CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-06 17:22:49 +01:00
Code Issues Packages Projects Releases Wiki Activity
3,679 Commits 24 Branches 119 Tags
fef803a86c3cf6a1a350ae45e62d7130728fd8c3
Commit Graph

149 Commits

Author SHA1 Message Date
Doug Burks
fef803a86c Add ignore_failure to geoip processor calls #942 2020-07-08 10:41:14 -04:00
weslambert
b25a3b6986 Rename uids to uid 2020-07-08 09:39:37 -04:00
weslambert
2992938596 Merge pull request #947 from Security-Onion-Solutions/fix/strelka_exiftool 
Add fields for exiftool keys
 2020-07-07 17:13:57 -04:00
Wes Lambert
3b50ce032a Add fields for exiftool keys 2020-07-07 20:02:09 +00:00
Mike Reeves
eccfaf94fb Merge branch 'dev' of https://github.com/Security-Onion-Solutions/securityonion into issue/937 2020-07-07 15:10:12 -04:00
Wes Lambert
e0570e1db7 Add Zeek FUID for Strelka records 2020-07-07 15:00:01 +00:00
Mike Reeves
c59096d9bd rename node pillar to elasticsearch 2020-07-07 10:42:12 -04:00
Doug Burks
98cfba18e9 fix zeek.ftp description 2020-07-01 20:27:40 -04:00
Doug Burks
f6adf4ed56 fix zeek.smb_mapping description 2020-07-01 20:26:51 -04:00
Doug Burks
2cbd5ffe61 fix zeek.ssh description 2020-07-01 20:26:06 -04:00
Wes Lambert
84e2965fef Addl krb fix 2020-06-30 03:06:01 +00:00
Wes Lambert
bf8798f1d1 Fix krb client/server cert subject parsing 2020-06-30 03:04:01 +00:00
Wes Lambert
8f5da66335 Add null safe operator for query name 2020-06-30 03:02:38 +00:00
William Wernert
a45fbb6f5c Revert "[fix] discovery.zen.minimum_master_nodes is deprecated, update the key" 
This reverts commit 8bd6c067aa.
 2020-06-25 10:53:26 -04:00
William Wernert
8bd6c067aa [fix] discovery.zen.minimum_master_nodes is deprecated, update the key 2020-06-24 13:10:18 -04:00
Wes Lambert
af451573eb Move dataset from files to file 2020-06-23 17:43:28 +00:00
Mike Reeves
3681f91c37 Suricata Conn 2020-06-15 21:46:04 -04:00
Wes Lambert
206261fbe6 rename id to log.id.fuid for X509 2020-06-15 16:55:14 +00:00
Wes Lambert
18547e8ea8 enforce field types 2020-06-15 16:54:33 +00:00
Mike Reeves
6058d438bf Fix Protocol 2020-06-12 12:28:29 -04:00
Mike Reeves
42938a4e67 Add the makor Suricata parsers 2020-06-12 12:14:48 -04:00
Mike Reeves
c0d24d942c Merge remote-tracking branch 'remotes/origin/dev' into feature/metasuri 2020-06-09 13:31:31 -04:00
Mike Reeves
4b6af0cd81 Suricata DHCP 2020-06-08 08:58:35 -04:00
Josh Brower
4e4eeedb41 Initial support - external beats 2020-06-04 22:41:35 -04:00
Mike Reeves
33712a3409 Suricata HTTP parser 2020-06-04 16:19:22 -04:00
Mike Reeves
5c62fedd12 Suricata DNS parser 2020-06-04 15:42:51 -04:00
Mike Reeves
7043bbae9d Merge remote-tracking branch 'remotes/origin/dev' into feature/metasuri 2020-06-04 09:10:54 -04:00
TOoSmOotH
702a14e90c DNS Suricata parser 2020-06-03 20:40:10 -04:00
Mike Reeves
3211a8a5e0 SMTP from fix 2020-06-03 11:52:24 -04:00
Mike Reeves
c5d6381933 SMTP for suricata 2020-06-03 11:16:43 -04:00
Mike Reeves
126d1598ee SNMP for suricata 2020-06-03 11:03:23 -04:00
weslambert
c91bc0e681 Clean up some stuff 2020-06-02 15:31:48 -04:00
Mike Reeves
25aae21cf6 Trying to get decoded packet 2020-06-02 15:06:39 -04:00
Mike Reeves
b507b87871 Trying to get decoded packet 2020-06-02 14:49:07 -04:00
Mike Reeves
fb68506418 Add mor suricata ingest parser types 2020-06-02 14:42:15 -04:00
Mike Reeves
3096d8d988 Add mor suricata ingest parser types 2020-06-02 14:34:38 -04:00
Mike Reeves
0ea2252b5b Add Suricata Flow pipeline 2020-06-02 13:40:46 -04:00
Mike Reeves
617f60d472 Fix Syntax 2020-06-02 12:01:26 -04:00
Mike Reeves
e63f39a9c4 Rename dataset 2020-06-02 11:58:14 -04:00
Mike Reeves
d47acd1d80 Change suricata to hit suricata.common 2020-06-02 11:41:13 -04:00
Wes Lambert
51f5d64ef6 Rename tunnel_parents 2020-06-01 13:51:32 +00:00
Wes Lambert
d7ce3d4719 fix naming of uid field for tunnel 2020-06-01 12:52:57 +00:00
Wes Lambert
4059121dd6 fix framed_addr field 2020-05-29 11:55:18 +00:00
Wes Lambert
d2b93d531e Basic syslog config 2020-05-28 12:36:29 +00:00
Josh Brower
8723f8785e osquery pipeline fix and fail state if errors 2020-05-26 13:05:56 -04:00
Wes Lambert
0e51ab41cf Update ES watermark settings 2020-05-26 14:18:58 +00:00
Josh Brower
56f5fbdf6b Ingest pipeline commid fix for conn logs 2020-05-22 17:11:08 -04:00
Josh Brower
bff86ea802 zeek.common ingest parser fix 2020-05-21 14:35:25 -04:00
Josh Brower
c74ace89ba Initial support - Ingest community_id 2020-05-21 14:34:00 -04:00
Doug Burks
29420da565 Only process zeek.dns.tld if dns.query.name contains a dot #734 
https://github.com/Security-Onion-Solutions/securityonion-saltstack/issues/734
 2020-05-19 10:08:30 -04:00