
Mike Reeves dc2fed5b04 Change elastalert ip 2023-02-23 09:34:16 -05:00
Mike Reeves 0ec0983d7b Chane Elastalert to use hosntame 2023-02-23 08:57:30 -05:00
m0duspwnens a37f0fd0c0 rename sosbridge to sobridge 2023-02-03 10:07:07 -05:00
m0duspwnens ac157432de include docker 2023-01-09 14:58:36 -05:00
m0duspwnens ec5c565cec put elastalert on sosbridge 2023-01-09 14:49:33 -05:00
m0duspwnens b526532ab6 use global vars in states 2022-10-11 11:57:15 -04:00
doug fee5a7bea9 initial quick OCD pass 2022-09-23 16:29:55 -04:00
Mike Reeves 85339d7cb1 Add helpLinks to everything 2022-09-20 15:43:34 -04:00
Mike Reeves 064b64f68a Add Grafana annotation 2022-09-13 14:00:04 -04:00
Mike Reeves de047cea8e Add Grafana annotation 2022-09-13 13:56:37 -04:00
Mike Reeves 3de4e56db9 Fix ES merge 2022-09-10 19:25:01 -04:00
Mike Reeves 037d5d1c46 Fix yaml for idh,es,kib,esalert 2022-09-09 15:55:51 -04:00
Mike Reeves e2eaefab6e Fix yaml for idh,es,kib,esalert 2022-09-09 15:45:13 -04:00
Mike Reeves 74ef6c0ed0 Fix yaml for idh,es,kib,esalert 2022-09-09 15:30:28 -04:00
Mike Reeves 2bd9dd80e2 Move In Day 2022-09-07 09:06:25 -04:00
m0duspwnens 7d7cf42d9a use onlyif requisite instead 2022-07-13 15:21:34 -04:00
m0duspwnens 086cf3996d do not start elastalert if elasticsearch is not v8 2022-07-13 11:21:27 -04:00
Jason Ertel eefcc929c2 Update copyright pattern to match other repos 2022-01-24 10:09:23 -05:00
m0duspwnens 7ebba1f325 use show_changes: False to prevent es pw from being shown when running the state 2022-01-19 12:11:38 -05:00
m0duspwnens 4d078046d6 quote ES_PASS due to new characters in random string for elasticsearch:auth pw generation 2022-01-19 11:55:25 -05:00
m0duspwnens f93c6146f5 docker binds requires 2021-10-21 15:24:55 -04:00
Jason Ertel d0592c4293 Update ElastAlert to use ElastAlert 2 2021-09-28 00:51:29 -04:00
Josh Brower 591ef540a6 esalerter ES creds fix 2021-06-21 10:50:09 -04:00
Jason Ertel 059b016c62 Fix require statement 2021-06-16 21:48:31 -04:00
Jason Ertel 2d34208269 Elastic auth: Fun with Salt 2021-06-16 17:52:22 -04:00
Jason Ertel dd14235e31 Accept either 200 or 401 instead of wasting 3 minutes waiting for this to timeout 2021-06-16 11:39:21 -04:00
Jason Ertel 09fbb045a1 If ES auth disabled ensure user/pass are blank 2021-06-16 09:59:57 -04:00
Jason Ertel dd8eb29a18 Continue merge of ECS into Elastic Auth 2021-06-15 09:11:58 -04:00
Jason Ertel 62187807f0 Specify elastic creds for playbook alert templates 2021-06-14 14:08:14 -04:00
Jason Ertel 901242f7e9 remove extra parenthesis 2021-06-02 16:23:45 -04:00
Jason Ertel 20e896cacf Update all configs to pass user/pass to ES 2021-06-02 12:17:15 -04:00
Josh Brower ef98445560 Fix Playbook Alert timestamps 2021-03-31 15:44:41 -04:00
Josh Brower 2425355680 Fix https Playbook Alerter 2021-03-19 16:38:33 -04:00
Mike Reeves bf4249d28b fix elastalert verification 2021-03-03 14:16:10 -05:00
Mike Reeves e0538417f1 fix http.wait 2021-03-03 14:06:35 -05:00
Mike Reeves bfd05a8cfc Change to https for elastic connections 2021-03-02 11:32:29 -05:00
m0duspwnens 8cf0a3da98 remove seconds 2021-02-01 15:19:47 -05:00
m0duspwnens 0ea504c16a remove space 2021-01-29 17:32:48 -05:00
m0duspwnens 618b94b9b6 add newline 2021-01-29 15:31:05 -05:00
m0duspwnens f50a89a0cf watch elastalert config and restart docker if chagnes 2021-01-29 15:28:59 -05:00
m0duspwnens b7aef32eeb fix missing } 2021-01-27 15:50:23 -05:00
m0duspwnens 8df9e020ac pillarize elastalert https://github.com/Security-Onion-Solutions/securityonion/issues/1191 2021-01-27 15:35:29 -05:00
m0duspwnens b693373d8d change how we allow or disallow states to be run https://github.com/Security-Onion-Solutions/securityonion/issues/2679 2021-01-20 15:09:53 -05:00
m0duspwnens 1fca5e65df redo how containers get added to so-status https://github.com/Security-Onion-Solutions/securityonion/issues/1681 2020-11-10 15:31:47 -05:00
Josh Brower 844ffe8fdf nest case_template 2020-10-21 09:58:31 -04:00
Josh Brower 1e14d66f54 Add case_template field to Playbook alerts 2020-10-21 08:59:26 -04:00
Josh Brower de9ace62d4 Write out nested json 2020-10-05 15:34:02 -04:00
Josh Brower 8a78485906 Config Playbook SOC Alerts 2020-10-04 21:35:42 -04:00