CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2026-01-15 04:31:26 +01:00
Code Issues Packages Projects Releases Wiki Activity
15,535 Commits 23 Branches 120 Tags
ebcef8adbd11b91a5bbcfec0865dde1d1c8cb7ea
Commit Graph

9799 Commits

Author SHA1 Message Date
Josh Brower
66ac36a944 Update soup 2024-02-10 11:07:26 -05:00
Josh Brower
feabb7c51f Merge remote-tracking branch 'origin/2.4/dev' into feature/fleet-artifacts 2024-02-10 10:57:46 -05:00
Corey Ogburn
64f6d0fba9 Updated Detection's ES Mappings 
Detection's now have a License field and the Comment model is defined now.
 2024-02-09 14:20:07 -07:00
Josh Patterson
94b6e781bb Merge pull request #12337 from Security-Onion-Solutions/salt3006.6v2 
Salt3006.6v2
 2024-02-09 15:45:39 -05:00
m0duspwnens
304ae49251 fix source 2024-02-09 12:41:23 -05:00
m0duspwnens
213ac822a8 create dir and chown 2024-02-09 10:54:07 -05:00
m0duspwnens
2143881c0b specify *.rules 2024-02-09 10:22:25 -05:00
m0duspwnens
5903ae596c move suricata rules to /opt/so/rules/nids/suri 2024-02-09 09:47:23 -05:00
Josh Brower
654602bf80 Fixup shell 2024-02-09 09:30:18 -05:00
reyesj2
3c9d6da1d8 add putty to sod packages.sls 
Signed-off-by: reyesj2 <94730068+reyesj2@users.noreply.github.com>
 2024-02-08 22:05:37 -05:00
Josh Brower
683abf0179 Rework naming 2024-02-08 13:24:25 -05:00
Corey Ogburn
29174566f3 WIP: Updated Detection Mappings, Changed Engine to Language 
Detection mappings updated to include the removal of Note and the addition of Tags, Ruleset, and Language.

SOC defaults updated to use language based queries rather than engine and show the language column instead of the engine column in results.
 2024-02-08 09:44:56 -07:00
Josh Brower
8d0e8789bd Use salt file roots 2024-02-08 09:54:51 -05:00
Josh Brower
503a09f150 Merge remote-tracking branch 'origin/2.4/dev' into feature/fleet-artifacts 2024-02-08 09:45:21 -05:00
Josh Brower
81a3e95914 Fixup sigma pipelines 2024-02-07 16:42:16 -05:00
Josh Patterson
f02f61c6dd Merge pull request #12325 from Security-Onion-Solutions/salt3006.6 
Salt3006.6
 2024-02-07 16:33:56 -05:00
Doug Burks
d3d2305f00 FEATURE: Add new dashboards for community_id and firewall auth #12323 2024-02-07 16:08:27 -05:00
Josh Brower
7e3187c0b8 Fixup sigma pipelines 2024-02-07 15:35:31 -05:00
Josh Brower
b7b501d289 Add Sigma pipelines 2024-02-07 15:02:52 -05:00
m0duspwnens
6534f392a9 update backup filename 2024-02-07 14:25:28 -05:00
m0duspwnens
478fb6261e Merge remote-tracking branch 'origin/2.4/dev' into salt3006.6 2024-02-07 14:15:11 -05:00
m0duspwnens
e42e07b245 update salt mine after salt-master restarts 2024-02-07 13:05:45 -05:00
m0duspwnens
f97d0f2f36 add /opt/so/rules/ to files_roots 2024-02-07 09:25:56 -05:00
m0duspwnens
24fd3ef8cc uopdate error message 2024-02-06 16:22:13 -05:00
m0duspwnens
b3f6153667 update so-yaml tests 2024-02-06 16:15:54 -05:00
Doug Burks
7106095128 FEATURE: Improve Correlate and Hunt actions on SOC Actions menu #12315 2024-02-06 15:39:23 -05:00
m0duspwnens
9d62ade32e update so-yaml tests 2024-02-06 11:14:27 -05:00
m0duspwnens
2643ae08a7 add append to list 2024-02-05 17:54:30 -05:00
Josh Brower
378c99ae88 Fix bindings 2024-02-02 18:27:49 -05:00
Corey Ogburn
8f81c9eb68 Updating config for Detection(s) 2024-02-02 11:49:58 -07:00
Josh Brower
fe196b5661 Add SOC Config for Detections 2024-02-01 12:22:50 -05:00
m0duspwnens
61ee41e431 Merge remote-tracking branch 'origin/2.4/dev' into salt3006.6 2024-02-01 11:07:06 -05:00
m0duspwnens
0d5db58c86 upgrade salt3006.6 2024-02-01 10:32:41 -05:00
Josh Brower
3d478b92b2 Merge pull request #12294 from Security-Onion-Solutions/jppffa 
Jppffa
 2024-02-01 09:47:18 -05:00
Josh Brower
e090518b59 Refactor script 2024-02-01 09:46:53 -05:00
Wes
1818e134ca Change numbers for Logstash 2024-02-01 14:01:55 +00:00
Wes
182667bafb Change numbers for Elasticsearch 2024-02-01 13:59:23 +00:00
Josh Brower
49b5788ac1 add bindings 2024-02-01 07:21:49 -05:00
Wes
136097f981 Custom Logstash pipeline annotations 2024-01-31 21:47:09 +00:00
Wes
bc502cc065 Custom Elasticserach pipeline annotations 2024-01-31 21:46:33 +00:00
m0duspwnens
ae32ac40c2 add fleet node nginx to docker annotations 2024-01-31 16:28:45 -05:00
m0duspwnens
2f03248612 use different nginx defaults for so-fleet node hosting artifacts 2024-01-31 16:25:09 -05:00
Josh Brower
0fe96bfc2d switch to symlink 2024-01-31 16:17:40 -05:00
Wes
4672a5b8eb Custom pipeline configuration in UI 2024-01-31 20:18:17 +00:00
Wes
1853dc398b Custom pipeline configuration 2024-01-31 20:17:33 +00:00
Wes
bc75be9402 Custom pipelines in UI 2024-01-31 20:16:48 +00:00
Wes
cd4bd6460a Custom pipelines 2024-01-31 20:16:18 +00:00
Corey Ogburn
585147d1de Added so-detection mapping in elasticsearch 2024-01-31 10:39:47 -07:00
Mike Reeves
0d01d09d2e fix pcap paths 2024-01-31 09:15:35 -05:00
Pete
1192dbd530 also remove intca symlink 
The symlink is created in init.sls; it should be removed here.
 2024-01-31 09:01:56 -05:00