CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-27 11:23:14 +01:00
Code Issues Packages Projects Releases Wiki Activity
13,199 Commits 19 Branches 120 Tags
fe7a940082004c178995c18e1aad749ffd8e8331
Commit Graph

8103 Commits

Author SHA1 Message Date
m0duspwnens
fe7a940082 add details for enabling in soc gui 2023-08-09 08:31:54 -04:00
m0duspwnens
2d25e352d4 write to adv_ pillar file since that is where it would be stored from using the soc ui 2023-08-09 08:18:13 -04:00
m0duspwnens
1440c72559 changes for desktop referencing Rocky/CentOS to OEL 2023-08-09 08:06:51 -04:00
m0duspwnens
00efc2f88f rename workstation to desktop for firewall 2023-08-09 07:31:31 -04:00
Josh Patterson
d55c2f889c Merge pull request #10989 from Security-Onion-Solutions/issue/10973 
Issue/10973
 2023-08-08 19:35:02 -04:00
m0duspwnens
789fff561e ensure ownership of /opt/so/log/strelka/filecheck.log 2023-08-08 17:55:30 -04:00
m0duspwnens
58fe25623b ensure ownership of /opt/so/log/strelka/filecheck_stdout.log 2023-08-08 17:48:34 -04:00
m0duspwnens
553b758c61 update cronjobs first, the kill filecheck 2023-08-08 17:28:14 -04:00
m0duspwnens
6da2f117f2 change which user runs filecheck cron based on md engine 2023-08-08 17:25:08 -04:00
m0duspwnens
2dbe679849 force restart of filecheck if the config changes 2023-08-08 17:05:03 -04:00
Doug Burks
2f74b69cc3 Update soup for 2.4.10 2023-08-08 16:27:11 -04:00
bryant-treacle
4320dab856 Merge pull request #10986 from Security-Onion-Solutions/fix/windows_event_table 
Fix/windows event table
 2023-08-08 16:23:14 -04:00
bryant-treacle
036b81707b Update defaults.yaml 2023-08-08 16:10:54 -04:00
Josh Brower
8455d3da6f Merge pull request #10977 from Security-Onion-Solutions/2.4/squashbug 
Set as default
 2023-08-08 15:55:58 -04:00
bryant-treacle
3d4fd08547 Update defaults.yaml 2023-08-08 15:28:06 -04:00
m0duspwnens
21c80e4953 run so-rule-update after idstools container restart 2023-08-08 15:27:23 -04:00
m0duspwnens
5c704d7e58 run so-rule-update if idstools configs change 2023-08-08 15:20:44 -04:00
m0duspwnens
230f5868f9 sync sorules 2023-08-08 15:14:27 -04:00
m0duspwnens
20dedab4b2 remove previously add rules files 2023-08-08 15:03:06 -04:00
m0duspwnens
9118ac2b56 filter.rules to filters.rules 2023-08-08 13:59:43 -04:00
m0duspwnens
aab89d2483 rule-files does not go under profiling 2023-08-08 13:54:58 -04:00
m0duspwnens
b2e75e77e8 add local.rules and filter.rules to suricata defaults. add extraction.rules, local.rules and filter.rules for suricata metadata 2023-08-08 13:50:19 -04:00
m0duspwnens
673b45af09 import ZEEKMERGED 2023-08-08 09:41:42 -04:00
m0duspwnens
a06040c035 add WORKERS calculation back to zeekcaptureloss script 2023-08-08 09:37:37 -04:00
m0duspwnens
e286b8f2ba Merge remote-tracking branch 'origin/2.4/dev' into fix/tgrafzeekcloss 2023-08-08 09:36:12 -04:00
m0duspwnens
69553f9017 removes spaces from zeekcaptureloss script 2023-08-08 09:34:59 -04:00
m0duspwnens
609a2bf32e only import ZEEKMERGED if a sensor type node 2023-08-08 09:27:03 -04:00
Josh Brower
8611d1848c Set as default 2023-08-07 15:55:53 -04:00
m0duspwnens
5278601e5d manage telegraf scripts with a defaults file assigned per node type 2023-08-07 11:18:35 -04:00
Doug Burks
90102b1148 Finish reverting yesterday's change to zeekcaptureloss.sh 2023-08-05 09:23:27 -04:00
Doug Burks
ec81cbd70d Revert yesterday's change to zeekcaptureloss.sh 2023-08-05 09:11:58 -04:00
Josh Patterson
59c0109c91 Merge pull request #10961 from Security-Onion-Solutions/fix/tgrafzeekcloss 
fix count of WORKERS for zeekcaptureloss script for telegraf
 2023-08-04 16:39:26 -04:00
m0duspwnens
9af2a731ca fix count of WORKERS for zeekcaptureloss script for telegraf 2023-08-04 16:29:30 -04:00
Josh Brower
9b656ebbc0 Merge pull request #10960 from Security-Onion-Solutions/2.4/fleetcustomfqdn 
Refactor to remove new line
 2023-08-04 16:16:43 -04:00
Josh Brower
9d3744aa25 Refactor to remove new line 2023-08-04 16:05:28 -04:00
Josh Patterson
9fddd56c96 Merge pull request #10959 from Security-Onion-Solutions/desktopyummv 
Desktopyummv
 2023-08-04 16:03:20 -04:00
m0duspwnens
89c4f58296 fix indents 2023-08-04 15:41:10 -04:00
m0duspwnens
0ba1e7521a set default session for preexisting users 2023-08-04 15:36:44 -04:00
m0duspwnens
36747cf940 add networkminer to desktop.packages 2023-08-04 13:52:01 -04:00
Doug Burks
63373710b4 Update soup to rotate log file 2023-08-04 12:26:36 -04:00
Doug Burks
209da766ba Update soup to rotate log file 2023-08-04 12:16:14 -04:00
m0duspwnens
433cde0f9e Merge remote-tracking branch 'origin/2.4/dev' into desktopyummv 2023-08-04 11:25:06 -04:00
m0duspwnens
014aeffb2a add analyst back 2023-08-04 09:56:33 -04:00
m0duspwnens
3b86b60207 Merge remote-tracking branch 'origin/2.4/dev' into fix/idhfirewall 2023-08-04 09:40:01 -04:00
m0duspwnens
0f52530d07 soc_firewall.yaml update adding idh and rename analyst to workstation 2023-08-04 09:37:58 -04:00
m0duspwnens
726ec72350 allow idh to connect to salt_manager ports on managres 2023-08-04 09:22:59 -04:00
m0duspwnens
a51acfc314 rename analyst to workstation for fw rules. allow workstation to connect to salt_manager port on managers 2023-08-04 09:17:22 -04:00
Josh Brower
dd1fa51eb5 Generate community_id for defend endpoint logs 2023-08-04 09:03:17 -04:00
m0duspwnens
682289ef23 add sensoroni ports where missing 2023-08-04 09:01:09 -04:00
m0duspwnens
593cdbd060 add rules for idh to connect to managers, change idh from sensor to idh in so-firewall-minion 2023-08-04 08:50:06 -04:00