CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-06 09:12:45 +01:00
Code Issues Packages Projects Releases Wiki Activity
14,618 Commits 24 Branches 119 Tags
fd689a4607a8f416b8cbf86905647cd8940ec47c
Commit Graph

14618 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
reyesj2
fd689a4607 Fix typo in ingest pipeline 
Test to fix duplicate events in SOC, by removing conflicting field event.created

Signed-off-by: reyesj2 <94730068+reyesj2@users.noreply.github.com>
 2024-04-11 11:18:04 -04:00
reyesj2
7124f04138 Update ingest pipelines to match updated mappings 
Signed-off-by: reyesj2 <94730068+reyesj2@users.noreply.github.com>
 2024-04-10 16:13:06 -04:00
reyesj2
2ab9cbba61 Update wording for Kismet poll interval annotation 
Signed-off-by: reyesj2 <94730068+reyesj2@users.noreply.github.com>
 2024-04-10 16:12:22 -04:00
reyesj2
4097e1d81a Create mappings for Kismet integration 
Signed-off-by: reyesj2 <94730068+reyesj2@users.noreply.github.com>
 2024-04-10 16:10:27 -04:00
reyesj2
000d15a53c Kismet integration: TODO Elasticsearch mappings 
Signed-off-by: reyesj2 <94730068+reyesj2@users.noreply.github.com>
 2024-03-29 13:56:01 -04:00
Doug Burks
cc2164221c Merge pull request #12695 from Security-Onion-Solutions/dougburks-patch-1 
FEATURE: Add process.command_line to Process Info and Process Ancestry dashboards #12694
 2024-03-29 13:04:09 -04:00
Doug Burks
102c3271d1 FEATURE: Add process.command_line to Process Info and Process Ancestry dashboards #12694 2024-03-29 12:04:47 -04:00
Jason Ertel
2928b71616 Merge pull request #12683 from Security-Onion-Solutions/jertel/lc 
disregard errors in removed applications that occurred before th…
 2024-03-28 09:48:26 -04:00
Jason Ertel
216b8c01bf disregard errors that in removed applications that occurred before the upgrade 2024-03-28 09:31:39 -04:00
Mike Reeves
7fe377f899 Merge pull request #12674 from Security-Onion-Solutions/ipv6fix 
Fix Input Validation to allow for IPv6
 2024-03-27 09:48:01 -04:00
Mike Reeves
d57f773072 Fix regex to allow ipv6 in bpfs 2024-03-27 09:36:42 -04:00
Doug Burks
389357ad2b Merge pull request #12667 from Security-Onion-Solutions/dougburks-patch-1 
FEATURE: Add Events table columns for event.module elastic_agent #12666
 2024-03-26 16:11:46 -04:00
Doug Burks
e2caf4668e FEATURE: Add Events table columns for event.module elastic_agent #12666 2024-03-26 16:08:41 -04:00
Josh Brower
63a58efba4 Merge pull request #12656 from Security-Onion-Solutions/2.4/detections-fixes 
Add bindings for sigma repos
 2024-03-26 09:33:38 -04:00
DefensiveDepth
bbcd3116f7 Fixes 2024-03-26 09:31:46 -04:00
Josh Brower
9c12aa261e Merge pull request #12660 from Security-Onion-Solutions/kilo 
Initial cut to remove Playbook and deps
 2024-03-26 08:31:11 -04:00
DefensiveDepth
cc0f4847ba Casing and validation 2024-03-26 08:10:57 -04:00
Doug Burks
923b80ba60 Merge pull request #12663 from Security-Onion-Solutions/feature/improve-soc-dashboards 
FEATURE: Include additional groupby fields in Dashboards relating to sankey diagrams #12657
 2024-03-26 07:52:54 -04:00
DefensiveDepth
7c4ea8a58e Add Detections SOC Config 2024-03-26 07:39:39 -04:00
Doug Burks
20bd9a9701 FEATURE: Include additional groupby fields in Dashboards relating to sankey diagrams #12657 2024-03-26 07:39:24 -04:00
Josh Brower
f0cb30a649 Merge pull request #12659 from Security-Onion-Solutions/2.4/remove-playbook 
Remove Playbook ref
