CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-06 09:12:45 +01:00
Code Issues Packages Projects Releases Wiki Activity
9,306 Commits 24 Branches 119 Tags
eefcc929c20b5fe12a8505144d753c918889d710
Commit Graph

29 Commits

Author SHA1 Message Date
Jason Ertel
eefcc929c2 Update copyright pattern to match other repos 2022-01-24 10:09:23 -05:00
Jason Ertel
7c22f46a55 Update copyright year for 2022 2022-01-24 09:35:29 -05:00
Jason Ertel
cad4efdded Fixed PCAP files are readable by root only, which prevents Suricata from being able to scan the file during import 2021-06-29 17:51:04 -04:00
Mike Reeves
4ef38f8d04 Add EPS and RAID status collection for telegraf 2021-01-25 19:14:46 -05:00
m0duspwnens
2d497cb724 change to just Hunt 2020-12-16 14:15:57 -05:00
Jason Ertel
f074179656 Correct so-import-pcap wrapping; add so-pcap-import alias for so-import-pcap; prompt to reboot after changing IP address on manager; ensure all tools have exec bit set 2020-11-20 14:14:03 -05:00
m0duspwnens
d963222f31 provide proper url for so-import-pcap based on redirect strategy chosen during setup - https://github.com/Security-Onion-Solutions/securityonion/issues/1039 2020-08-14 15:28:47 -04:00
Mike Reeves
24ed92c9dc minio and change to global 2020-08-04 15:54:03 -04:00
Jason Ertel
9eeb527ea7 Include UTC parameter when providing a hyperlink to Hunt from so-import-pcap output 2020-07-23 17:18:42 -04:00
Jason Ertel
d2df405cf0 so-import-pcap improvements: Ensure PCAP filenames with spaces are handled properly; Provide link directly to the imported logs, filtered by import ID; Require sudo access to run so-import-pcap 2020-07-21 11:07:09 -04:00
Jason Ertel
9781d8d0e7 Ensure permissions are consistently applied to all imported PCAP files 2020-07-15 13:53:28 -04:00
Jason Ertel
9bbbaa485c Switch PM to AM since we want to span midnight to midnight 2020-07-14 17:36:30 -04:00
Jason Ertel
67f2edce28 Resolve merge conflict that reverted import URL back to Kibana 2020-07-14 09:40:16 -04:00
Jason Ertel
8f66a27f07 Refactor image repository to a single variable 2020-07-13 18:26:43 -04:00
m0duspwnens
13af4cacb0 merge with dev and resolve conflicts 2020-07-10 16:27:10 -04:00
Jason Ertel
358ef78cd9 Do not stop curator since imported data will now be placed into a longer term so-import index 2020-07-10 13:58:52 -04:00
Jason Ertel
811bbb4cb0 Require sudo to run an import 2020-07-10 13:58:52 -04:00
m0duspwnens
0a1b5f29eb merge with dev and resolv conflicts 2020-07-10 10:48:49 -04:00
m0duspwnens
1f48dc765e merge with dev and resolv conflicts 2020-07-10 10:36:48 -04:00
Jason Ertel
33179141a1 Enable PCAP pivots from imports 2020-07-09 16:11:38 -04:00
m0duspwnens
5ca3ecf4bd fix reference to master grain 2020-07-09 15:42:39 -04:00
m0duspwnens
3cf31e2460 https://github.com/Security-Onion-Solutions/securityonion/issues/404 2020-07-09 11:27:06 -04:00
Jason Ertel
cf6a229f51 Import now requires execution on a sensor node due to the need for zeek and suricata; Automatically stop curator if curator is installed 2020-07-02 12:07:30 -04:00
Jason Ertel
4cedacf8fd Improve curator verbiage in so-import-pcap 2020-07-02 06:01:17 -04:00
Jason Ertel
ac01b8de4b Stop curator when directed on PCAP imports 2020-07-01 22:04:07 -04:00
Jason Ertel
e3126064e8 Improve usage instructions for so-import-pcap 2020-07-01 17:58:02 -04:00
Jason Ertel
96e93b012d Adjust imports for filebeat configuration to ensure import data is placed into ES 2020-07-01 17:18:01 -04:00
Jason Ertel
d6feafb12a Correct indentation in filebeat.yaml 2020-07-01 15:39:23 -04:00
Jason Ertel
930f15eea5 Introduce so-import-pcap tool - WIP 2020-06-30 14:56:08 -04:00