CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-06 09:12:45 +01:00
Code Issues Packages Projects Releases Wiki Activity
10,807 Commits 24 Branches 119 Tags
ff4850d9cee14c21e46f133fb39ad182905cf9ac
Commit Graph

10807 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Doug Burks
7caf827b77 add ecat_aoe_info to hunt.eventfields.json 2022-11-22 13:33:06 -05:00
Doug Burks
f40ccb7eff add bacnet_discovery to hunt.eventfields.json 2022-11-22 13:27:26 -05:00
Doug Burks
e0cd550820 update ecat_arp_info in hunt.eventfields.json 2022-11-22 13:23:45 -05:00
Doug Burks
4e5106c863 update ecat_arp_info in hunt.eventfields.json 2022-11-22 13:21:33 -05:00
Doug Burks
5a107c63b8 add source.mac and destination.mac to dashboards.queries.json 2022-11-22 13:16:47 -05:00
Doug Burks
8a9a13865c add ecat_registers to hunt.eventfields.json 2022-11-22 13:12:24 -05:00
Doug Burks
9cd6273beb update ecat_log_address in hunt.eventfields.json 2022-11-22 13:10:46 -05:00
Doug Burks
724b26228c add ecat_log_address to hunt.eventfields.json 2022-11-22 13:09:27 -05:00
weslambert
3c054fd133 Fix spelling of 'wireguard.responses' field name 2022-11-22 13:02:43 -05:00
Doug Burks
24ee38369f add cotp to hunt.eventfields.json 2022-11-22 12:49:33 -05:00
weslambert
0bbe642d20 Merge pull request #9203 from Security-Onion-Solutions/fix/ics_ingest_field_names 
Fix ICS Ingest Field Names
 2022-11-22 12:30:10 -05:00
weslambert
8e17c23659 Fix format/speliing for 'enip.status_code' field name 2022-11-22 12:05:03 -05:00
weslambert
92170941f0 Fix spelling for 'stun.class' field name 2022-11-22 12:04:07 -05:00
Doug Burks
10ac789fbf add profinet_dce_rpc to hunt.eventfields.json 2022-11-22 11:08:24 -05:00
Doug Burks
db58a35562 add profinet to hunt.eventfields.json 2022-11-22 11:07:03 -05:00
Doug Burks
1ad7a0db59 add bacnet_property to hunt.eventfields.json 2022-11-22 11:05:26 -05:00
Doug Burks
af626fe3a1 add bacnet to hunt.eventfields.json 2022-11-22 11:03:45 -05:00
Doug Burks
073f5ed789 add dnp3_objects to hunt.eventfields.json 2022-11-22 11:02:21 -05:00
Doug Burks
bbcefea417 add s7comm_plus to hunt.eventfields.json 2022-11-22 10:58:42 -05:00
Doug Burks
73c282595d update dnp3 in hunt.eventfields.json 2022-11-22 10:57:06 -05:00
Doug Burks
07a53db09a add cip_identity to hunt.evenfields.json 2022-11-22 10:55:39 -05:00
Doug Burks
80e50fa7b4 add ecat_arp_info to hunt.eventfields.json 2022-11-22 10:53:48 -05:00
Doug Burks
84d333e915 add s7comm to hunt.eventfields.json 2022-11-22 10:51:06 -05:00
Doug Burks
ae582caa55 Add modbus_detailed to hunt.eventfields.json 2022-11-22 10:48:33 -05:00
Doug Burks
264ae2b9ac add enip to hunt.eventfields.json 2022-11-22 10:45:20 -05:00
Doug Burks
b522c9eea4 reorder fields in hunt.eventfields.json 2022-11-22 10:43:01 -05:00
Doug Burks
51cc047933 add cip to hunt.eventfields.json 2022-11-22 10:40:22 -05:00
Doug Burks
2a805ac1a6 Add tds entries to hunt.eventfields.json 2022-11-22 10:29:55 -05:00
Doug Burks
595f615ed9 Add ICS dashboard 2022-11-22 10:22:55 -05:00
Doug Burks
aa7c39d312 Add dashboards for stun, tds, and wireguard 2022-11-22 10:08:39 -05:00
weslambert
2170d498c5 Merge pull request #9195 from Security-Onion-Solutions/fix/missing_ics_pipelines 
Add COTP and TDS ingest pipelines
 2022-11-22 08:44:02 -05:00
Wes
95a6f9aa7d Add COTP and TDS ingest pipelines 2022-11-22 13:35:19 +00:00
weslambert
ba65b351a2 Merge pull request #9193 from Security-Onion-Solutions/fix/ics_tag_syntax_error 
Fix syntax error for 'ics' tag logic
 2022-11-22 07:32:40 -05:00
weslambert
4c09c8856b Fix syntax error for 'ics' tag logic 2022-11-22 07:23:56 -05:00
weslambert
3afa8bd9da Merge pull request #9188 from Security-Onion-Solutions/feature/filebeat_config_ics_event_tag 
Add 'ics' tag to events generated from ICS protocol logs
 2022-11-21 17:06:25 -05:00
weslambert
72eccd2649 Fix indentation 2022-11-21 17:01:16 -05:00
weslambert
310ea633b6 Add 'ics' tag to events generated from ICS protocol logs 2022-11-21 16:43:43 -05:00
Doug Burks
31b4d9cd70 Merge pull request #9187 from Security-Onion-Solutions/dougburks-patch-1 
Remove descriptions from so-zeek-logs and so-whiptail
 2022-11-21 14:13:04 -05:00
Doug Burks
0536d174fe Fix opcua_binary reference in so-zeek-logs 2022-11-21 14:03:22 -05:00
Doug Burks
96d7429a1c Remove descriptions from so-whiptail 2022-11-21 13:32:51 -05:00
Doug Burks
a54bb2bad4 Remove descriptions from so-zeek-logs 2022-11-21 13:23:53 -05:00
Doug Burks
d4abbd89ca Merge pull request #9185 from Security-Onion-Solutions/dougburks-patch-1 
Update so-functions to enable ICS/SCADA for EVAL and IMPORT
 2022-11-21 12:33:06 -05:00
Peter Di Giorgio
bdfab6858d Merge pull request #9184 from Security-Onion-Solutions/foxtrot 
Shorten Zeek Log Descriptions for formatting
 2022-11-21 11:20:15 -06:00
lock-wire
f80c8b89e4 Shorten Log Descriptions 2022-11-21 09:49:31 -07:00
Peter Di Giorgio
29384d33e1 Merge pull request #9183 from Security-Onion-Solutions/dev 
Synch Foxtrot from dev
 2022-11-21 10:06:44 -06:00
Doug Burks
aebedf9ac6 Update so-functions to enable ICS/SCADA for EVAL and IMPORT 2022-11-21 10:05:18 -05:00
Doug Burks
40ee529c7e Merge pull request #9178 from Security-Onion-Solutions/dougburks-patch-1 
Simplify version in README.md to just 2.3
 2022-11-21 08:46:22 -05:00
Doug Burks
b9ee2f1e38 Simplify version in README.md to just 2.3 2022-11-21 08:38:27 -05:00
weslambert
089b403a3b Merge pull request #9166 from Security-Onion-Solutions/foxtrot 
Merge final protocol analyzers into dev
 2022-11-18 08:41:43 -05:00
Peter Di Giorgio
a28e5de5f4 Correct trailing \ 2022-11-18 06:29:57 -06:00