CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-06 17:22:49 +01:00
Code Issues Packages Projects Releases Wiki Activity
4,888 Commits 24 Branches 119 Tags
f96d6ae4f43ff6350e339eb895f13a6dd4c6cc6f
Commit Graph

4888 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
m0duspwnens
f96d6ae4f4 only send loss if timestamp on data has changed 2020-10-07 11:06:54 -04:00
m0duspwnens
5e534571ff set timestamp with capture loss 2020-10-07 10:20:51 -04:00
m0duspwnens
14dd80b410 handle whitespace 2020-10-06 18:46:32 -04:00
m0duspwnens
af2df2c7d1 just print the loss 2020-10-06 18:44:22 -04:00
m0duspwnens
f95712c502 update log file 2020-10-06 18:38:51 -04:00
m0duspwnens
48ca2cdff1 fix pillars we check 2020-10-06 18:10:41 -04:00
m0duspwnens
4a236b3f75 Merge branch 'dev' of https://github.com/Security-Onion-Solutions/securityonion-saltstack into issue/1403 2020-10-06 18:05:47 -04:00
m0duspwnens
73ce948d42 add zeekcaptureloss to data to influxdb. rename broloss to zeekloss - https://github.com/Security-Onion-Solutions/securityonion/issues/1403 2020-10-06 18:05:41 -04:00
Mike Reeves
fd4bb81f29 Fix ZEEKLOGS pillar 2020-10-06 17:38:05 -04:00
Josh Patterson
7d14c68d70 Merge pull request #1468 from Security-Onion-Solutions/issue/163 
fix yum db if corrupted -
 2020-10-06 14:29:11 -04:00
m0duspwnens
035d215398 fix yum db if corrupted - https://github.com/Security-Onion-Solutions/securityonion/issues/163 2020-10-06 14:28:01 -04:00
Josh Patterson
51d3defe76 Merge pull request #1467 from Security-Onion-Solutions/issue/1460 
Issue/1460
 2020-10-06 14:06:01 -04:00
m0duspwnens
3d71766b64 Merge branch 'dev' of https://github.com/Security-Onion-Solutions/securityonion-saltstack into issue/1460 2020-10-06 13:58:02 -04:00
m0duspwnens
34dfc809c7 handle thread count for suricata and default max-pending-packets to 5000 - https://github.com/Security-Onion-Solutions/securityonion/issues/1460 2020-10-06 13:57:50 -04:00
Mike Reeves
f809cf5216 Update so-functions 2020-10-06 13:27:23 -04:00
weslambert
a16419b997 Merge pull request #1466 from Security-Onion-Solutions/fix/so-elasticsearch-templates-load 
Rename so-elasticsearch-templates to so-elasticsearch-templates-load
 2020-10-06 13:19:54 -04:00
Wes Lambert
a6a69c57d1 Rename so-elasticsearch-templates to so-elasticsearch-templates-load 2020-10-06 17:18:42 +00:00
weslambert
6cdff854f3 Merge pull request #1465 from Security-Onion-Solutions/feature/so-elasticsearch-templates-list 
Add so-elasticsearch-templates-list
 2020-10-06 13:16:11 -04:00
Wes Lambert
787f1d8732 Add so-elasticsearch-templates-list 2020-10-06 17:15:27 +00:00
weslambert
1a2921c2bc Merge pull request #1463 from Security-Onion-Solutions/feature/so-elasticsearch-pipelines-list 
Add so-elasticsearch-pipelines-list and fix common script perms
 2020-10-06 13:04:24 -04:00
Wes Lambert
4a5d50cf80 Add so-elasticsearch-pipelines-list and fix common script perms 2020-10-06 17:01:58 +00:00
Josh Patterson
1b3eca80d7 Merge pull request #1462 from Security-Onion-Solutions/issue/1371 
handle install locations of files copied
 2020-10-06 11:41:37 -04:00
m0duspwnens
5eada1cdd5 handle install locations of files copied 2020-10-06 11:39:34 -04:00
Josh Patterson
4b1a8d7512 Merge pull request #1461 from Security-Onion-Solutions/issue/1371 
Issue/1371
 2020-10-06 11:22:58 -04:00
m0duspwnens
