CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-14 05:02:52 +01:00
Code Issues Packages Projects Releases Wiki Activity
15,077 Commits 26 Branches 119 Tags
ee696be51d5fd01276aa8db15b26af4a3a44d40c
Commit Graph

15077 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
reyesj2
fd689a4607 Fix typo in ingest pipeline 
Test to fix duplicate events in SOC, by removing conflicting field event.created

Signed-off-by: reyesj2 <94730068+reyesj2@users.noreply.github.com>
 2024-04-11 11:18:04 -04:00
Josh Brower
ae09869417 Merge pull request #12780 from Security-Onion-Solutions/2.4/detectiondefaults 
Enable Detections Adv by default
 2024-04-11 09:32:34 -04:00
DefensiveDepth
1c5f02ade2 Update annotations 2024-04-11 09:21:08 -04:00
DefensiveDepth
ed97aa4e78 Enable Detections Adv by default 2024-04-11 08:21:20 -04:00
reyesj2
7124f04138 Update ingest pipelines to match updated mappings 
Signed-off-by: reyesj2 <94730068+reyesj2@users.noreply.github.com>
 2024-04-10 16:13:06 -04:00
reyesj2
2ab9cbba61 Update wording for Kismet poll interval annotation 
Signed-off-by: reyesj2 <94730068+reyesj2@users.noreply.github.com>
 2024-04-10 16:12:22 -04:00
reyesj2
4097e1d81a Create mappings for Kismet integration 
Signed-off-by: reyesj2 <94730068+reyesj2@users.noreply.github.com>
 2024-04-10 16:10:27 -04:00
Mike Reeves
2206553e03 Update analyst.json 2024-04-10 09:49:21 -04:00
Josh Brower
b9474b9352 Merge pull request #12766 from Security-Onion-Solutions/2.4/sigma-pipeline 
Ship Defender logs + more
 2024-04-08 16:35:24 -04:00
DefensiveDepth
376efab40c Ship Defender logs 2024-04-08 14:01:38 -04:00
coreyogburn
acf29a6c9c Merge pull request #12760 from Security-Onion-Solutions/cogburn/detection-author-remap 
Detection Author as a Keyword instead of Text
 2024-04-05 11:39:53 -06:00
Corey Ogburn
00cea6fb80 Detection Author as a Keyword instead of Text 
With Quick Actions added to Detections, as many fields should be usable as possible.
 2024-04-05 11:22:47 -06:00
Mike Reeves
cbc95d0b30 Merge pull request #12759 from Security-Onion-Solutions/TOoSmOotH-patch-2 
Update so-log-check
 2024-04-05 08:17:50 -04:00
Mike Reeves
21f86be8ee Update so-log-check 2024-04-05 08:03:42 -04:00
Josh Brower
8e38c3763e Merge pull request #12756 from Security-Onion-Solutions/2.4/detections-defaults 
Use list not string
 2024-04-04 17:00:38 -04:00
DefensiveDepth
ca807bd6bd Use list not string 2024-04-04 16:58:39 -04:00
Josh Brower
f72cbd5f23 Merge pull request #12755 from Security-Onion-Solutions/2.4/detections-defaults 
2.4/detections defaults
 2024-04-04 11:33:59 -04:00
Josh Brower
1d7e47f589 Merge pull request #12682 from Security-Onion-Solutions/2.4/soup-playbook 
2.4/soup playbook
 2024-04-04 11:28:09 -04:00
DefensiveDepth
49d5fa95a2 Detections tweaks 2024-04-04 11:26:44 -04:00
Jason Ertel
204f44449a Merge pull request #12754 from Security-Onion-Solutions/jertel/ana 
skip telemetry summary in airgap mode
 2024-04-04 10:39:07 -04:00
Jason Ertel
6046848ee7 skip telemetry summary in airgap mode 2024-04-04 10:25:32 -04:00
Doug Burks
b0aee238b1 Merge pull request #12753 from Security-Onion-Solutions/dougburks-patch-1 
FEATURE: Add dashboards specific to Elastic Agent #12746
