├── .github ├── .gitleaks.toml ├── DISCUSSION_TEMPLATE │ └── 2-4.yml ├── ISSUE_TEMPLATE │ ├── bug_report.md │ └── config.yml └── workflows │ ├── close-threads.yml │ ├── contrib.yml │ ├── leaktest.yml │ ├── lock-threads.yml │ └── pythontest.yml ├── .gitignore ├── CONTRIBUTING.md ├── DOWNLOAD_AND_VERIFY_ISO.md ├── HOTFIX ├── KEYS ├── LICENSE ├── README.md ├── SECURITY.md ├── VERSION ├── assets └── images │ ├── screenshots │ ├── alerts.png │ ├── analyzers │ │ ├── echotrail.png │ │ ├── elasticsearch.png │ │ └── sublime.png │ ├── cases-comments.png │ ├── dashboards.png │ └── hunt.png │ └── verified-commit-1.png ├── files ├── firewall │ ├── assigned_hostgroups.local.map.yaml │ └── ports │ │ └── ports.local.yaml └── salt │ └── master │ ├── master │ └── salt-master.service ├── pillar ├── data │ └── addtotab.sh ├── elasticsearch │ ├── eval.sls │ ├── index_templates.sls │ ├── manager.sls │ ├── nodes.sls │ └── search.sls ├── firewall │ └── addfirewall.sh ├── healthcheck │ ├── eval.sls │ ├── sensor.sls │ └── standalone.sls ├── hypervisor │ └── nodes.sls ├── kafka │ └── nodes.sls ├── logstash │ ├── init.sls │ └── nodes.sls ├── node_data │ └── ips.sls ├── patch │ └── needs_restarting.sls ├── redis │ └── nodes.sls ├── soc │ └── license.sls ├── top.sls └── zeek │ └── init.sls ├── pyci.sh ├── pytest.ini ├── salt ├── _beacons │ └── zeek.py ├── _modules │ ├── healthcheck.py │ ├── hypervisor.py │ ├── needs_restarting.py │ ├── qcow2.py │ ├── so.py │ ├── telegraf.py │ └── zeekctl.py ├── _runners │ └── setup_hypervisor.py ├── allowed_states.map.jinja ├── backup │ ├── config_backup.sls │ ├── defaults.yaml │ ├── map.jinja │ ├── soc_backup.yaml │ └── tools │ │ └── sbin │ │ └── so-config-backup.jinja ├── bpf │ ├── defaults.yaml │ ├── macros.jinja │ ├── pcap.map.jinja │ ├── soc_bpf.yaml │ ├── suricata.map.jinja │ └── zeek.map.jinja ├── ca │ ├── dirs.sls │ ├── files │ │ └── signing_policies.conf │ ├── init.sls │ └── remove.sls ├── common │ ├── files │ │ ├── 99-reserved-ports.conf │ │ ├── daemon.json │ │ ├── soversion │ │ └── vimrc │ ├── grains.sls │ ├── init.sls │ ├── packages.sls │ ├── soup_scripts.sls │ └── tools │ │ ├── sbin │ │ ├── so-bpf-compile │ │ ├── so-checkin │ │ ├── so-common │ │ ├── so-common-status-check │ │ ├── so-docker-prune │ │ ├── so-image-common │ │ ├── so-image-pull │ │ ├── so-ip-update │ │ ├── so-log-check │ │ ├── so-luks-tpm-regen │ │ ├── so-monitor-add │ │ ├── so-nsm-clear │ │ ├── so-pcap-import │ │ ├── so-restart │ │ ├── so-salt-start │ │ ├── so-salt-stop │ │ ├── so-sensor-clean │ │ ├── so-ssh-harden │ │ ├── so-start │ │ ├── so-status │ │ ├── so-stop │ │ ├── so-tcpreplay-restart │ │ ├── so-tcpreplay-start │ │ ├── so-tcpreplay-stop │ │ ├── so-test │ │ └── so_logging_utils.py │ │ └── sbin_jinja │ │ ├── so-desktop-install │ │ ├── so-import-evtx │ │ ├── so-import-pcap │ │ ├── so-raid-status │ │ ├── so-salt-emit-vm-deployment-status-event │ │ ├── so-salt-minion-check │ │ └── so-tcpreplay ├── cron │ ├── dead.sls │ ├── map.jinja │ └── running.sls ├── curator │ └── disabled.sls ├── desktop │ ├── files │ │ ├── 00-background │ │ ├── session.jinja │ │ ├── so-lockscreen.jpg │ │ ├── so-login-logo-dark.svg │ │ ├── so-login-logo.svg │ │ └── so-wallpaper.jpg │ ├── init.sls │ ├── packages.sls │ ├── remove_gui.sls │ ├── trusted-ca.sls │ └── xwindows.sls ├── docker │ ├── defaults.yaml │ ├── docker.map.jinja │ ├── files │ │ └── iptables-disabled.conf │ ├── init.sls │ └── soc_docker.yaml ├── docker_clean │ └── init.sls ├── elastalert │ ├── config.sls │ ├── defaults.yaml │ ├── disabled.sls │ ├── enabled.sls │ ├── files │ │ ├── custom │ │ │ └── placeholder │ │ ├── elastalert_config.yaml.jinja │ │ ├── modules │ │ │ └── so │ │ │ │ └── securityonion-es.py │ │ └── predefined │ │ │ ├── jira_auth.yaml │ │ │ └── smtp_auth.yaml │ ├── init.sls │ ├── map.jinja │ ├── soc_elastalert.yaml │ ├── sostatus.sls │ └── tools │ │ └── sbin │ │ ├── so-elastalert-create │ │ ├── so-elastalert-restart │ │ ├── so-elastalert-start │ │ ├── so-elastalert-stop │ │ └── so-elastalert-test ├── elastic-fleet-package-registry │ ├── config.sls │ ├── defaults.yaml │ ├── disabled.sls │ ├── enabled.sls │ ├── init.sls │ ├── map.jinja │ ├── soc_elastic-fleet-package-registry.yaml │ └── sostatus.sls ├── elasticagent │ ├── config.sls │ ├── defaults.yaml │ ├── disabled.sls │ ├── enabled.sls │ ├── files │ │ └── elastic-agent.yml.jinja │ ├── init.sls │ ├── map.jinja │ ├── soc_elasticagent.yaml │ ├── sostatus.sls │ └── tools │ │ └── sbin_jinja │ │ ├── so-elastic-agent-inspect │ │ ├── so-elastic-agent-restart │ │ ├── so-elastic-agent-start │ │ ├── so-elastic-agent-status │ │ ├── so-elastic-agent-stop │ │ └── so-elastic-agent-version ├── elasticfleet │ ├── artifact_registry.sls │ ├── config.sls │ ├── defaults.yaml │ ├── disabled.sls │ ├── enabled.sls │ ├── files │ │ ├── certs │ │ │ └── placeholder │ │ ├── integrations-dynamic │ │ │ ├── fleet-server │ │ │ │ └── fleet-server.json │ │ │ └── grid-nodes_general │ │ │ │ ├── import-zeek-logs.json │ │ │ │ ├── kratos-logs.json │ │ │ │ └── zeek-logs.json │ │ ├── integrations-optional │ │ │ ├── kismet.json │ │ │ └── sublime_platform.json │ │ ├── integrations │ │ │ ├── elastic-defend │ │ │ │ └── elastic-defend-endpoints.json │ │ │ ├── endpoints-initial │ │ │ │ ├── osquery.json │ │ │ │ ├── system-endpoints.json │ │ │ │ ├── windows-defender.json │ │ │ │ └── windows-endpoints.json │ │ │ ├── grid-nodes_general │ │ │ │ ├── elastic-agent-monitor.json │ │ │ │ ├── elasticsearch-logs.json │ │ │ │ ├── hydra-logs.json │ │ │ │ ├── idh-logs.json │ │ │ │ ├── import-evtx-logs.json │ │ │ │ ├── import-suricata-logs.json │ │ │ │ ├── osquery-grid-nodes.json │ │ │ │ ├── redis-logs.json │ │ │ │ ├── rita-logs.json │ │ │ │ ├── so-ip-mappings.json │ │ │ │ ├── soc-auth-sync-logs.json │ │ │ │ ├── soc-detections-logs.json │ │ │ │ ├── soc-salt-relay-logs.json │ │ │ │ ├── soc-sensoroni-logs.json │ │ │ │ ├── soc-server-logs.json │ │ │ │ ├── strelka-logs.json │ │ │ │ ├── suricata-logs.json │ │ │ │ ├── syslog-tcp-514.json │ │ │ │ ├── syslog-udp-514.json │ │ │ │ └── system-grid-nodes.json │ │ │ └── grid-nodes_heavy │ │ │ │ ├── osquery-grid-nodes.json │ │ │ │ └── system-grid-nodes.json │ │ ├── so_agent-installers │ │ │ └── readme │ │ └── soc │ │ │ ├── elastic-defend-custom-filters.yaml │ │ │ └── elastic-defend-disabled-filters.yaml │ ├── init.sls │ ├── install_agent_grid.sls │ ├── integration-defaults.map.jinja │ ├── map.jinja │ ├── soc_elasticfleet.yaml │ ├── sostatus.sls │ └── tools │ │ ├── sbin │ │ ├── so-elastic-defend-manage-filters.py │ │ ├── so-elastic-fleet-agent-policy-delete │ │ ├── so-elastic-fleet-agent-policy-list │ │ ├── so-elastic-fleet-agent-policy-view │ │ ├── so-elastic-fleet-common │ │ ├── so-elastic-fleet-data-streams-list │ │ ├── so-elastic-fleet-integration-policy-bulk-delete │ │ ├── so-elastic-fleet-integration-policy-delete │ │ ├── so-elastic-fleet-integration-policy-elastic-defend │ │ ├── so-elastic-fleet-integration-policy-elastic-fleet-server │ │ ├── so-elastic-fleet-integration-policy-list │ │ ├── so-elastic-fleet-integration-policy-load │ │ ├── so-elastic-fleet-package-list │ │ ├── so-elastic-fleet-restart │ │ ├── so-elastic-fleet-start │ │ ├── so-elastic-fleet-stop │ │ └── so_elastic_defend_filters_helper.py │ │ └── sbin_jinja │ │ ├── so-elastic-agent-gen-installers │ │ ├── so-elastic-agent-grid-upgrade │ │ ├── so-elastic-agent-inspect │ │ ├── so-elastic-agent-restart │ │ ├── so-elastic-agent-start │ │ ├── so-elastic-agent-status │ │ ├── so-elastic-agent-stop │ │ ├── so-elastic-agent-version │ │ ├── so-elastic-fleet-artifacts-url-update │ │ ├── so-elastic-fleet-es-url-update │ │ ├── so-elastic-fleet-integration-upgrade │ │ ├── so-elastic-fleet-optional-integrations-load │ │ ├── so-elastic-fleet-outputs-update │ │ ├── so-elastic-fleet-package-load │ │ ├── so-elastic-fleet-package-upgrade │ │ ├── so-elastic-fleet-setup │ │ ├── so-elastic-fleet-urls-update │ │ └── so-kafka-fleet-output-policy ├── elasticsearch │ ├── auth.sls │ ├── base-template.json.jinja │ ├── ca.sls │ ├── config.map.jinja │ ├── config.sls │ ├── defaults.yaml │ ├── disabled.sls │ ├── download.sls │ ├── enabled.sls │ ├── files │ │ ├── curl.config.template │ │ ├── elasticsearch.yaml.jinja │ │ ├── ingest-dynamic │ │ │ └── common │ │ ├── ingest │ │ │ ├── beats.common │ │ │ ├── common.ip_validation │ │ │ ├── common.nids │ │ │ ├── dns.tld │ │ │ ├── ecs │ │ │ ├── elasticagent.monitor │ │ │ ├── filterlog │ │ │ ├── global@custom │ │ │ ├── http.status │ │ │ ├── hydra │ │ │ ├── kismet.ad_hoc │ │ │ ├── kismet.ap │ │ │ ├── kismet.bridged │ │ │ ├── kismet.client │ │ │ ├── kismet.common │ │ │ ├── kismet.device │ │ │ ├── kismet.seenby │ │ │ ├── kismet.wds │ │ │ ├── kismet.wds_ap │ │ │ ├── kratos │ │ │ ├── logs-pfsense.log-1.23.1 │ │ │ ├── logs-pfsense.log-1.23.1-suricata │ │ │ ├── logscan.alert │ │ │ ├── osquery.live_query │ │ │ ├── osquery.normalize │ │ │ ├── osquery.query_result │ │ │ ├── ossec │ │ │ ├── rita.beacons │ │ │ ├── rita.connections │ │ │ ├── rita.dns │ │ │ ├── strelka.file │ │ │ ├── sublime │ │ │ ├── suricata.alert │ │ │ ├── suricata.alert_pfsense │ │ │ ├── suricata.common │ │ │ ├── suricata.common_pfsense │ │ │ ├── suricata.dhcp │ │ │ ├── suricata.dnp3 │ │ │ ├── suricata.dns │ │ │ ├── suricata.fileinfo │ │ │ ├── suricata.flow │ │ │ ├── suricata.ftp │ │ │ ├── suricata.ftp_data │ │ │ ├── suricata.http │ │ │ ├── suricata.ike │ │ │ ├── suricata.krb5 │ │ │ ├── suricata.nfs │ │ │ ├── suricata.rdp │ │ │ ├── suricata.sip │ │ │ ├── suricata.smb │ │ │ ├── suricata.smtp │ │ │ ├── suricata.snmp │ │ │ ├── suricata.ssh │ │ │ ├── suricata.tftp │ │ │ ├── suricata.tls │ │ │ ├── syslog │ │ │ ├── sysmon │ │ │ ├── win.eventlogs │ │ │ ├── zeek.bacnet │ │ │ ├── zeek.bacnet_discovery │ │ │ ├── zeek.bacnet_property │ │ │ ├── zeek.bsap_ip_header │ │ │ ├── zeek.bsap_ip_rdb │ │ │ ├── zeek.bsap_ip_unknown │ │ │ ├── zeek.bsap_serial_header │ │ │ ├── zeek.bsap_serial_rdb │ │ │ ├── zeek.bsap_serial_rdb_ext │ │ │ ├── zeek.bsap_serial_unknown │ │ │ ├── zeek.cip │ │ │ ├── zeek.cip_identity │ │ │ ├── zeek.cip_io │ │ │ ├── zeek.common │ │ │ ├── zeek.common_ssl │ │ │ ├── zeek.conn │ │ │ ├── zeek.cotp │ │ │ ├── zeek.dce_rpc │ │ │ ├── zeek.dhcp │ │ │ ├── zeek.dnp3 │ │ │ ├── zeek.dnp3_control │ │ │ ├── zeek.dnp3_objects │ │ │ ├── zeek.dns │ │ │ ├── zeek.dpd │ │ │ ├── zeek.ecat_aoe_info │ │ │ ├── zeek.ecat_arp_info │ │ │ ├── zeek.ecat_coe_info │ │ │ ├── zeek.ecat_dev_info │ │ │ ├── zeek.ecat_foe_info │ │ │ ├── zeek.ecat_log_address │ │ │ ├── zeek.ecat_registers │ │ │ ├── zeek.ecat_soe_info │ │ │ ├── zeek.enip │ │ │ ├── zeek.files │ │ │ ├── zeek.ftp │ │ │ ├── zeek.http │ │ │ ├── zeek.http2 │ │ │ ├── zeek.intel │ │ │ ├── zeek.ipsec │ │ │ ├── zeek.irc │ │ │ ├── zeek.ja4ssh │ │ │ ├── zeek.kerberos │ │ │ ├── zeek.ldap │ │ │ ├── zeek.ldap_search │ │ │ ├── zeek.modbus │ │ │ ├── zeek.modbus_detailed │ │ │ ├── zeek.modbus_mask_write_register │ │ │ ├── zeek.modbus_read_write_multiple_registers │ │ │ ├── zeek.mysql │ │ │ ├── zeek.notice │ │ │ ├── zeek.ntlm │ │ │ ├── zeek.ntp │ │ │ ├── zeek.opcua_binary │ │ │ ├── zeek.opcua_binary_activate_session │ │ │ ├── zeek.opcua_binary_activate_session_client_software_cert │ │ │ ├── zeek.opcua_binary_activate_session_diagnostic_info │ │ │ ├── zeek.opcua_binary_activate_session_locale_id │ │ │ ├── zeek.opcua_binary_browse │ │ │ ├── zeek.opcua_binary_browse_description │ │ │ ├── zeek.opcua_binary_browse_diagnostic_info │ │ │ ├── zeek.opcua_binary_browse_request_continuation_point │ │ │ ├── zeek.opcua_binary_browse_response_references │ │ │ ├── zeek.opcua_binary_browse_result │ │ │ ├── zeek.opcua_binary_create_session │ │ │ ├── zeek.opcua_binary_create_session_discovery │ │ │ ├── zeek.opcua_binary_create_session_endpoints │ │ │ ├── zeek.opcua_binary_create_session_user_token │ │ │ ├── zeek.opcua_binary_create_subscription │ │ │ ├── zeek.opcua_binary_diag_info_detail │ │ │ ├── zeek.opcua_binary_get_endpoints │ │ │ ├── zeek.opcua_binary_get_endpoints_description │ │ │ ├── zeek.opcua_binary_get_endpoints_discovery │ │ │ ├── zeek.opcua_binary_get_endpoints_locale_id │ │ │ ├── zeek.opcua_binary_get_endpoints_profile_uri │ │ │ ├── zeek.opcua_binary_get_endpoints_user_token │ │ │ ├── zeek.opcua_binary_opensecure_channel │ │ │ ├── zeek.opcua_binary_read │ │ │ ├── zeek.opcua_binary_read_array_dims │ │ │ ├── zeek.opcua_binary_read_array_dims_link │ │ │ ├── zeek.opcua_binary_read_diagnostic_info │ │ │ ├── zeek.opcua_binary_read_extension_object │ │ │ ├── zeek.opcua_binary_read_extension_object_link │ │ │ ├── zeek.opcua_binary_read_nodes_to_read │ │ │ ├── zeek.opcua_binary_read_results │ │ │ ├── zeek.opcua_binary_read_results_link │ │ │ ├── zeek.opcua_binary_read_status_code │ │ │ ├── zeek.opcua_binary_read_variant_data │ │ │ ├── zeek.opcua_binary_read_variant_data_link │ │ │ ├── zeek.opcua_binary_status_code_detail │ │ │ ├── zeek.pe │ │ │ ├── zeek.profinet │ │ │ ├── zeek.profinet_dce_rpc │ │ │ ├── zeek.quic │ │ │ ├── zeek.radius │ │ │ ├── zeek.rdp │ │ │ ├── zeek.rfb │ │ │ ├── zeek.s7comm │ │ │ ├── zeek.s7comm_plus │ │ │ ├── zeek.s7comm_read_szl │ │ │ ├── zeek.s7comm_upload_download │ │ │ ├── zeek.signatures │ │ │ ├── zeek.sip │ │ │ ├── zeek.smb_files │ │ │ ├── zeek.smb_mapping │ │ │ ├── zeek.smtp │ │ │ ├── zeek.snmp │ │ │ ├── zeek.socks │ │ │ ├── zeek.software │ │ │ ├── zeek.ssh │ │ │ ├── zeek.ssl │ │ │ ├── zeek.stun │ │ │ ├── zeek.stun_nat │ │ │ ├── zeek.syslog │ │ │ ├── zeek.tds │ │ │ ├── zeek.tds_rpc │ │ │ ├── zeek.tds_sql_batch │ │ │ ├── zeek.traceroute │ │ │ ├── zeek.tunnel │ │ │ ├── zeek.tunnels │ │ │ ├── zeek.weird │ │ │ ├── zeek.wireguard │ │ │ └── zeek.x509 │ │ └── log4j2.properties │ ├── init.sls │ ├── roles │ │ ├── analyst.json │ │ ├── auditor.json │ │ ├── limited-analyst.json │ │ └── limited-auditor.json │ ├── soc_elasticsearch.yaml │ ├── sostatus.sls │ ├── template.map.jinja │ ├── templates │ │ ├── component │ │ │ ├── ecs │ │ │ │ ├── agent.json │ │ │ │ ├── aws.json │ │ │ │ ├── azure.json │ │ │ │ ├── base.json │ │ │ │ ├── cef.json │ │ │ │ ├── checkpoint.json │ │ │ │ ├── cisco.json │ │ │ │ ├── client.json │ │ │ │ ├── cloud.json │ │ │ │ ├── container.json │ │ │ │ ├── cyberark.json │ │ │ │ ├── data_stream.json │ │ │ │ ├── destination.json │ │ │ │ ├── device.json │ │ │ │ ├── dll.json │ │ │ │ ├── dns.json │ │ │ │ ├── ecs.json │ │ │ │ ├── elasticsearch.json │ │ │ │ ├── error.json │ │ │ │ ├── event.json │ │ │ │ ├── file.json │ │ │ │ ├── fortinet.json │ │ │ │ ├── gcp.json │ │ │ │ ├── google_workspace.json │ │ │ │ ├── group.json │ │ │ │ ├── hash.json │ │ │ │ ├── host.json │ │ │ │ ├── http.json │ │ │ │ ├── juniper.json │ │ │ │ ├── kibana.json │ │ │ │ ├── kismet.json │ │ │ │ ├── log.json │ │ │ │ ├── logstash.json │ │ │ │ ├── metadata.json │ │ │ │ ├── microsoft.json │ │ │ │ ├── misp.json │ │ │ │ ├── netflow.json │ │ │ │ ├── network.json │ │ │ │ ├── o365.json │ │ │ │ ├── observer.json │ │ │ │ ├── okta.json │ │ │ │ ├── orchestrator.json │ │ │ │ ├── organization.json │ │ │ │ ├── package.json │ │ │ │ ├── process.json │ │ │ │ ├── redis.json │ │ │ │ ├── registry.json │ │ │ │ ├── related.json │ │ │ │ ├── rule.json │ │ │ │ ├── server.json │ │ │ │ ├── service.json │ │ │ │ ├── snyk.json │ │ │ │ ├── sophos.json │ │ │ │ ├── source.json │ │ │ │ ├── suricata.json │ │ │ │ ├── syslog.json │ │ │ │ ├── threat.json │ │ │ │ ├── tls.json │ │ │ │ ├── tracing.json │ │ │ │ ├── url.json │ │ │ │ ├── user.json │ │ │ │ ├── user_agent.json │ │ │ │ ├── vulnerability.json │ │ │ │ ├── winlog.json │ │ │ │ └── zeek.json │ │ │ ├── elastic-agent │ │ │ │ ├── logs-osquery_manager.action.responses.json │ │ │ │ ├── logs-osquery_manager.actions.json │ │ │ │ ├── logs-osquery_manager.result@custom.json │ │ │ │ ├── logs-soc@package.json │ │ │ │ ├── logs-system.syslog@custom.json │ │ │ │ ├── logs@custom.json │ │ │ │ ├── metrics@custom.json │ │ │ │ ├── so-data-streams-mappings.json │ │ │ │ ├── so-elastic-agent-monitor.json │ │ │ │ ├── so-fleet_agent_id_verification-1.json │ │ │ │ ├── so-fleet_globals-1.json │ │ │ │ ├── so-fleet_integrations.ip_mappings-1.json │ │ │ │ ├── so-items-mappings.json │ │ │ │ ├── so-lists-mappings.json │ │ │ │ ├── so-logs-mappings.json │ │ │ │ └── so-logs-settings.json │ │ │ └── so │ │ │ │ ├── assistant-chat-mappings.json │ │ │ │ ├── assistant-chat-settings.json │ │ │ │ ├── assistant-session-mappings.json │ │ │ │ ├── assistant-session-settings.json │ │ │ │ ├── case-mappings.json │ │ │ │ ├── case-settings.json │ │ │ │ ├── common-dynamic-mappings.json │ │ │ │ ├── common-settings.json │ │ │ │ ├── detection-mappings.json │ │ │ │ ├── detection-settings.json │ │ │ │ ├── dtc-agent-mappings.json │ │ │ │ ├── dtc-base-mappings.json │ │ │ │ ├── dtc-client-mappings.json │ │ │ │ ├── dtc-destination-mappings.json │ │ │ │ ├── dtc-dns-mappings.json │ │ │ │ ├── dtc-ecs-mappings.json │ │ │ │ ├── dtc-event-mappings.json │ │ │ │ ├── dtc-file-mappings.json │ │ │ │ ├── dtc-host-mappings.json │ │ │ │ ├── dtc-http-mappings.json │ │ │ │ ├── dtc-network-mappings.json │ │ │ │ ├── dtc-observer-mappings.json │ │ │ │ ├── dtc-process-mappings.json │ │ │ │ ├── dtc-rule-mappings.json │ │ │ │ ├── dtc-service-mappings.json │ │ │ │ ├── dtc-source-mappings.json │ │ │ │ ├── dtc-syslog-mappings.json │ │ │ │ ├── dtc-user-mappings.json │ │ │ │ ├── dtc-user_agent-mappings.json │ │ │ │ ├── dtc-winlog-mappings.json │ │ │ │ ├── endgame-mappings.json │ │ │ │ ├── pb-override-destination-mappings.json │ │ │ │ ├── pb-override-source-mappings.json │ │ │ │ ├── so-file-mappings.json │ │ │ │ ├── so-ip-mappings.json │ │ │ │ ├── so-rule-mappings.json │ │ │ │ ├── so-scan-mappings.json │ │ │ │ └── so-system-mappings.json │ │ └── index │ │ │ └── custom │ │ │ └── place_custom_template_in_local │ └── tools │ │ ├── sbin │ │ ├── so-elastic-clear │ │ ├── so-elastic-diagnose │ │ ├── so-elasticsearch-component-templates-list │ │ ├── so-elasticsearch-ilm-lifecycle-status │ │ ├── so-elasticsearch-ilm-policy-delete │ │ ├── so-elasticsearch-ilm-policy-view │ │ ├── so-elasticsearch-ilm-restart │ │ ├── so-elasticsearch-ilm-start │ │ ├── so-elasticsearch-ilm-status │ │ ├── so-elasticsearch-ilm-stop │ │ ├── so-elasticsearch-index-templates-list │ │ ├── so-elasticsearch-indices-delete │ │ ├── so-elasticsearch-indices-growth │ │ ├── so-elasticsearch-indices-list │ │ ├── so-elasticsearch-indices-rw │ │ ├── so-elasticsearch-pipeline-stats │ │ ├── so-elasticsearch-pipeline-view │ │ ├── so-elasticsearch-pipelines │ │ ├── so-elasticsearch-pipelines-list │ │ ├── so-elasticsearch-query │ │ ├── so-elasticsearch-restart │ │ ├── so-elasticsearch-roles-load │ │ ├── so-elasticsearch-shards-list │ │ ├── so-elasticsearch-start │ │ ├── so-elasticsearch-stop │ │ ├── so-elasticsearch-template-remove │ │ ├── so-elasticsearch-template-view │ │ ├── so-elasticsearch-templates-list │ │ ├── so-elasticsearch-troubleshoot │ │ ├── so-elasticsearch-wait │ │ └── so-index-list │ │ └── sbin_jinja │ │ ├── so-catrust │ │ ├── so-elastic-restart │ │ ├── so-elastic-start │ │ ├── so-elastic-stop │ │ ├── so-elasticsearch-cluster-settings │ │ ├── so-elasticsearch-cluster-space-total │ │ ├── so-elasticsearch-cluster-space-used │ │ ├── so-elasticsearch-ilm-policy-load │ │ ├── so-elasticsearch-indices-delete-delete │ │ └── so-elasticsearch-templates-load ├── firewall │ ├── containers.map.jinja │ ├── defaults.yaml │ ├── init.sls │ ├── ipt.map.jinja │ ├── iptables.jinja │ ├── map.jinja │ └── soc_firewall.yaml ├── global │ ├── defaults.yaml │ ├── map.jinja │ └── soc_global.yaml ├── healthcheck │ └── init.sls ├── host │ └── soc_host.yaml ├── hydra │ ├── config.sls │ ├── defaults.yaml │ ├── disabled.sls │ ├── enabled.sls │ ├── files │ │ └── hydra.yaml.jinja │ ├── init.sls │ ├── map.jinja │ ├── soc_hydra.yaml │ └── sostatus.sls ├── hypervisor │ ├── defaults.yaml │ ├── hosts │ │ └── README │ ├── init.sls │ ├── map.jinja │ └── tools │ │ ├── sbin │ │ ├── so-nvme-raid1.sh │ │ ├── so-qcow2-network-predictable │ │ ├── so-wait-cloud-init │ │ └── so_vm_utils.py │ │ └── sbin_jinja │ │ ├── so-kvm-create-volume │ │ ├── so-kvm-modify-hardware │ │ └── so-qcow2-modify-network ├── idh │ ├── config.sls │ ├── defaults.yaml │ ├── disabled.sls │ ├── enabled.sls │ ├── idh.conf.jinja │ ├── init.sls │ ├── opencanary_config.map.jinja │ ├── openssh │ │ ├── config.sls │ │ ├── init.sls │ │ └── map.jinja │ ├── plays │ │ ├── idh_ftp.yml │ │ ├── idh_git.yml │ │ ├── idh_http_get.yml │ │ ├── idh_http_login.yml │ │ ├── idh_httpproxy.yml │ │ ├── idh_mssql.yml │ │ ├── idh_mysql.yml │ │ ├── idh_ntp.yml │ │ ├── idh_redis.yml │ │ ├── idh_sip.yml │ │ ├── idh_smb.yml │ │ ├── idh_snmp.yml │ │ ├── idh_ssh.yml │ │ ├── idh_telnet.yml │ │ ├── idh_tftp.yml │ │ └── idh_vnc.yml │ ├── skins │ │ └── http │ │ │ ├── custom │ │ │ └── basicCustomLogin │ │ │ │ ├── 403.html │ │ │ │ ├── 404.html │ │ │ │ └── index.html │ │ │ └── opencanary │ │ │ ├── basicLogin │ │ │ ├── 403.html │ │ │ ├── 404.html │ │ │ └── index.html │ │ │ └── nasLogin │ │ │ ├── 403.html │ │ │ ├── 404.html │ │ │ ├── index.html │ │ │ └── static │ │ │ ├── css │ │ │ ├── desktop.css │ │ │ ├── ext-all.css │ │ │ ├── style.css │ │ │ ├── ux-all.css │ │ │ └── xtheme-gray.css │ │ │ ├── fonts │ │ │ └── roboto.woff │ │ │ ├── img │ │ │ ├── 02.jpg │ │ │ ├── favicon.ico │ │ │ ├── icon_dsm_16.png │ │ │ ├── icon_dsm_32.png │ │ │ ├── icon_dsm_48.png │ │ │ ├── icon_dsm_64.png │ │ │ ├── icon_dsm_96.png │ │ │ ├── icon_tile.png │ │ │ └── synohdpack │ │ │ │ └── images │ │ │ │ ├── Components │ │ │ │ ├── bt_dropdown.png │ │ │ │ ├── bt_grid_dropdown.png │ │ │ │ ├── bt_pagebar.png │ │ │ │ ├── c_icon_general.png │ │ │ │ ├── category_expand.png │ │ │ │ ├── checkbox.png │ │ │ │ ├── col-move-bottom.png │ │ │ │ ├── date_dropdown.png │ │ │ │ ├── date_prev_next.png │ │ │ │ ├── dropdown_menu_parent.png │ │ │ │ ├── dropdown_menu_tick.png │ │ │ │ ├── fieldset_expand.png │ │ │ │ ├── icon_advanced_search.png │ │ │ │ ├── icon_error.png │ │ │ │ ├── icon_filter.png │ │ │ │ ├── icon_information.png │ │ │ │ ├── icon_loading.gif │ │ │ │ ├── icon_search.png │ │ │ │ ├── icon_search_clear.png │ │ │ │ ├── icon_success.png │ │ │ │ ├── radio_button.png │ │ │ │ ├── shadow_category.png │ │ │ │ ├── shadow_footbar.png │ │ │ │ ├── superbox_button_cancel.png │ │ │ │ ├── tab_arrow.png │ │ │ │ ├── tab_shadow.png │ │ │ │ ├── tree_arrow.png │ │ │ │ ├── trigger.png │ │ │ │ └── trigger_date.png │ │ │ │ ├── dsm │ │ │ │ ├── modules │ │ │ │ │ ├── ExternalDevices │ │ │ │ │ │ └── images │ │ │ │ │ │ │ └── tray_icon_device.png │ │ │ │ │ ├── FileTaskMonitor │ │ │ │ │ │ └── images │ │ │ │ │ │ │ ├── tray_icon_bgtask.gif │ │ │ │ │ │ │ ├── tray_icon_bgtask.png │ │ │ │ │ │ │ ├── tray_icon_download.gif │ │ │ │ │ │ │ ├── tray_icon_download.png │ │ │ │ │ │ │ ├── tray_icon_upload.gif │ │ │ │ │ │ │ └── tray_icon_upload.png │ │ │ │ │ ├── PollingTask │ │ │ │ │ │ └── images │ │ │ │ │ │ │ └── tray_icon_disk_port.png │ │ │ │ │ └── ThumbConvertProgress │ │ │ │ │ │ └── images │ │ │ │ │ │ ├── tray_icon_creating_thumbnail.gif │ │ │ │ │ │ └── tray_icon_creating_thumbnail.png │ │ │ │ └── resources │ │ │ │ │ └── images │ │ │ │ │ ├── bt_bugs.png │ │ │ │ │ ├── bt_dsm_mobile.png │ │ │ │ │ ├── components │ │ │ │ │ ├── icon_error.png │ │ │ │ │ ├── icon_image_selector.png │ │ │ │ │ ├── status_fail.png │ │ │ │ │ ├── status_loading.gif │ │ │ │ │ └── status_success.png │ │ │ │ │ ├── desktop │ │ │ │ │ ├── add_one.png │ │ │ │ │ ├── icon_app_category.png │ │ │ │ │ ├── spotlight.png │ │ │ │ │ └── taskbar_spinner.gif │ │ │ │ │ ├── dsm5_badge_num.png │ │ │ │ │ ├── dsm5_notification_num.png │ │ │ │ │ ├── dsmv5_wizard_bkg_v_01.png │ │ │ │ │ ├── dsmv5_wizard_bkg_v_02.png │ │ │ │ │ ├── folder.png │ │ │ │ │ ├── icon_drag_add.png │ │ │ │ │ ├── icon_drag_ban.png │ │ │ │ │ ├── icon_question.png │ │ │ │ │ ├── item_drag_status.png │ │ │ │ │ ├── login │ │ │ │ │ ├── dark │ │ │ │ │ │ ├── 0.png │ │ │ │ │ │ ├── 1.png │ │ │ │ │ │ ├── 2.png │ │ │ │ │ │ ├── 3.png │ │ │ │ │ │ ├── 4.png │ │ │ │ │ │ ├── 5dot.png │ │ │ │ │ │ ├── DSM.png │ │ │ │ │ │ ├── beta.png │ │ │ │ │ │ ├── copyright_2014.png │ │ │ │ │ │ ├── copyright_2015.png │ │ │ │ │ │ └── synology.png │ │ │ │ │ ├── icon_phone.png │ │ │ │ │ ├── icon_pw.png │ │ │ │ │ ├── icon_user.png │ │ │ │ │ ├── light │ │ │ │ │ │ ├── 0.png │ │ │ │ │ │ ├── 1.png │ │ │ │ │ │ ├── 2.png │ │ │ │ │ │ ├── 3.png │ │ │ │ │ │ ├── 4.png │ │ │ │ │ │ ├── 5dot.png │ │ │ │ │ │ ├── DSM.png │ │ │ │ │ │ ├── beta.png │ │ │ │ │ │ ├── copyright_2014.png │ │ │ │ │ │ ├── copyright_2015.png │ │ │ │ │ │ └── synology.png │ │ │ │ │ ├── login_bkg_highlight_bottom.png │ │ │ │ │ ├── login_bkg_highlight_top.png │ │ │ │ │ └── weather │ │ │ │ │ │ ├── login_icon_weather_cloudy.png │ │ │ │ │ │ ├── login_icon_weather_cold.png │ │ │ │ │ │ ├── login_icon_weather_fog.png │ │ │ │ │ │ ├── login_icon_weather_hail.png │ │ │ │ │ │ ├── login_icon_weather_moon.png │ │ │ │ │ │ ├── login_icon_weather_moon_clouds.png │ │ │ │ │ │ ├── login_icon_weather_rain.png │ │ │ │ │ │ ├── login_icon_weather_snow.png │ │ │ │ │ │ ├── login_icon_weather_sun.png │ │ │ │ │ │ ├── login_icon_weather_sun_clouds.png │ │ │ │ │ │ ├── login_icon_weather_thunder.png │ │ │ │ │ │ ├── login_icon_weather_tornado.png │ │ │ │ │ │ └── login_icon_weather_windy.png │ │ │ │ │ ├── module_list_icon │ │ │ │ │ ├── c_icon_CMS.png │ │ │ │ │ ├── c_icon_backup.png │ │ │ │ │ ├── c_icon_business.png │ │ │ │ │ ├── c_icon_community.png │ │ │ │ │ ├── c_icon_connect.png │ │ │ │ │ ├── c_icon_contact.png │ │ │ │ │ ├── c_icon_directory_service.png │ │ │ │ │ ├── c_icon_dsm_apps.png │ │ │ │ │ ├── c_icon_expansion.png │ │ │ │ │ ├── c_icon_external_devices.png │ │ │ │ │ ├── c_icon_file_services.png │ │ │ │ │ ├── c_icon_general.png │ │ │ │ │ ├── c_icon_groups.png │ │ │ │ │ ├── c_icon_hardware_and_power.png │ │ │ │ │ ├── c_icon_hdd_management.png │ │ │ │ │ ├── c_icon_hot_spare.png │ │ │ │ │ ├── c_icon_info_center.png │ │ │ │ │ ├── c_icon_installed.png │ │ │ │ │ ├── c_icon_iscsi_lun.png │ │ │ │ │ ├── c_icon_iscsi_target.png │ │ │ │ │ ├── c_icon_login_style.png │ │ │ │ │ ├── c_icon_media_library.png │ │ │ │ │ ├── c_icon_network.png │ │ │ │ │ ├── c_icon_networkmap.png │ │ │ │ │ ├── c_icon_notifications.png │ │ │ │ │ ├── c_icon_overview.png │ │ │ │ │ ├── c_icon_performance.png │ │ │ │ │ ├── c_icon_portal.png │ │ │ │ │ ├── c_icon_privilege.png │ │ │ │ │ ├── c_icon_process.png │ │ │ │ │ ├── c_icon_public_access.png │ │ │ │ │ ├── c_icon_purchases.png │ │ │ │ │ ├── c_icon_quickconnect.png │ │ │ │ │ ├── c_icon_raid_group.png │ │ │ │ │ ├── c_icon_recommend.png │ │ │ │ │ ├── c_icon_region.png │ │ │ │ │ ├── c_icon_security.png │ │ │ │ │ ├── c_icon_shared_folders.png │ │ │ │ │ ├── c_icon_speed.png │ │ │ │ │ ├── c_icon_ssd_cache.png │ │ │ │ │ ├── c_icon_syslog.png │ │ │ │ │ ├── c_icon_task_scheduler.png │ │ │ │ │ ├── c_icon_terminal_and_SNMP.png │ │ │ │ │ ├── c_icon_update_and_reset.png │ │ │ │ │ ├── c_icon_users.png │ │ │ │ │ ├── c_icon_utilities.png │ │ │ │ │ ├── c_icon_volume.png │ │ │ │ │ ├── c_icon_web_server.png │ │ │ │ │ └── c_icon_wireless.png │ │ │ │ │ ├── rt_button.png │ │ │ │ │ ├── shadow_footbar.png │ │ │ │ │ ├── taskbar │ │ │ │ │ ├── more_apps.png │ │ │ │ │ ├── showdesktop.png │ │ │ │ │ ├── taskbar_bg.png │ │ │ │ │ ├── taskbar_bt.png │ │ │ │ │ ├── taskbar_bt_apps.png │ │ │ │ │ ├── taskbar_bt_widgets_shadow.png │ │ │ │ │ ├── taskbar_shadow.png │ │ │ │ │ ├── taskbar_split.png │ │ │ │ │ ├── tray_icon_notification.png │ │ │ │ │ ├── tray_icon_pilot_view.png │ │ │ │ │ ├── tray_icon_search.png │ │ │ │ │ ├── tray_icon_user_menu.png │ │ │ │ │ ├── tray_icon_widget.png │ │ │ │ │ ├── user_menu_about.png │ │ │ │ │ ├── user_menu_logout.png │ │ │ │ │ ├── user_menu_options.png │ │ │ │ │ ├── user_menu_restart.png │ │ │ │ │ └── user_menu_shutdown.png │ │ │ │ │ ├── widget_window │ │ │ │ │ └── widget_rt_button.png │ │ │ │ │ └── wizard_bkg_h.png │ │ │ │ └── scrollbar │ │ │ │ ├── scrollbar_black_h.png │ │ │ │ ├── scrollbar_black_v.png │ │ │ │ ├── scrollbar_white_h.png │ │ │ │ └── scrollbar_white_v.png │ │ │ └── js │ │ │ └── misc.js │ ├── soc_idh.yaml │ ├── sostatus.sls │ └── tools │ │ └── sbin │ │ ├── so-idh-restart │ │ ├── so-idh-start │ │ └── so-idh-stop ├── idstools │ ├── config.sls │ ├── defaults.yaml │ ├── disabled.sls │ ├── enabled.sls │ ├── etc │ │ ├── disable.conf │ │ ├── enable.conf │ │ ├── modify.conf │ │ └── rulecat.conf │ ├── init.sls │ ├── map.jinja │ ├── rules │ │ ├── extraction.rules │ │ ├── filters.rules │ │ └── local.rules │ ├── soc_idstools.yaml │ ├── sostatus.sls │ ├── sync_files.sls │ └── tools │ │ ├── sbin │ │ ├── so-idstools-restart │ │ ├── so-idstools-start │ │ └── so-idstools-stop │ │ └── sbin_jinja │ │ └── so-rule-update ├── influxdb │ ├── buckets.json.jinja │ ├── config.sls │ ├── config.yaml.jinja │ ├── curl.config.jinja │ ├── defaults.yaml │ ├── disabled.sls │ ├── enabled.sls │ ├── init.sls │ ├── map.jinja │ ├── metrics_link.txt │ ├── soc_influxdb.yaml │ ├── sostatus.sls │ ├── templates │ │ ├── alarm_deadman.json │ │ ├── alarm_high_redis_memory_usage.json │ │ ├── alarm_logstash_eps.json │ │ ├── alarm_low_monitor_traffic.json │ │ ├── alarm_nsm_disk.json │ │ ├── alarm_pcap_retention.json │ │ ├── alarm_root_disk.json │ │ ├── alarm_steno_packet_loss.json │ │ ├── alarm_suricata_packet_loss.json │ │ ├── alarm_zeek_packet_loss.json │ │ ├── dashboard-security_onion_performance.json │ │ ├── downsample.json │ │ ├── variable-container.json │ │ ├── variable-host.json │ │ └── variable-role.json │ └── tools │ │ └── sbin │ │ ├── so-influxdb-manage │ │ ├── so-influxdb-restart │ │ ├── so-influxdb-start │ │ └── so-influxdb-stop ├── kafka │ ├── ca.sls │ ├── config.map.jinja │ ├── config.sls │ ├── defaults.yaml │ ├── disabled.sls │ ├── enabled.sls │ ├── etc │ │ ├── client.properties.jinja │ │ ├── jaas.conf.jinja │ │ ├── log4j.properties │ │ └── server.properties.jinja │ ├── files │ │ └── managed_node_pillar.jinja │ ├── init.sls │ ├── map.jinja │ ├── nodes.map.jinja │ ├── nodes.sls │ ├── reset.sls │ ├── soc_kafka.yaml │ ├── sostatus.sls │ ├── ssl.sls │ ├── storage.sls │ └── tools │ │ ├── sbin │ │ ├── so-kafka-cli │ │ └── so-kafka-config-update │ │ └── sbin_jinja │ │ └── so-kafka-trust ├── kibana │ ├── config.sls │ ├── custom │ │ └── PUT YOU CUSTOM DASHBOARDS HERE │ ├── defaults.yaml │ ├── disabled.sls │ ├── enabled.sls │ ├── etc │ │ └── kibana.yml.jinja │ ├── files │ │ ├── config_saved_objects.ndjson.jinja │ │ ├── curl.config.template │ │ ├── hl.ndjson │ │ ├── live_query_fixup.sh │ │ ├── saved_objects.ndjson │ │ └── securitySolution_saved_objects.ndjson │ ├── init.sls │ ├── map.jinja │ ├── secrets.sls │ ├── so_config_load.sls │ ├── so_dashboard_load.sls │ ├── so_savedobjects_defaults.sls │ ├── so_securitySolution_load.sls │ ├── soc_kibana.yaml │ ├── sostatus.sls │ └── tools │ │ ├── sbin │ │ ├── so-kibana-api-check │ │ ├── so-kibana-restart │ │ ├── so-kibana-savedobjects-defaults │ │ ├── so-kibana-start │ │ └── so-kibana-stop │ │ └── sbin_jinja │ │ ├── so-kibana-config-export │ │ ├── so-kibana-config-load │ │ └── so-kibana-space-defaults ├── kratos │ ├── config.sls │ ├── defaults.yaml │ ├── disabled.sls │ ├── enabled.sls │ ├── files │ │ ├── kratos.yaml.jinja │ │ ├── oidc.jsonnet │ │ └── schema.json │ ├── init.sls │ ├── map.jinja │ ├── soc_kratos.yaml │ └── sostatus.sls ├── libvirt │ ├── 64962 │ │ ├── init.sls │ │ └── scripts │ │ │ └── so-fix-salt-ldap.py │ ├── bridge.sls │ ├── defaults.yaml │ ├── etc │ │ ├── libvirtd.conf │ │ └── libvirtd.conf.jinja │ ├── images │ │ ├── init.sls │ │ └── sool9 │ │ │ └── README │ ├── init.sls │ ├── map.jinja │ ├── packages.sls │ ├── source-packages │ │ └── libvirt-python │ │ │ └── libvirt_python-10.6.0-cp310-cp310-linux_x86_64.whl │ └── ssh │ │ ├── files │ │ └── config │ │ └── users.sls ├── logrotate │ ├── defaults.yaml │ ├── etc │ │ └── rotate.conf.jinja │ ├── init.sls │ ├── map.jinja │ ├── soc_logrotate.yaml │ └── tools │ │ └── sbin │ │ └── common-rotate ├── logstash │ ├── config.sls │ ├── defaults.yaml │ ├── disabled.sls │ ├── download.sls │ ├── enabled.sls │ ├── etc │ │ ├── certs │ │ │ └── Put.Your.Certs.Here.txt │ │ ├── jvm.options │ │ ├── log4j2.properties │ │ ├── logstash.yml │ │ └── pipelines.yml.jinja │ ├── init.sls │ ├── map.jinja │ ├── pipelines │ │ └── config │ │ │ ├── custom │ │ │ └── place_custom_config_in_local │ │ │ └── so │ │ │ ├── 0011_input_endgame.conf │ │ │ ├── 0012_input_elastic_agent.conf.jinja │ │ │ ├── 0013_input_lumberjack_fleet.conf │ │ │ ├── 0800_input_kafka.conf.jinja │ │ │ ├── 0900_input_redis.conf.jinja │ │ │ ├── 9805_output_elastic_agent.conf.jinja │ │ │ ├── 9806_output_lumberjack_fleet.conf.jinja │ │ │ ├── 9900_output_endgame.conf.jinja │ │ │ └── 9999_output_redis.conf.jinja │ ├── soc_logstash.yaml │ ├── sostatus.sls │ └── tools │ │ └── sbin │ │ ├── so-logstash-events │ │ ├── so-logstash-flow-stats │ │ ├── so-logstash-health │ │ ├── so-logstash-jvm-stats │ │ ├── so-logstash-pipeline-stats │ │ ├── so-logstash-restart │ │ ├── so-logstash-start │ │ └── so-logstash-stop ├── manager │ ├── defaults.yaml │ ├── elasticsearch.sls │ ├── files │ │ ├── add_minion.sh │ │ ├── mirror.txt │ │ ├── repodownload.conf │ │ └── so-api.py │ ├── glue.py │ ├── hypervisor.sls │ ├── init.sls │ ├── kibana.sls │ ├── managed_soc_annotations.sls │ ├── map.jinja │ ├── soc_manager.yaml │ ├── sync_es_users.sls │ └── tools │ │ ├── sbin │ │ ├── so-allow │ │ ├── so-client │ │ ├── so-deny │ │ ├── so-docker-refresh │ │ ├── so-elastic-auth-password-reset │ │ ├── so-elasticagent-status │ │ ├── so-firewall │ │ ├── so-firewall-minion │ │ ├── so-minion │ │ ├── so-repo-sync │ │ ├── so-saltstack-update │ │ ├── so-user │ │ ├── so-yaml.py │ │ ├── so-yaml_test.py │ │ └── soup │ │ └── sbin_jinja │ │ ├── so-elastic-agent-monitor │ │ ├── so-elastic-fleet-reset │ │ └── so-salt-cloud ├── motd │ ├── files │ │ └── so_motd.jinja │ └── init.sls ├── nginx │ ├── config.sls │ ├── defaults.yaml │ ├── disabled.sls │ ├── enabled.sls │ ├── etc │ │ └── nginx.conf │ ├── files │ │ └── navigator_config.json │ ├── init.sls │ ├── map.jinja │ ├── soc_nginx.yaml │ ├── sostatus.sls │ ├── ssl │ │ ├── ssl.crt │ │ └── ssl.key │ └── tools │ │ └── sbin │ │ ├── so-nginx-restart │ │ ├── so-nginx-start │ │ └── so-nginx-stop ├── ntp │ ├── chrony.conf │ ├── config.map.jinja │ ├── defaults.yaml │ ├── init.sls │ └── soc_ntp.yaml ├── orch │ ├── container_download.sls │ ├── delete_hypervisor.sls │ ├── deploy_newnode.sls │ ├── dyanno_hypervisor.sls │ └── vm_pillar_clean.sls ├── patch │ ├── defaults.yaml │ ├── needs_restarting.sls │ ├── os │ │ ├── init.sls │ │ ├── schedule.sls │ │ └── schedules │ │ │ ├── example_schedule.yml │ │ │ └── map.jinja │ └── soc_patch.yaml ├── pcap │ ├── config.map.jinja │ ├── config.sls │ ├── defaults.yaml │ ├── disabled.sls │ ├── enabled.sls │ ├── files │ │ └── config.jinja │ ├── init.sls │ ├── soc_pcap.yaml │ ├── sostatus.sls │ └── tools │ │ └── sbin │ │ ├── so-pcap-export │ │ ├── so-pcap-restart │ │ ├── so-pcap-start │ │ └── so-pcap-stop ├── pipeline │ └── load.sls ├── podman │ ├── files │ │ ├── podman.service │ │ ├── podman.socket │ │ └── sobridge.conflist │ └── init.sls ├── reactor │ ├── check_hypervisor.sls │ ├── createEmptyPillar.sls │ ├── deleteKey.sls │ ├── sominion_setup.sls │ ├── vm_status.sls │ └── zeek.sls ├── redis │ ├── config.sls │ ├── defaults.yaml │ ├── disabled.sls │ ├── enabled.sls │ ├── etc │ │ └── redis.conf.jinja │ ├── init.sls │ ├── map.jinja │ ├── soc_redis.yaml │ ├── sostatus.sls │ └── tools │ │ ├── sbin │ │ ├── so-redis-restart │ │ ├── so-redis-start │ │ └── so-redis-stop │ │ └── sbin_jinja │ │ └── so-redis-count ├── registry │ ├── config.sls │ ├── defaults.yaml │ ├── disabled.sls │ ├── enabled.sls │ ├── etc │ │ └── config.yml │ ├── init.sls │ ├── map.jinja │ ├── soc_registry.yaml │ └── sostatus.sls ├── repo │ └── client │ │ ├── files │ │ └── oracle │ │ │ ├── keys │ │ │ ├── MariaDB-Server-GPG-KEY │ │ │ ├── RPM-GPG-KEY-EPEL-9 │ │ │ ├── RPM-GPG-KEY-oracle │ │ │ ├── SALT-PROJECT-GPG-PUBKEY-2023.pub │ │ │ ├── docker.pub │ │ │ └── securityonion.pub │ │ │ └── yum.conf.jinja │ │ ├── init.sls │ │ ├── map.jinja │ │ └── oracle.sls ├── salt │ ├── beacons.sls │ ├── cloud │ │ ├── cloud.profiles.d │ │ │ └── socloud.conf.jinja │ │ ├── cloud.providers.d │ │ │ └── libvirt.conf.jinja │ │ ├── config.sls │ │ ├── init.sls │ │ └── reactor_config_hypervisor.sls │ ├── engines │ │ └── master │ │ │ ├── checkmine.py │ │ │ ├── pillarWatch.py │ │ │ ├── virtual_node_manager.py │ │ │ └── virtual_power_manager.py │ ├── files │ │ ├── beacons.conf.jinja │ │ ├── engines.conf │ │ └── vrt_engine.conf │ ├── init.sls │ ├── lasthighstate.sls │ ├── map.jinja │ ├── master.defaults.yaml │ ├── master.sls │ ├── master │ │ └── mine_update_highstate.sls │ ├── mine_functions.sls │ ├── minion-check.sls │ ├── minion-state-apply-test.sls │ ├── minion.defaults.yaml │ ├── minion │ │ ├── init.sls │ │ └── service_file.sls │ ├── module_packages │ │ └── docker │ │ │ ├── certifi-2024.7.4-py3-none-any.whl │ │ │ ├── charset_normalizer-3.3.2-cp310-cp310-manylinux_2_17_x86_64.manylinux2014_x86_64.whl │ │ │ ├── docker-7.1.0-py3-none-any.whl │ │ │ ├── idna-3.8-py3-none-any.whl │ │ │ ├── requests-2.32.3-py3-none-any.whl │ │ │ └── urllib3-2.2.2-py3-none-any.whl │ ├── patch │ │ └── x509_v2 │ │ │ └── init.sls │ ├── python_modules.sls │ ├── scripts │ │ ├── bootstrap-salt.sh │ │ └── fixLibvirt.py │ └── service │ │ └── salt-minion.service.jinja ├── schedule.sls ├── sensor │ ├── defaults.yaml │ ├── files │ │ └── 99-so-checksum-offload-disable │ ├── init.sls │ ├── map.jinja │ ├── soc_sensor.yaml │ ├── tools │ │ └── sbin_jinja │ │ │ └── so-combine-bond │ └── vm │ │ └── network.sls ├── sensoroni │ ├── config.sls │ ├── defaults.yaml │ ├── disabled.sls │ ├── enabled.sls │ ├── files │ │ ├── analyzers │ │ │ ├── README.md │ │ │ ├── build.sh │ │ │ ├── elasticsearch │ │ │ │ ├── README.md │ │ │ │ ├── elasticsearch.json │ │ │ │ ├── elasticsearch.py │ │ │ │ ├── elasticsearch.yaml │ │ │ │ ├── elasticsearch_test.py │ │ │ │ ├── requirements.txt │ │ │ │ └── source-packages │ │ │ │ │ ├── PyYAML-6.0.2-cp313-cp313-manylinux_2_17_x86_64.manylinux2014_x86_64.whl │ │ │ │ │ ├── certifi-2025.8.3-py3-none-any.whl │ │ │ │ │ ├── charset_normalizer-3.4.3-cp313-cp313-manylinux2014_x86_64.manylinux_2_17_x86_64.manylinux_2_28_x86_64.whl │ │ │ │ │ ├── idna-3.10-py3-none-any.whl │ │ │ │ │ ├── requests-2.32.5-py3-none-any.whl │ │ │ │ │ └── urllib3-2.5.0-py3-none-any.whl │ │ │ ├── emailrep │ │ │ │ ├── README.md │ │ │ │ ├── __init__.py │ │ │ │ ├── emailrep.json │ │ │ │ ├── emailrep.py │ │ │ │ ├── emailrep.yaml │ │ │ │ ├── emailrep_test.py │ │ │ │ ├── requirements.txt │ │ │ │ └── source-packages │ │ │ │ │ ├── PyYAML-6.0.2-cp313-cp313-manylinux_2_17_x86_64.manylinux2014_x86_64.whl │ │ │ │ │ ├── certifi-2025.8.3-py3-none-any.whl │ │ │ │ │ ├── charset_normalizer-3.4.3-cp313-cp313-manylinux2014_x86_64.manylinux_2_17_x86_64.manylinux_2_28_x86_64.whl │ │ │ │ │ ├── idna-3.10-py3-none-any.whl │ │ │ │ │ ├── requests-2.32.5-py3-none-any.whl │ │ │ │ │ └── urllib3-2.5.0-py3-none-any.whl │ │ │ ├── greynoise │ │ │ │ ├── README.md │ │ │ │ ├── __init__.py │ │ │ │ ├── greynoise.json │ │ │ │ ├── greynoise.py │ │ │ │ ├── greynoise.yaml │ │ │ │ ├── greynoise_test.py │ │ │ │ ├── requirements.txt │ │ │ │ └── source-packages │ │ │ │ │ ├── PyYAML-6.0.2-cp313-cp313-manylinux_2_17_x86_64.manylinux2014_x86_64.whl │ │ │ │ │ ├── certifi-2025.8.3-py3-none-any.whl │ │ │ │ │ ├── charset_normalizer-3.4.3-cp313-cp313-manylinux2014_x86_64.manylinux_2_17_x86_64.manylinux_2_28_x86_64.whl │ │ │ │ │ ├── idna-3.10-py3-none-any.whl │ │ │ │ │ ├── requests-2.32.5-py3-none-any.whl │ │ │ │ │ └── urllib3-2.5.0-py3-none-any.whl │ │ │ ├── helpers.py │ │ │ ├── helpers_test.py │ │ │ ├── localfile │ │ │ │ ├── README.md │ │ │ │ ├── __init__.py │ │ │ │ ├── localfile.json │ │ │ │ ├── localfile.py │ │ │ │ ├── localfile.yaml │ │ │ │ ├── localfile_test.csv │ │ │ │ ├── localfile_test.py │ │ │ │ ├── requirements.txt │ │ │ │ └── source-packages │ │ │ │ │ ├── PyYAML-6.0.2-cp313-cp313-manylinux_2_17_x86_64.manylinux2014_x86_64.whl │ │ │ │ │ ├── certifi-2025.8.3-py3-none-any.whl │ │ │ │ │ ├── charset_normalizer-3.4.3-cp313-cp313-manylinux2014_x86_64.manylinux_2_17_x86_64.manylinux_2_28_x86_64.whl │ │ │ │ │ ├── idna-3.10-py3-none-any.whl │ │ │ │ │ ├── requests-2.32.5-py3-none-any.whl │ │ │ │ │ └── urllib3-2.5.0-py3-none-any.whl │ │ │ ├── malwarebazaar │ │ │ │ ├── README.md │ │ │ │ ├── __init__.py │ │ │ │ ├── malwarebazaar.json │ │ │ │ ├── malwarebazaar.py │ │ │ │ ├── malwarebazaar.yaml │ │ │ │ ├── malwarebazaar_test.py │ │ │ │ ├── requirements.txt │ │ │ │ └── source-packages │ │ │ │ │ ├── PyYAML-6.0.2-cp313-cp313-manylinux_2_17_x86_64.manylinux2014_x86_64.whl │ │ │ │ │ ├── certifi-2025.8.3-py3-none-any.whl │ │ │ │ │ ├── charset_normalizer-3.4.3-cp313-cp313-manylinux2014_x86_64.manylinux_2_17_x86_64.manylinux_2_28_x86_64.whl │ │ │ │ │ ├── idna-3.10-py3-none-any.whl │ │ │ │ │ ├── requests-2.32.5-py3-none-any.whl │ │ │ │ │ └── urllib3-2.5.0-py3-none-any.whl │ │ │ ├── malwarehashregistry │ │ │ │ ├── README.md │ │ │ │ ├── __init__.py │ │ │ │ ├── malwarehashregistry.json │ │ │ │ ├── malwarehashregistry.py │ │ │ │ ├── malwarehashregistry_test.py │ │ │ │ ├── requirements.txt │ │ │ │ └── source-packages │ │ │ │ │ ├── certifi-2025.8.3-py3-none-any.whl │ │ │ │ │ ├── charset_normalizer-3.4.3-cp313-cp313-manylinux2014_x86_64.manylinux_2_17_x86_64.manylinux_2_28_x86_64.whl │ │ │ │ │ ├── idna-3.10-py3-none-any.whl │ │ │ │ │ ├── python_dateutil-2.9.0.post0-py2.py3-none-any.whl │ │ │ │ │ ├── python_whois-0.9.5-py3-none-any.whl │ │ │ │ │ ├── requests-2.32.5-py3-none-any.whl │ │ │ │ │ ├── six-1.17.0-py2.py3-none-any.whl │ │ │ │ │ └── urllib3-2.5.0-py3-none-any.whl │ │ │ ├── otx │ │ │ │ ├── README.md │ │ │ │ ├── __init__.py │ │ │ │ ├── otx.json │ │ │ │ ├── otx.py │ │ │ │ ├── otx.yaml │ │ │ │ ├── otx_test.py │ │ │ │ ├── requirements.txt │ │ │ │ └── source-packages │ │ │ │ │ ├── PyYAML-6.0.2-cp313-cp313-manylinux_2_17_x86_64.manylinux2014_x86_64.whl │ │ │ │ │ ├── certifi-2025.8.3-py3-none-any.whl │ │ │ │ │ ├── charset_normalizer-3.4.3-cp313-cp313-manylinux2014_x86_64.manylinux_2_17_x86_64.manylinux_2_28_x86_64.whl │ │ │ │ │ ├── idna-3.10-py3-none-any.whl │ │ │ │ │ ├── requests-2.32.5-py3-none-any.whl │ │ │ │ │ └── urllib3-2.5.0-py3-none-any.whl │ │ │ ├── pulsedive │ │ │ │ ├── README.md │ │ │ │ ├── __init__.py │ │ │ │ ├── pulsedive.json │ │ │ │ ├── pulsedive.py │ │ │ │ ├── pulsedive.yaml │ │ │ │ ├── pulsedive_test.py │ │ │ │ ├── requirements.txt │ │ │ │ └── source-packages │ │ │ │ │ ├── PyYAML-6.0.2-cp313-cp313-manylinux_2_17_x86_64.manylinux2014_x86_64.whl │ │ │ │ │ ├── certifi-2025.8.3-py3-none-any.whl │ │ │ │ │ ├── charset_normalizer-3.4.3-cp313-cp313-manylinux2014_x86_64.manylinux_2_17_x86_64.manylinux_2_28_x86_64.whl │ │ │ │ │ ├── idna-3.10-py3-none-any.whl │ │ │ │ │ ├── requests-2.32.5-py3-none-any.whl │ │ │ │ │ └── urllib3-2.5.0-py3-none-any.whl │ │ │ ├── spamhaus │ │ │ │ ├── __init__.py │ │ │ │ ├── requirements.txt │ │ │ │ ├── source-packages │ │ │ │ │ ├── PyYAML-6.0.2-cp313-cp313-manylinux_2_17_x86_64.manylinux2014_x86_64.whl │ │ │ │ │ └── dnspython-2.7.0-py3-none-any.whl │ │ │ │ ├── spamhaus.json │ │ │ │ ├── spamhaus.py │ │ │ │ ├── spamhaus.yaml │ │ │ │ └── spamhaus_test.py │ │ │ ├── sublime │ │ │ │ ├── README.md │ │ │ │ ├── __init__.py │ │ │ │ ├── requirements.txt │ │ │ │ ├── source-packages │ │ │ │ │ ├── PyYAML-6.0.2-cp313-cp313-manylinux_2_17_x86_64.manylinux2014_x86_64.whl │ │ │ │ │ ├── certifi-2025.8.3-py3-none-any.whl │ │ │ │ │ ├── charset_normalizer-3.4.3-cp313-cp313-manylinux2014_x86_64.manylinux_2_17_x86_64.manylinux_2_28_x86_64.whl │ │ │ │ │ ├── idna-3.10-py3-none-any.whl │ │ │ │ │ ├── requests-2.32.5-py3-none-any.whl │ │ │ │ │ └── urllib3-2.5.0-py3-none-any.whl │ │ │ │ ├── sublime.json │ │ │ │ ├── sublime.py │ │ │ │ ├── sublime.yaml │ │ │ │ └── sublime_test.py │ │ │ ├── threatfox │ │ │ │ ├── README.md │ │ │ │ ├── requirements.txt │ │ │ │ ├── source-packages │ │ │ │ │ ├── PyYAML-6.0.2-cp313-cp313-manylinux_2_17_x86_64.manylinux2014_x86_64.whl │ │ │ │ │ ├── certifi-2025.8.3-py3-none-any.whl │ │ │ │ │ ├── charset_normalizer-3.4.3-cp313-cp313-manylinux2014_x86_64.manylinux_2_17_x86_64.manylinux_2_28_x86_64.whl │ │ │ │ │ ├── idna-3.10-py3-none-any.whl │ │ │ │ │ ├── requests-2.32.5-py3-none-any.whl │ │ │ │ │ └── urllib3-2.5.0-py3-none-any.whl │ │ │ │ ├── threatfox.json │ │ │ │ ├── threatfox.py │ │ │ │ ├── threatfox.yaml │ │ │ │ └── threatfox_test.py │ │ │ ├── urlhaus │ │ │ │ ├── __init__.py │ │ │ │ ├── requirements.txt │ │ │ │ ├── source-packages │ │ │ │ │ ├── PyYAML-6.0.2-cp313-cp313-manylinux_2_17_x86_64.manylinux2014_x86_64.whl │ │ │ │ │ ├── certifi-2025.8.3-py3-none-any.whl │ │ │ │ │ ├── charset_normalizer-3.4.3-cp313-cp313-manylinux2014_x86_64.manylinux_2_17_x86_64.manylinux_2_28_x86_64.whl │ │ │ │ │ ├── idna-3.10-py3-none-any.whl │ │ │ │ │ ├── requests-2.32.5-py3-none-any.whl │ │ │ │ │ └── urllib3-2.5.0-py3-none-any.whl │ │ │ │ ├── urlhaus.json │ │ │ │ ├── urlhaus.py │ │ │ │ ├── urlhaus.yaml │ │ │ │ └── urlhaus_test.py │ │ │ ├── urlscan │ │ │ │ ├── README.md │ │ │ │ ├── __init__.py │ │ │ │ ├── requirements.txt │ │ │ │ ├── source-packages │ │ │ │ │ ├── PyYAML-6.0.2-cp313-cp313-manylinux_2_17_x86_64.manylinux2014_x86_64.whl │ │ │ │ │ ├── certifi-2025.8.3-py3-none-any.whl │ │ │ │ │ ├── charset_normalizer-3.4.3-cp313-cp313-manylinux2014_x86_64.manylinux_2_17_x86_64.manylinux_2_28_x86_64.whl │ │ │ │ │ ├── idna-3.10-py3-none-any.whl │ │ │ │ │ ├── requests-2.32.5-py3-none-any.whl │ │ │ │ │ └── urllib3-2.5.0-py3-none-any.whl │ │ │ │ ├── urlscan.json │ │ │ │ ├── urlscan.py │ │ │ │ ├── urlscan.yaml │ │ │ │ └── urlscan_test.py │ │ │ ├── virustotal │ │ │ │ ├── README.md │ │ │ │ ├── __init__.py │ │ │ │ ├── requirements.txt │ │ │ │ ├── source-packages │ │ │ │ │ ├── PyYAML-6.0.2-cp313-cp313-manylinux_2_17_x86_64.manylinux2014_x86_64.whl │ │ │ │ │ ├── certifi-2025.8.3-py3-none-any.whl │ │ │ │ │ ├── charset_normalizer-3.4.3-cp313-cp313-manylinux2014_x86_64.manylinux_2_17_x86_64.manylinux_2_28_x86_64.whl │ │ │ │ │ ├── idna-3.10-py3-none-any.whl │ │ │ │ │ ├── requests-2.32.5-py3-none-any.whl │ │ │ │ │ └── urllib3-2.5.0-py3-none-any.whl │ │ │ │ ├── virustotal.json │ │ │ │ ├── virustotal.py │ │ │ │ ├── virustotal.yaml │ │ │ │ └── virustotal_test.py │ │ │ └── whoislookup │ │ │ │ ├── __init__.py │ │ │ │ ├── requirements.txt │ │ │ │ ├── source-packages │ │ │ │ ├── anyio-4.10.0-py3-none-any.whl │ │ │ │ ├── certifi-2025.8.3-py3-none-any.whl │ │ │ │ ├── charset_normalizer-3.4.3-cp313-cp313-manylinux2014_x86_64.manylinux_2_17_x86_64.manylinux_2_28_x86_64.whl │ │ │ │ ├── exceptiongroup-1.3.0-py3-none-any.whl │ │ │ │ ├── h11-0.16.0-py3-none-any.whl │ │ │ │ ├── httpcore-1.0.9-py3-none-any.whl │ │ │ │ ├── httpx-0.28.1-py3-none-any.whl │ │ │ │ ├── idna-3.10-py3-none-any.whl │ │ │ │ ├── python_dateutil-2.9.0.post0-py2.py3-none-any.whl │ │ │ │ ├── requests-2.32.5-py3-none-any.whl │ │ │ │ ├── six-1.17.0-py2.py3-none-any.whl │ │ │ │ ├── sniffio-1.3.1-py3-none-any.whl │ │ │ │ ├── typing_extensions-4.14.1-py3-none-any.whl │ │ │ │ ├── urllib3-2.5.0-py3-none-any.whl │ │ │ │ └── whoisit-3.1.1.tar.gz │ │ │ │ ├── whoislookup.json │ │ │ │ ├── whoislookup.py │ │ │ │ └── whoislookup_test.py │ │ ├── sensoroni.json │ │ └── templates │ │ │ └── reports │ │ │ ├── custom │ │ │ └── generic_report1.md │ │ │ └── standard │ │ │ ├── case_report.md │ │ │ └── productivity_report.md │ ├── init.sls │ ├── map.jinja │ ├── soc_sensoroni.yaml │ ├── sostatus.sls │ └── tools │ │ └── sbin │ │ ├── so-sensoroni-restart │ │ ├── so-sensoroni-start │ │ └── so-sensoroni-stop ├── setup │ └── virt │ │ ├── init.sls │ │ ├── setHostname.sls │ │ ├── setSalt.sls │ │ ├── soinstall.map.jinja │ │ └── sominion.sls ├── soc │ ├── config.sls │ ├── defaults.map.jinja │ ├── defaults.yaml │ ├── disabled.sls │ ├── dyanno │ │ └── hypervisor │ │ │ ├── hypervisor.yaml │ │ │ ├── init.sls │ │ │ ├── map.jinja │ │ │ ├── remove_failed_vm.sls │ │ │ ├── soc_hypervisor.yaml.jinja │ │ │ └── write_status.sls │ ├── enabled.sls │ ├── files │ │ ├── bin │ │ │ └── salt-relay.sh │ │ └── soc │ │ │ ├── analytics.js │ │ │ ├── banner.md │ │ │ ├── custom.js │ │ │ ├── custom_roles │ │ │ ├── detections_custom_repo_template_readme.jinja │ │ │ ├── motd.md │ │ │ ├── sigma_final_pipeline.yaml │ │ │ ├── sigma_so_pipeline.yaml │ │ │ ├── so-detections-backup.py │ │ │ ├── so-detections-backup_test.py │ │ │ └── soc.json.jinja │ ├── init.sls │ ├── merged.map.jinja │ ├── soc_soc.yaml │ ├── sostatus.sls │ └── tools │ │ └── sbin │ │ ├── so-detections-runtime-status │ │ ├── so-soc-restart │ │ ├── so-soc-start │ │ └── so-soc-stop ├── ssl │ ├── init.sls │ └── remove.sls ├── stig │ ├── defaults.yaml │ ├── disabled.sls │ ├── enabled.sls │ ├── files │ │ └── sos-oscap.xml │ ├── init.sls │ ├── map.jinja │ ├── schedule.sls │ └── soc_stig.yaml ├── storage │ ├── init.sls │ ├── nsm_mount_nvme.sls │ ├── nsm_mount_virtio.sls │ └── tools │ │ └── sbin │ │ ├── so-nsm-cleanup │ │ ├── so-nsm-mount-nvme │ │ └── so-nsm-mount-virtio ├── strelka │ ├── backend │ │ ├── config.sls │ │ ├── disabled.sls │ │ ├── enabled.sls │ │ ├── files │ │ │ ├── backend.yaml.jinja │ │ │ ├── logging.yaml.jinja │ │ │ ├── passwords.dat.jinja │ │ │ └── taste │ │ │ │ └── taste.yara │ │ ├── init.sls │ │ └── sostatus.sls │ ├── compile_yara │ │ └── compile_yara.py │ ├── config.sls │ ├── coordinator │ │ ├── config.sls │ │ ├── disabled.sls │ │ ├── enabled.sls │ │ ├── init.sls │ │ └── sostatus.sls │ ├── defaults.yaml │ ├── filecheck │ │ ├── filecheck │ │ └── filecheck.yaml.jinja │ ├── filestream │ │ ├── config.sls │ │ ├── disabled.sls │ │ ├── enabled.sls │ │ ├── files │ │ │ └── filestream.yaml.jinja │ │ ├── init.sls │ │ └── sostatus.sls │ ├── frontend │ │ ├── config.sls │ │ ├── disabled.sls │ │ ├── enabled.sls │ │ ├── files │ │ │ └── frontend.yaml.jinja │ │ ├── init.sls │ │ └── sostatus.sls │ ├── gatekeeper │ │ ├── config.sls │ │ ├── disabled.sls │ │ ├── enabled.sls │ │ ├── init.sls │ │ └── sostatus.sls │ ├── init.sls │ ├── manager.sls │ ├── manager │ │ ├── config.sls │ │ ├── disabled.sls │ │ ├── enabled.sls │ │ ├── files │ │ │ └── manager.yaml.jinja │ │ ├── init.sls │ │ └── sostatus.sls │ ├── map.jinja │ ├── rules │ │ └── compiled │ │ │ └── DO.NOT.TOUCH │ ├── soc_strelka.yaml │ └── tools │ │ └── sbin │ │ ├── so-strelka-restart │ │ ├── so-strelka-start │ │ └── so-strelka-stop ├── suricata │ ├── classification │ │ └── classification.config │ ├── config.sls │ ├── cron │ │ ├── so-suricata-eve-clean │ │ └── surilogcompress │ ├── defaults.yaml │ ├── disabled.sls │ ├── enabled.sls │ ├── files │ │ ├── suricata.yaml.jinja │ │ └── threshold.conf.jinja │ ├── init.sls │ ├── manager.sls │ ├── map.jinja │ ├── pcap.sls │ ├── soc_suricata.yaml │ ├── sostatus.sls │ ├── suricata_mdengine.yaml │ ├── thresholding │ │ └── sids.yaml │ └── tools │ │ ├── sbin │ │ ├── so-suricata-reload-rules │ │ ├── so-suricata-restart │ │ ├── so-suricata-start │ │ └── so-suricata-stop │ │ └── sbin_jinja │ │ └── so-suricata-testrule ├── systemd │ └── reload.sls ├── tcpreplay │ └── init.sls ├── telegraf │ ├── config.sls │ ├── defaults.yaml │ ├── disabled.sls │ ├── enabled.sls │ ├── etc │ │ └── telegraf.conf │ ├── init.sls │ ├── map.jinja │ ├── node_config.json.jinja │ ├── scripts │ │ ├── agentstatus.sh │ │ ├── checkfiles.sh │ │ ├── eps.sh │ │ ├── esindexsize.sh │ │ ├── features.sh │ │ ├── influxdbsize.sh │ │ ├── lasthighstate.sh │ │ ├── oldpcap.sh │ │ ├── os.sh │ │ ├── raid.sh │ │ ├── redis.sh │ │ ├── sostatus.sh │ │ ├── stenoloss.sh │ │ ├── suriloss.sh │ │ ├── zeekcaptureloss.sh │ │ └── zeekloss.sh │ ├── soc_telegraf.yaml │ ├── sostatus.sls │ └── tools │ │ └── sbin │ │ ├── so-telegraf-restart │ │ ├── so-telegraf-start │ │ └── so-telegraf-stop ├── top.sls ├── utility │ ├── bin │ │ └── eval │ └── init.sls ├── vars │ ├── desktop.map.jinja │ ├── elasticsearch.map.jinja │ ├── eval.map.jinja │ ├── fleet.map.jinja │ ├── globals.map.jinja │ ├── heavynode.map.jinja │ ├── hypervisor.map.jinja │ ├── idh.map.jinja │ ├── import.map.jinja │ ├── init.map.jinja │ ├── logstash.map.jinja │ ├── manager.map.jinja │ ├── managerhype.map.jinja │ ├── managersearch.map.jinja │ ├── receiver.map.jinja │ ├── searchnode.map.jinja │ ├── sensor.map.jinja │ └── standalone.map.jinja ├── versionlock │ ├── defaults.yaml │ ├── init.sls │ ├── map.jinja │ └── soc_versionlock.yaml ├── vm │ ├── defaults.yaml │ ├── map.jinja │ ├── soc_vm.yaml │ ├── status │ │ └── init.sls │ └── user │ │ └── init.sls └── zeek │ ├── config.map.jinja │ ├── config.sls │ ├── cron │ ├── packetloss.sh │ └── zeek_clean │ ├── defaults.yaml │ ├── disabled.sls │ ├── enabled.sls │ ├── files │ ├── config.zeek.ja4 │ ├── local.zeek.jinja │ ├── networks.cfg.jinja │ ├── node.cfg.jinja │ └── zeekctl.cfg.jinja │ ├── init.sls │ ├── policy │ ├── custom │ │ ├── README │ │ └── filters │ │ │ ├── conn │ │ │ ├── dns │ │ │ ├── files │ │ │ ├── httphost │ │ │ ├── httpuri │ │ │ ├── ssl │ │ │ └── tunnel │ ├── cve-2020-0601 │ │ ├── COPYING │ │ ├── __load__.zeek │ │ └── cve-2020-0601.zeek │ ├── intel │ │ ├── __load__.zeek │ │ └── intel.dat │ └── securityonion │ │ ├── add-interface-to-logs.bro │ │ ├── apt1 │ │ ├── __load__.zeek │ │ ├── apt1-certs.dat │ │ ├── apt1-fqdn.dat │ │ └── apt1-md5.dat │ │ ├── bpfconf.zeek │ │ ├── community-id-extended.zeek │ │ ├── communityid.zeek │ │ ├── conn-add-sensorname.bro │ │ ├── file-extraction │ │ ├── __load__.zeek │ │ └── extract.zeek │ │ └── json-logs │ │ └── __load__.bro │ ├── soc_zeek.yaml │ ├── sostatus.sls │ └── tools │ └── sbin │ ├── so-zeek-restart │ ├── so-zeek-start │ ├── so-zeek-stats │ └── so-zeek-stop ├── setup ├── files │ └── intel.dat ├── install_scripts │ └── 99-so-checksum-offload-disable ├── public_keys │ └── salt.pem ├── so-functions ├── so-preflight ├── so-setup ├── so-variables ├── so-verify └── so-whiptail ├── sigs ├── securityonion-2.4.10-20230815.iso.sig ├── securityonion-2.4.10-20230821.iso.sig ├── securityonion-2.4.100-20240829.iso.sig ├── securityonion-2.4.100-20240903.iso.sig ├── securityonion-2.4.110-20241004.iso.sig ├── securityonion-2.4.110-20241010.iso.sig ├── securityonion-2.4.111-20241217.iso.sig ├── securityonion-2.4.120-20250212.iso.sig ├── securityonion-2.4.130-20250311.iso.sig ├── securityonion-2.4.140-20250324.iso.sig ├── securityonion-2.4.141-20250331.iso.sig ├── securityonion-2.4.150-20250512.iso.sig ├── securityonion-2.4.150-20250522.iso.sig ├── securityonion-2.4.160-20250625.iso.sig ├── securityonion-2.4.170-20250812.iso.sig ├── securityonion-2.4.180-20250916.iso.sig ├── securityonion-2.4.190-20251024.iso.sig ├── securityonion-2.4.20-20231006.iso.sig ├── securityonion-2.4.20-20231012.iso.sig ├── securityonion-2.4.30-20231113.iso.sig ├── securityonion-2.4.30-20231117.iso.sig ├── securityonion-2.4.30-20231121.iso.sig ├── securityonion-2.4.30-20231204.iso.sig ├── securityonion-2.4.30-20231219.iso.sig ├── securityonion-2.4.30-20231228.iso.sig ├── securityonion-2.4.40-20240116.iso.sig ├── securityonion-2.4.5-20230807.iso.sig ├── securityonion-2.4.50-20240220.iso.sig ├── securityonion-2.4.60-20240320.iso.sig ├── securityonion-2.4.70-20240529.iso.sig ├── securityonion-2.4.80-20240624.iso.sig └── securityonion-2.4.90-20240729.iso.sig ├── so-desktop-install ├── so-setup-network └── tests └── validation.sh /.github/.gitleaks.toml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/.github/.gitleaks.toml -------------------------------------------------------------------------------- /.github/DISCUSSION_TEMPLATE/2-4.