CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-08 02:02:50 +01:00
Code Issues Packages Projects Releases Wiki Activity
9,128 Commits 24 Branches 119 Tags
f2adcf4ca51a6dc64f21313a2c83bbcc0cea2b9a
Commit Graph

254 Commits

Author SHA1 Message Date
Jason Ertel
5a4473ecd6 fix indent 2021-12-28 08:33:31 -05:00
Jason Ertel
f335670b3f Add new client-side param for cases 2021-12-27 21:53:30 -05:00
Jason Ertel
194e4119f0 Correct missing json vars 2021-12-27 20:36:28 -05:00
Jason Ertel
09626deb05 Correct var names for jinja 2021-12-27 18:01:15 -05:00
Jason Ertel
ae7a4b6528 More syntax corrections 2021-12-27 16:18:12 -05:00
Jason Ertel
0a255e5765 Resolve syntax error 2021-12-27 15:15:33 -05:00
Jason Ertel
789719d25e Correct preset file syntax 2021-12-27 13:21:13 -05:00
Jason Ertel
7140255d95 Add missing presets file 2021-12-27 12:27:04 -05:00
Jason Ertel
ab3319b472 Add artifact support 2021-12-27 10:49:10 -05:00
Jason Ertel
d4f395b7f4 Fix query name for open cases 2021-12-15 20:02:35 -05:00
Jason Ertel
2761662eb9 Add status presets 2021-12-09 13:09:56 -05:00
Jason Ertel
a9b7b9ee92 Jinjafy case params 2021-12-08 17:41:48 -05:00
Jason Ertel
b73eb76c94 Make case module dynamic 2021-12-07 11:51:02 -05:00
m0duspwnens
cd1f0c0440 break kratos state out from soc state 2021-11-18 09:10:00 -05:00
weslambert
9ac1cb0e76 Fix spelling 2021-11-12 21:12:09 -05:00
weslambert
3cd1b5687e Make pivot condition independent for ENDGAMEHOST 2021-11-12 12:06:39 -05:00
Wes Lambert
032373187c Allow setting ES index patterns for SOC in pillar 2021-10-15 16:02:53 +00:00
Wes Lambert
15049f44b9 Add EG pivot 2021-10-14 15:15:23 +00:00
Jason Ertel
d21dee162d Add Note field to user traits; Enforce max length restrictions on email, firstname, lastname, and note fields 2021-10-08 12:39:17 -04:00
Jason Ertel
fbd9bab2f1 Split apart roles and users into separate maps 2021-09-16 16:08:55 -04:00
Jason Ertel
b81d38e392 Merge branch 'dev' into kilo 2021-09-16 07:44:35 -04:00
Josh Brower
e0a289182f Fix Fleet Link Logic 2021-09-15 09:28:23 -04:00
Jason Ertel
9970e54081 Adjust custom_role examples to be more realistic 2021-09-14 14:03:22 -04:00
Josh Brower
74b0b365bd Fleet SA - SOC Link Fix 2021-09-14 13:23:07 -04:00
Mike Reeves
4af6a901a1 Merge pull request #5461 from Security-Onion-Solutions/truclusterrator 
Add new hunt fields
 2021-09-10 13:17:01 -04:00
Mike Reeves
4f6a3269cb Add more detail to syscollector 2021-09-10 09:59:47 -04:00
Mike Reeves
9f5dafd560 More Event Fields 2021-09-02 13:48:18 -04:00
Mike Reeves
1cee603ee4 Squid event fields 2021-09-02 13:24:04 -04:00
Mike Reeves
2bf471054b Cloudtrail Event Fields 2021-09-02 11:46:18 -04:00
Jason Ertel
10126bb7ef Auth enhancements 2021-09-02 09:44:57 -04:00
Mike Reeves
556bad6925 Add eventfields for new default logs 2021-09-01 15:13:43 -04:00
Jason Ertel
257062e20c Update release notes link to match top right menu for airgap 2021-07-22 09:48:34 -04:00
doug
fa9d7afb46 FIX: Airgap link to Release Notes #4685 2021-07-22 09:42:37 -04:00
Jason Ertel
8ddc99e91f Allow for adjusting SOC session timeout 2021-06-22 08:07:52 -04:00
Jason Ertel
1d4161ba31 Disable HaveIBeenPwned API (pwnedpasswords.com) 2021-06-18 08:36:36 -04:00
Jason Ertel
09fbb045a1 If ES auth disabled ensure user/pass are blank 2021-06-16 09:59:57 -04:00
Jason Ertel
fca1c6e957 Merge branch 'dev' into kilo 2021-06-14 10:40:04 -04:00
Jason Ertel
7205c5cb7b Provide timestamp as arg to SOC PCAP pivots 2021-06-10 15:21:03 -04:00
Mike Reeves
88eea03f97 Revert to SO taxonomy for zeek and suricata 2021-06-08 13:36:50 -04:00
Mike Reeves
4972f69dd6 Merge remote-tracking branch 'remotes/origin/dev' into pipeline 2021-06-08 11:03:14 -04:00
Jason Ertel
901242f7e9 remove extra parenthesis 2021-06-02 16:23:45 -04:00
Mike Reeves
9c9bcac61b Update DNS queries 2021-06-02 15:01:14 -04:00
Mike Reeves
e8cc88174f Fix some hunt queries 2021-06-02 13:55:05 -04:00
Jason Ertel
20e896cacf Update all configs to pass user/pass to ES 2021-06-02 12:17:15 -04:00
Jason Ertel
4ff85ab0c4 Merge branch 'dev' into kilo 2021-06-02 10:39:51 -04:00
Jason Ertel
c757d21360 Increase default SOC API and ES timeouts from 2m to 5m 2021-06-02 09:38:59 -04:00
Jason Ertel
3a134cc706 fix merge conflicts 2021-06-02 09:16:28 -04:00
doug
aeea5701e4 completely disable both alerts.actions.json and hunt.actions.json 2021-05-26 16:34:05 -04:00
doug
ee675546ac add menu.actions.json and update soc.json 2021-05-26 14:09:00 -04:00
Jason Ertel
915b7aa2df Switch Kratos config from argon2 to bcrypt12 2021-05-24 10:52:54 -04:00