 2024-04-04 09:35:21 -04:00
Doug Burks
d8ac3f1292 FEATURE: Add dashboards specific to Elastic Agent #12746 2024-04-04 09:30:05 -04:00
Mike Reeves
8788b34c8a Merge pull request #12752 from Security-Onion-Solutions/updates23 
Allow 2.3 to update
 2024-04-04 09:25:41 -04:00
Mike Reeves
784ec54795 2.3 updates 2024-04-04 09:24:17 -04:00
Mike Reeves
54fce4bf8f 2.3 updates 2024-04-04 09:21:16 -04:00
Mike Reeves
c4ebe25bab Attempt to fix 2.3 when main repo changes 2024-04-04 09:18:37 -04:00
Doug Burks
7b4e207329 Merge pull request #12751 from Security-Onion-Solutions/dougburks-patch-1 
FEATURE: Add Events table columns for event.module sigma #12743
 2024-04-04 09:13:53 -04:00
Doug Burks
5ec3b834fb FEATURE: Add Events table columns for event.module sigma #12743 2024-04-04 09:11:41 -04:00
Mike Reeves
7668fa1396 Attempt to fix 2.3 when main repo changes 2024-04-04 09:03:29 -04:00
Mike Reeves
470b0e4bf6 Attempt to fix 2.3 when main repo changes 2024-04-04 08:55:13 -04:00
Mike Reeves
d3f163bf9e Attempt to fix 2.3 when main repo changes 2024-04-04 08:54:04 -04:00
Mike Reeves
4b31632dfc Attempt to fix 2.3 when main repo changes 2024-04-04 08:52:37 -04:00
DefensiveDepth
c2f7f7e3a5 Remove dup line 2024-04-04 08:52:30 -04:00
DefensiveDepth
07cb0c7d46 Merge remote-tracking branch 'origin/2.4/dev' into 2.4/soup-playbook 2024-04-04 08:51:09 -04:00
Mike Reeves
14c824143b Attempt to fix 2.3 when main repo changes 2024-04-04 08:48:44 -04:00
Jason Ertel
c75c411426 Merge pull request #12749 from Security-Onion-Solutions/jertel/ana 
Clarify annotation description re: Airgap
 2024-04-04 07:53:18 -04:00
Jason Ertel
a7fab380b4 clarify telemetry annotation 2024-04-04 07:51:23 -04:00
Jason Ertel
a9517e1291 clarify telemetry annotation 2024-04-04 07:49:30 -04:00
Josh Brower
1017838cfc Merge pull request #12748 from Security-Onion-Solutions/2.4/exclude-elastalert 
Exclude Elastalert EQL errors
 2024-04-04 06:57:22 -04:00
DefensiveDepth
1d221a574b Exclude Elastalert EQL errors 2024-04-04 06:48:25 -04:00
Jason Ertel
a35bfc4822 Merge pull request #12747 from Security-Onion-Solutions/jertel/ana 
do not prompt about telemetry on airgap installs
 2024-04-03 21:50:38 -04:00
Jason Ertel
7c64fc8c05 do not prompt about telemetry on airgap installs 2024-04-03 18:08:42 -04:00
DefensiveDepth
f66cca96ce YARA casing 2024-04-03 16:17:29 -04:00
Mike Reeves
12da7db22c Attempt to fix 2.3 when main repo changes 2024-04-03 15:38:23 -04:00
Mike Reeves
9c59f42c16 Attempt to fix 2.3 when main repo changes 2024-04-03 15:23:09 -04:00
coreyogburn
fb5eea8284 Merge pull request #12744 from Security-Onion-Solutions/cogburn/detection-state 
Update SOC Config with State File Paths
 2024-04-03 13:19:26 -06:00
Mike Reeves
9db9af27ae Attempt to fix 2.3 when main repo changes 2024-04-03 15:14:50 -04:00
Corey Ogburn
0f50a265cf Update SOC Config with State File Paths 
Each detection engine is getting a state file to help manage the timer over restarts. By default, the files will go in soc's config folder inside a fingerprints folder.
 2024-04-03 13:12:18 -06:00
Jason Ertel
3e05c04aa1 Merge pull request #12731 from Security-Onion-Solutions/jertel/ana 
SOC Telemetry
 2024-04-03 14:51:41 -04:00