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/.github/DISCUSSION_TEMPLATE/2-4.yml -------------------------------------------------------------------------------- /.github/ISSUE_TEMPLATE/bug_report.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/.github/ISSUE_TEMPLATE/bug_report.md -------------------------------------------------------------------------------- /.github/ISSUE_TEMPLATE/config.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/.github/ISSUE_TEMPLATE/config.yml -------------------------------------------------------------------------------- /.github/workflows/close-threads.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/.github/workflows/close-threads.yml -------------------------------------------------------------------------------- /.github/workflows/contrib.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/.github/workflows/contrib.yml -------------------------------------------------------------------------------- /.github/workflows/leaktest.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/.github/workflows/leaktest.yml -------------------------------------------------------------------------------- /.github/workflows/lock-threads.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/.github/workflows/lock-threads.yml -------------------------------------------------------------------------------- /.github/workflows/pythontest.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/.github/workflows/pythontest.yml -------------------------------------------------------------------------------- /.gitignore: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/.gitignore -------------------------------------------------------------------------------- /CONTRIBUTING.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/CONTRIBUTING.md -------------------------------------------------------------------------------- /DOWNLOAD_AND_VERIFY_ISO.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/DOWNLOAD_AND_VERIFY_ISO.md -------------------------------------------------------------------------------- /HOTFIX: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /KEYS: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/KEYS -------------------------------------------------------------------------------- /LICENSE: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/LICENSE -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/README.md -------------------------------------------------------------------------------- /SECURITY.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/SECURITY.md -------------------------------------------------------------------------------- /VERSION: -------------------------------------------------------------------------------- 1 | 2.4.190 2 | -------------------------------------------------------------------------------- /assets/images/screenshots/alerts.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/assets/images/screenshots/alerts.png -------------------------------------------------------------------------------- /assets/images/screenshots/cases-comments.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/assets/images/screenshots/cases-comments.png -------------------------------------------------------------------------------- /assets/images/screenshots/dashboards.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/assets/images/screenshots/dashboards.png -------------------------------------------------------------------------------- /assets/images/screenshots/hunt.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/assets/images/screenshots/hunt.png -------------------------------------------------------------------------------- /assets/images/verified-commit-1.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/assets/images/verified-commit-1.png -------------------------------------------------------------------------------- /files/firewall/ports/ports.local.yaml: -------------------------------------------------------------------------------- 1 | firewall: 2 | ports: 3 | -------------------------------------------------------------------------------- /files/salt/master/master: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/files/salt/master/master -------------------------------------------------------------------------------- /files/salt/master/salt-master.service: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/files/salt/master/salt-master.service -------------------------------------------------------------------------------- /pillar/data/addtotab.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/pillar/data/addtotab.sh -------------------------------------------------------------------------------- /pillar/elasticsearch/eval.sls: -------------------------------------------------------------------------------- 1 | elasticsearch: 2 | templates: 3 | -------------------------------------------------------------------------------- /pillar/elasticsearch/index_templates.sls: -------------------------------------------------------------------------------- 1 | elasticsearch: 2 | index_settings: 3 | -------------------------------------------------------------------------------- /pillar/elasticsearch/manager.sls: -------------------------------------------------------------------------------- 1 | elasticsearch: 2 | templates: 3 | -------------------------------------------------------------------------------- /pillar/elasticsearch/nodes.sls: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/pillar/elasticsearch/nodes.sls -------------------------------------------------------------------------------- /pillar/elasticsearch/search.sls: -------------------------------------------------------------------------------- 1 | elasticsearch: 2 | templates: 3 | -------------------------------------------------------------------------------- /pillar/firewall/addfirewall.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/pillar/firewall/addfirewall.sh -------------------------------------------------------------------------------- /pillar/healthcheck/eval.sls: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/pillar/healthcheck/eval.sls -------------------------------------------------------------------------------- /pillar/healthcheck/sensor.sls: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/pillar/healthcheck/sensor.sls -------------------------------------------------------------------------------- /pillar/healthcheck/standalone.sls: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/pillar/healthcheck/standalone.sls -------------------------------------------------------------------------------- /pillar/hypervisor/nodes.sls: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/pillar/hypervisor/nodes.sls -------------------------------------------------------------------------------- /pillar/kafka/nodes.sls: -------------------------------------------------------------------------------- 1 | kafka: 2 | nodes: -------------------------------------------------------------------------------- /pillar/logstash/init.sls: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/pillar/logstash/init.sls -------------------------------------------------------------------------------- /pillar/logstash/nodes.sls: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/pillar/logstash/nodes.sls -------------------------------------------------------------------------------- /pillar/node_data/ips.sls: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/pillar/node_data/ips.sls -------------------------------------------------------------------------------- /pillar/patch/needs_restarting.sls: -------------------------------------------------------------------------------- 1 | mine_functions: 2 | needs_restarting.check: [] 3 | -------------------------------------------------------------------------------- /pillar/redis/nodes.sls: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/pillar/redis/nodes.sls -------------------------------------------------------------------------------- /pillar/soc/license.sls: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/pillar/soc/license.sls -------------------------------------------------------------------------------- /pillar/top.sls: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/pillar/top.sls -------------------------------------------------------------------------------- /pillar/zeek/init.sls: -------------------------------------------------------------------------------- 1 | zeek: 2 | -------------------------------------------------------------------------------- /pyci.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/pyci.sh -------------------------------------------------------------------------------- /pytest.ini: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/pytest.ini -------------------------------------------------------------------------------- /salt/_beacons/zeek.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/_beacons/zeek.py -------------------------------------------------------------------------------- /salt/_modules/healthcheck.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/_modules/healthcheck.py -------------------------------------------------------------------------------- /salt/_modules/hypervisor.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/_modules/hypervisor.py -------------------------------------------------------------------------------- /salt/_modules/needs_restarting.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/_modules/needs_restarting.py -------------------------------------------------------------------------------- /salt/_modules/qcow2.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/_modules/qcow2.py -------------------------------------------------------------------------------- /salt/_modules/so.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/_modules/so.py -------------------------------------------------------------------------------- /salt/_modules/telegraf.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/_modules/telegraf.py -------------------------------------------------------------------------------- /salt/_modules/zeekctl.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/_modules/zeekctl.py -------------------------------------------------------------------------------- /salt/_runners/setup_hypervisor.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/_runners/setup_hypervisor.py -------------------------------------------------------------------------------- /salt/allowed_states.map.jinja: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/allowed_states.map.jinja -------------------------------------------------------------------------------- /salt/backup/config_backup.sls: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/backup/config_backup.sls -------------------------------------------------------------------------------- /salt/backup/defaults.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/backup/defaults.yaml -------------------------------------------------------------------------------- /salt/backup/map.jinja: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/backup/map.jinja -------------------------------------------------------------------------------- /salt/backup/soc_backup.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/backup/soc_backup.yaml -------------------------------------------------------------------------------- /salt/bpf/defaults.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/bpf/defaults.yaml -------------------------------------------------------------------------------- /salt/bpf/macros.jinja: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/bpf/macros.jinja -------------------------------------------------------------------------------- /salt/bpf/pcap.map.jinja: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/bpf/pcap.map.jinja -------------------------------------------------------------------------------- /salt/bpf/soc_bpf.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/bpf/soc_bpf.yaml -------------------------------------------------------------------------------- /salt/bpf/suricata.map.jinja: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/bpf/suricata.map.jinja -------------------------------------------------------------------------------- /salt/bpf/zeek.map.jinja: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/bpf/zeek.map.jinja -------------------------------------------------------------------------------- /salt/ca/dirs.sls: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/ca/dirs.sls -------------------------------------------------------------------------------- /salt/ca/files/signing_policies.conf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/ca/files/signing_policies.conf -------------------------------------------------------------------------------- /salt/ca/init.sls: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/ca/init.sls -------------------------------------------------------------------------------- /salt/ca/remove.sls: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/ca/remove.sls -------------------------------------------------------------------------------- /salt/common/files/99-reserved-ports.conf: -------------------------------------------------------------------------------- 1 | net.ipv4.ip_local_reserved_ports=55000,57314,47760-47860 -------------------------------------------------------------------------------- /salt/common/files/daemon.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/common/files/daemon.json -------------------------------------------------------------------------------- /salt/common/files/soversion: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/common/files/soversion -------------------------------------------------------------------------------- /salt/common/files/vimrc: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/common/files/vimrc -------------------------------------------------------------------------------- /salt/common/grains.sls: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/common/grains.sls -------------------------------------------------------------------------------- /salt/common/init.sls: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/common/init.sls -------------------------------------------------------------------------------- /salt/common/packages.sls: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/common/packages.sls -------------------------------------------------------------------------------- /salt/common/soup_scripts.sls: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/common/soup_scripts.sls -------------------------------------------------------------------------------- /salt/common/tools/sbin/so-bpf-compile: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/common/tools/sbin/so-bpf-compile -------------------------------------------------------------------------------- /salt/common/tools/sbin/so-checkin: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/common/tools/sbin/so-checkin -------------------------------------------------------------------------------- /salt/common/tools/sbin/so-common: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/common/tools/sbin/so-common -------------------------------------------------------------------------------- /salt/common/tools/sbin/so-docker-prune: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/common/tools/sbin/so-docker-prune -------------------------------------------------------------------------------- /salt/common/tools/sbin/so-image-common: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/common/tools/sbin/so-image-common -------------------------------------------------------------------------------- /salt/common/tools/sbin/so-image-pull: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/common/tools/sbin/so-image-pull -------------------------------------------------------------------------------- /salt/common/tools/sbin/so-ip-update: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/common/tools/sbin/so-ip-update -------------------------------------------------------------------------------- /salt/common/tools/sbin/so-log-check: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/common/tools/sbin/so-log-check -------------------------------------------------------------------------------- /salt/common/tools/sbin/so-luks-tpm-regen: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/common/tools/sbin/so-luks-tpm-regen -------------------------------------------------------------------------------- /salt/common/tools/sbin/so-monitor-add: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/common/tools/sbin/so-monitor-add -------------------------------------------------------------------------------- /salt/common/tools/sbin/so-nsm-clear: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/common/tools/sbin/so-nsm-clear -------------------------------------------------------------------------------- /salt/common/tools/sbin/so-pcap-import: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/common/tools/sbin/so-pcap-import -------------------------------------------------------------------------------- /salt/common/tools/sbin/so-restart: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/common/tools/sbin/so-restart -------------------------------------------------------------------------------- /salt/common/tools/sbin/so-salt-start: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/common/tools/sbin/so-salt-start -------------------------------------------------------------------------------- /salt/common/tools/sbin/so-salt-stop: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/common/tools/sbin/so-salt-stop -------------------------------------------------------------------------------- /salt/common/tools/sbin/so-sensor-clean: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/common/tools/sbin/so-sensor-clean -------------------------------------------------------------------------------- /salt/common/tools/sbin/so-ssh-harden: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/common/tools/sbin/so-ssh-harden -------------------------------------------------------------------------------- /salt/common/tools/sbin/so-start: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/common/tools/sbin/so-start -------------------------------------------------------------------------------- /salt/common/tools/sbin/so-status: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/common/tools/sbin/so-status -------------------------------------------------------------------------------- /salt/common/tools/sbin/so-stop: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/common/tools/sbin/so-stop -------------------------------------------------------------------------------- /salt/common/tools/sbin/so-tcpreplay-restart: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/common/tools/sbin/so-tcpreplay-restart -------------------------------------------------------------------------------- /salt/common/tools/sbin/so-tcpreplay-start: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/common/tools/sbin/so-tcpreplay-start -------------------------------------------------------------------------------- /salt/common/tools/sbin/so-tcpreplay-stop: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/common/tools/sbin/so-tcpreplay-stop -------------------------------------------------------------------------------- /salt/common/tools/sbin/so-test: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/common/tools/sbin/so-test -------------------------------------------------------------------------------- /salt/common/tools/sbin/so_logging_utils.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/common/tools/sbin/so_logging_utils.py -------------------------------------------------------------------------------- /salt/common/tools/sbin_jinja/so-import-evtx: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/common/tools/sbin_jinja/so-import-evtx -------------------------------------------------------------------------------- /salt/common/tools/sbin_jinja/so-import-pcap: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/common/tools/sbin_jinja/so-import-pcap -------------------------------------------------------------------------------- /salt/common/tools/sbin_jinja/so-raid-status: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/common/tools/sbin_jinja/so-raid-status -------------------------------------------------------------------------------- /salt/common/tools/sbin_jinja/so-tcpreplay: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/common/tools/sbin_jinja/so-tcpreplay -------------------------------------------------------------------------------- /salt/cron/dead.sls: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/cron/dead.sls -------------------------------------------------------------------------------- /salt/cron/map.jinja: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/cron/map.jinja -------------------------------------------------------------------------------- /salt/cron/running.sls: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/cron/running.sls -------------------------------------------------------------------------------- /salt/curator/disabled.sls: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/curator/disabled.sls -------------------------------------------------------------------------------- /salt/desktop/files/00-background: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/desktop/files/00-background -------------------------------------------------------------------------------- /salt/desktop/files/session.jinja: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/desktop/files/session.jinja -------------------------------------------------------------------------------- /salt/desktop/files/so-lockscreen.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/desktop/files/so-lockscreen.jpg -------------------------------------------------------------------------------- /salt/desktop/files/so-login-logo-dark.svg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/desktop/files/so-login-logo-dark.svg -------------------------------------------------------------------------------- /salt/desktop/files/so-login-logo.svg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/desktop/files/so-login-logo.svg -------------------------------------------------------------------------------- /salt/desktop/files/so-wallpaper.jpg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/desktop/files/so-wallpaper.jpg -------------------------------------------------------------------------------- /salt/desktop/init.sls: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/desktop/init.sls -------------------------------------------------------------------------------- /salt/desktop/packages.sls: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/desktop/packages.sls -------------------------------------------------------------------------------- /salt/desktop/remove_gui.sls: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/desktop/remove_gui.sls -------------------------------------------------------------------------------- /salt/desktop/trusted-ca.sls: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/desktop/trusted-ca.sls -------------------------------------------------------------------------------- /salt/desktop/xwindows.sls: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/desktop/xwindows.sls -------------------------------------------------------------------------------- /salt/docker/defaults.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/docker/defaults.yaml -------------------------------------------------------------------------------- /salt/docker/docker.map.jinja: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/docker/docker.map.jinja -------------------------------------------------------------------------------- /salt/docker/files/iptables-disabled.conf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/docker/files/iptables-disabled.conf -------------------------------------------------------------------------------- /salt/docker/init.sls: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/docker/init.sls -------------------------------------------------------------------------------- /salt/docker/soc_docker.