CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2026-01-23 16:33:29 +01:00
Code Issues Packages Projects Releases Wiki Activity

Commit Graph

  • 63bb44886e Add JA4D option to config.zeek.ja4 #15271 Mike Reeves 2025-12-01 10:00:42 -05:00
  • bda83a47a2 Remove header DefensiveDepth 2025-11-29 17:45:22 -05:00
  • e96cfd35f7 Refactor for simplicity DefensiveDepth 2025-11-29 17:00:51 -05:00
  • 65c96b2edf Add error handling DefensiveDepth 2025-11-29 16:27:22 -05:00
  • 87477ae4f6 Removed uneeded bind DefensiveDepth 2025-11-29 15:40:10 -05:00
  • 89a9106d79 Add context DefensiveDepth 2025-11-29 15:17:28 -05:00
  • 1284150382 Move to manager init DefensiveDepth 2025-11-27 08:39:19 -05:00
  • edf3c9464f add --certs flag to update certs. Used with --force, to ensure certs are updated even if hosts update isn't needed #15264 reyesj2 2025-11-25 16:16:19 -06:00
  • 4bb0a7c9d9 Merge remote-tracking branch 'origin/2.4/dev' into idstools-refactor DefensiveDepth 2025-11-25 13:52:21 -05:00
  • ced3af818c Refactor for Airgap DefensiveDepth 2025-11-25 13:51:50 -05:00
  • cc8fb96047 valid config for number_of_replicas in allocate action includes 0 reyesj2 2025-11-24 11:12:09 -06:00
  • 3339b50daf drop forcemerge when max_num_segements doesn't exist or empty reyesj2 2025-11-21 16:39:45 -06:00
  • 415ea07a4f clean up reyesj2 2025-11-21 16:04:26 -06:00
  • b80ec95fa8 update regex, revert to default will allow setting value back to '' | None reyesj2 2025-11-21 14:41:03 -06:00
  • 99cb51482f unneeded 'set' reyesj2 2025-11-21 14:32:58 -06:00
  • 90638f7a43 Merge branch 'reyesj2/advea' into reyesj2/advilm reyesj2 2025-11-21 14:25:28 -06:00
  • 1fb00c8eb6 update so-elastic-fleet-outputs-update to use advanced output options when set, else empty "". Also trigger update_logstash_outputs() when hash of config_yaml has changed reyesj2 2025-11-21 14:22:42 -06:00
  • 4490ea7635 format EA logstash output adv config items reyesj2 2025-11-21 14:21:17 -06:00
  • bce7a20d8b soc configurable EA logstash output adv settings reyesj2 2025-11-21 14:19:51 -06:00
  • 9c06713f32 Merge pull request #15251 from Security-Onion-Solutions/bravo Josh Patterson 2025-11-21 14:54:30 -05:00
  • 23da0d4ba0 use timestamp in filename to prevent duplicates #15251 Josh Patterson 2025-11-21 14:49:03 -05:00
  • d5f2cfb354 Merge pull request #15248 from Security-Onion-Solutions/bravo Josh Patterson 2025-11-20 17:28:32 -05:00
  • fb5ad4193d indicate base image download start #15248 Josh Patterson 2025-11-20 17:13:36 -05:00
  • 1f5f283c06 update hypervisor annotaion. preinit instead of initialized Josh Patterson 2025-11-20 16:53:55 -05:00
  • cf048030c4 Merge pull request #15247 from Security-Onion-Solutions/bravo Josh Patterson 2025-11-20 16:04:49 -05:00
  • 2d716b44a8 update comment #15247 Josh Patterson 2025-11-20 15:52:21 -05:00
  • d70d652310 Merge pull request #15244 from Security-Onion-Solutions/reyesj2/suricapfile Jorge Reyes 2025-11-20 14:31:43 -06:00
  • c5db7c8752 suricata.capture_file keyword #15244 reyesj2 2025-11-20 14:26:12 -06:00
  • 6f42ff3442 suricata capture_file reyesj2 2025-11-20 14:16:49 -06:00
  • 433dab7376 format json reyesj2 2025-11-20 14:16:10 -06:00
  • 97c1a46013 update annotation for general failure Josh Patterson 2025-11-20 15:08:04 -05:00
