CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-06 09:12:45 +01:00
Code Issues Packages Projects Releases Wiki Activity
8,568 Commits 24 Branches 119 Tags
f93c6146f5ebe1a41fdb9addcb80d460d1e6e970
Commit Graph

90 Commits

Author SHA1 Message Date
m0duspwnens
f93c6146f5 docker binds requires 2021-10-21 15:24:55 -04:00
Jason Ertel
d0592c4293 Update ElastAlert to use ElastAlert 2 2021-09-28 00:51:29 -04:00
Josh Brower
591ef540a6 esalerter ES creds fix 2021-06-21 10:50:09 -04:00
Jason Ertel
059b016c62 Fix require statement 2021-06-16 21:48:31 -04:00
Jason Ertel
2d34208269 Elastic auth: Fun with Salt 2021-06-16 17:52:22 -04:00
Jason Ertel
dd14235e31 Accept either 200 or 401 instead of wasting 3 minutes waiting for this to timeout 2021-06-16 11:39:21 -04:00
Jason Ertel
09fbb045a1 If ES auth disabled ensure user/pass are blank 2021-06-16 09:59:57 -04:00
Jason Ertel
dd8eb29a18 Continue merge of ECS into Elastic Auth 2021-06-15 09:11:58 -04:00
Jason Ertel
62187807f0 Specify elastic creds for playbook alert templates 2021-06-14 14:08:14 -04:00
Jason Ertel
901242f7e9 remove extra parenthesis 2021-06-02 16:23:45 -04:00
Jason Ertel
20e896cacf Update all configs to pass user/pass to ES 2021-06-02 12:17:15 -04:00
Josh Brower
ef98445560 Fix Playbook Alert timestamps 2021-03-31 15:44:41 -04:00
Josh Brower
2425355680 Fix https Playbook Alerter 2021-03-19 16:38:33 -04:00
Mike Reeves
bf4249d28b fix elastalert verification 2021-03-03 14:16:10 -05:00
Mike Reeves
e0538417f1 fix http.wait 2021-03-03 14:06:35 -05:00
Mike Reeves
bfd05a8cfc Change to https for elastic connections 2021-03-02 11:32:29 -05:00
m0duspwnens
8cf0a3da98 remove seconds 2021-02-01 15:19:47 -05:00
m0duspwnens
0ea504c16a remove space 2021-01-29 17:32:48 -05:00
m0duspwnens
618b94b9b6 add newline 2021-01-29 15:31:05 -05:00
m0duspwnens
f50a89a0cf watch elastalert config and restart docker if chagnes 2021-01-29 15:28:59 -05:00
m0duspwnens
b7aef32eeb fix missing } 2021-01-27 15:50:23 -05:00
m0duspwnens
8df9e020ac pillarize elastalert https://github.com/Security-Onion-Solutions/securityonion/issues/1191 2021-01-27 15:35:29 -05:00
m0duspwnens
b693373d8d change how we allow or disallow states to be run https://github.com/Security-Onion-Solutions/securityonion/issues/2679 2021-01-20 15:09:53 -05:00
m0duspwnens
1fca5e65df redo how containers get added to so-status https://github.com/Security-Onion-Solutions/securityonion/issues/1681 2020-11-10 15:31:47 -05:00
Josh Brower
844ffe8fdf nest case_template 2020-10-21 09:58:31 -04:00
Josh Brower
1e14d66f54 Add case_template field to Playbook alerts 2020-10-21 08:59:26 -04:00
Josh Brower
de9ace62d4 Write out nested json 2020-10-05 15:34:02 -04:00
Josh Brower
8a78485906 Config Playbook SOC Alerts 2020-10-04 21:35:42 -04:00
Josh Brower
c80b6ce104 Add so-allow-view and playbook event.sev.label 2020-10-04 20:39:21 -04:00
weslambert
887937a75d Remove rule sync, since we don't have any rules to sync 2020-09-30 18:35:35 -04:00
Jason Ertel
ff04bb507a Remove default Elastalert rules to stop automated alerts from being sent to thehive 2020-09-30 15:06:54 -04:00
Doug Burks
57e45308af Fix pivot from TheHive to Kibana #1362 2020-09-17 08:05:55 -04:00
m0duspwnens
09cc8ae1fb fail the state if it isnt in top 2020-09-09 16:48:50 -04:00
m0duspwnens
a229ae82ce only allow state to run if it is in top for the node 2020-09-02 16:15:52 -04:00
weslambert
5d920885e0 Add manager to hosts file 2020-09-02 07:43:55 -04:00
Wes Lambert
9abbda8e04 Wait for Elasticsearch indices to be queryable before starting Elastalert container 2020-08-31 13:54:49 +00:00
m0duspwnens
e6da423dc3 change reference from manager:url_base to global:url_base - https://github.com/Security-Onion-Solutions/securityonion/issues/1039 2020-08-14 17:55:30 -04:00
Josh Brower
7400bbd6c1 Elastalert Stability Fixes 2020-08-13 17:14:53 -04:00
Josh Brower
b724d40376 Playbook Stability Fixes 2020-08-11 15:07:16 -04:00
Josh Brower
a8b980b6a7 More Playbook Fixes - Issue #1064 2020-08-07 13:35:43 -04:00
Josh Brower
ddd099233a Playbook Fixes - Issue #1064 2020-08-06 15:43:45 -04:00
Josh Brower
4f9ef89098 Simplify elastalert rules 2020-08-06 14:30:44 -04:00
Mike Reeves
24ed92c9dc minio and change to global 2020-08-04 15:54:03 -04:00
Wes Lambert
3ac9f1800b Make sure we are searching all clusters when running rules 2020-07-24 22:04:30 +00:00
Jason Ertel
8f66a27f07 Refactor image repository to a single variable 2020-07-13 18:26:43 -04:00
m0duspwnens
1f48dc765e merge with dev and resolv conflicts 2020-07-10 10:36:48 -04:00
Jason Ertel
6bfd777d25 Enabled elastalert log 2020-07-09 21:34:35 -04:00
m0duspwnens
5ca3ecf4bd fix reference to master grain 2020-07-09 15:42:39 -04:00
Josh Brower
206bdc60f3 Merge pull request #967 from Security-Onion-Solutions/feature/low-level-alerts 
Feature - low level alerts
 2020-07-09 13:56:31 -04:00
Josh Brower
52f7111e1d Feature - low level alerts 2020-07-09 13:53:55 -04:00