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/docker/soc_docker.yaml -------------------------------------------------------------------------------- /salt/docker_clean/init.sls: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/docker_clean/init.sls -------------------------------------------------------------------------------- /salt/elastalert/config.sls: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/elastalert/config.sls -------------------------------------------------------------------------------- /salt/elastalert/defaults.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/elastalert/defaults.yaml -------------------------------------------------------------------------------- /salt/elastalert/disabled.sls: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/elastalert/disabled.sls -------------------------------------------------------------------------------- /salt/elastalert/enabled.sls: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/elastalert/enabled.sls -------------------------------------------------------------------------------- /salt/elastalert/files/custom/placeholder: -------------------------------------------------------------------------------- 1 | THIS IS A PLACEHOLDER FILE -------------------------------------------------------------------------------- /salt/elastalert/files/elastalert_config.yaml.jinja: -------------------------------------------------------------------------------- 1 | {{ elastalert_config | yaml(False) }} 2 | -------------------------------------------------------------------------------- /salt/elastalert/init.sls: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/elastalert/init.sls -------------------------------------------------------------------------------- /salt/elastalert/map.jinja: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/elastalert/map.jinja -------------------------------------------------------------------------------- /salt/elastalert/soc_elastalert.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/elastalert/soc_elastalert.yaml -------------------------------------------------------------------------------- /salt/elastalert/sostatus.sls: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/elastalert/sostatus.sls -------------------------------------------------------------------------------- /salt/elastic-fleet-package-registry/defaults.yaml: -------------------------------------------------------------------------------- 1 | elastic_fleet_package_registry: 2 | enabled: False 3 | -------------------------------------------------------------------------------- /salt/elastic-fleet-package-registry/init.sls: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/elastic-fleet-package-registry/init.sls -------------------------------------------------------------------------------- /salt/elasticagent/config.sls: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/elasticagent/config.sls -------------------------------------------------------------------------------- /salt/elasticagent/defaults.yaml: -------------------------------------------------------------------------------- 1 | elasticagent: 2 | enabled: False -------------------------------------------------------------------------------- /salt/elasticagent/disabled.sls: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/elasticagent/disabled.sls -------------------------------------------------------------------------------- /salt/elasticagent/enabled.sls: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/elasticagent/enabled.sls -------------------------------------------------------------------------------- /salt/elasticagent/init.sls: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/elasticagent/init.sls -------------------------------------------------------------------------------- /salt/elasticagent/map.jinja: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/elasticagent/map.jinja -------------------------------------------------------------------------------- /salt/elasticagent/soc_elasticagent.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/elasticagent/soc_elasticagent.yaml -------------------------------------------------------------------------------- /salt/elasticagent/sostatus.sls: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/elasticagent/sostatus.sls -------------------------------------------------------------------------------- /salt/elasticfleet/artifact_registry.sls: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/elasticfleet/artifact_registry.sls -------------------------------------------------------------------------------- /salt/elasticfleet/config.sls: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/elasticfleet/config.sls -------------------------------------------------------------------------------- /salt/elasticfleet/defaults.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/elasticfleet/defaults.yaml -------------------------------------------------------------------------------- /salt/elasticfleet/disabled.sls: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/elasticfleet/disabled.sls -------------------------------------------------------------------------------- /salt/elasticfleet/enabled.sls: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/elasticfleet/enabled.sls -------------------------------------------------------------------------------- /salt/elasticfleet/files/certs/placeholder: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /salt/elasticfleet/files/so_agent-installers/readme: -------------------------------------------------------------------------------- 1 | SO-Generated installers will be found under Salt local 2 | 3 | -------------------------------------------------------------------------------- /salt/elasticfleet/init.sls: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/elasticfleet/init.sls -------------------------------------------------------------------------------- /salt/elasticfleet/install_agent_grid.sls: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/elasticfleet/install_agent_grid.sls -------------------------------------------------------------------------------- /salt/elasticfleet/map.jinja: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/elasticfleet/map.jinja -------------------------------------------------------------------------------- /salt/elasticfleet/soc_elasticfleet.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/elasticfleet/soc_elasticfleet.yaml -------------------------------------------------------------------------------- /salt/elasticfleet/sostatus.sls: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/elasticfleet/sostatus.sls -------------------------------------------------------------------------------- /salt/elasticsearch/auth.sls: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/elasticsearch/auth.sls -------------------------------------------------------------------------------- /salt/elasticsearch/base-template.json.jinja: -------------------------------------------------------------------------------- 1 | {{ TEMPLATE_CONFIG | tojson(true) }} 2 | -------------------------------------------------------------------------------- /salt/elasticsearch/ca.sls: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/elasticsearch/ca.sls -------------------------------------------------------------------------------- /salt/elasticsearch/config.map.jinja: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/elasticsearch/config.map.jinja -------------------------------------------------------------------------------- /salt/elasticsearch/config.sls: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/elasticsearch/config.sls -------------------------------------------------------------------------------- /salt/elasticsearch/defaults.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/elasticsearch/defaults.yaml -------------------------------------------------------------------------------- /salt/elasticsearch/disabled.sls: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/elasticsearch/disabled.sls -------------------------------------------------------------------------------- /salt/elasticsearch/download.sls: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/elasticsearch/download.sls -------------------------------------------------------------------------------- /salt/elasticsearch/enabled.sls: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/elasticsearch/enabled.sls -------------------------------------------------------------------------------- /salt/elasticsearch/files/elasticsearch.yaml.jinja: -------------------------------------------------------------------------------- 1 | {{ ESCONFIG | yaml(False) }} 2 | -------------------------------------------------------------------------------- /salt/elasticsearch/files/ingest/beats.common: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/elasticsearch/files/ingest/beats.common -------------------------------------------------------------------------------- /salt/elasticsearch/files/ingest/common.nids: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/elasticsearch/files/ingest/common.nids -------------------------------------------------------------------------------- /salt/elasticsearch/files/ingest/dns.tld: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/elasticsearch/files/ingest/dns.tld -------------------------------------------------------------------------------- /salt/elasticsearch/files/ingest/ecs: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/elasticsearch/files/ingest/ecs -------------------------------------------------------------------------------- /salt/elasticsearch/files/ingest/filterlog: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/elasticsearch/files/ingest/filterlog -------------------------------------------------------------------------------- /salt/elasticsearch/files/ingest/http.status: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/elasticsearch/files/ingest/http.status -------------------------------------------------------------------------------- /salt/elasticsearch/files/ingest/hydra: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/elasticsearch/files/ingest/hydra -------------------------------------------------------------------------------- /salt/elasticsearch/files/ingest/kismet.ap: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/elasticsearch/files/ingest/kismet.ap -------------------------------------------------------------------------------- /salt/elasticsearch/files/ingest/kismet.wds: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/elasticsearch/files/ingest/kismet.wds -------------------------------------------------------------------------------- /salt/elasticsearch/files/ingest/kratos: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/elasticsearch/files/ingest/kratos -------------------------------------------------------------------------------- /salt/elasticsearch/files/ingest/ossec: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/elasticsearch/files/ingest/ossec -------------------------------------------------------------------------------- /salt/elasticsearch/files/ingest/rita.beacons: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/elasticsearch/files/ingest/rita.beacons -------------------------------------------------------------------------------- /salt/elasticsearch/files/ingest/rita.dns: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/elasticsearch/files/ingest/rita.dns -------------------------------------------------------------------------------- /salt/elasticsearch/files/ingest/strelka.file: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/elasticsearch/files/ingest/strelka.file -------------------------------------------------------------------------------- /salt/elasticsearch/files/ingest/sublime: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/elasticsearch/files/ingest/sublime -------------------------------------------------------------------------------- /salt/elasticsearch/files/ingest/suricata.dns: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/elasticsearch/files/ingest/suricata.dns -------------------------------------------------------------------------------- /salt/elasticsearch/files/ingest/suricata.ftp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/elasticsearch/files/ingest/suricata.ftp -------------------------------------------------------------------------------- /salt/elasticsearch/files/ingest/suricata.ike: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/elasticsearch/files/ingest/suricata.ike -------------------------------------------------------------------------------- /salt/elasticsearch/files/ingest/suricata.nfs: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/elasticsearch/files/ingest/suricata.nfs -------------------------------------------------------------------------------- /salt/elasticsearch/files/ingest/suricata.rdp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/elasticsearch/files/ingest/suricata.rdp -------------------------------------------------------------------------------- /salt/elasticsearch/files/ingest/suricata.sip: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/elasticsearch/files/ingest/suricata.sip -------------------------------------------------------------------------------- /salt/elasticsearch/files/ingest/suricata.smb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/elasticsearch/files/ingest/suricata.smb -------------------------------------------------------------------------------- /salt/elasticsearch/files/ingest/suricata.ssh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/elasticsearch/files/ingest/suricata.ssh -------------------------------------------------------------------------------- /salt/elasticsearch/files/ingest/syslog: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/elasticsearch/files/ingest/syslog -------------------------------------------------------------------------------- /salt/elasticsearch/files/ingest/sysmon: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/elasticsearch/files/ingest/sysmon -------------------------------------------------------------------------------- /salt/elasticsearch/files/ingest/zeek.cip: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/elasticsearch/files/ingest/zeek.cip -------------------------------------------------------------------------------- /salt/elasticsearch/files/ingest/zeek.conn: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/elasticsearch/files/ingest/zeek.conn -------------------------------------------------------------------------------- /salt/elasticsearch/files/ingest/zeek.cotp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/elasticsearch/files/ingest/zeek.cotp -------------------------------------------------------------------------------- /salt/elasticsearch/files/ingest/zeek.dhcp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/elasticsearch/files/ingest/zeek.dhcp -------------------------------------------------------------------------------- /salt/elasticsearch/files/ingest/zeek.dnp3: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/elasticsearch/files/ingest/zeek.dnp3 -------------------------------------------------------------------------------- /salt/elasticsearch/files/ingest/zeek.dns: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/elasticsearch/files/ingest/zeek.dns -------------------------------------------------------------------------------- /salt/elasticsearch/files/ingest/zeek.dpd: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/elasticsearch/files/ingest/zeek.dpd -------------------------------------------------------------------------------- /salt/elasticsearch/files/ingest/zeek.enip: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/elasticsearch/files/ingest/zeek.enip -------------------------------------------------------------------------------- /salt/elasticsearch/files/ingest/zeek.files: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/elasticsearch/files/ingest/zeek.files -------------------------------------------------------------------------------- /salt/elasticsearch/files/ingest/zeek.ftp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/elasticsearch/files/ingest/zeek.ftp -------------------------------------------------------------------------------- /salt/elasticsearch/files/ingest/zeek.http: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/elasticsearch/files/ingest/zeek.http -------------------------------------------------------------------------------- /salt/elasticsearch/files/ingest/zeek.http2: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/elasticsearch/files/ingest/zeek.http2 -------------------------------------------------------------------------------- /salt/elasticsearch/files/ingest/zeek.intel: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/elasticsearch/files/ingest/zeek.intel -------------------------------------------------------------------------------- /salt/elasticsearch/files/ingest/zeek.ipsec: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/elasticsearch/files/ingest/zeek.ipsec -------------------------------------------------------------------------------- /salt/elasticsearch/files/ingest/zeek.irc: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/elasticsearch/files/ingest/zeek.irc -------------------------------------------------------------------------------- /salt/elasticsearch/files/ingest/zeek.ldap: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/elasticsearch/files/ingest/zeek.ldap -------------------------------------------------------------------------------- /salt/elasticsearch/files/ingest/zeek.mysql: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/elasticsearch/files/ingest/zeek.mysql -------------------------------------------------------------------------------- /salt/elasticsearch/files/ingest/zeek.ntlm: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/elasticsearch/files/ingest/zeek.ntlm -------------------------------------------------------------------------------- /salt/elasticsearch/files/ingest/zeek.ntp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/elasticsearch/files/ingest/zeek.ntp -------------------------------------------------------------------------------- /salt/elasticsearch/files/ingest/zeek.pe: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/elasticsearch/files/ingest/zeek.pe -------------------------------------------------------------------------------- /salt/elasticsearch/files/ingest/zeek.quic: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/elasticsearch/files/ingest/zeek.quic -------------------------------------------------------------------------------- /salt/elasticsearch/files/ingest/zeek.rdp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/elasticsearch/files/ingest/zeek.rdp -------------------------------------------------------------------------------- /salt/elasticsearch/files/ingest/zeek.rfb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/elasticsearch/files/ingest/zeek.rfb -------------------------------------------------------------------------------- /salt/elasticsearch/files/ingest/zeek.sip: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/elasticsearch/files/ingest/zeek.sip -------------------------------------------------------------------------------- /salt/elasticsearch/files/ingest/zeek.smtp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/elasticsearch/files/ingest/zeek.smtp -------------------------------------------------------------------------------- /salt/elasticsearch/files/ingest/zeek.snmp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/elasticsearch/files/ingest/zeek.snmp -------------------------------------------------------------------------------- /salt/elasticsearch/files/ingest/zeek.socks: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/elasticsearch/files/ingest/zeek.socks -------------------------------------------------------------------------------- /salt/elasticsearch/files/ingest/zeek.ssh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/elasticsearch/files/ingest/zeek.ssh -------------------------------------------------------------------------------- /salt/elasticsearch/files/ingest/zeek.ssl: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/elasticsearch/files/ingest/zeek.ssl -------------------------------------------------------------------------------- /salt/elasticsearch/files/ingest/zeek.stun: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/elasticsearch/files/ingest/zeek.stun -------------------------------------------------------------------------------- /salt/elasticsearch/files/ingest/zeek.tds: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/elasticsearch/files/ingest/zeek.tds -------------------------------------------------------------------------------- /salt/elasticsearch/files/ingest/zeek.weird: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/elasticsearch/files/ingest/zeek.weird -------------------------------------------------------------------------------- /salt/elasticsearch/files/ingest/zeek.x509: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/elasticsearch/files/ingest/zeek.x509 -------------------------------------------------------------------------------- /salt/elasticsearch/files/log4j2.properties: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/elasticsearch/files/log4j2.properties -------------------------------------------------------------------------------- /salt/elasticsearch/init.sls: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/elasticsearch/init.sls -------------------------------------------------------------------------------- /salt/elasticsearch/roles/analyst.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/elasticsearch/roles/analyst.json -------------------------------------------------------------------------------- /salt/elasticsearch/roles/auditor.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/elasticsearch/roles/auditor.json -------------------------------------------------------------------------------- /salt/elasticsearch/soc_elasticsearch.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/elasticsearch/soc_elasticsearch.yaml -------------------------------------------------------------------------------- /salt/elasticsearch/sostatus.sls: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/elasticsearch/sostatus.sls -------------------------------------------------------------------------------- /salt/elasticsearch/template.map.jinja: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/elasticsearch/template.map.jinja -------------------------------------------------------------------------------- /salt/firewall/containers.map.jinja: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/firewall/containers.map.jinja -------------------------------------------------------------------------------- /salt/firewall/defaults.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/firewall/defaults.yaml -------------------------------------------------------------------------------- /salt/firewall/init.sls: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/firewall/init.sls -------------------------------------------------------------------------------- /salt/firewall/ipt.map.jinja: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/firewall/ipt.map.jinja -------------------------------------------------------------------------------- /salt/firewall/iptables.jinja: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/firewall/iptables.jinja -------------------------------------------------------------------------------- /salt/firewall/map.jinja: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/firewall/map.jinja -------------------------------------------------------------------------------- /salt/firewall/soc_firewall.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/firewall/soc_firewall.yaml -------------------------------------------------------------------------------- /salt/global/defaults.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/global/defaults.yaml -------------------------------------------------------------------------------- /salt/global/map.jinja: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/global/map.jinja -------------------------------------------------------------------------------- /salt/global/soc_global.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/global/soc_global.yaml -------------------------------------------------------------------------------- /salt/healthcheck/init.sls: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/healthcheck/init.sls -------------------------------------------------------------------------------- /salt/host/soc_host.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/host/soc_host.yaml -------------------------------------------------------------------------------- /salt/hydra/config.sls: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/hydra/config.sls -------------------------------------------------------------------------------- /salt/hydra/defaults.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/hydra/defaults.yaml -------------------------------------------------------------------------------- /salt/hydra/disabled.sls: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/hydra/disabled.sls -------------------------------------------------------------------------------- /salt/hydra/enabled.sls: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/hydra/enabled.sls -------------------------------------------------------------------------------- /salt/hydra/files/hydra.yaml.jinja: -------------------------------------------------------------------------------- 1 | {{ HYDRAMERGED.config | yaml(false) }} 2 | -------------------------------------------------------------------------------- /salt/hydra/init.sls: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/hydra/init.sls -------------------------------------------------------------------------------- /salt/hydra/map.jinja: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/hydra/map.jinja -------------------------------------------------------------------------------- /salt/hydra/soc_hydra.