 Jason Ertel
|
ebcfbaa06d
|
Analyzer improvements
|
2022-04-08 16:57:40 -04:00 |
|
|
Jason Ertel
|
44e318e046
|
Provide CLI feedback for missing input
|
2022-04-07 10:16:44 -04:00 |
|
|
Jason Ertel
|
d8defdd7b0
|
Improve unit test stability
|
2022-04-05 07:36:25 -04:00 |
|
|
Jason Ertel
|
d2fa80e48a
|
Update status codes to match SOC
|
2022-04-05 07:20:23 -04:00 |
|
|
Jason Ertel
|
04eef0d31f
|
Merge branch 'dev' into kilo
|
2022-04-04 15:59:09 -04:00 |
|
|
Jason Ertel
|
7df6833568
|
Add unit tests for Urlhaus; remove placeholder whois analyzer
|
2022-04-04 15:58:53 -04:00 |
|
 Wes Lambert
|
07cf3469a0
|
Remove pyyaml for requirements file
|
2022-04-04 11:40:02 +00:00 |
|
|
Wes Lambert
|
39101cafd1
|
Add UrlHaus analyzer and helpers script
|
2022-04-01 21:11:57 +00:00 |
|
 Jason Ertel
|
cedb23f4bc
|
Merge pull request #7689 from Security-Onion-Solutions/esup
Upgrade to ES 7.17.2
|
2022-04-01 13:57:04 -04:00 |
|
|
Jason Ertel
|
6e7b2ccedc
|
Upgrade to ES 7.17.2
|
2022-04-01 13:50:57 -04:00 |
|
 Josh Patterson
|
b5ce8756e9
|
Merge pull request #7686 from Security-Onion-Solutions/workstation_state
dont run workstation.trusted-ca if not connected to grid
|
2022-04-01 11:06:53 -04:00 |
|
|
m0duspwnens
|
e14463c0ab
|
dont run workstation.trusted-ca if not connected to grid
|
2022-04-01 11:05:34 -04:00 |
|
|
Jason Ertel
|
2dc370c8b6
|
Add source packages to salt state
|
2022-03-31 18:56:38 -04:00 |
|
|
Jason Ertel
|
57dc848792
|
Support analyzer deps
|
2022-03-31 16:48:13 -04:00 |
|
|
Jason Ertel
|
9947ba6e43
|
Support CentOS paths
|
2022-03-31 16:47:56 -04:00 |
|
|
Jason Ertel
|
48fbc2290f
|
Add dep support for analyzers
|
2022-03-31 13:59:35 -04:00 |
|
|
Josh Patterson
|
86b311c468
|
Merge pull request #7675 from Security-Onion-Solutions/issue/7203
different systemd unit files for ubuntu and centos
|
2022-03-31 10:18:10 -04:00 |
|
|
m0duspwnens
|
fc60f64ddb
|
different systemd unit files for ubuntu and centos
|
2022-03-31 10:11:43 -04:00 |
|
|
Jason Ertel
|
1aba4da2bb
|
Correct analyzer path
|
2022-03-30 21:01:07 -04:00 |
|
|
Jason Ertel
|
45f511caab
|
Remove extra comma
|
2022-03-30 13:21:35 -04:00 |
|
|
Jason Ertel
|
e667bb1e59
|
merge
|
2022-03-30 10:57:40 -04:00 |
|
|
Josh Patterson
|
1cb48fc6a8
|
Merge pull request #7668 from Security-Onion-Solutions/issue/7203
run salt_minion_service state last to prevent salt-minion from restarting during state run
|
2022-03-29 17:30:32 -04:00 |
|
|
m0duspwnens
|
7a4d93f09b
|
run salt_minion_service state last to prevent salt-minion from restarting during state run
|
2022-03-29 15:44:05 -04:00 |
|
|
Jason Ertel
|
b2a96fab7e
|
merge
|
2022-03-29 14:07:20 -04:00 |
|
|
Jason Ertel
|
d2bf6d5618
|
Add build script to help pre-validate analyzers before pushing
|
2022-03-29 14:04:23 -04:00 |
|
|
Jason Ertel
|
484ef4bc31
|
Ensure generated python files are not pushed to version control
