CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-06 17:22:49 +01:00
Code Issues Packages Projects Releases Wiki Activity
10,709 Commits 24 Branches 119 Tags
e00a80feb4a32e11dc290ffbde728c91174c4aa8
Commit Graph

357 Commits

Author SHA1 Message Date
Wes
e00a80feb4 Use native link_id naming scheme for now 2022-11-29 22:05:37 +00:00
Wes
e8e39a7105 Various field renames 2022-11-29 21:32:05 +00:00
Wes
13ea44db95 Use native 'is_orig' since we are already using that field name for other logs 2022-11-29 21:21:41 +00:00
Wes
6fe2857ba5 Add Zeek s7comm_upload_download ingest pipeline 2022-11-29 19:45:56 +00:00
weslambert
f947e501cb Add space per request 2022-11-29 14:14:37 -05:00
weslambert
ff8bbc399f Add space per request 2022-11-29 14:14:08 -05:00
weslambert
80226a27cc Add space per request 2022-11-29 14:13:41 -05:00
weslambert
266207cc18 Add space per request 2022-11-29 14:12:52 -05:00
weslambert
5255c120c5 Add space per request 2022-11-29 14:11:20 -05:00
Wes
d44f8e495b Check if connection.state is populated before trying to assess its value 2022-11-29 19:00:47 +00:00
Wes
13a8cbdabb Add convert processor for opcua.encoding_mask 2022-11-29 18:59:30 +00:00
weslambert
1cc5961c07 Change 'write' to 'read' to correct name and avoid pipeline failure 2022-11-29 12:54:55 -05:00
Wes
5db643e53b Add Zeek dnp3_control ingest pipeline 2022-11-29 17:18:24 +00:00
doug
1bb76bb251 update zeek s7comm parsers 2022-11-29 07:50:21 -05:00
doug
4251331bd4 update zeek tds parsers and dashboard 2022-11-29 07:43:20 -05:00
doug
124d56f4b9 update zeek cip parsers 2022-11-29 07:36:30 -05:00
doug
02821b97ad update bacnet parsers 2022-11-29 07:26:11 -05:00
doug
9a50832669 fix more typos 2022-11-29 07:16:30 -05:00
doug
cffbe757a6 fix bsap typos 2022-11-29 06:56:51 -05:00
doug
8462e66873 fix opcua_binary_browse_description 2022-11-28 13:50:24 -05:00
doug
6d814d3909 add more zeek opcua parsers 2022-11-26 17:43:58 -05:00
doug
73adc571de add more zeek ics parsers 2022-11-26 10:36:49 -05:00
Doug Burks
3f62cddc3b change . to _ 2022-11-23 12:21:12 -05:00
Doug Burks
085420997c move status_code before status_code.link_id 2022-11-23 12:11:04 -05:00
Doug Burks
0a1d0d35c8 fix description 2022-11-23 11:33:31 -05:00
Doug Burks
9ee96f2280 fix description 2022-11-23 11:32:09 -05:00
doug
bc620b7def fix zeek opcua pipelines 2022-11-23 10:56:32 -05:00
weslambert
3a64362887 Remove extra space used during testing 2022-11-22 15:47:16 -05:00
Wes
e77a60bcbf Add missing OPCUA 'activate_session' pipelines 2022-11-22 20:44:48 +00:00
weslambert
3c054fd133 Fix spelling of 'wireguard.responses' field name 2022-11-22 13:02:43 -05:00
weslambert
8e17c23659 Fix format/speliing for 'enip.status_code' field name 2022-11-22 12:05:03 -05:00
weslambert
92170941f0 Fix spelling for 'stun.class' field name 2022-11-22 12:04:07 -05:00
Wes
95a6f9aa7d Add COTP and TDS ingest pipelines 2022-11-22 13:35:19 +00:00
Peter Di Giorgio
33bf0c6902 Merge pull request #9163 from Security-Onion-Solutions/dev 
Update Foxtrot from Dev
 2022-11-17 10:44:24 -06:00
Wes
a278194037 Add additional ICS/SCADA ingest node pipelines 2022-11-17 16:16:33 +00:00
Wes
35e131b888 Update ingest node pipelines for ICS/SCADA protocols 2022-11-16 21:09:30 +00:00
lock-wire
73b1e5949b Add ecat, enip, cip, and opcua 2022-11-11 12:15:54 -08:00
lock-wire
85d30520ce Add BSAP protocol 2022-11-11 07:22:55 -08:00
Peter Di Giorgio
5ebf470a86 Update zeek.bacnet_discovery 2022-11-03 22:27:04 -07:00
Peter Di Giorgio
4b39ccec6d Update zeek.bacnet_property 2022-11-03 15:30:20 -07:00
Peter Di Giorgio
b97c822800 Add zeek.bacnet_discovery and zeek.bacnet_property 2022-10-27 15:40:52 -07:00
Peter Di Giorgio
71e3b2d1fb Create zeek.bacnet 2022-10-27 15:40:07 -07:00
Peter Di Giorgio
2b51d72585 Rename zeek.read_write_multiple_registers to zeek.modbus_read_write_multiple_registers 2022-10-25 17:20:01 -07:00
Peter Di Giorgio
7a60d0987c Update zeek.conn to include client.oui 2022-10-21 13:02:01 -07:00
Peter Di Giorgio
9ac06057c1 Create zeek.read_write_multiple_registers 2022-10-21 13:00:12 -07:00
Peter Di Giorgio
e5c69c3236 Create zeek.modbus_mask_write_register 2022-10-21 12:58:36 -07:00
Peter Di Giorgio
39f050c6e4 Rename modbus_detailed to zeek.modbus_detailed 2022-10-21 12:56:59 -07:00
Peter Di Giorgio
4ee083759c Rename dnp3_objects to zeek.dnp3_objects 2022-10-21 12:56:35 -07:00
Peter Di Giorgio
072bfd87b7 Create Ingest for Modbus Detailed 2022-10-21 12:53:30 -07:00
Peter Di Giorgio
b7aaaa80bb Create Ingest for DNP3 Objects extension 2022-10-21 12:51:13 -07:00