CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-07 17:52:46 +01:00
Code Issues Packages Projects Releases Wiki Activity
16,315 Commits 24 Branches 119 Tags
e0a3b51ca27643e83794eec16ce6907573bc8e21
Commit Graph

2448 Commits

Author SHA1 Message Date
Jason Ertel
ec3cc7a854 exclude all playbook logs 2023-09-29 10:49:36 -04:00
Jason Ertel
89a9c30cc8 exclude known issues 2023-09-28 08:27:31 -04:00
Jason Ertel
621da9e7e3 more exclusions 2023-09-27 22:20:54 -04:00
Jason Ertel
9ee64f93ca logcheck improvements 2023-09-27 20:17:59 -04:00
Jason Ertel
49115cde55 logcheck improvements 2023-09-27 19:55:46 -04:00
Jason Ertel
d72e4ae97d ignore soctopus errors 2023-09-27 18:39:23 -04:00
Jason Ertel
24def3a196 ignore generic python stack trace log lines of code, rely on actual error messages 2023-09-27 16:50:01 -04:00
Jason Ertel
4666916077 ignore generic python stack trace log lines of code, rely on actual error messages 2023-09-27 15:48:52 -04:00
Jason Ertel
87cc389088 deb OS doesn't use /var/log/cron, skip 2023-09-27 15:36:13 -04:00
Jason Ertel
b47d915cb6 don't inspect imported zeek output 2023-09-27 09:30:19 -04:00
Jason Ertel
9c854a13cc skip zeek spool logs due to test data false positives 2023-09-26 21:41:44 -04:00
Jason Ertel
2c8d413f16 log check tool initial 2023-09-26 18:14:37 -04:00
Jason Ertel
48801da44e log check tool initial 2023-09-26 18:12:20 -04:00
m0duspwnens
036a21ff17 Merge remote-tracking branch 'origin/2.4/dev' into issue/11390 2023-09-26 11:01:44 -04:00
m0duspwnens
2abf434ebe create snapshots of default, local salt and pillars during soup. rsync soup with --delete 2023-09-26 10:56:20 -04:00
m0duspwnens
e25d1c0ff3 so-salt-minion-check is jinja template 2023-09-26 10:01:21 -04:00
Wes
a1e963f834 Reverse timestamps where necessary 2023-09-19 13:28:20 +00:00
Wes
5bac1e4d15 Show correct dates and Kibana URL for already processed EVTX files 2023-09-18 21:31:15 +00:00
Jason Ertel
b66be9c226 only ingest pfsense on sensor nodes 2023-09-05 12:46:49 -04:00
Jason Ertel
8093e5ce7c use IP to avoid host issues 2023-09-01 13:01:17 -04:00
m0duspwnens
6b0fbe4634 include so-repo-sync in soup_manager_scripts state 2023-08-28 11:53:45 -04:00
Jason Ertel
8c5aa4a0e6 Merge pull request #11178 from Security-Onion-Solutions/jertel/alts 
ingest pfsense sample data
 2023-08-25 16:53:41 -04:00
Jason Ertel
5879eeabfa ingest pfsense sample data 2023-08-25 16:45:31 -04:00
Jason Ertel
022ee36bca ingest pfsense sample data 2023-08-25 16:44:03 -04:00
m0duspwnens
388c90f641 add oel to set_os 2023-08-25 14:56:42 -04:00
m0duspwnens
e28ff38d39 Merge remote-tracking branch 'origin/2.4/dev' into wheelwatchdog 2023-08-25 09:40:16 -04:00
m0duspwnens
4a489afb89 remove old and install new watchdog package 2023-08-25 08:55:00 -04:00
Jason Ertel
e57cc03084 fix centos install 2023-08-24 14:41:04 -04:00
m0duspwnens
6413050f2e set doc_desktop_url before jinja 2023-08-09 08:39:46 -04:00
m0duspwnens
fe7a940082 add details for enabling in soc gui 2023-08-09 08:31:54 -04:00
m0duspwnens
2d25e352d4 write to adv_ pillar file since that is where it would be stored from using the soc ui 2023-08-09 08:18:13 -04:00
m0duspwnens
1440c72559 changes for desktop referencing Rocky/CentOS to OEL 2023-08-09 08:06:51 -04:00
Mike Reeves
18e31a4490 Merge pull request #10944 from Security-Onion-Solutions/raid 
Raid refactor + yara and rule proxy
 2023-08-03 17:18:19 -04:00
Mike Reeves
2caca92082 Raid refactor + yara and rule proxy 2023-08-03 17:11:43 -04:00
weslambert
3e4136e641 Update help text 2023-08-03 15:56:05 -04:00
weslambert
cf2233bbb6 Add help information for time shift 2023-08-03 08:54:54 -04:00
weslambert
3847863b3d Add time shift 2023-08-03 08:51:23 -04:00
Jason Ertel
5414b0756c remove unused vars 2023-08-02 19:25:07 -04:00
Jason Ertel
3054b8dcb9 refactor elastic-agent download for soup ctrl+c anomalies 2023-08-02 18:57:46 -04:00
m0duspwnens
f6c6204555 procps to procps-ng 2023-08-02 13:05:24 -04:00
m0duspwnens
5630b353c4 change how pgrep finds salt-master PID 2023-08-02 11:20:51 -04:00
Jason Ertel
23414599ee use simple json (w/o template) to resolve sluggishness 2023-08-01 16:53:26 -04:00
Mike Reeves
f35f42c83d Sensor NIC offload 2023-08-01 10:23:45 -04:00
Mike Reeves
b6579d7d45 Sensor NIC offload 2023-08-01 10:13:44 -04:00
weslambert
5dd5f9fc1c Elastic 8.8.2 2023-07-31 22:18:43 -04:00
m0duspwnens
39662ccf14 import rpm logic change 2023-07-25 10:21:44 -04:00
Josh Patterson
c1190064ad Merge pull request #10823 from Security-Onion-Solutions/2.4/dockerips 
2.4/dockerips
 2023-07-25 08:39:49 -04:00
Mike Reeves
c9faa1a340 Add gui 2023-07-24 11:00:26 -04:00
m0duspwnens
9bda01bd29 change ranges 2023-07-24 10:40:23 -04:00
Doug Burks
e2fe04dadc Update packages.sls 2023-07-24 07:10:48 -04:00