securityonion
securityonion copied to clipboard
Security-Onion-Solutions
Security Onion is a free and open platform for threat hunting, enterprise security monitoring, and log management. It includes our own interfaces for alerting, dashboards, hunting, PCAP, and case mana...
At this point, folks should be upgraded to Security Onion 2.x. We should remove the legacy Kibana dashboards that existed in Security Onion 16.04.
### Bug Description When attempting to import Sigma rules via `so-playbook-import`, [so-soctopus/playbook.py](https://github.com/Security-Onion-Solutions/securityonion-image/blob/c0c6956a537389745fb230f1396f41adabd6bcbe/so-soctopus/so-soctopus/playbook.py) does not properly handle Sigmac errors encountered when generating the ElastAlert config. If a Sigmac error occurs, then...
When I boot the ISO, the media check runs successfully and then I see brief text saying 'starting installer, one moment' after this there is some text that flashes on...
_Originally posted by @xfaith in https://github.com/Security-Onion-Solutions/securityonion/discussions/8402_ Under the advance setup for the # of cores for Zeek/Suricata, if you dont "select" the number of cores, it lets you move on...
When SOC encounters an Elasticsearch error, it prompts the user with a link to the Help page of the documentation. We include an offline copy of the documentation in SOC...
### Discussed in https://github.com/Security-Onion-Solutions/securityonion/discussions/8137 Originally posted by **ben-sec** June 16, 2022 Hello! The RITA import causes some number_format_exceptions in the logstash.log like ``` [2022-06-16T09:49:26,041][WARN ][logstash.outputs.elasticsearch] Could not index event to...
### Discussed in https://github.com/Security-Onion-Solutions/securityonion/discussions/8258 Originally posted by **johnununu** July 8, 2022 This would allow folks to take advantage of the dns.tld pipeline enrichment.
This release checklist is important for ensuring consistently high-quality releases are provided to the user base. The checklist is relevant for all release types. Prepare release - [ ] If...
Metadata
Owner
Metadata
Security Onion is a free and open platform for threat hunting, enterprise security monitoring, and log management. It includes our own interfaces for alerting, dashboards, hunting, PCAP, and case mana...