a5f4c96db0 qol user interaction improvements to analyst install 2020-10-06 11:19:43 -04:00
m0duspwnens
4eea0a464c include remaining log functions from so-functions 2020-10-06 10:57:43 -04:00
m0duspwnens
7840002d18 update log file in title func 2020-10-06 10:51:31 -04:00
m0duspwnens
85168e9318 add title function 2020-10-06 10:49:38 -04:00
m0duspwnens
2420cd5db1 add some system characteristics to log like normal install does 2020-10-06 10:46:11 -04:00
Doug Burks
a686704d37 remove rule.uuid now that underlying issue has been resolved 2020-10-06 09:39:57 -04:00
weslambert
706c81daca Merge pull request #1459 from Security-Onion-Solutions/feature/strelka_yara_alert 
Add Strelka YARA matches as alerts
 2020-10-06 08:23:16 -04:00
Wes Lambert
019bec992d Add Strelka YARA matches as alerts 2020-10-06 12:19:44 +00:00
Josh Patterson
e2a787095c Merge pull request #1458 from Security-Onion-Solutions/issue/1290 
change for network miner 2.6 - https://github.com/Security-Onion-Solu…
 2020-10-05 18:38:14 -04:00
m0duspwnens
acabcd27a7 change for network miner 2.6 - https://github.com/Security-Onion-Solutions/securityonion/issues/1290 2020-10-05 18:17:24 -04:00
Josh Patterson
24ff34ee81 Merge pull request #1457 from Security-Onion-Solutions/issue/1371 
Issue/1371
 2020-10-05 15:51:35 -04:00
Josh Brower
2e012432b4 Merge pull request #1455 from Security-Onion-Solutions/feature/training-req 
Write out nested json
 2020-10-05 15:34:43 -04:00
Josh Brower
de9ace62d4 Write out nested json 2020-10-05 15:34:02 -04:00
Josh Patterson
faf5e7a643 Merge pull request #1454 from Security-Onion-Solutions/issue/1444 
logstash changes per https://github.com/Security-Onion-Solutions/secu…
 2020-10-05 14:12:05 -04:00
m0duspwnens
748dc5ba91 logstash changes per https://github.com/Security-Onion-Solutions/securityonion/issues/1444 2020-10-05 14:10:05 -04:00
Josh Patterson
f7daa391c7 Merge pull request #1453 from Security-Onion-Solutions/issue/1441 
enable suricata threshold-file and point to proper file
 2020-10-05 12:56:39 -04:00
Doug Burks
a45aa43f41 Add trailing comma to "thehive" stanza 2020-10-05 12:35:33 -04:00
m0duspwnens
63884b73e1 enable suricata threshold-file and point to proper file - https://github.com/Security-Onion-Solutions/securityonion/issues/1441 2020-10-05 12:10:52 -04:00
weslambert
9f4cb42c4f Merge pull request #1452 from Security-Onion-Solutions/fix/kibana_case_create 
Change alert to case
 2020-10-05 11:46:14 -04:00
Wes Lambert
575da0f9d3 Change alert to case 2020-10-05 15:45:10 +00:00
weslambert
f4fcc052ca Merge pull request #1451 from Security-Onion-Solutions/fix/wazuh_rule_cat 
Put back rule.category for Wazuh alerts
 2020-10-05 11:35:20 -04:00
weslambert
bc31e19e37 Put back rule.category for Wazuh alerts 2020-10-05 11:34:29 -04:00
weslambert
6e2319f6da Merge pull request #1449 from Security-Onion-Solutions/fix/wazuh_logging 
Adjust Wazuh logging so we don't log alerts to a separate file and so…
 2020-10-05 10:04:01 -04:00
weslambert
968dce0aee Adjust Wazuh logging so we don't log alerts to a separate file and so we don't write a separate log file for non-JSON for archives 2020-10-05 10:03:40 -04:00
Jason Ertel
1ebe970876 Disable escalate button if thehive is not enabled 2020-10-05 09:54:18 -04:00
weslambert
6b292ea62b Merge pull request #1448 from Security-Onion-Solutions/fix/so_elastic_clear 
Fix/so elastic clear
 2020-10-05 09:40:04 -04:00