  • fbe97221bb set initialized status Josh Patterson 2025-11-20 14:43:09 -05:00
  • 841ce6b6ec update hypervisor annotation for image download or ssh key creation failure Josh Patterson 2025-11-20 13:55:22 -05:00
  • dd0b4c3820 fix failed or hung qcow2 image download Josh Patterson 2025-11-19 15:48:53 -05:00
  • b52dd53e29 advanced ilm actions reyesj2 2025-11-19 13:24:55 -06:00
  • a155f45036 always update annotation / defaults for managed integrations reyesj2 2025-11-19 13:24:29 -06:00
  • b407c68d88 Merge remote-tracking branch 'origin/2.4/dev' into bravo Josh Patterson 2025-11-19 10:23:11 -05:00
  • 5b6a7035af need python_shell for pipes Josh Patterson 2025-11-19 10:22:58 -05:00
  • 12d490ad4a Merge pull request #15240 from Security-Onion-Solutions/jertel/wip Jason Ertel 2025-11-19 10:01:03 -05:00
  • 76cbd18d2c communicate to the viewer that OS patches may take some time #15240 Jason Ertel 2025-11-19 09:56:42 -05:00
  • 148ef7ef21 add default ruleset DefensiveDepth 2025-11-18 11:57:30 -05:00
  • 1b55642c86 Refactor rules location DefensiveDepth 2025-11-18 09:58:14 -05:00
  • af7f7d0728 Fix file paths DefensiveDepth 2025-11-17 12:00:08 -05:00
  • a7337c95e1 Merge pull request #15234 from Security-Onion-Solutions/reyesj2/pipeline-upd Jorge Reyes 2025-11-17 10:36:10 -06:00
  • 3f7c3326ea Merge pull request #15237 from Security-Onion-Solutions/bravo Josh Patterson 2025-11-17 09:27:53 -05:00
  • bf41de8c14 rm salt keyring and repo file for deb #15237 Josh Patterson 2025-11-17 08:56:02 -05:00
  • de4424fab0 remove typos reyesj2 2025-11-14 19:15:51 -06:00
  • 136a829509 detect-sqli deprecated in favor of detect-sql-injection #15234 reyesj2 2025-11-14 16:51:00 -06:00
  • bcec999be4 zeek.dns reduce errors reyesj2 2025-11-14 15:42:22 -06:00
  • 7c73b4713f update analyzer pipeline reyesj2 2025-11-14 15:41:54 -06:00
  • 45b4b1d963 ingest zeek analyzer.log + update dpd dashboard with analyzer tag reyesj2 2025-11-14 14:42:58 -06:00
  • fcfd74ec1e zeek.analyzer format json reyesj2 2025-11-14 14:14:54 -06:00
  • 68b0cd7549 rename zeek.dpd zeek.analyzer reyesj2 2025-11-14 14:14:12 -06:00
  • 715d801ce8 format json zeek.dns reyesj2 2025-11-14 13:02:44 -06:00
  • 4a810696e7 Merge pull request #15231 from Security-Onion-Solutions/reyesj2/bond0 Jorge Reyes 2025-11-14 12:12:46 -06:00
  • 6b525a2c21 fix so-setup error duplicate bond0 #15231 reyesj2 2025-11-14 11:19:32 -06:00
  • a5d8385f07 Merge pull request #15230 from Security-Onion-Solutions/reyesj2/pipeline-upd Jorge Reyes 2025-11-14 10:43:33 -06:00
  • 211bf7e77b ignore errors on tld script #15230 reyesj2 2025-11-14 09:25:19 -06:00
  • 1542b74133 move dns tld fields to its own pipeline reyesj2 2025-11-14 09:24:58 -06:00
  • 431e5abf89 Extract ETPRO key if found DefensiveDepth 2025-11-14 09:39:33 -05:00
  • 4314c79f85 bump suricata dns logging version reyesj2 2025-11-14 08:24:31 -06:00
  • da9717bc79 don't attempt rename if field doesn't exist -- reducing pipeline stat errors reyesj2 2025-11-14 08:15:40 -06:00
  • f047677d8a Check correct files DefensiveDepth 2025-11-14 09:03:08 -05:00
  • 045cf7866c Merge pull request #15225 from Security-Onion-Solutions/jertel/wip Jason Ertel 2025-11-14 08:37:37 -05:00
  • 431e0b0780 format suricata.alert json reyesj2 2025-11-13 19:29:50 -06:00
  • e782266caa suricata 8 dns v3 reyesj2 2025-11-13 19:21:31 -06:00
