CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-06 09:12:45 +01:00
Code Issues Packages Projects Releases Wiki Activity
13,465 Commits 24 Branches 119 Tags
fa3a79a7875e03dc115cd8d93fb98c93764d532f
Commit Graph

13465 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Jason Ertel
fa3a79a787 Update soup to prune in background 2023-09-21 09:41:44 -04:00
Doug Burks
ca71add51b Merge pull request #11363 from Security-Onion-Solutions/dougburks-patch-1 
FIX: SOC Config sensoroni doc links should point to correct docs #11362
 2023-09-20 08:29:30 -04:00
Doug Burks
3fa3f83007 Update soc_sensoroni.yaml 2023-09-20 08:22:52 -04:00
weslambert
377802410e Merge pull request #11352 from Security-Onion-Solutions/fix/import_evtx_exists 
Fix EVTX Imports
 2023-09-19 16:11:22 -04:00
Wes
2e0ea3f374 Set final pipeline 2023-09-19 13:33:12 +00:00
Wes
508260bd46 Use event.created for timestamp 2023-09-19 13:32:03 +00:00
Wes
a1e963f834 Reverse timestamps where necessary 2023-09-19 13:28:20 +00:00
Jason Ertel
8a98040008 Merge pull request #11351 from Security-Onion-Solutions/jertel/auto 
ignore debian apt update output
 2023-09-19 09:26:31 -04:00
Jason Ertel
47e611682a ignore debian apt update output 2023-09-19 09:24:12 -04:00
Wes
5bac1e4d15 Show correct dates and Kibana URL for already processed EVTX files 2023-09-18 21:31:15 +00:00
Jason Ertel
ad025b9683 Merge pull request #11345 from Security-Onion-Solutions/jertel/auto 
ensure all binds are present to avoid volume sprawl
 2023-09-18 15:34:57 -04:00
Josh Patterson
3e97ddc22d Merge pull request #11344 from Security-Onion-Solutions/fix/idstoolextra_env 
fix idstool extra_env for container
 2023-09-18 15:29:33 -04:00
m0duspwnens
151e8bfc4e fix idstool extra_env for container 2023-09-18 15:21:45 -04:00
Jason Ertel
a914a02273 prune unused volumes during upgrade 2023-09-18 14:43:02 -04:00
Jason Ertel
bb3632d1b2 fix bind if statement 2023-09-18 14:38:15 -04:00
Jason Ertel
66bb1272ae avoid volume sprawl 2023-09-18 13:39:56 -04:00
Jason Ertel
bbef96ac25 use unique name 2023-09-18 12:12:57 -04:00
Jason Ertel
f9cbde10a6 avoid volume sprawl 2023-09-18 11:19:21 -04:00
weslambert
fe1bae96ed Merge pull request #11297 from Security-Onion-Solutions/fix/soc_idh 
Change description to indicate that opencanary modules only apply to IDH nodes
 2023-09-15 11:16:06 -04:00
weslambert
eab6173a31 Merge pull request #11329 from Security-Onion-Solutions/fix/elastic_templates_clean 
Clean component template directory
 2023-09-15 11:00:17 -04:00
Wes
98499c3963 Clean component template directory 2023-09-15 13:51:46 +00:00
Josh Patterson
26da525ebe Merge pull request #11328 from Security-Onion-Solutions/fix/checkreq 
improvents for checking system requirements
 2023-09-15 09:17:04 -04:00
m0duspwnens
c65c9777bd improvents for checking system requirements 2023-09-14 17:42:25 -04:00
Josh Brower
af68af7f18 Merge pull request #11317 from Security-Onion-Solutions/2.4/fixes 
Regex & Transform Role
 2023-09-14 10:59:56 -04:00
defensivedepth
0c11a9b733 Add transform role 2023-09-14 09:33:17 -04:00
defensivedepth
59d077f3ff Fix regex 2023-09-14 08:32:17 -04:00
Jason Ertel
6383712731 Merge pull request #11315 from Security-Onion-Solutions/jertel/auto 
exclude docker pull unauth errors from failing setup
 2023-09-14 07:41:59 -04:00
Jason Ertel
e067b7134e exclude docker pull unauth errors from failing setup since they'll be retried 2023-09-14 07:38:07 -04:00
Mike Reeves
183c530c82 Merge pull request #11308 from Security-Onion-Solutions/pcapfree 
Update so-minion
 2023-09-13 13:47:21 -04:00
Mike Reeves
33d68478b6 Update so-minion 2023-09-13 11:48:16 -04:00
Mike Reeves
22c0323bda Update so-minion 2023-09-13 10:57:45 -04:00
Doug Burks
19114c1a26 Merge pull request #11303 from Security-Onion-Solutions/dougburks-patch-1 
FIX: SOC Config pcap doc links should point to steno docs #11302
 2023-09-13 07:50:43 -04:00
Doug Burks
11b8e13418 FIX: SOC Config pcap doc links should point to steno docs #11302 2023-09-13 07:37:54 -04:00
Josh Patterson
6fdd7b3751 Merge pull request #11295 from Security-Onion-Solutions/issue/11229 
dont manage sorules
 2023-09-12 09:30:29 -04:00
m0duspwnens
30c3255cb2 dont manage sorules 2023-09-12 08:39:42 -04:00
Wes
35ebbc974c Change description to indicate that opencanary modules only apply to IDH nodes 2023-09-11 13:52:16 +00:00
Josh Patterson
9968d697f3 Merge pull request #11288 from Security-Onion-Solutions/issue/11229 
Issue/11229
 2023-09-11 09:19:31 -04:00
m0duspwnens
02c54a264d Merge remote-tracking branch 'origin/2.4/dev' into issue/11229 2023-09-08 15:29:04 -04:00
m0duspwnens
e814a3409f fix rule location for rulecat.conf. run so-rule-update if rules change in /opt/so/rules/nids 2023-09-08 15:28:24 -04:00
Jason Ertel
55847c7bdc Merge pull request #11276 from Security-Onion-Solutions/jertel/auto 
give priority to presets
 2023-09-08 09:26:27 -04:00
Jason Ertel
598515e5b4 give priority to presets 2023-09-08 09:21:13 -04:00
Jason Ertel
692625f8cd Merge pull request #11271 from Security-Onion-Solutions/jertel/auto 
addl node types
 2023-09-07 17:25:08 -04:00
Jason Ertel
f8ae3f12e6 addl node types 2023-09-07 17:22:10 -04:00
Josh Patterson
3780ed1b4f Merge pull request #11269 from Security-Onion-Solutions/issue/11210 
Issue/11210
 2023-09-07 16:54:16 -04:00
m0duspwnens
8d269fee30 Merge remote-tracking branch 'origin/2.4/dev' into issue/11210 2023-09-07 15:46:25 -04:00
m0duspwnens
35157f2e8b add comment 2023-09-07 15:46:04 -04:00
m0duspwnens
60f1947eb4 prevent endgame_dict from being added to standard_actions if it is already present 2023-09-07 14:01:19 -04:00
m0duspwnens
ffaab4a1b4 only add endgame to action if it is populated 2023-09-06 14:19:53 -04:00
weslambert
70e1309c9f Merge pull request #11261 from Security-Onion-Solutions/fix/remove_default_templates 
Remove templates
 2023-09-06 10:57:09 -04:00
Jason Ertel
5c0045f9f8 Merge pull request #11256 from Security-Onion-Solutions/jertel/sod 
only ingest pfsense on sensor nodes
 2023-09-05 12:50:47 -04:00