CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-07 17:52:46 +01:00
Code Issues Packages Projects Releases Wiki Activity
12,477 Commits 24 Branches 119 Tags
fa574946944a1e9d4a736c932bcf7789ca8cc91c
Commit Graph

12477 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
m0duspwnens
cc47f9a595 fix suricata thresholding 2023-05-23 11:16:32 -04:00
m0duspwnens
eb633be437 enable/disable suricata in ui. assign threads properly 2023-05-22 17:48:22 -04:00
Josh Brower
df0dc2e4d1 Merge remote-tracking branch 'remotes/origin/2.4/dev' into 2.4/smallfixes 2023-05-22 16:02:30 -04:00
Josh Brower
766f4dd661 Add Elastic Defend Integration 2023-05-22 16:02:08 -04:00
Jason Ertel
f53fb69ffb Merge pull request #10407 from Security-Onion-Solutions/kilo 
Ignore Synchronize button clicks when an active salt job is running and another is already in queue
 2023-05-22 14:59:42 -04:00
Jason Ertel
ba0ec18a33 Ignore Synchronize button clicks when an active salt job is running and another is already in queue 2023-05-22 14:52:07 -04:00
weslambert
79182cecfd Merge pull request #10397 from Security-Onion-Solutions/fix/elastic_exclude_zeek_reporter_log 
Exclude Zeek's reporter.log from being picked up by Elastic Agent
 2023-05-22 07:56:54 -04:00
weslambert
8cf82c4b6a Merge pull request #10398 from Security-Onion-Solutions/fix/elasticsearch_ingest_dns_query 
Check if 'dns.query' is null
 2023-05-22 07:56:44 -04:00
weslambert
78d4586033 Merge pull request #10399 from Security-Onion-Solutions/fix/elastalert_playbook_alerter 
Update 'url' to use 'es_hosts'
 2023-05-22 07:56:31 -04:00
Jason Ertel
02cf1074f2 Merge pull request #10400 from Security-Onion-Solutions/kilo 
use the same requests version that's already packaged with the analyzer
 2023-05-20 08:45:21 -04:00
Jason Ertel
a881cab469 use the same requests version that's already packaged with the analyzer 2023-05-19 23:54:30 -04:00
weslambert
00bd93c026 Update 'url' to use 'es_hosts' 2023-05-19 17:14:13 -04:00
weslambert
2c10ad7eec Check if 'dns.query' is null 2023-05-19 15:50:33 -04:00
weslambert
167051af28 Exclude Zeek's reporter.log from being picked up by Elastic Agent 2023-05-19 15:44:09 -04:00
weslambert
eb9c5e9af0 Merge pull request #10307 from Security-Onion-Solutions/fix/elastic_fleet_ignore_zeek_logs 
Don't read from 'known_hosts.log', 'known_services.log', or 'ntp.log'
 2023-05-19 15:09:15 -04:00
Jason Ertel
2f942a3e37 Merge pull request #10393 from Security-Onion-Solutions/kilo 
fix lib dependency issue with whoisit
 2023-05-19 14:34:42 -04:00
Jason Ertel
03f97b309a fix lib dependency issue with whoisit 2023-05-19 14:18:19 -04:00
weslambert
c6a962a46b Merge pull request #10392 from Security-Onion-Solutions/fix/elastalert_index 
Change Elastalert writeback index name from 'elastalert_status' to 'elastalert'
 2023-05-19 13:31:29 -04:00
weslambert
1ddf45bbbe Change Elastalert writeback index name from 'elastalert_status' to 'elastalert' 2023-05-19 12:39:27 -04:00
Doug Burks
f0c4cebaca Merge pull request #10391 from Security-Onion-Solutions/2.4/elastic-8.7.1 
UPGRADE: Elastic 8.7.1 #10269
 2023-05-19 12:29:01 -04:00
Doug Burks
87c42ece00 Update so-kibana-config-load 2023-05-19 12:21:09 -04:00
Doug Burks
4f8fcd3369 Update config_saved_objects.ndjson 2023-05-19 12:19:44 -04:00
bryant-treacle
5b2d91b5b5 Update alarm_zeek_packet_loss.json 2023-05-19 10:32:53 -04:00
bryant-treacle
a84322f9b7 Update alarm_suricata_packet_loss.json 2023-05-19 10:32:29 -04:00
bryant-treacle
2de95bcb63 Update alarm_steno_packet_loss.json 2023-05-19 10:32:13 -04:00
bryant-treacle
1e9e2facde Update alarm_low_monitor_traffic.json 2023-05-19 10:29:53 -04:00
bryant-treacle
592c67d1f2 Update alarm_pcap_retention.json 2023-05-19 10:29:15 -04:00
bryant-treacle
e91dd29cb2 Update alarm_high_redis_memory_usage.json 2023-05-19 10:25:22 -04:00
bryant-treacle
13c9142814 Update alarm_low_monitor_traffic.json 2023-05-19 10:21:43 -04:00
bryant-treacle
ef4f2491f3 Update alarm_high_redis_memory_usage.json 2023-05-19 10:12:44 -04:00
bryant-treacle
645555b990 Update alarm_zeek_packet_loss.json 2023-05-19 10:10:44 -04:00
bryant-treacle
839275814c Update redis.sh - Added percent of used memory. 2023-05-19 08:51:49 -04:00
bryant-treacle
9b973e07e2 Add files via upload 2023-05-19 08:49:43 -04:00
Josh Patterson
0027385da9 Merge pull request #10389 from Security-Onion-Solutions/issue/10229 
enable playbook on eval in pillar during setup
 2023-05-18 17:38:05 -04:00
m0duspwnens
4ef77f9050 enable playbook on eval in pillar during setup 2023-05-18 17:34:59 -04:00
Mike Reeves
debbdec350 Allow additional docker parameters 2023-05-18 17:10:18 -04:00
Mike Reeves
bf4ac0c2dd Allow additional docker parameters 2023-05-18 17:08:39 -04:00
Mike Reeves
cb9e7e63db Allow additional docker parameters 2023-05-18 17:00:54 -04:00
Mike Reeves
32560af767 Allow additional docker parameters 2023-05-18 16:59:45 -04:00
Mike Reeves
1e5ac61ff5 Allow additional docker parameters 2023-05-18 16:57:48 -04:00
Mike Reeves
5315c51197 Allow additional docker parameters 2023-05-18 16:52:38 -04:00
Mike Reeves
8917f9b9d2 Allow additional docker parameters 2023-05-18 16:46:28 -04:00
Mike Reeves
c0dc05f26a Allow additional docker parameters 2023-05-18 16:39:42 -04:00
Mike Reeves
2aa801d906 Allow additional docker parameters 2023-05-18 16:31:29 -04:00
weslambert
c192ec9109 Merge pull request #10385 from Security-Onion-Solutions/feature/elastalert_eql 
Add initial support for EQL queries for Elastalert
 2023-05-18 15:36:28 -04:00
Mike Reeves
7ab31e36af Merge branch '2.4/dev' of https://github.com/Security-Onion-Solutions/securityonion into airgaps 2023-05-18 15:19:15 -04:00
Mike Reeves
0fd9fb9294 Allow additional docker parameters 2023-05-18 15:19:09 -04:00
Josh Patterson
059f80bfc4 Merge pull request #10384 from Security-Onion-Solutions/issue/10334 
Issue/10334
 2023-05-18 13:28:47 -04:00
m0duspwnens
bab2f7282c fix spaciong 2023-05-18 13:27:48 -04:00
m0duspwnens
02920b5ac9 confirm manager ip when found in setup 2023-05-18 13:25:12 -04:00