  • a4666b2c08 Merge pull request #15229 from Security-Onion-Solutions/cogburn/toggle-models coreyogburn 2025-11-13 16:13:24 -07:00
  • dcc3206e51 Add Enabled Flag to Models #15229 Corey Ogburn 2025-11-13 15:32:28 -07:00
  • 8358b6ea6f Merge pull request #15228 from Security-Onion-Solutions/bravo Josh Patterson 2025-11-13 16:34:43 -05:00
  • d1a66a91c6 Merge pull request #15221 from Security-Onion-Solutions/cogburn/compress-context coreyogburn 2025-11-13 14:33:56 -07:00
  • 7fdcb92614 wait for 200 from registry before proceeding #15228 Josh Patterson 2025-11-13 16:30:58 -05:00
  • cec1890b6b pcap annotations #15225 Jason Ertel 2025-11-13 16:15:47 -05:00
  • b2606b6094 fix perms DefensiveDepth 2025-11-13 14:10:51 -05:00
  • b1b66045ea Change in prompt wording #15221 Corey Ogburn 2025-11-13 12:08:47 -07:00
  • 33b22bf2e4 Shorten Prompt Corey Ogburn 2025-11-13 11:08:53 -07:00
  • 3a38886345 CompressContextPrompt Corey Ogburn 2025-11-12 15:02:42 -07:00
  • 7be70faab6 format json reyesj2 2025-11-13 10:49:37 -06:00
  • 2729fdbea6 Merge pull request #15223 from Security-Onion-Solutions/bravo Josh Patterson 2025-11-13 11:35:43 -05:00
  • bfd08d1d2e Merge pull request #15204 from Security-Onion-Solutions/reyesj2/retention Jorge Reyes 2025-11-13 10:05:49 -06:00
  • 37b3fd9b7b add detections backup DefensiveDepth 2025-11-13 10:41:12 -05:00
  • 573dded921 refactor to hash DefensiveDepth 2025-11-13 09:25:20 -05:00
  • fed75c7b39 use -r with bootstrap to disable script repo #15223 Josh Patterson 2025-11-12 19:47:25 -05:00
  • 3427df2a54 update bootstrap-salt to latest Josh Patterson 2025-11-12 18:07:14 -05:00
  • be11c718f6 configure salt then install it Josh Patterson 2025-11-12 18:06:55 -05:00
  • 235dfd78f1 Revert "salt-minion service KillMode to control-group" Josh Patterson 2025-11-12 14:20:28 -05:00
  • 7c8b9b4374 salt-minion service KillMode to control-group Josh Patterson 2025-11-12 12:30:29 -05:00
  • 81d7c313af remove dupe DefensiveDepth 2025-11-12 11:11:01 -05:00
  • 9a6ff75793 Merge remote-tracking branch 'origin/2.4/dev' into idstools-refactor DefensiveDepth 2025-11-12 08:51:51 -05:00
  • 1f24796eba Fix ETPRO check DefensiveDepth 2025-11-12 08:48:47 -05:00
  • 7762faf075 Merge pull request #15219 from Security-Onion-Solutions/jertel/wip Jason Ertel 2025-11-12 08:12:23 -05:00
  • 80fbb31372 fix test #15219 Jason Ertel 2025-11-11 17:04:19 -05:00
  • 7c45db2295 add support to so-yaml for using yaml file content for values Jason Ertel 2025-11-11 16:57:54 -05:00
  • 0545e1d33b add support to so-yaml for using yaml file content for values Jason Ertel 2025-11-11 16:55:00 -05:00
  • 55bbbdb58d idstools removal refactor DefensiveDepth 2025-11-11 14:34:28 -05:00
  • 3a8a6bf5ff idstools removal refactor DefensiveDepth 2025-11-11 14:12:51 -05:00
  • 13789bc56f idstools removal refactor DefensiveDepth 2025-11-11 13:45:37 -05:00
  • 11518f6eea idstools removal refactor DefensiveDepth 2025-11-11 13:41:32 -05:00
  • 08147e27b0 Merge pull request #15213 from Security-Onion-Solutions/jertel/wip Jason Ertel 2025-11-10 19:08:58 -05:00
  • c9153617be Merge pull request #15211 from Security-Onion-Solutions/bravo Josh Patterson 2025-11-10 17:09:43 -05:00
  • 245ceb2d49 suricata defaults and annotation #15211 Josh Patterson 2025-11-10 16:40:11 -05:00