CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-10 19:22:54 +01:00
Code Issues Packages Projects Releases Wiki Activity
16,884 Commits 26 Branches 119 Tags
e8c25d157fd55c200704030d7c5ded9eb7a714d1
Commit Graph

24 Commits

Author SHA1 Message Date
reyesj2
b3eb06f53e ja4 
Signed-off-by: reyesj2 <94730068+reyesj2@users.noreply.github.com>
 2025-07-16 15:56:34 -05:00
reyesj2
58df566c79 add mapping for metadata.kafka.timestamp 2025-04-14 14:30:40 -05:00
reyesj2
395b81ffc6 FIX: Add log.origin.file.line to base templates #14417 2025-04-14 14:30:00 -05:00
reyesj2
e60a1e4357 zeek ldap & ldap_search parsing 
Signed-off-by: reyesj2 <94730068+reyesj2@users.noreply.github.com>
 2025-01-09 16:06:10 -06:00
reyesj2
0e87351a9c add zeek.quic mappings 
Signed-off-by: reyesj2 <94730068+reyesj2@users.noreply.github.com>
 2025-01-08 16:18:53 -06:00
reyesj2
754d28e95d add openvpn & ipsec support to Zeek 2024-12-05 09:52:55 -06:00
reyesj2
68e016090b Fix network.wireless.ssid not parsing 
Signed-off-by: reyesj2 <94730068+reyesj2@users.noreply.github.com>
 2024-04-11 13:21:54 -04:00
reyesj2
4097e1d81a Create mappings for Kismet integration 
Signed-off-by: reyesj2 <94730068+reyesj2@users.noreply.github.com>
 2024-04-10 16:10:27 -04:00
reyesj2
000d15a53c Kismet integration: TODO Elasticsearch mappings 
Signed-off-by: reyesj2 <94730068+reyesj2@users.noreply.github.com>
 2024-03-29 13:56:01 -04:00
Wes
a59eda319e Remove security subfield 2023-07-18 19:00:50 +00:00
Wes
1d3e39b6bd Map user name to keyword and remove security subfield generation 2023-07-18 14:46:47 +00:00
Wes Lambert
2d2ec45029 Modify base ECS mappings to include .security where possible, as well as custom analyzer definition 2022-03-02 14:19:36 +00:00
Wes Lambert
5489b8559d Revert "Switch from .security to match_only_text" 
This reverts commit f7862af934.
 2022-03-01 18:44:00 +00:00
Wes Lambert
2a9caccc7c Revert "Add additional .text subfield mappings" 
This reverts commit 61dadc6249.
 2022-03-01 18:43:24 +00:00
Wes Lambert
61dadc6249 Add additional .text subfield mappings 2022-02-25 16:27:37 +00:00
Wes Lambert
f7862af934 Switch from .security to match_only_text 2022-02-22 20:33:49 +00:00
Wes Lambert
c2c4e4df17 Add Snyk component template 2022-02-08 15:23:43 +00:00
Wes Lambert
f9a50d33c3 Add new templates 2022-02-08 13:17:23 +00:00
Wes Lambert
2951e12c96 Remove snyk component template for now and fix folder structure 2022-02-08 13:16:59 +00:00
Wes Lambert
6d0ca6fcbb Fix mangled key name/typo 2022-02-08 12:59:07 +00:00
Wes Lambert
5090854d4d Add additional component templates and index template references 2022-02-08 03:03:55 +00:00
Wes Lambert
03bfb052ed Add component templates for Elasticsearch, Kibana, Logstash, Netflow, Suricata, and Zeek 2022-02-07 19:42:24 +00:00
Wes Lambert
69cb83cac9 Add winlog mappings 2022-02-04 17:08:26 +00:00
Wes Lambert
9db1510b0e Initial composable template configuration and base mappings 2022-02-02 02:08:31 +00:00