CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-21 00:13:06 +01:00
Code Issues Packages Projects Releases Wiki Activity
15,881 Commits 18 Branches 120 Tags
efbf62f56aec04f9469f10f159c79d98927d95ae
Commit Graph

10044 Commits

Author SHA1 Message Date
m0duspwnens
efbf62f56a adding beacon 2024-11-04 08:30:40 -05:00
m0duspwnens
9ac5ef09ad update comment 2024-10-29 11:01:04 -04:00
m0duspwnens
3394588602 sync hypervisor state remote to local 2024-10-29 10:56:18 -04:00
m0duspwnens
c64a05f2ff dynamic annotations 2024-10-29 10:20:31 -04:00
m0duspwnens
0c4426a55e Merge branch '2.4/dev' into vertlybimp 2024-10-29 08:32:39 -04:00
Josh Brower
6a3e5415cf Merge pull request #13832 from Security-Onion-Solutions/2.4/sigmapipelines 
Add process and file creation mappings
 2024-10-28 18:30:21 -04:00
defensivedepth
f3ca5b1c42 Remove OS-specific mappings 2024-10-28 09:19:51 -04:00
m0duspwnens
feb700393e merge with 2.4.120, fix merge conflicts 2024-10-25 15:09:38 -04:00
Corey Ogburn
640f53d085 Cleanup 
Fix indentation and trailing comma.
 2024-10-24 17:05:36 -06:00
Corey Ogburn
1aa9d87c5d Corrected 
Put the note on the right model this time.
 2024-10-24 17:05:36 -06:00
Corey Ogburn
e11c562022 Added Note to ES Mappings 2024-10-24 17:05:35 -06:00
Corey Ogburn
6ce52bf9ab Specify Defaults for detectionEngineStatusQueries 
Specify the defaults as an example to the user.
 2024-10-24 13:11:49 -06:00
Corey Ogburn
f67fcecc6e Clean up StatusQueries String 2024-10-24 11:18:48 -06:00
Corey Ogburn
b7c392a244 Corrected a misspelling 2024-10-24 11:18:48 -06:00
Corey Ogburn
ad0b0a5e95 Refactor to String 
To accomodate the config screen, the annotation now specifies it as a multiline string with a yaml syntax. The user can edit the yaml to add or remove queries. The UI will parse the YAML before use.

Also updated the IntegrityFailure queries to specify table columns more relevant to a sync failure than the default ones.
 2024-10-24 11:18:47 -06:00
Corey Ogburn
c77b0afd8e Move to Client/Detections 
Added a basic annotation.
 2024-10-24 11:18:47 -06:00
Corey Ogburn
04ebe4efea Array to Dictionary 2024-10-24 11:18:46 -06:00
Corey Ogburn
cbb4d6846f Detection Engine Status Queries 
A few for testing
 2024-10-24 11:18:45 -06:00
m0duspwnens
a0558ace16 replace: False to remove state warning 2024-10-24 10:33:16 -04:00
m0duspwnens
ca793966a8 set retry and interval to remove state warning 2024-10-24 10:32:42 -04:00
Josh Patterson
578a18acbe Merge pull request #13853 from Security-Onion-Solutions/agcr 
install createrepo for airgap
 2024-10-23 14:21:26 -04:00
m0duspwnens
8cc530dd4c fix HELD for debian families 2024-10-23 09:36:17 -04:00
m0duspwnens
1df104967e fix pkg name 2024-10-22 16:50:23 -04:00
m0duspwnens
7a0f6d5e93 fix pkg name 2024-10-22 16:42:01 -04:00
m0duspwnens
8d2ae23ae6 install createrepo on airgap and non airgap 2024-10-22 13:56:38 -04:00
m0duspwnens
0476585370 dynamic annotations 2024-10-22 09:03:02 -04:00
m0duspwnens
4d093735ec prevent state from failing if versionlock plugin not installed 2024-10-18 14:41:23 -04:00
m0duspwnens
39230159ae update description 2024-10-17 12:10:49 -04:00
m0duspwnens
76ff0c56cd create versionlock pillar dir/files during soup to 120 2024-10-17 10:06:40 -04:00
m0duspwnens
17870bcab8 Merge remote-tracking branch 'origin/2.4/dev' into issue/204 2024-10-17 09:59:36 -04:00
m0duspwnens
5fb660bc9a remove kernel bool option, just use list 2024-10-17 09:29:03 -04:00
m0duspwnens
73ce526467 allow users to lock pkgs from upgrade 2024-10-16 17:06:03 -04:00
reyesj2
322199358d add support for trendmicro integration 
Signed-off-by: reyesj2 <94730068+reyesj2@users.noreply.github.com>
 2024-10-16 16:45:46 -04:00
defensivedepth
dcdfaf66f4 Add process and file creation mappings 2024-10-16 15:20:52 -04:00
coreyogburn
a3933bdc79 Merge pull request #13826 from Security-Onion-Solutions/cogburn/ai-switch-flip 
Changes to allow reviews to start showing
 2024-10-15 16:03:18 -06:00
m0duspwnens
ce6c7c3b91 Merge remote-tracking branch 'origin/2.4/dev' into issue/13808 2024-10-15 13:14:18 -04:00
m0duspwnens
c2e46932ee fix array def 2024-10-15 12:01:53 -04:00
m0duspwnens
c46fb7e74c check if service is running before trying to start it 2024-10-15 11:46:09 -04:00
m0duspwnens
ac6637c6ab set vars global 2024-10-15 09:56:50 -04:00
m0duspwnens
cc19b60146 restore services/top at start of soup 2024-10-15 09:32:14 -04:00
m0duspwnens
dcc1738978 dynamic annotations 2024-10-11 10:46:07 -04:00
Corey Ogburn
d2bd9c0e26 Changes to allow reviews to start showing 2024-10-10 09:48:59 -06:00
Mike Reeves
e2da31c2b7 Update soup 2024-10-09 14:15:43 -04:00
weslambert
c58ed45cf0 Use ID instead of name 2024-10-08 10:55:16 -04:00
weslambert
69857b6b5c Use ID instead of name 2024-10-08 10:54:54 -04:00
m0duspwnens
0b0ff62bc5 update comments 2024-10-08 09:40:44 -04:00
m0duspwnens
20127e6b1d hard-reset to the remote revision 2024-10-01 15:09:53 -04:00
m0duspwnens
24817a3919 user socore 2024-10-01 09:21:56 -04:00
Jason Ertel
f448cc9c7d Merge pull request #13757 from Security-Onion-Solutions/jertel/wip 
adjustments for support of PKCE OIDC
 2024-10-01 08:58:26 -04:00
Jason Ertel
4913df2297 adjustments for support of PKCE OIDC 2024-10-01 08:54:14 -04:00