|
2022-03-29 13:51:12 -04:00 |
|
|
Jason Ertel
|
cb491630ae
|
Analyzer CI
|
2022-03-29 13:40:56 -04:00 |
|
|
Jason Ertel
|
0a8d24a225
|
Add automated CI for analyzers
|
2022-03-29 13:10:04 -04:00 |
|
|
Josh Patterson
|
f5095b273d
|
Merge pull request #7665 from Security-Onion-Solutions/workstation_state
Workstation state
|
2022-03-29 10:27:07 -04:00 |
|
|
m0duspwnens
|
e3f3af52e1
|
fix spacing
|
2022-03-29 10:19:29 -04:00 |
|
|
m0duspwnens
|
2f489895ef
|
top match and remove_gui state
|
2022-03-29 10:17:21 -04:00 |
|
|
weslambert
|
7f7eaf173b
|
Merge pull request #7663 from Security-Onion-Solutions/fix/strelka_fw
Add strelka_frontend to heavynode, sensor, and standalone role FW por…
|
2022-03-28 16:14:25 -04:00 |
|
|
weslambert
|
6004dde54a
|
Add strelka_frontend to heavynode, sensor, and standalone role FW portgroups
|
2022-03-28 16:05:07 -04:00 |
|
|
Jason Ertel
|
c23b87965f
|
Merge branch 'dev' into kilo
|
2022-03-28 15:53:33 -04:00 |
|
|
Jason Ertel
|
deb9b0e5ef
|
Add analyze feature
|
2022-03-28 15:53:24 -04:00 |
|
|
m0duspwnens
|
0ddfaf8d74
|
changes for workstation
|
2022-03-28 15:34:15 -04:00 |
|
|
weslambert
|
fb7160cba5
|
Merge pull request #7644 from Security-Onion-Solutions/fix/syslog_pr_adjustment
Update with changes from Abe's PR and other fixes
|
2022-03-25 13:59:20 -04:00 |
|
|
weslambert
|
e6599cd10e
|
Update with changes from Abe's PR and other fixes
|
2022-03-25 13:57:44 -04:00 |
|
|
weslambert
|
c02d7fab50
|
Merge pull request #7636 from Security-Onion-Solutions/feature/rita
Parsing of RITA Logs
|
2022-03-24 13:05:22 -04:00 |
|
|
weslambert
|
fbc86f43ec
|
Add exclude filter for logs for when there are no results from analysis
|
2022-03-24 13:03:03 -04:00 |
|
|
weslambert
|
4c93217aac
|
Merge pull request #7635 from Security-Onion-Solutions/fix/process_mappings_keyword
Additional .keyword shims for process mappings
|
2022-03-24 12:53:16 -04:00 |
|
|
Wes Lambert
|
fe1b72655b
|
Additional .keyword shims for process mappings
|
2022-03-24 16:45:06 +00:00 |
|
|
m0duspwnens
|
293de159db
|
fix package names
|
2022-03-24 11:33:16 -04:00 |
|
|
m0duspwnens
|
7cfc52da8a
|
fix include
|
2022-03-24 10:02:25 -04:00 |
|
|
m0duspwnens
|
a0841ee7a7
|
workstation state
|
2022-03-24 09:57:58 -04:00 |
|
|
weslambert
|
5160a55dcf
|
Merge pull request #7629 from Security-Onion-Solutions/fix/roles_load_check_cluster_health
Check ES cluster health before trying to load roles
|
2022-03-23 11:07:24 -04:00 |
|
|
weslambert
|
1f2bca599f
|
Check cluster health before trying to load roles for ES
|
2022-03-23 11:00:26 -04:00 |
|
|
Wes Lambert
|
8a56c88773
|
Adjust log file paths
|
2022-03-22 17:51:17 +00:00 |
|
|
Wes Lambert
|
57f01c70ec
|
Remove extra forward slash in log path
|
2022-03-22 17:45:23 +00:00 |
|
|
Wes Lambert
|
2487d468ab
|
Add RITA Elasticsearch ingest pipeline config
|
2022-03-22 17:38:22 +00:00 |
|