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/hydra/soc_hydra.yaml -------------------------------------------------------------------------------- /salt/hydra/sostatus.sls: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/hydra/sostatus.sls -------------------------------------------------------------------------------- /salt/hypervisor/defaults.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/hypervisor/defaults.yaml -------------------------------------------------------------------------------- /salt/hypervisor/hosts/README: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/hypervisor/hosts/README -------------------------------------------------------------------------------- /salt/hypervisor/init.sls: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/hypervisor/init.sls -------------------------------------------------------------------------------- /salt/hypervisor/map.jinja: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/hypervisor/map.jinja -------------------------------------------------------------------------------- /salt/hypervisor/tools/sbin/so_vm_utils.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/hypervisor/tools/sbin/so_vm_utils.py -------------------------------------------------------------------------------- /salt/idh/config.sls: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/idh/config.sls -------------------------------------------------------------------------------- /salt/idh/defaults.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/idh/defaults.yaml -------------------------------------------------------------------------------- /salt/idh/disabled.sls: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/idh/disabled.sls -------------------------------------------------------------------------------- /salt/idh/enabled.sls: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/idh/enabled.sls -------------------------------------------------------------------------------- /salt/idh/idh.conf.jinja: -------------------------------------------------------------------------------- 1 | {{ OPENCANARYCONFIG | tojson(True) | replace("_x_", ".") }} 2 | -------------------------------------------------------------------------------- /salt/idh/init.sls: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/idh/init.sls -------------------------------------------------------------------------------- /salt/idh/opencanary_config.map.jinja: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/idh/opencanary_config.map.jinja -------------------------------------------------------------------------------- /salt/idh/openssh/config.sls: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/idh/openssh/config.sls -------------------------------------------------------------------------------- /salt/idh/openssh/init.sls: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/idh/openssh/init.sls -------------------------------------------------------------------------------- /salt/idh/openssh/map.jinja: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/idh/openssh/map.jinja -------------------------------------------------------------------------------- /salt/idh/plays/idh_ftp.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/idh/plays/idh_ftp.yml -------------------------------------------------------------------------------- /salt/idh/plays/idh_git.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/idh/plays/idh_git.yml -------------------------------------------------------------------------------- /salt/idh/plays/idh_http_get.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/idh/plays/idh_http_get.yml -------------------------------------------------------------------------------- /salt/idh/plays/idh_http_login.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/idh/plays/idh_http_login.yml -------------------------------------------------------------------------------- /salt/idh/plays/idh_httpproxy.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/idh/plays/idh_httpproxy.yml -------------------------------------------------------------------------------- /salt/idh/plays/idh_mssql.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/idh/plays/idh_mssql.yml -------------------------------------------------------------------------------- /salt/idh/plays/idh_mysql.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/idh/plays/idh_mysql.yml -------------------------------------------------------------------------------- /salt/idh/plays/idh_ntp.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/idh/plays/idh_ntp.yml -------------------------------------------------------------------------------- /salt/idh/plays/idh_redis.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/idh/plays/idh_redis.yml -------------------------------------------------------------------------------- /salt/idh/plays/idh_sip.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/idh/plays/idh_sip.yml -------------------------------------------------------------------------------- /salt/idh/plays/idh_smb.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/idh/plays/idh_smb.yml -------------------------------------------------------------------------------- /salt/idh/plays/idh_snmp.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/idh/plays/idh_snmp.yml -------------------------------------------------------------------------------- /salt/idh/plays/idh_ssh.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/idh/plays/idh_ssh.yml -------------------------------------------------------------------------------- /salt/idh/plays/idh_telnet.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/idh/plays/idh_telnet.yml -------------------------------------------------------------------------------- /salt/idh/plays/idh_tftp.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/idh/plays/idh_tftp.yml -------------------------------------------------------------------------------- /salt/idh/plays/idh_vnc.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/idh/plays/idh_vnc.yml -------------------------------------------------------------------------------- /salt/idh/soc_idh.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/idh/soc_idh.yaml -------------------------------------------------------------------------------- /salt/idh/sostatus.sls: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/idh/sostatus.sls -------------------------------------------------------------------------------- /salt/idh/tools/sbin/so-idh-restart: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/idh/tools/sbin/so-idh-restart -------------------------------------------------------------------------------- /salt/idh/tools/sbin/so-idh-start: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/idh/tools/sbin/so-idh-start -------------------------------------------------------------------------------- /salt/idh/tools/sbin/so-idh-stop: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/idh/tools/sbin/so-idh-stop -------------------------------------------------------------------------------- /salt/idstools/config.sls: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/idstools/config.sls -------------------------------------------------------------------------------- /salt/idstools/defaults.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/idstools/defaults.yaml -------------------------------------------------------------------------------- /salt/idstools/disabled.sls: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/idstools/disabled.sls -------------------------------------------------------------------------------- /salt/idstools/enabled.sls: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/idstools/enabled.sls -------------------------------------------------------------------------------- /salt/idstools/etc/disable.conf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/idstools/etc/disable.conf -------------------------------------------------------------------------------- /salt/idstools/etc/enable.conf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/idstools/etc/enable.conf -------------------------------------------------------------------------------- /salt/idstools/etc/modify.conf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/idstools/etc/modify.conf -------------------------------------------------------------------------------- /salt/idstools/etc/rulecat.conf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/idstools/etc/rulecat.conf -------------------------------------------------------------------------------- /salt/idstools/init.sls: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/idstools/init.sls -------------------------------------------------------------------------------- /salt/idstools/map.jinja: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/idstools/map.jinja -------------------------------------------------------------------------------- /salt/idstools/rules/extraction.rules: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/idstools/rules/extraction.rules -------------------------------------------------------------------------------- /salt/idstools/rules/filters.rules: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/idstools/rules/filters.rules -------------------------------------------------------------------------------- /salt/idstools/rules/local.rules: -------------------------------------------------------------------------------- 1 | # Add your custom Suricata rules in this file. -------------------------------------------------------------------------------- /salt/idstools/soc_idstools.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/idstools/soc_idstools.yaml -------------------------------------------------------------------------------- /salt/idstools/sostatus.sls: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/idstools/sostatus.sls -------------------------------------------------------------------------------- /salt/idstools/sync_files.sls: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/idstools/sync_files.sls -------------------------------------------------------------------------------- /salt/idstools/tools/sbin/so-idstools-start: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/idstools/tools/sbin/so-idstools-start -------------------------------------------------------------------------------- /salt/idstools/tools/sbin/so-idstools-stop: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/idstools/tools/sbin/so-idstools-stop -------------------------------------------------------------------------------- /salt/influxdb/buckets.json.jinja: -------------------------------------------------------------------------------- 1 | {{ INFLUXMERGED.buckets | json }} -------------------------------------------------------------------------------- /salt/influxdb/config.sls: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/influxdb/config.sls -------------------------------------------------------------------------------- /salt/influxdb/config.yaml.jinja: -------------------------------------------------------------------------------- 1 | {{ INFLUXMERGED.config | yaml(false) }} -------------------------------------------------------------------------------- /salt/influxdb/curl.config.jinja: -------------------------------------------------------------------------------- 1 | header = "Authorization: Token {{ salt['pillar.get']('influxdb:token') }}" 2 | -------------------------------------------------------------------------------- /salt/influxdb/defaults.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/influxdb/defaults.yaml -------------------------------------------------------------------------------- /salt/influxdb/disabled.sls: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/influxdb/disabled.sls -------------------------------------------------------------------------------- /salt/influxdb/enabled.sls: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/influxdb/enabled.sls -------------------------------------------------------------------------------- /salt/influxdb/init.sls: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/influxdb/init.sls -------------------------------------------------------------------------------- /salt/influxdb/map.jinja: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/influxdb/map.jinja -------------------------------------------------------------------------------- /salt/influxdb/metrics_link.txt: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /salt/influxdb/soc_influxdb.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/influxdb/soc_influxdb.yaml -------------------------------------------------------------------------------- /salt/influxdb/sostatus.sls: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/influxdb/sostatus.sls -------------------------------------------------------------------------------- /salt/influxdb/templates/alarm_deadman.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/influxdb/templates/alarm_deadman.json -------------------------------------------------------------------------------- /salt/influxdb/templates/downsample.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/influxdb/templates/downsample.json -------------------------------------------------------------------------------- /salt/influxdb/templates/variable-host.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/influxdb/templates/variable-host.json -------------------------------------------------------------------------------- /salt/influxdb/templates/variable-role.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/influxdb/templates/variable-role.json -------------------------------------------------------------------------------- /salt/influxdb/tools/sbin/so-influxdb-start: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/influxdb/tools/sbin/so-influxdb-start -------------------------------------------------------------------------------- /salt/influxdb/tools/sbin/so-influxdb-stop: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/influxdb/tools/sbin/so-influxdb-stop -------------------------------------------------------------------------------- /salt/kafka/ca.sls: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/kafka/ca.sls -------------------------------------------------------------------------------- /salt/kafka/config.map.jinja: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/kafka/config.map.jinja -------------------------------------------------------------------------------- /salt/kafka/config.sls: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/kafka/config.sls -------------------------------------------------------------------------------- /salt/kafka/defaults.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/kafka/defaults.yaml -------------------------------------------------------------------------------- /salt/kafka/disabled.sls: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/kafka/disabled.sls -------------------------------------------------------------------------------- /salt/kafka/enabled.sls: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/kafka/enabled.sls -------------------------------------------------------------------------------- /salt/kafka/etc/client.properties.jinja: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/kafka/etc/client.properties.jinja -------------------------------------------------------------------------------- /salt/kafka/etc/jaas.conf.jinja: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/kafka/etc/jaas.conf.jinja -------------------------------------------------------------------------------- /salt/kafka/etc/log4j.properties: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/kafka/etc/log4j.properties -------------------------------------------------------------------------------- /salt/kafka/etc/server.properties.jinja: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/kafka/etc/server.properties.jinja -------------------------------------------------------------------------------- /salt/kafka/files/managed_node_pillar.jinja: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/kafka/files/managed_node_pillar.jinja -------------------------------------------------------------------------------- /salt/kafka/init.sls: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/kafka/init.sls -------------------------------------------------------------------------------- /salt/kafka/map.jinja: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/kafka/map.jinja -------------------------------------------------------------------------------- /salt/kafka/nodes.map.jinja: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/kafka/nodes.map.jinja -------------------------------------------------------------------------------- /salt/kafka/nodes.sls: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/kafka/nodes.sls -------------------------------------------------------------------------------- /salt/kafka/reset.sls: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/kafka/reset.sls -------------------------------------------------------------------------------- /salt/kafka/soc_kafka.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/kafka/soc_kafka.yaml -------------------------------------------------------------------------------- /salt/kafka/sostatus.sls: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/kafka/sostatus.sls -------------------------------------------------------------------------------- /salt/kafka/ssl.sls: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/kafka/ssl.sls -------------------------------------------------------------------------------- /salt/kafka/storage.sls: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/kafka/storage.sls -------------------------------------------------------------------------------- /salt/kafka/tools/sbin/so-kafka-cli: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/kafka/tools/sbin/so-kafka-cli -------------------------------------------------------------------------------- /salt/kafka/tools/sbin_jinja/so-kafka-trust: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/kafka/tools/sbin_jinja/so-kafka-trust -------------------------------------------------------------------------------- /salt/kibana/config.sls: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/kibana/config.sls -------------------------------------------------------------------------------- /salt/kibana/custom/PUT YOU CUSTOM DASHBOARDS HERE: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /salt/kibana/defaults.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/kibana/defaults.yaml -------------------------------------------------------------------------------- /salt/kibana/disabled.sls: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/kibana/disabled.sls -------------------------------------------------------------------------------- /salt/kibana/enabled.sls: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/kibana/enabled.sls -------------------------------------------------------------------------------- /salt/kibana/etc/kibana.yml.jinja: -------------------------------------------------------------------------------- 1 | {{ KIBANACONFIG | yaml(False) }} 2 | -------------------------------------------------------------------------------- /salt/kibana/files/curl.config.template: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/kibana/files/curl.config.template -------------------------------------------------------------------------------- /salt/kibana/files/hl.ndjson: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/kibana/files/hl.ndjson -------------------------------------------------------------------------------- /salt/kibana/files/live_query_fixup.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/kibana/files/live_query_fixup.sh -------------------------------------------------------------------------------- /salt/kibana/files/saved_objects.ndjson: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/kibana/files/saved_objects.ndjson -------------------------------------------------------------------------------- /salt/kibana/init.sls: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/kibana/init.sls -------------------------------------------------------------------------------- /salt/kibana/map.jinja: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/kibana/map.jinja -------------------------------------------------------------------------------- /salt/kibana/secrets.sls: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/kibana/secrets.sls -------------------------------------------------------------------------------- /salt/kibana/so_config_load.sls: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/kibana/so_config_load.sls -------------------------------------------------------------------------------- /salt/kibana/so_dashboard_load.sls: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/kibana/so_dashboard_load.sls -------------------------------------------------------------------------------- /salt/kibana/so_savedobjects_defaults.sls: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/kibana/so_savedobjects_defaults.sls -------------------------------------------------------------------------------- /salt/kibana/so_securitySolution_load.sls: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/kibana/so_securitySolution_load.sls -------------------------------------------------------------------------------- /salt/kibana/soc_kibana.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/kibana/soc_kibana.yaml -------------------------------------------------------------------------------- /salt/kibana/sostatus.sls: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/kibana/sostatus.sls -------------------------------------------------------------------------------- /salt/kibana/tools/sbin/so-kibana-api-check: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/kibana/tools/sbin/so-kibana-api-check -------------------------------------------------------------------------------- /salt/kibana/tools/sbin/so-kibana-restart: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/kibana/tools/sbin/so-kibana-restart -------------------------------------------------------------------------------- /salt/kibana/tools/sbin/so-kibana-start: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/kibana/tools/sbin/so-kibana-start -------------------------------------------------------------------------------- /salt/kibana/tools/sbin/so-kibana-stop: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/kibana/tools/sbin/so-kibana-stop -------------------------------------------------------------------------------- /salt/kratos/config.sls: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/kratos/config.sls -------------------------------------------------------------------------------- /salt/kratos/defaults.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/kratos/defaults.yaml -------------------------------------------------------------------------------- /salt/kratos/disabled.sls: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/kratos/disabled.sls -------------------------------------------------------------------------------- /salt/kratos/enabled.sls: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/kratos/enabled.sls -------------------------------------------------------------------------------- /salt/kratos/files/kratos.yaml.jinja: -------------------------------------------------------------------------------- 1 | {{ KRATOSMERGED.config | yaml(false) }} 2 | -------------------------------------------------------------------------------- /salt/kratos/files/oidc.jsonnet: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/kratos/files/oidc.jsonnet -------------------------------------------------------------------------------- /salt/kratos/files/schema.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/kratos/files/schema.json -------------------------------------------------------------------------------- /salt/kratos/init.sls: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/kratos/init.sls -------------------------------------------------------------------------------- /salt/kratos/map.jinja: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/kratos/map.jinja -------------------------------------------------------------------------------- /salt/kratos/soc_kratos.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/kratos/soc_kratos.yaml -------------------------------------------------------------------------------- /salt/kratos/sostatus.sls: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/kratos/sostatus.sls -------------------------------------------------------------------------------- /salt/libvirt/64962/init.sls: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/libvirt/64962/init.sls -------------------------------------------------------------------------------- /salt/libvirt/bridge.sls: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/libvirt/bridge.sls -------------------------------------------------------------------------------- /salt/libvirt/defaults.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/libvirt/defaults.yaml -------------------------------------------------------------------------------- /salt/libvirt/etc/libvirtd.conf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/libvirt/etc/libvirtd.conf -------------------------------------------------------------------------------- /salt/libvirt/etc/libvirtd.conf.jinja: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/libvirt/etc/libvirtd.conf.jinja -------------------------------------------------------------------------------- /salt/libvirt/images/init.sls: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/libvirt/images/init.sls -------------------------------------------------------------------------------- /salt/libvirt/images/sool9/README: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/libvirt/images/sool9/README -------------------------------------------------------------------------------- /salt/libvirt/init.sls: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/libvirt/init.sls -------------------------------------------------------------------------------- /salt/libvirt/map.jinja: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/libvirt/map.jinja -------------------------------------------------------------------------------- /salt/libvirt/packages.sls: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/libvirt/packages.sls -------------------------------------------------------------------------------- /salt/libvirt/ssh/files/config: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/libvirt/ssh/files/config -------------------------------------------------------------------------------- /salt/libvirt/ssh/users.sls: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/libvirt/ssh/users.sls -------------------------------------------------------------------------------- /salt/logrotate/defaults.