weslambert

FEATURE: Add linting/lexing when updating YARA rules for Strelka

1

Consider using something like plyara: https://github.com/plyara/plyara

It would be great to be able to cancel accidental/long-running queries from SOC. In the past, we have leveraged the Tasks API to do this manually: https://www.elastic.co/guide/en/elasticsearch/reference/current/tasks.html

**Is your feature request related to a problem? Please describe.** There is currently no way to obtain an API key for the initial user, unless logged in via the web...

For example, define extra states/applications you want to be managed by Salt in a pillar: ``` extra_states: manager: - mycustomapp1 - mycustomapp2 ``` Loop through additional states referenced in pillar,...

Serve IntelOwl Behind Subpath

6

## What happened IntelOwl does not work correctly behind a subpath when using a reverse proxy like Nginx. ## What did you expect to happen IntelOwl should, aside from the...

ID to Link KAPE Target File and SQLECmd Map

1

**Is your feature request related to a problem? Please describe.** Currently, we have to rely on comments to link a SQLECmd map file to a KAPE target file. We do...

Client Monitoring Upload Improvements

2

- Consider if the way client monitoring artifacts are stored needs to be changed/improved (currently, they are uploaded to a single `F.Monitoring` parent directory) - Add UI element(s) to access...

FEATURE: pfSense Suricata logs

1

### Discussed in https://github.com/Security-Onion-Solutions/securityonion/discussions/12558 Originally posted by **thedeadliestcatch** March 11, 2024 The pfSense integration does not support Suricata logs being sent over via the syslog listener. Is there a way...