CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2026-04-02 19:01:54 +02:00
Code Issues Packages Projects Releases Wiki Activity

Commit Graph

  • 2143881c0b specify *.rules m0duspwnens 2024-02-09 10:22:25 -05:00
  • 5903ae596c move suricata rules to /opt/so/rules/nids/suri m0duspwnens 2024-02-09 09:47:23 -05:00
  • 0c423c9329 Merge pull request #12333 from Security-Onion-Solutions/fix/shell Josh Brower 2024-02-09 09:31:47 -05:00
  • 654602bf80 Fixup shell #12333 Josh Brower 2024-02-09 09:30:18 -05:00
  • 3c9d6da1d8 add putty to sod packages.sls #12332 reyesj2 2024-02-08 22:05:37 -05:00
  • 683abf0179 Rework naming Josh Brower 2024-02-08 13:24:25 -05:00
  • 29174566f3 WIP: Updated Detection Mappings, Changed Engine to Language Corey Ogburn 2024-02-08 09:44:56 -07:00
  • 8d0e8789bd Use salt file roots Josh Brower 2024-02-08 09:54:51 -05:00
  • 503a09f150 Merge remote-tracking branch 'origin/2.4/dev' into feature/fleet-artifacts Josh Brower 2024-02-08 09:45:21 -05:00
  • 81a3e95914 Fixup sigma pipelines Josh Brower 2024-02-07 16:42:16 -05:00
  • f02f61c6dd Merge pull request #12325 from Security-Onion-Solutions/salt3006.6 Josh Patterson 2024-02-07 16:33:56 -05:00
  • 8c5dafa058 Merge pull request #12324 from Security-Onion-Solutions/feature/dashboards-communityid-firewall Doug Burks 2024-02-07 16:15:21 -05:00
  • d3d2305f00 FEATURE: Add new dashboards for community_id and firewall auth #12323 #12324 Doug Burks 2024-02-07 16:08:27 -05:00
  • 7e3187c0b8 Fixup sigma pipelines Josh Brower 2024-02-07 15:35:31 -05:00
  • b7b501d289 Add Sigma pipelines Josh Brower 2024-02-07 15:02:52 -05:00
  • 6534f392a9 update backup filename #12325 m0duspwnens 2024-02-07 14:25:28 -05:00
  • 478fb6261e Merge remote-tracking branch 'origin/2.4/dev' into salt3006.6 m0duspwnens 2024-02-07 14:15:11 -05:00
  • e42e07b245 update salt mine after salt-master restarts m0duspwnens 2024-02-07 13:05:45 -05:00
  • f97d0f2f36 add /opt/so/rules/ to files_roots m0duspwnens 2024-02-07 09:25:56 -05:00
  • 24fd3ef8cc uopdate error message m0duspwnens 2024-02-06 16:22:13 -05:00
  • b3f6153667 update so-yaml tests m0duspwnens 2024-02-06 16:15:54 -05:00
  • d800d59304 Merge pull request #12316 from Security-Onion-Solutions/feature/improve-soc-actions Doug Burks 2024-02-06 15:46:31 -05:00
  • 7106095128 FEATURE: Improve Correlate and Hunt actions on SOC Actions menu #12315 #12316 Doug Burks 2024-02-06 15:39:23 -05:00
  • 9d62ade32e update so-yaml tests m0duspwnens 2024-02-06 11:14:27 -05:00
  • 2643ae08a7 add append to list m0duspwnens 2024-02-05 17:54:30 -05:00
  • 378c99ae88 Fix bindings Josh Brower 2024-02-02 18:25:54 -05:00
  • 8f81c9eb68 Updating config for Detection(s) Corey Ogburn 2024-02-02 11:49:58 -07:00
  • cf83d1cb86 feat: use mountpoint for Elastic log limit #12308 Pete 2024-02-02 12:25:16 -05:00
  • 7a29b3a529 call salt before stopping salt services #12290 Pete 2024-02-02 08:45:01 -05:00
  • fe196b5661 Add SOC Config for Detections Josh Brower 2024-02-01 12:22:50 -05:00
  • 61ee41e431 Merge remote-tracking branch 'origin/2.4/dev' into salt3006.6 m0duspwnens 2024-02-01 11:07:06 -05:00