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/logrotate/defaults.yaml -------------------------------------------------------------------------------- /salt/logrotate/etc/rotate.conf.jinja: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/logrotate/etc/rotate.conf.jinja -------------------------------------------------------------------------------- /salt/logrotate/init.sls: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/logrotate/init.sls -------------------------------------------------------------------------------- /salt/logrotate/map.jinja: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/logrotate/map.jinja -------------------------------------------------------------------------------- /salt/logrotate/soc_logrotate.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/logrotate/soc_logrotate.yaml -------------------------------------------------------------------------------- /salt/logrotate/tools/sbin/common-rotate: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/logrotate/tools/sbin/common-rotate -------------------------------------------------------------------------------- /salt/logstash/config.sls: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/logstash/config.sls -------------------------------------------------------------------------------- /salt/logstash/defaults.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/logstash/defaults.yaml -------------------------------------------------------------------------------- /salt/logstash/disabled.sls: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/logstash/disabled.sls -------------------------------------------------------------------------------- /salt/logstash/download.sls: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/logstash/download.sls -------------------------------------------------------------------------------- /salt/logstash/enabled.sls: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/logstash/enabled.sls -------------------------------------------------------------------------------- /salt/logstash/etc/certs/Put.Your.Certs.Here.txt: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /salt/logstash/etc/jvm.options: -------------------------------------------------------------------------------- 1 | -Dlog4j2.formatMsgNoLookups=true 2 | -------------------------------------------------------------------------------- /salt/logstash/etc/log4j2.properties: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/logstash/etc/log4j2.properties -------------------------------------------------------------------------------- /salt/logstash/etc/logstash.yml: -------------------------------------------------------------------------------- 1 | {{ LOGSTASH_MERGED.config | yaml(False) | replace("_x_", ".") }} 2 | -------------------------------------------------------------------------------- /salt/logstash/etc/pipelines.yml.jinja: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/logstash/etc/pipelines.yml.jinja -------------------------------------------------------------------------------- /salt/logstash/init.sls: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/logstash/init.sls -------------------------------------------------------------------------------- /salt/logstash/map.jinja: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/logstash/map.jinja -------------------------------------------------------------------------------- /salt/logstash/soc_logstash.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/logstash/soc_logstash.yaml -------------------------------------------------------------------------------- /salt/logstash/sostatus.sls: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/logstash/sostatus.sls -------------------------------------------------------------------------------- /salt/logstash/tools/sbin/so-logstash-flow-stats: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | curl -s -L http://localhost:9600/_node/stats/flow | jq -------------------------------------------------------------------------------- /salt/logstash/tools/sbin/so-logstash-health: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | curl -s -L http://localhost:9600/_health_report | jq -------------------------------------------------------------------------------- /salt/logstash/tools/sbin/so-logstash-jvm-stats: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | curl -s -L http://localhost:9600/_node/stats/jvm | jq -------------------------------------------------------------------------------- /salt/logstash/tools/sbin/so-logstash-start: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/logstash/tools/sbin/so-logstash-start -------------------------------------------------------------------------------- /salt/logstash/tools/sbin/so-logstash-stop: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/logstash/tools/sbin/so-logstash-stop -------------------------------------------------------------------------------- /salt/manager/defaults.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/manager/defaults.yaml -------------------------------------------------------------------------------- /salt/manager/elasticsearch.sls: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/manager/elasticsearch.sls -------------------------------------------------------------------------------- /salt/manager/files/add_minion.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/manager/files/add_minion.sh -------------------------------------------------------------------------------- /salt/manager/files/mirror.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/manager/files/mirror.txt -------------------------------------------------------------------------------- /salt/manager/files/repodownload.conf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/manager/files/repodownload.conf -------------------------------------------------------------------------------- /salt/manager/files/so-api.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /salt/manager/glue.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /salt/manager/hypervisor.sls: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/manager/hypervisor.sls -------------------------------------------------------------------------------- /salt/manager/init.sls: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/manager/init.sls -------------------------------------------------------------------------------- /salt/manager/kibana.sls: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/manager/kibana.sls -------------------------------------------------------------------------------- /salt/manager/managed_soc_annotations.sls: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/manager/managed_soc_annotations.sls -------------------------------------------------------------------------------- /salt/manager/map.jinja: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/manager/map.jinja -------------------------------------------------------------------------------- /salt/manager/soc_manager.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/manager/soc_manager.yaml -------------------------------------------------------------------------------- /salt/manager/sync_es_users.sls: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/manager/sync_es_users.sls -------------------------------------------------------------------------------- /salt/manager/tools/sbin/so-allow: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/manager/tools/sbin/so-allow -------------------------------------------------------------------------------- /salt/manager/tools/sbin/so-client: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/manager/tools/sbin/so-client -------------------------------------------------------------------------------- /salt/manager/tools/sbin/so-deny: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/manager/tools/sbin/so-deny -------------------------------------------------------------------------------- /salt/manager/tools/sbin/so-docker-refresh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/manager/tools/sbin/so-docker-refresh -------------------------------------------------------------------------------- /salt/manager/tools/sbin/so-firewall: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/manager/tools/sbin/so-firewall -------------------------------------------------------------------------------- /salt/manager/tools/sbin/so-firewall-minion: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/manager/tools/sbin/so-firewall-minion -------------------------------------------------------------------------------- /salt/manager/tools/sbin/so-minion: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/manager/tools/sbin/so-minion -------------------------------------------------------------------------------- /salt/manager/tools/sbin/so-repo-sync: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/manager/tools/sbin/so-repo-sync -------------------------------------------------------------------------------- /salt/manager/tools/sbin/so-user: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/manager/tools/sbin/so-user -------------------------------------------------------------------------------- /salt/manager/tools/sbin/so-yaml.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/manager/tools/sbin/so-yaml.py -------------------------------------------------------------------------------- /salt/manager/tools/sbin/so-yaml_test.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/manager/tools/sbin/so-yaml_test.py -------------------------------------------------------------------------------- /salt/manager/tools/sbin/soup: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/manager/tools/sbin/soup -------------------------------------------------------------------------------- /salt/motd/files/so_motd.jinja: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/motd/files/so_motd.jinja -------------------------------------------------------------------------------- /salt/motd/init.sls: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/motd/init.sls -------------------------------------------------------------------------------- /salt/nginx/config.sls: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/nginx/config.sls -------------------------------------------------------------------------------- /salt/nginx/defaults.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/nginx/defaults.yaml -------------------------------------------------------------------------------- /salt/nginx/disabled.sls: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/nginx/disabled.sls -------------------------------------------------------------------------------- /salt/nginx/enabled.sls: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/nginx/enabled.sls -------------------------------------------------------------------------------- /salt/nginx/etc/nginx.conf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/nginx/etc/nginx.conf -------------------------------------------------------------------------------- /salt/nginx/files/navigator_config.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/nginx/files/navigator_config.json -------------------------------------------------------------------------------- /salt/nginx/init.sls: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/nginx/init.sls -------------------------------------------------------------------------------- /salt/nginx/map.jinja: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/nginx/map.jinja -------------------------------------------------------------------------------- /salt/nginx/soc_nginx.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/nginx/soc_nginx.yaml -------------------------------------------------------------------------------- /salt/nginx/sostatus.sls: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/nginx/sostatus.sls -------------------------------------------------------------------------------- /salt/nginx/ssl/ssl.crt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/nginx/ssl/ssl.crt -------------------------------------------------------------------------------- /salt/nginx/ssl/ssl.key: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/nginx/ssl/ssl.key -------------------------------------------------------------------------------- /salt/nginx/tools/sbin/so-nginx-restart: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/nginx/tools/sbin/so-nginx-restart -------------------------------------------------------------------------------- /salt/nginx/tools/sbin/so-nginx-start: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/nginx/tools/sbin/so-nginx-start -------------------------------------------------------------------------------- /salt/nginx/tools/sbin/so-nginx-stop: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/nginx/tools/sbin/so-nginx-stop -------------------------------------------------------------------------------- /salt/ntp/chrony.conf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/ntp/chrony.conf -------------------------------------------------------------------------------- /salt/ntp/config.map.jinja: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/ntp/config.map.jinja -------------------------------------------------------------------------------- /salt/ntp/defaults.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/ntp/defaults.yaml -------------------------------------------------------------------------------- /salt/ntp/init.sls: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/ntp/init.sls -------------------------------------------------------------------------------- /salt/ntp/soc_ntp.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/ntp/soc_ntp.yaml -------------------------------------------------------------------------------- /salt/orch/container_download.sls: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/orch/container_download.sls -------------------------------------------------------------------------------- /salt/orch/delete_hypervisor.sls: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/orch/delete_hypervisor.sls -------------------------------------------------------------------------------- /salt/orch/deploy_newnode.sls: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/orch/deploy_newnode.sls -------------------------------------------------------------------------------- /salt/orch/dyanno_hypervisor.sls: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/orch/dyanno_hypervisor.sls -------------------------------------------------------------------------------- /salt/orch/vm_pillar_clean.sls: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/orch/vm_pillar_clean.sls -------------------------------------------------------------------------------- /salt/patch/defaults.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/patch/defaults.yaml -------------------------------------------------------------------------------- /salt/patch/needs_restarting.sls: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/patch/needs_restarting.sls -------------------------------------------------------------------------------- /salt/patch/os/init.sls: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/patch/os/init.sls -------------------------------------------------------------------------------- /salt/patch/os/schedule.sls: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/patch/os/schedule.sls -------------------------------------------------------------------------------- /salt/patch/os/schedules/map.jinja: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/patch/os/schedules/map.jinja -------------------------------------------------------------------------------- /salt/patch/soc_patch.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/patch/soc_patch.yaml -------------------------------------------------------------------------------- /salt/pcap/config.map.jinja: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/pcap/config.map.jinja -------------------------------------------------------------------------------- /salt/pcap/config.sls: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/pcap/config.sls -------------------------------------------------------------------------------- /salt/pcap/defaults.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/pcap/defaults.yaml -------------------------------------------------------------------------------- /salt/pcap/disabled.sls: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/pcap/disabled.sls -------------------------------------------------------------------------------- /salt/pcap/enabled.sls: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/pcap/enabled.sls -------------------------------------------------------------------------------- /salt/pcap/files/config.jinja: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/pcap/files/config.jinja -------------------------------------------------------------------------------- /salt/pcap/init.sls: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/pcap/init.sls -------------------------------------------------------------------------------- /salt/pcap/soc_pcap.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/pcap/soc_pcap.yaml -------------------------------------------------------------------------------- /salt/pcap/sostatus.sls: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/pcap/sostatus.sls -------------------------------------------------------------------------------- /salt/pcap/tools/sbin/so-pcap-export: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/pcap/tools/sbin/so-pcap-export -------------------------------------------------------------------------------- /salt/pcap/tools/sbin/so-pcap-restart: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/pcap/tools/sbin/so-pcap-restart -------------------------------------------------------------------------------- /salt/pcap/tools/sbin/so-pcap-start: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/pcap/tools/sbin/so-pcap-start -------------------------------------------------------------------------------- /salt/pcap/tools/sbin/so-pcap-stop: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/pcap/tools/sbin/so-pcap-stop -------------------------------------------------------------------------------- /salt/pipeline/load.sls: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/pipeline/load.sls -------------------------------------------------------------------------------- /salt/podman/files/podman.service: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/podman/files/podman.service -------------------------------------------------------------------------------- /salt/podman/files/podman.socket: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/podman/files/podman.socket -------------------------------------------------------------------------------- /salt/podman/files/sobridge.conflist: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/podman/files/sobridge.conflist -------------------------------------------------------------------------------- /salt/podman/init.sls: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/podman/init.sls -------------------------------------------------------------------------------- /salt/reactor/check_hypervisor.sls: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/reactor/check_hypervisor.sls -------------------------------------------------------------------------------- /salt/reactor/createEmptyPillar.sls: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/reactor/createEmptyPillar.sls -------------------------------------------------------------------------------- /salt/reactor/deleteKey.sls: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/reactor/deleteKey.sls -------------------------------------------------------------------------------- /salt/reactor/sominion_setup.sls: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/reactor/sominion_setup.sls -------------------------------------------------------------------------------- /salt/reactor/vm_status.sls: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/reactor/vm_status.sls -------------------------------------------------------------------------------- /salt/reactor/zeek.sls: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/reactor/zeek.sls -------------------------------------------------------------------------------- /salt/redis/config.sls: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/redis/config.sls -------------------------------------------------------------------------------- /salt/redis/defaults.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/redis/defaults.yaml -------------------------------------------------------------------------------- /salt/redis/disabled.sls: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/redis/disabled.sls -------------------------------------------------------------------------------- /salt/redis/enabled.sls: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/redis/enabled.sls -------------------------------------------------------------------------------- /salt/redis/etc/redis.conf.jinja: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/redis/etc/redis.conf.jinja -------------------------------------------------------------------------------- /salt/redis/init.sls: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/redis/init.sls -------------------------------------------------------------------------------- /salt/redis/map.jinja: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/redis/map.jinja -------------------------------------------------------------------------------- /salt/redis/soc_redis.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/redis/soc_redis.yaml -------------------------------------------------------------------------------- /salt/redis/sostatus.sls: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/redis/sostatus.sls -------------------------------------------------------------------------------- /salt/redis/tools/sbin/so-redis-restart: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/redis/tools/sbin/so-redis-restart -------------------------------------------------------------------------------- /salt/redis/tools/sbin/so-redis-start: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/redis/tools/sbin/so-redis-start -------------------------------------------------------------------------------- /salt/redis/tools/sbin/so-redis-stop: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/redis/tools/sbin/so-redis-stop -------------------------------------------------------------------------------- /salt/redis/tools/sbin_jinja/so-redis-count: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/redis/tools/sbin_jinja/so-redis-count -------------------------------------------------------------------------------- /salt/registry/config.sls: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/registry/config.sls -------------------------------------------------------------------------------- /salt/registry/defaults.yaml: -------------------------------------------------------------------------------- 1 | registry: 2 | enabled: False 3 | -------------------------------------------------------------------------------- /salt/registry/disabled.sls: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/registry/disabled.sls -------------------------------------------------------------------------------- /salt/registry/enabled.sls: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/registry/enabled.sls -------------------------------------------------------------------------------- /salt/registry/etc/config.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/registry/etc/config.yml -------------------------------------------------------------------------------- /salt/registry/init.sls: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/registry/init.sls -------------------------------------------------------------------------------- /salt/registry/map.jinja: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/registry/map.jinja -------------------------------------------------------------------------------- /salt/registry/soc_registry.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/registry/soc_registry.yaml -------------------------------------------------------------------------------- /salt/registry/sostatus.sls: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/registry/sostatus.sls -------------------------------------------------------------------------------- /salt/repo/client/init.sls: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/repo/client/init.sls -------------------------------------------------------------------------------- /salt/repo/client/map.jinja: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/repo/client/map.jinja -------------------------------------------------------------------------------- /salt/repo/client/oracle.sls: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/repo/client/oracle.sls -------------------------------------------------------------------------------- /salt/salt/beacons.sls: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/salt/beacons.sls -------------------------------------------------------------------------------- /salt/salt/cloud/config.sls: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/salt/cloud/config.sls -------------------------------------------------------------------------------- /salt/salt/cloud/init.sls: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/salt/cloud/init.sls -------------------------------------------------------------------------------- /salt/salt/engines/master/checkmine.