CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2026-01-15 04:31:26 +01:00
Code Issues Packages Projects Releases Wiki Activity
10,709 Commits 23 Branches 120 Tags
e00a80feb4a32e11dc290ffbde728c91174c4aa8
Commit Graph

6375 Commits

Author SHA1 Message Date
Mike Reeves
07e72e4013 Update filecheck 2022-10-31 13:47:49 -04:00
Mike Reeves
518d2aaa9c Update filecheck.yaml 2022-10-31 13:45:00 -04:00
Mike Reeves
e93e2995b7 Update filecheck 2022-10-31 13:42:18 -04:00
Mike Reeves
d2eb61a830 Update filecheck.yaml 2022-10-31 13:41:45 -04:00
Mike Reeves
4c5a2c0610 Update filecheck 2022-10-31 13:36:42 -04:00
Mike Reeves
e9e7362005 Add Filechecks 2022-10-31 12:57:08 -04:00
Peter Di Giorgio
b97c822800 Add zeek.bacnet_discovery and zeek.bacnet_property 2022-10-27 15:40:52 -07:00
Peter Di Giorgio
71e3b2d1fb Create zeek.bacnet 2022-10-27 15:40:07 -07:00
Peter Di Giorgio
c524442172 Merge pull request #9008 from Security-Onion-Solutions/master 
Synch Foxtrot with 2.3.181 Release
 2022-10-26 13:10:01 -07:00
weslambert
a170c194c8 Remove JA3er references 2022-10-26 10:18:10 -04:00
Peter Di Giorgio
2b51d72585 Rename zeek.read_write_multiple_registers to zeek.modbus_read_write_multiple_registers 2022-10-25 17:20:01 -07:00
Wes
a91e3b601c Remove JA3er since it is no longer a valid service 2022-10-25 18:48:37 +00:00
Wes
4940421297 Add PyYAML .whl files back since they were 'deleted' in the previous commit 2022-10-25 18:47:51 +00:00
Wes
58b4a8fbab Change PyYAML .whl file name to comply with Joliet's 240-character limit 2022-10-25 18:47:02 +00:00
Mike Reeves
bd7e12f682 Merge pull request #8952 from Njinx/dev 
FEATURE: so-pcap-export can run without needing to be attached to a TTY
 2022-10-25 14:38:48 -04:00
weslambert
0087768946 Revert "Change PyYAML .whl file name to comply with Joliet's 240-character limit/threshold" 2022-10-24 16:47:30 -04:00
Wes
1caac3f0b0 Add PyYAML .whl files back since they were 'deleted' in the previous commit. 2022-10-24 18:06:19 +00:00
Wes
54a5dd6cbd Change name of PyYAML .whl file to remain under Joliet's 240-character limit/threshold 2022-10-24 18:05:15 +00:00
Peter Di Giorgio
7a60d0987c Update zeek.conn to include client.oui 2022-10-21 13:02:01 -07:00
Peter Di Giorgio
9ac06057c1 Create zeek.read_write_multiple_registers 2022-10-21 13:00:12 -07:00
Peter Di Giorgio
e5c69c3236 Create zeek.modbus_mask_write_register 2022-10-21 12:58:36 -07:00
Peter Di Giorgio
39f050c6e4 Rename modbus_detailed to zeek.modbus_detailed 2022-10-21 12:56:59 -07:00
Peter Di Giorgio
4ee083759c Rename dnp3_objects to zeek.dnp3_objects 2022-10-21 12:56:35 -07:00
Peter Di Giorgio
072bfd87b7 Create Ingest for Modbus Detailed 2022-10-21 12:53:30 -07:00
Peter Di Giorgio
b7aaaa80bb Create Ingest for DNP3 Objects extension 2022-10-21 12:51:13 -07:00
Jason Ertel
05e271af47 update soup for 2.3.181 2022-10-21 11:52:54 -04:00
Ben Allen
f13f05eb94 Run without needing to be attached to a TTY 2022-10-19 14:11:11 -04:00
Doug Burks
f4042263a3 Remove destination_geo.organization_name from Sysmon Network sankey diagram 2022-10-13 08:59:10 -04:00
Doug Burks
7401008523 Update soup for 2.3.180 2022-10-11 12:58:37 -04:00
doug
454a7a4799 FEATURE: Add new Sysmon dashboards #8870 2022-10-07 11:52:49 -04:00
Doug Burks
ab17cbee31 Update Elastic to 8.4.3 2022-10-07 07:03:10 -04:00
Doug Burks
9991f0cf95 update Elastic to 8.4.3 2022-10-07 07:02:24 -04:00
Mike Reeves
b8355b3a03 Update soup 2022-09-22 09:10:12 -04:00
bryant-treacle
535b9f86db Merge pull request #8633 from Security-Onion-Solutions/bryant-sysmon 
Fix issues: 8591-8953
 2022-09-19 11:53:34 -04:00
Josh Brower
e171dd52b8 Upgrade Elastic to 8.4.1 2022-08-30 16:11:40 -04:00
Josh Brower
27a837369d Upgrade Elastic to 8.4.1 2022-08-30 16:09:57 -04:00
bryant-treacle
82dff3e9da Fix issues: 8591-8953 2022-08-30 13:48:53 +00:00
Mike Reeves
76cca8594d Merge pull request #8623 from Security-Onion-Solutions/TOoSmOotH-patch-6 
Update soup
 2022-08-29 09:50:06 -04:00
weslambert
5c9c95ba1f Merge pull request #8622 from Security-Onion-Solutions/fix/strelka_yara_gen_webshells_ignore 
Ignore gen_webshells.yar
 2022-08-29 09:40:51 -04:00
Mike Reeves
e62bebeafe Update soup 2022-08-29 09:39:41 -04:00
weslambert
8a0e92cc6f Add 'gen_webshells.yar' and re-arrange to put ignored rules in alphabetical order 2022-08-29 09:37:29 -04:00
Mike Reeves
30b9868de1 Update soup 2022-08-29 09:32:46 -04:00
weslambert
f00d9074ff Allow local modification acceptance prompt to be skipped when passing 'skip-prompt' as a parameter value to check_local_mods() function 2022-08-19 16:07:14 -04:00
Mike Reeves
fea2b481e3 Update rulecat.conf 2022-08-19 13:12:49 -04:00
weslambert
fbf0803906 Update verbiage around major Elasticsearch version and not requiring Elastalert index maintenance 2022-08-18 09:16:22 -04:00
weslambert
5deda45b66 Update elastalert_indices_check() function to only delete Elastalert indices if major Elasticsearch version is less than 8 
Update elastalert_indices_check() function to only delete Elastalert indices if major Elasticsearch version is less than 8. Also clean up the output to only emit one notification regarding index deletion, and additional verbiage around function operation.
 2022-08-18 09:11:38 -04:00
m0duspwnens
2dfd41bd3c remove pipeline time panel - https://github.com/Security-Onion-Solutions/securityonion/issues/8369 2022-08-17 09:17:27 -04:00
Doug Burks
179f669acf FIX: so-curator-closed-delete-delete needs to reference new Elasticsearch directory #8529 2022-08-12 13:10:47 -04:00
Doug Burks
32c29b28eb revert to lower case #8469 2022-08-11 15:33:30 -04:00
Doug Burks
7bf2603414 revert to lower case #8469 2022-08-11 15:32:49 -04:00