  • 0d5db58c86 upgrade salt3006.6 m0duspwnens 2024-02-01 10:32:41 -05:00
  • 3d478b92b2 Merge pull request #12294 from Security-Onion-Solutions/jppffa Josh Brower 2024-02-01 09:47:18 -05:00
  • e090518b59 Refactor script Josh Brower 2024-02-01 09:46:53 -05:00
  • 91c1e595ef Merge pull request #12297 from Security-Onion-Solutions/feature/pipeline_config_ui weslambert 2024-02-01 09:18:30 -05:00
  • 1818e134ca Change numbers for Logstash #12297 Wes 2024-02-01 14:01:55 +00:00
  • 182667bafb Change numbers for Elasticsearch Wes 2024-02-01 13:59:23 +00:00
  • 49b5788ac1 add bindings Josh Brower 2024-02-01 07:21:49 -05:00
  • 881d6b313e Update VERSION - kilo Josh Brower 2024-01-31 17:04:11 -05:00
  • db057b4dfa Merge pull request #12296 from Security-Onion-Solutions/cogburn/detection_playbooks Josh Brower 2024-01-31 16:48:51 -05:00
  • 136097f981 Custom Logstash pipeline annotations Wes 2024-01-31 21:47:09 +00:00
  • bc502cc065 Custom Elasticserach pipeline annotations Wes 2024-01-31 21:46:33 +00:00
  • ae32ac40c2 add fleet node nginx to docker annotations #12294 m0duspwnens 2024-01-31 16:28:45 -05:00
  • 2f03248612 use different nginx defaults for so-fleet node hosting artifacts m0duspwnens 2024-01-31 16:22:44 -05:00
  • a094d1007b Merge pull request #12293 from Security-Onion-Solutions/TOoSmOotH-patch-3 Mike Reeves 2024-01-31 16:21:16 -05:00
  • 341ff5b564 Update so-functions #12293 Mike Reeves 2024-01-31 16:18:51 -05:00
  • 0fe96bfc2d switch to symlink Josh Brower 2024-01-31 16:17:40 -05:00
  • 4672a5b8eb Custom pipeline configuration in UI Wes 2024-01-31 20:18:17 +00:00
  • 1853dc398b Custom pipeline configuration Wes 2024-01-31 20:17:33 +00:00
  • bc75be9402 Custom pipelines in UI Wes 2024-01-31 20:16:48 +00:00
  • cd4bd6460a Custom pipelines Wes 2024-01-31 20:16:18 +00:00
  • 585147d1de Added so-detection mapping in elasticsearch #12296 #12295 Corey Ogburn 2024-01-31 10:39:47 -07:00
  • 0d01d09d2e fix pcap paths Mike Reeves 2024-01-31 09:15:35 -05:00
  • 1192dbd530 also remove intca symlink Pete 2024-01-31 09:01:56 -05:00
  • 00289c201e fix pcap paths Mike Reeves 2024-01-31 08:58:57 -05:00
  • 858166bcae WIP: Detections Changes Corey Ogburn 2024-01-30 15:43:51 -07:00
  • 4be1214bab pcap engine logic for sensoroni m0duspwnens 2024-01-30 16:53:57 -05:00
  • 0fa4d92f8f socsigmarepo Corey Ogburn 2023-10-19 15:49:56 -06:00
  • 8a25748e33 grammar m0duspwnens 2024-01-30 16:06:24 -05:00
  • 8b503e2ffa telegraf dont run stenoloss script if suricata is pcap engine m0duspwnens 2024-01-30 15:58:11 -05:00
  • 4dd0b4a4fd Merge pull request #12283 from Security-Onion-Solutions/reyesj2-patch-6 Jorge Reyes 2024-01-30 15:56:13 -05:00
  • b5ffa186fb Remove remediate from initial oscap scan #12283 reyesj2 2024-01-30 15:54:23 -05:00
  • f32cb1f115 fix find to work with steno and suri pcap m0duspwnens 2024-01-30 15:48:10 -05:00
  • 8ed66ea468 disable stenographer if suricata is pcap engine m0duspwnens 2024-01-30 15:22:32 -05:00
  • 0522dc180a map pcap dir to container. enable pcap-log in map m0duspwnens 2024-01-30 13:39:35 -05:00
  • 37dcb84a09 add missing comma m0duspwnens 2024-01-30 10:50:01 -05:00
