CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-10 11:12:51 +01:00
Code Issues Packages Projects Releases Wiki Activity
16,010 Commits 26 Branches 119 Tags
dcdf31eee8532c93547e240f99fb45b8ef82df8d
Commit Graph

10129 Commits

Author SHA1 Message Date
Joshua Brower
dcdf31eee8 Fix folder perm 2025-01-10 16:15:17 -05:00
Joshua Brower
bcb92b63e3 Move json files to container image 2025-01-09 10:58:40 -05:00
Jorge Reyes
412397fa7b Merge pull request #14089 from Security-Onion-Solutions/reyesj2/moarzeekparse 2025-01-08 17:45:14 -06:00
reyesj2
0e87351a9c add zeek.quic mappings 
Signed-off-by: reyesj2 <94730068+reyesj2@users.noreply.github.com>
 2025-01-08 16:18:53 -06:00
Joshua Brower
a2caf7425d Add config options 2025-01-07 13:22:14 -05:00
Joshua Brower
6fa11a38ef Update defaults 2025-01-07 13:14:50 -05:00
Joshua Brower
e3f75215b6 Merge remote-tracking branch 'origin/2.4/dev' into 2.4/navigator 2025-01-07 13:06:49 -05:00
Jason Ertel
bd96b5d722 invalidate user sessions when an admin changes the user's password 2025-01-06 17:23:10 -05:00
Josh Brower
8408a53b82 Merge remote-tracking branch 'origin/2.4/dev' into 2.4/navigator 2025-01-02 16:13:34 -05:00
Doug Burks
927b618ec9 Update Zeek QUIC dashboard, add Hunt query, add quic.server.name as column in Events table 2025-01-02 06:57:56 -05:00
reyesj2
9f83853922 Zeek QUIC support 
Signed-off-by: reyesj2 <94730068+reyesj2@users.noreply.github.com>
 2024-12-31 13:44:20 -06:00
Josh Brower
8f5634d958 Merge pull request #14048 from Security-Onion-Solutions/2.4/sigmaHashes 
Refactor pipeline for hash changes
 2024-12-23 15:49:35 -05:00
defensivedepth
7237b8971e Refactor pipeline for hash changes 2024-12-23 15:41:13 -05:00
Mike Reeves
09ef096620 Update soup 2024-12-23 08:27:45 -05:00
reyesj2
157185c370 add ti_opencti integration support 2024-12-18 11:33:49 -06:00
Mike Reeves
9c10094914 Fix conflict 2024-12-18 10:19:40 -05:00
defensivedepth
17405b849a Delete uneeded files 2024-12-17 16:01:31 -05:00
Mike Reeves
e4db2f4819 Update defaults.yaml 2024-12-10 17:19:15 -05:00
defensivedepth
9475211417 Refactor Navigator for Detections 2024-12-09 16:31:51 -05:00
Jorge Reyes
14cb41ea87 Merge pull request #14001 from Security-Onion-Solutions/reyesj2/zeekvpn 
add openvpn & ipsec support to Zeek
 2024-12-06 12:06:02 -06:00
reyesj2
1de20e9d43 fix zeek file extract 
Signed-off-by: reyesj2 <94730068+reyesj2@users.noreply.github.com>
 2024-12-06 09:55:56 -06:00
reyesj2
ad8b339a3b fix error due to null reference 
Signed-off-by: reyesj2 <94730068+reyesj2@users.noreply.github.com>
 2024-12-06 09:07:16 -06:00
reyesj2
9532f21c7b check zeek reporter.log 2024-12-05 13:49:44 -06:00
reyesj2
754d28e95d add openvpn & ipsec support to Zeek 2024-12-05 09:52:55 -06:00
defensivedepth
5b9f6b2d52 fix path 2024-12-02 14:42:56 -05:00
defensivedepth
aade3db80d Generate MSI 2024-11-28 07:00:23 -05:00
Jorge Reyes
129c10dde5 Merge pull request #13981 from Security-Onion-Solutions/reyesj2/integ 2024-11-26 00:55:31 -06:00
reyesj2
993d56cb58 ti_rapid7* 
Signed-off-by: reyesj2 <94730068+reyesj2@users.noreply.github.com>
 2024-11-25 15:51:49 -06:00
reyesj2
efa6a533c3 add missing ilm to index template 
Signed-off-by: reyesj2 <94730068+reyesj2@users.noreply.github.com>
 2024-11-25 15:47:47 -06:00
Josh Brower
04ffdf9b15 Merge pull request #13958 from Security-Onion-Solutions/2.4/autoenablesigma 
More flexibility for AutoEnable Sigma rules
 2024-11-21 09:47:49 -05:00
defensivedepth
f61bf1bd67 Remove adv 2024-11-21 09:15:29 -05:00
defensivedepth
b1c4e32123 Remove duplicate option 2024-11-21 09:11:44 -05:00
defensivedepth
8958da83b3 Deprecate instead 2024-11-20 18:00:26 -05:00
defensivedepth
3fcf197bc1 Tweak structure 2024-11-19 11:54:15 -05:00
Jason Ertel
532dfd7f5a Merge pull request #13966 from Security-Onion-Solutions/jertel/wip 
MFA issuer name shouldn't be an advanced setting
 2024-11-19 09:35:26 -05:00
Jason Ertel
92ddf2ec6c MFA issuer name shouldn't be an advanced setting 2024-11-19 09:27:26 -05:00
Corey Ogburn
d86c009f55 Add Annotations to Existing Detections Options 
The autoUpdateEnabled setting has been present for awhile and now have annotations.
 2024-11-18 14:35:55 -07:00
defensivedepth
56d6857cd6 Addl customization for autoenable sigma 2024-11-18 09:03:17 -05:00
Jason Ertel
52bc9be6b6 Merge pull request #13956 from Security-Onion-Solutions/jertel/wip 
ignore fp from hydra
 2024-11-17 18:23:54 -05:00
Jason Ertel
918f26962a ignore fp from hydra 2024-11-17 12:21:06 -05:00
Jason Ertel
3bf7870729 Merge pull request #13955 from Security-Onion-Solutions/jertel/wip 
soup corrections
 2024-11-16 21:31:08 -05:00
Jason Ertel
0eebe48492 soup corrections 2024-11-16 21:20:24 -05:00
Jason Ertel
cc44558f40 Merge pull request #13954 from Security-Onion-Solutions/jertel/wip 
revert prev commit
 2024-11-16 12:08:49 -05:00
Jason Ertel
73521dd7a7 revert prev commit 2024-11-16 11:09:44 -05:00
Jorge Reyes
3041d7d2b1 Merge pull request #13951 from Security-Onion-Solutions/reyesj2/integ 
additional integrations
 2024-11-15 15:02:04 -06:00
Jason Ertel
b6ab5249f1 Merge pull request #13953 from Security-Onion-Solutions/jertel/wip 
Connect API upgrades
 2024-11-15 14:32:37 -05:00
Jason Ertel
dc838e7148 connect 2024-11-15 14:25:52 -05:00
Jason Ertel
f290e52fbd connect 2024-11-15 14:25:11 -05:00
Jason Ertel
e4de376394 connect api 2024-11-15 13:42:02 -05:00
reyesj2
44ec237447 additional integration support - cisco secure email gateway - rapid7 threat command 
Signed-off-by: reyesj2 <94730068+reyesj2@users.noreply.github.com>
 2024-11-15 11:39:01 -06:00