 2024-03-25 21:12:22 -04:00
DefensiveDepth
94ee761207 Remove Playbook ref 2024-03-25 21:11:47 -04:00
Josh Brower
0a5dc411d0 Merge pull request #12658 from Security-Onion-Solutions/2.4/remove-playbook 
Initial cut to remove Playbook and deps
 2024-03-25 19:45:51 -04:00
DefensiveDepth
d7ecad4333 Initial cut to remove Playbook and deps 2024-03-25 19:42:31 -04:00
DefensiveDepth
49fa800b2b Add bindings for sigma repos 2024-03-25 14:45:50 -04:00
weslambert
57553bc1e5 Merge pull request #12652 from Security-Onion-Solutions/feature/pfsense_suricata 
FEATURE: pfSense Suricata logs
 2024-03-25 10:10:13 -04:00
weslambert
df058b3f4a Merge branch '2.4/dev' into feature/pfsense_suricata 2024-03-25 10:08:03 -04:00
Wes
5e21da443f Minor verbiage updates 2024-03-25 13:58:32 +00:00
Josh Patterson
7898277a9b Merge pull request #12651 from Security-Onion-Solutions/issue/12637 
Allow for additional af-packet tuning options for Suricata
 2024-03-25 09:37:52 -04:00
m0duspwnens
029d8a0e8f handle yes/no on checksum-checks 2024-03-25 09:30:41 -04:00
Josh Brower
b8d33ab983 Merge pull request #12639 from Security-Onion-Solutions/2.4/enable-detections 
Enable Detections
 2024-03-25 09:30:01 -04:00
weslambert
e124791d5d Merge pull request #12650 from Security-Onion-Solutions/fix/soc_template 
FIX: http.response.status_code
 2024-03-25 09:29:19 -04:00
coreyogburn
8ae30d0a77 Merge pull request #12640 from Security-Onion-Solutions/cogburn/sigma-repo-support 
Update ElastAlert Config with Default Repos
 2024-03-22 14:24:18 -06:00
m0duspwnens
81f3d69eb9 remove mmap-locked. 2024-03-22 15:55:59 -04:00
Corey Ogburn
237946e916 Specify Folder in Rule Repo 2024-03-22 13:52:20 -06:00
Corey Ogburn
3d04d37030 Update ElastAlert Config with Default Repos 2024-03-22 13:52:20 -06:00
m0duspwnens
bb0da2a5c5 add additional suricata af-packet config items 2024-03-22 14:34:14 -04:00
Doug Burks
d6ce3851ec Merge pull request #12644 from Security-Onion-Solutions/dougburks-patch-1 
FIX: Specify that static IP address is recommended #12643
 2024-03-22 13:47:33 -04:00
Doug Burks
9c6f3f4808 FIX: Specify that static IP address is recommended #12643 2024-03-22 13:41:44 -04:00
Doug Burks
1ab56033a2 Merge pull request #12642 from Security-Onion-Solutions/fix/add-event.dataset 
FEATURE: Add event.dataset to all Events column layouts #12641
 2024-03-22 13:22:57 -04:00
Doug Burks
a78a304d4f FEATURE: Add event.dataset to all Events column layouts #12641 2024-03-22 13:19:31 -04:00
DefensiveDepth
5ca9ec4b17 Enable Detections 2024-03-22 10:12:26 -04:00
weslambert
4e1543b6a8 Get only code 2024-03-22 09:56:21 -04:00
Jason Ertel
0e7d08b957 Merge pull request #12638 from Security-Onion-Solutions/jertel/logs 
disregard benign telegraf error
 2024-03-22 09:53:52 -04:00
Jason Ertel
f889a089bf disregard benign telegraf error 2024-03-22 09:48:27 -04:00
Doug Burks
2b019ec8fe Merge pull request #12634 from Security-Onion-Solutions/dougburks-patch-1 
FEATURE: Add Events column layout for event.module system #12628
 2024-03-22 05:52:23 -04:00
Wes
5934829e0d Include pfsense config 2024-03-21 20:08:33 +00:00
Wes
486a633dfe Add pfsense Suricata config 2024-03-21 20:07:59 +00:00
weslambert
77ac342786 Merge pull request #12632 from Security-Onion-Solutions/fix/remove_temp_yara 
Remove temp YARA
 2024-03-21 10:11:32 -04:00
weslambert
8429a364dc Remove Strelka rules watch 2024-03-21 10:09:36 -04:00