  • d118ff4728 add GLOBALS.pcap_engine m0duspwnens 2024-01-29 16:54:08 -05:00
  • 88d2ddba8b add placeholder for telegraf Mike Reeves 2024-01-29 15:53:54 -05:00
  • ab551a747d Threads placeholder logic Mike Reeves 2024-01-29 15:44:57 -05:00
  • 88c01a22d6 Add annotation logic Mike Reeves 2024-01-29 15:27:28 -05:00
  • 0c969312e2 Add Globals Mike Reeves 2024-01-29 15:22:20 -05:00
  • 5b05aec96a Target sspecific minion Mike Reeves 2024-01-29 14:56:51 -05:00
  • 1a2245a1ed Add so-minion modifications Mike Reeves 2024-01-29 13:44:53 -05:00
  • 0d08bb0a91 Finalize script Josh Brower 2024-01-29 11:37:28 -05:00
  • cb5e111a00 Merge pull request #12267 from Security-Onion-Solutions/reyesj2-patch-6 Jorge Reyes 2024-01-29 10:22:35 -05:00
  • 7c08b348aa Add comment for soup update w/ STIGs enabled #12267 reyesj2 2024-01-29 10:16:34 -05:00
  • afa98fa147 update artifacts URL automatically Josh Brower 2024-01-28 14:20:52 -05:00
  • 1847e5c3c0 Enable nginx on Fleet Node Josh Brower 2024-01-28 11:37:18 -05:00
  • cfc33b1a34 Sync Elastic Agent Artifacts Josh Brower 2024-01-28 10:12:25 -05:00
  • dc5ea89255 Merge pull request #12260 from Security-Onion-Solutions/fix/endpoint_diagnostic weslambert 2024-01-26 16:13:30 -05:00
  • c4301d7cc1 Soup script update locations reyesj2 2024-01-26 15:51:06 -05:00
  • 91c7b8144d soup logic reyesj2 2024-01-26 15:43:42 -05:00
  • 2e026b637d Update soup to retry modified salt command on failure to update soup scripts. reyesj2 2024-01-26 11:36:33 -05:00
  • cd6e387bcb remove --local from soup common.soup_scripts update. reyesj2 2024-01-25 16:15:53 -05:00
  • 12ab6338db Add diagnostic #12260 Wes 2024-01-25 20:16:52 +00:00
  • cd54d4becb Fix indent weslambert 2024-01-25 13:57:02 -05:00
  • 762a3bea17 Defaults and Annotations Mike Reeves 2024-01-25 09:59:26 -05:00
  • 5f1c76f6ec endpoint.diagnostic.collection weslambert 2024-01-25 09:46:25 -05:00
  • 6069c586d3 Merge branch '2.4/main' of github.com:Security-Onion-Solutions/securityonion into 2.4/main Mike Reeves 2024-01-24 16:07:31 -05:00
  • d2d70d1c5b Merge pull request #12250 from Security-Onion-Solutions/fix/scan_pe_flags weslambert 2024-01-24 14:29:23 -05:00
  • e53030feef Merge pull request #12248 from Security-Onion-Solutions/jertel/pfeat Jason Ertel 2024-01-24 12:12:16 -05:00
  • 9f17bd2255 lks/fps #12248 Jason Ertel 2024-01-24 11:17:32 -05:00
  • 8426aad56d Text mapping for scan.pe.flags #12250 Wes 2024-01-24 15:10:42 +00:00
  • d23d367058 Make scan.pe.flags a string Wes 2024-01-24 15:08:38 +00:00
  • cbdaf2e9a1 Merge pull request #12242 from Security-Onion-Solutions/upgrade/strelka_0.24.01.18 weslambert 2024-01-23 14:02:35 -05:00
  • 4d7af21dd5 Fix quote #12242 weslambert 2024-01-23 13:55:37 -05:00
  • 8348506acc Merge pull request #12240 from Security-Onion-Solutions/upgrade/strelka_0.24.01.18 weslambert 2024-01-23 13:50:15 -05:00
  • 1698d95efe Use PLACEHOLDER for key values #12240 weslambert 2024-01-23 13:45:26 -05:00
  • b1052ddcce Merge pull request #12241 from Security-Onion-Solutions/fix/leak_test weslambert 2024-01-23 13:43:18 -05:00
  • 0cb36bb0aa Exclude StrelkaHexDump and PLACEHOLDER values #12241 weslambert 2024-01-23 13:39:59 -05:00