CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2026-04-25 14:07:49 +02:00
Code Issues Packages Projects Releases Wiki Activity
17,523 Commits 40 Branches 125 Tags
ee66d6c7d1e06bb1eb61203ff71a940abb81e353
Commit Graph

282 Commits

Author SHA1 Message Date
DefensiveDepth 5ab6bda639 Fixup logic 2025-12-10 17:16:35 -05:00
DefensiveDepth 3f9a9b7019 tweak threshold 2025-12-05 10:23:24 -05:00
DefensiveDepth b7ad985c7a Add cron.abset 2025-12-05 09:48:46 -05:00
DefensiveDepth 9304513ce8 Add support for suricata rules load status 2025-12-04 12:26:13 -05:00
DefensiveDepth 999f83ce57 Create dir earlier 2025-12-01 14:21:58 -05:00
DefensiveDepth 1284150382 Move to manager init 2025-11-27 08:39:19 -05:00
DefensiveDepth 4bb0a7c9d9 Merge remote-tracking branch 'origin/2.4/dev' into idstools-refactor 2025-11-25 13:52:21 -05:00
DefensiveDepth ced3af818c Refactor for Airgap 2025-11-25 13:51:50 -05:00
DefensiveDepth 148ef7ef21 add default ruleset 2025-11-18 11:57:30 -05:00
DefensiveDepth 1b55642c86 Refactor rules location 2025-11-18 09:58:14 -05:00
DefensiveDepth af7f7d0728 Fix file paths 2025-11-17 12:00:08 -05:00
reyesj2 4314c79f85 bump suricata dns logging version 2025-11-14 08:24:31 -06:00
DefensiveDepth 81d7c313af remove dupe 2025-11-12 11:11:01 -05:00
DefensiveDepth 9a6ff75793 Merge remote-tracking branch 'origin/2.4/dev' into idstools-refactor 2025-11-12 08:51:51 -05:00
DefensiveDepth 11518f6eea idstools removal refactor 2025-11-11 13:41:32 -05:00
Josh Patterson 245ceb2d49 suricata defaults and annotation 2025-11-10 16:40:11 -05:00
Josh Patterson 18c0f197b2 suricata bpf 2025-11-10 13:28:19 -05:00
Josh Patterson 78c193f0a2 handle bpf for suricata 8 pcap 2025-11-07 17:40:24 -05:00
Josh Patterson 6c7ef622c1 spaces removed from expected output 2025-11-07 17:08:33 -05:00
Josh Patterson da1cac0d53 tls-log, http-log and syslog outputs deprecated https://github.com/Security-Onion-Solutions/securityonion/issues/15203 2025-11-06 16:32:55 -05:00
Josh Patterson b7e1989d45 resolve block-size not large enough for max fragmented IP packet size warning 2025-11-06 09:49:46 -05:00
DefensiveDepth a77157391c remove idstools 2025-09-17 10:42:05 -04:00
Doug Burks 27358137f2 FIX: so-suricata-testrule should disable pcap logging #14685 2025-05-30 09:24:41 -04:00
Jason Ertel 0566f46d5b Clarify enabled settings 2024-09-16 10:41:01 -04:00
Jason Ertel 217bb388a0 Clarify enabled settings 2024-09-16 10:05:17 -04:00
m0duspwnens 7123c62876 add so-suricata container req for rule reload 2024-09-09 11:13:28 -04:00
m0duspwnens ba24c5b219 remove -it 2024-09-06 12:26:55 -04:00
m0duspwnens 576d218cd9 dont restart suricata during setup. retry rule reload for 3 minutes 2024-09-06 08:10:59 -04:00
m0duspwnens 6581979506 retry suricata rule reload 2024-09-05 07:33:56 -04:00
Mike Reeves 5811ee5897 Update so-suricata-reload-rules 2024-09-01 10:39:42 -04:00
Mike Reeves afcb30be03 Threhsolds require a restart 2024-08-30 09:43:35 -04:00
Mike Reeves b9f817201c Add thresholds to the reload list 2024-08-30 09:15:25 -04:00
Mike Reeves edce5186b9 Add support to relaod rules instead of restart 2024-08-29 12:55:06 -04:00
m0duspwnens c8a8236401 handle suricata network and port vars as string or list 2024-08-13 15:44:08 -04:00
m0duspwnens a23789287e force var to be list of string 2024-07-15 11:29:47 -04:00
Mike Reeves f37f5ba97b Update soc_suricata.yaml 2024-06-06 15:57:58 -04:00
Jason Ertel 4771810361 exclude detect-parse errors 2024-05-15 19:10:50 -04:00
Jason Ertel 252d9a5320 make rule settings advanced 2024-05-01 12:51:04 -04:00
Jason Ertel c71af9127b mark detections settings as read-only via the UI 2024-05-01 11:47:38 -04:00
Jason Ertel 84db82852c annotation updates for custom settings 2024-04-30 15:14:56 -04:00
m0duspwnens 2c7eb3c755 only apply ulimits to suricata container if user enable mmap-locked 2024-04-25 10:05:59 -04:00
m0duspwnens 73b5bb1a75 add memlock to so-suricata container 2024-04-24 15:35:17 -04:00
m0duspwnens 13a6520a8c mmap-locked default no 2024-04-24 13:50:12 -04:00
m0duspwnens 4b7f826a2a quote is so true becomes yes 2024-04-24 13:29:55 -04:00
m0duspwnens 0bd0c7b1ec allow for mmap-locked to be configured 2024-04-24 13:26:25 -04:00
Mike Reeves d57f773072 Fix regex to allow ipv6 in bpfs 2024-03-27 09:36:42 -04:00
m0duspwnens 029d8a0e8f handle yes/no on checksum-checks 2024-03-25 09:30:41 -04:00
m0duspwnens 81f3d69eb9 remove mmap-locked. 2024-03-22 15:55:59 -04:00
m0duspwnens bb0da2a5c5 add additional suricata af-packet config items 2024-03-22 14:34:14 -04:00
Doug Burks f3b921342e FIX: Annotations for BPF and Suricata PCAP #12626 2024-03-20 16:06:25 -04:00