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/salt/engines/master/checkmine.py -------------------------------------------------------------------------------- /salt/salt/engines/master/pillarWatch.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/salt/engines/master/pillarWatch.py -------------------------------------------------------------------------------- /salt/salt/files/beacons.conf.jinja: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/salt/files/beacons.conf.jinja -------------------------------------------------------------------------------- /salt/salt/files/engines.conf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/salt/files/engines.conf -------------------------------------------------------------------------------- /salt/salt/files/vrt_engine.conf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/salt/files/vrt_engine.conf -------------------------------------------------------------------------------- /salt/salt/init.sls: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/salt/init.sls -------------------------------------------------------------------------------- /salt/salt/lasthighstate.sls: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/salt/lasthighstate.sls -------------------------------------------------------------------------------- /salt/salt/map.jinja: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/salt/map.jinja -------------------------------------------------------------------------------- /salt/salt/master.defaults.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/salt/master.defaults.yaml -------------------------------------------------------------------------------- /salt/salt/master.sls: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/salt/master.sls -------------------------------------------------------------------------------- /salt/salt/master/mine_update_highstate.sls: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/salt/master/mine_update_highstate.sls -------------------------------------------------------------------------------- /salt/salt/mine_functions.sls: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/salt/mine_functions.sls -------------------------------------------------------------------------------- /salt/salt/minion-check.sls: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/salt/minion-check.sls -------------------------------------------------------------------------------- /salt/salt/minion-state-apply-test.sls: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/salt/minion-state-apply-test.sls -------------------------------------------------------------------------------- /salt/salt/minion.defaults.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/salt/minion.defaults.yaml -------------------------------------------------------------------------------- /salt/salt/minion/init.sls: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/salt/minion/init.sls -------------------------------------------------------------------------------- /salt/salt/minion/service_file.sls: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/salt/minion/service_file.sls -------------------------------------------------------------------------------- /salt/salt/patch/x509_v2/init.sls: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/salt/patch/x509_v2/init.sls -------------------------------------------------------------------------------- /salt/salt/python_modules.sls: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/salt/python_modules.sls -------------------------------------------------------------------------------- /salt/salt/scripts/bootstrap-salt.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/salt/scripts/bootstrap-salt.sh -------------------------------------------------------------------------------- /salt/salt/scripts/fixLibvirt.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/salt/scripts/fixLibvirt.py -------------------------------------------------------------------------------- /salt/schedule.sls: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/schedule.sls -------------------------------------------------------------------------------- /salt/sensor/defaults.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/sensor/defaults.yaml -------------------------------------------------------------------------------- /salt/sensor/init.sls: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/sensor/init.sls -------------------------------------------------------------------------------- /salt/sensor/map.jinja: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/sensor/map.jinja -------------------------------------------------------------------------------- /salt/sensor/soc_sensor.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/sensor/soc_sensor.yaml -------------------------------------------------------------------------------- /salt/sensor/vm/network.sls: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/sensor/vm/network.sls -------------------------------------------------------------------------------- /salt/sensoroni/config.sls: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/sensoroni/config.sls -------------------------------------------------------------------------------- /salt/sensoroni/defaults.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/sensoroni/defaults.yaml -------------------------------------------------------------------------------- /salt/sensoroni/disabled.sls: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/sensoroni/disabled.sls -------------------------------------------------------------------------------- /salt/sensoroni/enabled.sls: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/sensoroni/enabled.sls -------------------------------------------------------------------------------- /salt/sensoroni/files/analyzers/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/sensoroni/files/analyzers/README.md -------------------------------------------------------------------------------- /salt/sensoroni/files/analyzers/build.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/sensoroni/files/analyzers/build.sh -------------------------------------------------------------------------------- /salt/sensoroni/files/analyzers/emailrep/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /salt/sensoroni/files/analyzers/emailrep/requirements.txt: -------------------------------------------------------------------------------- 1 | requests>=2.31.0 2 | pyyaml>=6.0 3 | -------------------------------------------------------------------------------- /salt/sensoroni/files/analyzers/greynoise/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /salt/sensoroni/files/analyzers/greynoise/requirements.txt: -------------------------------------------------------------------------------- 1 | requests>=2.31.0 2 | pyyaml>=6.0 3 | -------------------------------------------------------------------------------- /salt/sensoroni/files/analyzers/helpers.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/sensoroni/files/analyzers/helpers.py -------------------------------------------------------------------------------- /salt/sensoroni/files/analyzers/localfile/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /salt/sensoroni/files/analyzers/localfile/requirements.txt: -------------------------------------------------------------------------------- 1 | requests>=2.31.0 2 | pyyaml>=6.0 3 | -------------------------------------------------------------------------------- /salt/sensoroni/files/analyzers/malwarebazaar/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /salt/sensoroni/files/analyzers/malwarehashregistry/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /salt/sensoroni/files/analyzers/malwarehashregistry/requirements.txt: -------------------------------------------------------------------------------- 1 | requests>=2.31.0 2 | python-whois>=0.9.5 3 | -------------------------------------------------------------------------------- /salt/sensoroni/files/analyzers/otx/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /salt/sensoroni/files/analyzers/otx/otx.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/sensoroni/files/analyzers/otx/otx.py -------------------------------------------------------------------------------- /salt/sensoroni/files/analyzers/otx/requirements.txt: -------------------------------------------------------------------------------- 1 | requests>=2.31.0 2 | pyyaml>=6.0 3 | -------------------------------------------------------------------------------- /salt/sensoroni/files/analyzers/pulsedive/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /salt/sensoroni/files/analyzers/pulsedive/requirements.txt: -------------------------------------------------------------------------------- 1 | requests>=2.31.0 2 | pyyaml>=6.0 3 | -------------------------------------------------------------------------------- /salt/sensoroni/files/analyzers/spamhaus/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /salt/sensoroni/files/analyzers/spamhaus/requirements.txt: -------------------------------------------------------------------------------- 1 | dnspython>=2.2.1 2 | pyyaml>=6.0 3 | -------------------------------------------------------------------------------- /salt/sensoroni/files/analyzers/sublime/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /salt/sensoroni/files/analyzers/sublime/requirements.txt: -------------------------------------------------------------------------------- 1 | requests>=2.27.1 2 | pyyaml>=6.0 3 | -------------------------------------------------------------------------------- /salt/sensoroni/files/analyzers/urlhaus/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /salt/sensoroni/files/analyzers/urlhaus/requirements.txt: -------------------------------------------------------------------------------- 1 | requests>=2.31.0 2 | pyyaml>=6.0 3 | -------------------------------------------------------------------------------- /salt/sensoroni/files/analyzers/urlscan/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /salt/sensoroni/files/analyzers/urlscan/requirements.txt: -------------------------------------------------------------------------------- 1 | requests>=2.31.0 2 | pyyaml>=6.0 3 | -------------------------------------------------------------------------------- /salt/sensoroni/files/analyzers/virustotal/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /salt/sensoroni/files/analyzers/virustotal/requirements.txt: -------------------------------------------------------------------------------- 1 | requests>=2.31.0 2 | pyyaml>=6.0 3 | -------------------------------------------------------------------------------- /salt/sensoroni/files/analyzers/whoislookup/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /salt/sensoroni/files/sensoroni.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/sensoroni/files/sensoroni.json -------------------------------------------------------------------------------- /salt/sensoroni/init.sls: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/sensoroni/init.sls -------------------------------------------------------------------------------- /salt/sensoroni/map.jinja: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/sensoroni/map.jinja -------------------------------------------------------------------------------- /salt/sensoroni/soc_sensoroni.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/sensoroni/soc_sensoroni.yaml -------------------------------------------------------------------------------- /salt/sensoroni/sostatus.sls: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/sensoroni/sostatus.sls -------------------------------------------------------------------------------- /salt/setup/virt/init.sls: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/setup/virt/init.sls -------------------------------------------------------------------------------- /salt/setup/virt/setHostname.sls: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/setup/virt/setHostname.sls -------------------------------------------------------------------------------- /salt/setup/virt/setSalt.sls: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/setup/virt/setSalt.sls -------------------------------------------------------------------------------- /salt/setup/virt/soinstall.map.jinja: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/setup/virt/soinstall.map.jinja -------------------------------------------------------------------------------- /salt/setup/virt/sominion.sls: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/setup/virt/sominion.sls -------------------------------------------------------------------------------- /salt/soc/config.sls: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/soc/config.sls -------------------------------------------------------------------------------- /salt/soc/defaults.map.jinja: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/soc/defaults.map.jinja -------------------------------------------------------------------------------- /salt/soc/defaults.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/soc/defaults.yaml -------------------------------------------------------------------------------- /salt/soc/disabled.sls: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/soc/disabled.sls -------------------------------------------------------------------------------- /salt/soc/dyanno/hypervisor/hypervisor.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/soc/dyanno/hypervisor/hypervisor.yaml -------------------------------------------------------------------------------- /salt/soc/dyanno/hypervisor/init.sls: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/soc/dyanno/hypervisor/init.sls -------------------------------------------------------------------------------- /salt/soc/dyanno/hypervisor/map.jinja: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/soc/dyanno/hypervisor/map.jinja -------------------------------------------------------------------------------- /salt/soc/enabled.sls: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/soc/enabled.sls -------------------------------------------------------------------------------- /salt/soc/files/bin/salt-relay.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/soc/files/bin/salt-relay.sh -------------------------------------------------------------------------------- /salt/soc/files/soc/analytics.js: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/soc/files/soc/analytics.js -------------------------------------------------------------------------------- /salt/soc/files/soc/banner.md: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /salt/soc/files/soc/custom.js: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /salt/soc/files/soc/custom_roles: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /salt/soc/files/soc/motd.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/soc/files/soc/motd.md -------------------------------------------------------------------------------- /salt/soc/files/soc/sigma_so_pipeline.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/soc/files/soc/sigma_so_pipeline.yaml -------------------------------------------------------------------------------- /salt/soc/files/soc/so-detections-backup.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/soc/files/soc/so-detections-backup.py -------------------------------------------------------------------------------- /salt/soc/files/soc/soc.json.jinja: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/soc/files/soc/soc.json.jinja -------------------------------------------------------------------------------- /salt/soc/init.sls: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/soc/init.sls -------------------------------------------------------------------------------- /salt/soc/merged.map.jinja: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/soc/merged.map.jinja -------------------------------------------------------------------------------- /salt/soc/soc_soc.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/soc/soc_soc.yaml -------------------------------------------------------------------------------- /salt/soc/sostatus.sls: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/soc/sostatus.sls -------------------------------------------------------------------------------- /salt/soc/tools/sbin/so-soc-restart: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/soc/tools/sbin/so-soc-restart -------------------------------------------------------------------------------- /salt/soc/tools/sbin/so-soc-start: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/soc/tools/sbin/so-soc-start -------------------------------------------------------------------------------- /salt/soc/tools/sbin/so-soc-stop: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/soc/tools/sbin/so-soc-stop -------------------------------------------------------------------------------- /salt/ssl/init.sls: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/ssl/init.sls -------------------------------------------------------------------------------- /salt/ssl/remove.sls: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/ssl/remove.sls -------------------------------------------------------------------------------- /salt/stig/defaults.yaml: -------------------------------------------------------------------------------- 1 | stig: 2 | enabled: False 3 | run_interval: 12 -------------------------------------------------------------------------------- /salt/stig/disabled.sls: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/stig/disabled.sls -------------------------------------------------------------------------------- /salt/stig/enabled.sls: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/stig/enabled.sls -------------------------------------------------------------------------------- /salt/stig/files/sos-oscap.xml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/stig/files/sos-oscap.xml -------------------------------------------------------------------------------- /salt/stig/init.sls: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/stig/init.sls -------------------------------------------------------------------------------- /salt/stig/map.jinja: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/stig/map.jinja -------------------------------------------------------------------------------- /salt/stig/schedule.sls: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/stig/schedule.sls -------------------------------------------------------------------------------- /salt/stig/soc_stig.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/stig/soc_stig.yaml -------------------------------------------------------------------------------- /salt/storage/init.sls: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/storage/init.sls -------------------------------------------------------------------------------- /salt/storage/nsm_mount_nvme.sls: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/storage/nsm_mount_nvme.sls -------------------------------------------------------------------------------- /salt/storage/nsm_mount_virtio.sls: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/storage/nsm_mount_virtio.sls -------------------------------------------------------------------------------- /salt/storage/tools/sbin/so-nsm-cleanup: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/storage/tools/sbin/so-nsm-cleanup -------------------------------------------------------------------------------- /salt/storage/tools/sbin/so-nsm-mount-nvme: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/storage/tools/sbin/so-nsm-mount-nvme -------------------------------------------------------------------------------- /salt/strelka/backend/config.sls: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/strelka/backend/config.sls -------------------------------------------------------------------------------- /salt/strelka/backend/disabled.sls: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/strelka/backend/disabled.sls -------------------------------------------------------------------------------- /salt/strelka/backend/enabled.sls: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/strelka/backend/enabled.sls -------------------------------------------------------------------------------- /salt/strelka/backend/files/backend.yaml.jinja: -------------------------------------------------------------------------------- 1 | {{ BACKENDCONFIG | yaml(false) }} 2 | -------------------------------------------------------------------------------- /salt/strelka/backend/files/logging.yaml.jinja: -------------------------------------------------------------------------------- 1 | {{ LOGGINGCONFIG | yaml(false) }} 2 | -------------------------------------------------------------------------------- /salt/strelka/backend/files/passwords.dat.jinja: -------------------------------------------------------------------------------- 1 | {{ PASSWORDS | join('\n') }} 2 | -------------------------------------------------------------------------------- /salt/strelka/backend/init.sls: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/strelka/backend/init.sls -------------------------------------------------------------------------------- /salt/strelka/backend/sostatus.sls: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/strelka/backend/sostatus.sls -------------------------------------------------------------------------------- /salt/strelka/compile_yara/compile_yara.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/strelka/compile_yara/compile_yara.py -------------------------------------------------------------------------------- /salt/strelka/config.sls: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/strelka/config.sls -------------------------------------------------------------------------------- /salt/strelka/coordinator/config.sls: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/strelka/coordinator/config.sls -------------------------------------------------------------------------------- /salt/strelka/coordinator/disabled.sls: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/strelka/coordinator/disabled.sls -------------------------------------------------------------------------------- /salt/strelka/coordinator/enabled.sls: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/strelka/coordinator/enabled.sls -------------------------------------------------------------------------------- /salt/strelka/coordinator/init.sls: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/strelka/coordinator/init.sls -------------------------------------------------------------------------------- /salt/strelka/coordinator/sostatus.sls: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/strelka/coordinator/sostatus.sls -------------------------------------------------------------------------------- /salt/strelka/defaults.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/strelka/defaults.yaml -------------------------------------------------------------------------------- /salt/strelka/filecheck/filecheck: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/strelka/filecheck/filecheck -------------------------------------------------------------------------------- /salt/strelka/filecheck/filecheck.yaml.jinja: -------------------------------------------------------------------------------- 1 | filecheck: 2 | {{ FILECHECKCONFIG | yaml(false) | indent(width=2) }} 3 | -------------------------------------------------------------------------------- /salt/strelka/filestream/config.sls: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/strelka/filestream/config.sls -------------------------------------------------------------------------------- /salt/strelka/filestream/disabled.sls: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/strelka/filestream/disabled.sls -------------------------------------------------------------------------------- /salt/strelka/filestream/enabled.sls: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/strelka/filestream/enabled.sls -------------------------------------------------------------------------------- /salt/strelka/filestream/files/filestream.yaml.jinja: -------------------------------------------------------------------------------- 1 | {{ FILESTREAMCONFIG | yaml(false) }} 2 | -------------------------------------------------------------------------------- /salt/strelka/filestream/init.sls: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/strelka/filestream/init.sls -------------------------------------------------------------------------------- /salt/strelka/filestream/sostatus.sls: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/strelka/filestream/sostatus.sls -------------------------------------------------------------------------------- /salt/strelka/frontend/config.sls: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/strelka/frontend/config.sls -------------------------------------------------------------------------------- /salt/strelka/frontend/disabled.sls: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/strelka/frontend/disabled.sls -------------------------------------------------------------------------------- /salt/strelka/frontend/enabled.sls: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/strelka/frontend/enabled.sls -------------------------------------------------------------------------------- /salt/strelka/frontend/files/frontend.yaml.jinja: -------------------------------------------------------------------------------- 1 | {{ FRONTENDCONFIG | yaml(false) }} 2 | -------------------------------------------------------------------------------- /salt/strelka/frontend/init.sls: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/strelka/frontend/init.sls -------------------------------------------------------------------------------- /salt/strelka/frontend/sostatus.sls: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/strelka/frontend/sostatus.sls -------------------------------------------------------------------------------- /salt/strelka/gatekeeper/config.sls: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/strelka/gatekeeper/config.sls -------------------------------------------------------------------------------- /salt/strelka/gatekeeper/disabled.sls: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/strelka/gatekeeper/disabled.sls -------------------------------------------------------------------------------- /salt/strelka/gatekeeper/enabled.sls: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/strelka/gatekeeper/enabled.sls -------------------------------------------------------------------------------- /salt/strelka/gatekeeper/init.sls: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/strelka/gatekeeper/init.sls -------------------------------------------------------------------------------- /salt/strelka/gatekeeper/sostatus.sls: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/strelka/gatekeeper/sostatus.sls -------------------------------------------------------------------------------- /salt/strelka/init.sls: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/strelka/init.sls -------------------------------------------------------------------------------- /salt/strelka/manager.sls: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/strelka/manager.sls -------------------------------------------------------------------------------- /salt/strelka/manager/config.sls: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/strelka/manager/config.sls -------------------------------------------------------------------------------- /salt/strelka/manager/disabled.sls: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/strelka/manager/disabled.sls -------------------------------------------------------------------------------- /salt/strelka/manager/enabled.sls: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/strelka/manager/enabled.sls -------------------------------------------------------------------------------- /salt/strelka/manager/files/manager.yaml.jinja: -------------------------------------------------------------------------------- 1 | {{ MANAGERCONFIG | yaml(false) }} 2 | -------------------------------------------------------------------------------- /salt/strelka/manager/init.sls: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/strelka/manager/init.sls -------------------------------------------------------------------------------- /salt/strelka/manager/sostatus.sls: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/strelka/manager/sostatus.sls -------------------------------------------------------------------------------- /salt/strelka/map.jinja: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/strelka/map.jinja -------------------------------------------------------------------------------- /salt/strelka/rules/compiled/DO.NOT.TOUCH: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /salt/strelka/soc_strelka.