CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-06 17:22:49 +01:00
Code Issues Packages Projects Releases Wiki Activity
10,959 Commits 24 Branches 119 Tags
f6b9dec2ae9994e4deabf8d2e2445bb78182b360
Commit Graph

365 Commits

Author SHA1 Message Date
Doug Burks
272b345892 FIX: Suricata DNS A and CNAME parsing #10117 2023-04-13 10:52:37 -04:00
Doug Burks
17bcf50ccb update Suricata DHCP parser to set server.address 2023-01-30 15:57:47 -05:00
Wes
bd114eb1c4 Update RITA beacon parsing 2023-01-03 16:01:35 +00:00
doug
edcbfd17f5 update sysmon parser 2022-12-30 16:20:06 -05:00
weslambert
5988c12773 Change 'bsap.node.status.byte' to 'bsap.node.status_byte' 2022-11-30 13:01:30 -05:00
Wes
8f0547beda Change 'bsap.node.status_byte' to 'bsap.node_status_byte'. 2022-11-30 15:24:53 +00:00
Wes
6cb4c02200 More field updates 2022-11-30 15:22:02 +00:00
Wes
5d72f8d55a Additional field renames and updates 2022-11-30 15:01:41 +00:00
Wes
e00a80feb4 Use native link_id naming scheme for now 2022-11-29 22:05:37 +00:00
Wes
e8e39a7105 Various field renames 2022-11-29 21:32:05 +00:00
Wes
13ea44db95 Use native 'is_orig' since we are already using that field name for other logs 2022-11-29 21:21:41 +00:00
Wes
6fe2857ba5 Add Zeek s7comm_upload_download ingest pipeline 2022-11-29 19:45:56 +00:00
weslambert
f947e501cb Add space per request 2022-11-29 14:14:37 -05:00
weslambert
ff8bbc399f Add space per request 2022-11-29 14:14:08 -05:00
weslambert
80226a27cc Add space per request 2022-11-29 14:13:41 -05:00
weslambert
266207cc18 Add space per request 2022-11-29 14:12:52 -05:00
weslambert
5255c120c5 Add space per request 2022-11-29 14:11:20 -05:00
Wes
d44f8e495b Check if connection.state is populated before trying to assess its value 2022-11-29 19:00:47 +00:00
Wes
13a8cbdabb Add convert processor for opcua.encoding_mask 2022-11-29 18:59:30 +00:00
weslambert
1cc5961c07 Change 'write' to 'read' to correct name and avoid pipeline failure 2022-11-29 12:54:55 -05:00
Wes
5db643e53b Add Zeek dnp3_control ingest pipeline 2022-11-29 17:18:24 +00:00
doug
1bb76bb251 update zeek s7comm parsers 2022-11-29 07:50:21 -05:00
doug
4251331bd4 update zeek tds parsers and dashboard 2022-11-29 07:43:20 -05:00
doug
124d56f4b9 update zeek cip parsers 2022-11-29 07:36:30 -05:00
doug
02821b97ad update bacnet parsers 2022-11-29 07:26:11 -05:00
doug
9a50832669 fix more typos 2022-11-29 07:16:30 -05:00
doug
cffbe757a6 fix bsap typos 2022-11-29 06:56:51 -05:00
doug
8462e66873 fix opcua_binary_browse_description 2022-11-28 13:50:24 -05:00
doug
6d814d3909 add more zeek opcua parsers 2022-11-26 17:43:58 -05:00
doug
73adc571de add more zeek ics parsers 2022-11-26 10:36:49 -05:00
Doug Burks
3f62cddc3b change . to _ 2022-11-23 12:21:12 -05:00
Doug Burks
085420997c move status_code before status_code.link_id 2022-11-23 12:11:04 -05:00
Doug Burks
0a1d0d35c8 fix description 2022-11-23 11:33:31 -05:00
Doug Burks
9ee96f2280 fix description 2022-11-23 11:32:09 -05:00
doug
bc620b7def fix zeek opcua pipelines 2022-11-23 10:56:32 -05:00
weslambert
3a64362887 Remove extra space used during testing 2022-11-22 15:47:16 -05:00
Wes
e77a60bcbf Add missing OPCUA 'activate_session' pipelines 2022-11-22 20:44:48 +00:00
weslambert
3c054fd133 Fix spelling of 'wireguard.responses' field name 2022-11-22 13:02:43 -05:00
weslambert
8e17c23659 Fix format/speliing for 'enip.status_code' field name 2022-11-22 12:05:03 -05:00
weslambert
92170941f0 Fix spelling for 'stun.class' field name 2022-11-22 12:04:07 -05:00
Wes
95a6f9aa7d Add COTP and TDS ingest pipelines 2022-11-22 13:35:19 +00:00
Peter Di Giorgio
33bf0c6902 Merge pull request #9163 from Security-Onion-Solutions/dev 
Update Foxtrot from Dev
 2022-11-17 10:44:24 -06:00
Wes
a278194037 Add additional ICS/SCADA ingest node pipelines 2022-11-17 16:16:33 +00:00
Wes
35e131b888 Update ingest node pipelines for ICS/SCADA protocols 2022-11-16 21:09:30 +00:00
lock-wire
73b1e5949b Add ecat, enip, cip, and opcua 2022-11-11 12:15:54 -08:00
lock-wire
85d30520ce Add BSAP protocol 2022-11-11 07:22:55 -08:00
Peter Di Giorgio
5ebf470a86 Update zeek.bacnet_discovery 2022-11-03 22:27:04 -07:00
Peter Di Giorgio
4b39ccec6d Update zeek.bacnet_property 2022-11-03 15:30:20 -07:00
Peter Di Giorgio
b97c822800 Add zeek.bacnet_discovery and zeek.bacnet_property 2022-10-27 15:40:52 -07:00
Peter Di Giorgio
71e3b2d1fb Create zeek.bacnet 2022-10-27 15:40:07 -07:00