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/strelka/soc_strelka.yaml -------------------------------------------------------------------------------- /salt/strelka/tools/sbin/so-strelka-restart: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/strelka/tools/sbin/so-strelka-restart -------------------------------------------------------------------------------- /salt/strelka/tools/sbin/so-strelka-start: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/strelka/tools/sbin/so-strelka-start -------------------------------------------------------------------------------- /salt/strelka/tools/sbin/so-strelka-stop: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/strelka/tools/sbin/so-strelka-stop -------------------------------------------------------------------------------- /salt/suricata/config.sls: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/suricata/config.sls -------------------------------------------------------------------------------- /salt/suricata/cron/so-suricata-eve-clean: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/suricata/cron/so-suricata-eve-clean -------------------------------------------------------------------------------- /salt/suricata/cron/surilogcompress: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/suricata/cron/surilogcompress -------------------------------------------------------------------------------- /salt/suricata/defaults.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/suricata/defaults.yaml -------------------------------------------------------------------------------- /salt/suricata/disabled.sls: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/suricata/disabled.sls -------------------------------------------------------------------------------- /salt/suricata/enabled.sls: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/suricata/enabled.sls -------------------------------------------------------------------------------- /salt/suricata/files/suricata.yaml.jinja: -------------------------------------------------------------------------------- 1 | %YAML 1.1 2 | --- 3 | {{ suricata_config | yaml(False) }} -------------------------------------------------------------------------------- /salt/suricata/files/threshold.conf.jinja: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/suricata/files/threshold.conf.jinja -------------------------------------------------------------------------------- /salt/suricata/init.sls: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/suricata/init.sls -------------------------------------------------------------------------------- /salt/suricata/manager.sls: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/suricata/manager.sls -------------------------------------------------------------------------------- /salt/suricata/map.jinja: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/suricata/map.jinja -------------------------------------------------------------------------------- /salt/suricata/pcap.sls: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/suricata/pcap.sls -------------------------------------------------------------------------------- /salt/suricata/soc_suricata.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/suricata/soc_suricata.yaml -------------------------------------------------------------------------------- /salt/suricata/sostatus.sls: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/suricata/sostatus.sls -------------------------------------------------------------------------------- /salt/suricata/suricata_mdengine.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/suricata/suricata_mdengine.yaml -------------------------------------------------------------------------------- /salt/suricata/thresholding/sids.yaml: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /salt/suricata/tools/sbin/so-suricata-start: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/suricata/tools/sbin/so-suricata-start -------------------------------------------------------------------------------- /salt/suricata/tools/sbin/so-suricata-stop: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/suricata/tools/sbin/so-suricata-stop -------------------------------------------------------------------------------- /salt/systemd/reload.sls: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/systemd/reload.sls -------------------------------------------------------------------------------- /salt/tcpreplay/init.sls: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/tcpreplay/init.sls -------------------------------------------------------------------------------- /salt/telegraf/config.sls: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/telegraf/config.sls -------------------------------------------------------------------------------- /salt/telegraf/defaults.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/telegraf/defaults.yaml -------------------------------------------------------------------------------- /salt/telegraf/disabled.sls: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/telegraf/disabled.sls -------------------------------------------------------------------------------- /salt/telegraf/enabled.sls: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/telegraf/enabled.sls -------------------------------------------------------------------------------- /salt/telegraf/etc/telegraf.conf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/telegraf/etc/telegraf.conf -------------------------------------------------------------------------------- /salt/telegraf/init.sls: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/telegraf/init.sls -------------------------------------------------------------------------------- /salt/telegraf/map.jinja: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/telegraf/map.jinja -------------------------------------------------------------------------------- /salt/telegraf/node_config.json.jinja: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/telegraf/node_config.json.jinja -------------------------------------------------------------------------------- /salt/telegraf/scripts/agentstatus.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/telegraf/scripts/agentstatus.sh -------------------------------------------------------------------------------- /salt/telegraf/scripts/checkfiles.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/telegraf/scripts/checkfiles.sh -------------------------------------------------------------------------------- /salt/telegraf/scripts/eps.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/telegraf/scripts/eps.sh -------------------------------------------------------------------------------- /salt/telegraf/scripts/esindexsize.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/telegraf/scripts/esindexsize.sh -------------------------------------------------------------------------------- /salt/telegraf/scripts/features.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/telegraf/scripts/features.sh -------------------------------------------------------------------------------- /salt/telegraf/scripts/influxdbsize.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/telegraf/scripts/influxdbsize.sh -------------------------------------------------------------------------------- /salt/telegraf/scripts/lasthighstate.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/telegraf/scripts/lasthighstate.sh -------------------------------------------------------------------------------- /salt/telegraf/scripts/oldpcap.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/telegraf/scripts/oldpcap.sh -------------------------------------------------------------------------------- /salt/telegraf/scripts/os.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/telegraf/scripts/os.sh -------------------------------------------------------------------------------- /salt/telegraf/scripts/raid.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/telegraf/scripts/raid.sh -------------------------------------------------------------------------------- /salt/telegraf/scripts/redis.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/telegraf/scripts/redis.sh -------------------------------------------------------------------------------- /salt/telegraf/scripts/sostatus.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/telegraf/scripts/sostatus.sh -------------------------------------------------------------------------------- /salt/telegraf/scripts/stenoloss.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/telegraf/scripts/stenoloss.sh -------------------------------------------------------------------------------- /salt/telegraf/scripts/suriloss.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/telegraf/scripts/suriloss.sh -------------------------------------------------------------------------------- /salt/telegraf/scripts/zeekcaptureloss.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/telegraf/scripts/zeekcaptureloss.sh -------------------------------------------------------------------------------- /salt/telegraf/scripts/zeekloss.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/telegraf/scripts/zeekloss.sh -------------------------------------------------------------------------------- /salt/telegraf/soc_telegraf.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/telegraf/soc_telegraf.yaml -------------------------------------------------------------------------------- /salt/telegraf/sostatus.sls: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/telegraf/sostatus.sls -------------------------------------------------------------------------------- /salt/telegraf/tools/sbin/so-telegraf-start: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/telegraf/tools/sbin/so-telegraf-start -------------------------------------------------------------------------------- /salt/telegraf/tools/sbin/so-telegraf-stop: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/telegraf/tools/sbin/so-telegraf-stop -------------------------------------------------------------------------------- /salt/top.sls: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/top.sls -------------------------------------------------------------------------------- /salt/utility/bin/eval: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/utility/bin/eval -------------------------------------------------------------------------------- /salt/utility/init.sls: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/utility/init.sls -------------------------------------------------------------------------------- /salt/vars/desktop.map.jinja: -------------------------------------------------------------------------------- 1 | {% set ROLE_GLOBALS = {} %} 2 | -------------------------------------------------------------------------------- /salt/vars/elasticsearch.map.jinja: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/vars/elasticsearch.map.jinja -------------------------------------------------------------------------------- /salt/vars/eval.map.jinja: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/vars/eval.map.jinja -------------------------------------------------------------------------------- /salt/vars/fleet.map.jinja: -------------------------------------------------------------------------------- 1 | {% set ROLE_GLOBALS = {} %} 2 | -------------------------------------------------------------------------------- /salt/vars/globals.map.jinja: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/vars/globals.map.jinja -------------------------------------------------------------------------------- /salt/vars/heavynode.map.jinja: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/vars/heavynode.map.jinja -------------------------------------------------------------------------------- /salt/vars/hypervisor.map.jinja: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/vars/hypervisor.map.jinja -------------------------------------------------------------------------------- /salt/vars/idh.map.jinja: -------------------------------------------------------------------------------- 1 | {% set ROLE_GLOBALS = {} %} -------------------------------------------------------------------------------- /salt/vars/import.map.jinja: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/vars/import.map.jinja -------------------------------------------------------------------------------- /salt/vars/init.map.jinja: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/vars/init.map.jinja -------------------------------------------------------------------------------- /salt/vars/logstash.map.jinja: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/vars/logstash.map.jinja -------------------------------------------------------------------------------- /salt/vars/manager.map.jinja: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/vars/manager.map.jinja -------------------------------------------------------------------------------- /salt/vars/managerhype.map.jinja: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/vars/managerhype.map.jinja -------------------------------------------------------------------------------- /salt/vars/managersearch.map.jinja: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/vars/managersearch.map.jinja -------------------------------------------------------------------------------- /salt/vars/receiver.map.jinja: -------------------------------------------------------------------------------- 1 | {% set ROLE_GLOBALS = {} %} 2 | -------------------------------------------------------------------------------- /salt/vars/searchnode.map.jinja: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/vars/searchnode.map.jinja -------------------------------------------------------------------------------- /salt/vars/sensor.map.jinja: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/vars/sensor.map.jinja -------------------------------------------------------------------------------- /salt/vars/standalone.map.jinja: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/vars/standalone.map.jinja -------------------------------------------------------------------------------- /salt/versionlock/defaults.yaml: -------------------------------------------------------------------------------- 1 | versionlock: 2 | hold: [] 3 | -------------------------------------------------------------------------------- /salt/versionlock/init.sls: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/versionlock/init.sls -------------------------------------------------------------------------------- /salt/versionlock/map.jinja: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/versionlock/map.jinja -------------------------------------------------------------------------------- /salt/versionlock/soc_versionlock.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/versionlock/soc_versionlock.yaml -------------------------------------------------------------------------------- /salt/vm/defaults.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/vm/defaults.yaml -------------------------------------------------------------------------------- /salt/vm/map.jinja: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/vm/map.jinja -------------------------------------------------------------------------------- /salt/vm/soc_vm.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/vm/soc_vm.yaml -------------------------------------------------------------------------------- /salt/vm/status/init.sls: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/vm/status/init.sls -------------------------------------------------------------------------------- /salt/vm/user/init.sls: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/vm/user/init.sls -------------------------------------------------------------------------------- /salt/zeek/config.map.jinja: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/zeek/config.map.jinja -------------------------------------------------------------------------------- /salt/zeek/config.sls: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/zeek/config.sls -------------------------------------------------------------------------------- /salt/zeek/cron/packetloss.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/zeek/cron/packetloss.sh -------------------------------------------------------------------------------- /salt/zeek/cron/zeek_clean: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/zeek/cron/zeek_clean -------------------------------------------------------------------------------- /salt/zeek/defaults.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/zeek/defaults.yaml -------------------------------------------------------------------------------- /salt/zeek/disabled.sls: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/zeek/disabled.sls -------------------------------------------------------------------------------- /salt/zeek/enabled.sls: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/zeek/enabled.sls -------------------------------------------------------------------------------- /salt/zeek/files/config.zeek.ja4: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/zeek/files/config.zeek.ja4 -------------------------------------------------------------------------------- /salt/zeek/files/local.zeek.jinja: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/zeek/files/local.zeek.jinja -------------------------------------------------------------------------------- /salt/zeek/files/networks.cfg.jinja: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/zeek/files/networks.cfg.jinja -------------------------------------------------------------------------------- /salt/zeek/files/node.cfg.jinja: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/zeek/files/node.cfg.jinja -------------------------------------------------------------------------------- /salt/zeek/files/zeekctl.cfg.jinja: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/zeek/files/zeekctl.cfg.jinja -------------------------------------------------------------------------------- /salt/zeek/init.sls: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/zeek/init.sls -------------------------------------------------------------------------------- /salt/zeek/policy/custom/README: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/zeek/policy/custom/README -------------------------------------------------------------------------------- /salt/zeek/policy/custom/filters/conn: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/zeek/policy/custom/filters/conn -------------------------------------------------------------------------------- /salt/zeek/policy/custom/filters/dns: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/zeek/policy/custom/filters/dns -------------------------------------------------------------------------------- /salt/zeek/policy/custom/filters/files: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/zeek/policy/custom/filters/files -------------------------------------------------------------------------------- /salt/zeek/policy/custom/filters/httphost: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/zeek/policy/custom/filters/httphost -------------------------------------------------------------------------------- /salt/zeek/policy/custom/filters/httpuri: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/zeek/policy/custom/filters/httpuri -------------------------------------------------------------------------------- /salt/zeek/policy/custom/filters/ssl: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/zeek/policy/custom/filters/ssl -------------------------------------------------------------------------------- /salt/zeek/policy/custom/filters/tunnel: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/zeek/policy/custom/filters/tunnel -------------------------------------------------------------------------------- /salt/zeek/policy/cve-2020-0601/COPYING: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/zeek/policy/cve-2020-0601/COPYING -------------------------------------------------------------------------------- /salt/zeek/policy/cve-2020-0601/__load__.zeek: -------------------------------------------------------------------------------- 1 | @load ./cve-2020-0601 2 | -------------------------------------------------------------------------------- /salt/zeek/policy/intel/__load__.zeek: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/zeek/policy/intel/__load__.zeek -------------------------------------------------------------------------------- /salt/zeek/policy/intel/intel.dat: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/zeek/policy/intel/intel.dat -------------------------------------------------------------------------------- /salt/zeek/policy/securityonion/file-extraction/__load__.zeek: -------------------------------------------------------------------------------- 1 | @load ./extract 2 | -------------------------------------------------------------------------------- /salt/zeek/soc_zeek.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/zeek/soc_zeek.yaml -------------------------------------------------------------------------------- /salt/zeek/sostatus.sls: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/zeek/sostatus.sls -------------------------------------------------------------------------------- /salt/zeek/tools/sbin/so-zeek-restart: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/zeek/tools/sbin/so-zeek-restart -------------------------------------------------------------------------------- /salt/zeek/tools/sbin/so-zeek-start: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/zeek/tools/sbin/so-zeek-start -------------------------------------------------------------------------------- /salt/zeek/tools/sbin/so-zeek-stats: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/zeek/tools/sbin/so-zeek-stats -------------------------------------------------------------------------------- /salt/zeek/tools/sbin/so-zeek-stop: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/salt/zeek/tools/sbin/so-zeek-stop -------------------------------------------------------------------------------- /setup/files/intel.dat: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/setup/files/intel.dat -------------------------------------------------------------------------------- /setup/public_keys/salt.pem: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/setup/public_keys/salt.pem -------------------------------------------------------------------------------- /setup/so-functions: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/setup/so-functions -------------------------------------------------------------------------------- /setup/so-preflight: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/setup/so-preflight -------------------------------------------------------------------------------- /setup/so-setup: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/setup/so-setup -------------------------------------------------------------------------------- /setup/so-variables: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/setup/so-variables -------------------------------------------------------------------------------- /setup/so-verify: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/setup/so-verify -------------------------------------------------------------------------------- /setup/so-whiptail: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/setup/so-whiptail -------------------------------------------------------------------------------- /sigs/securityonion-2.4.10-20230815.iso.sig: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/sigs/securityonion-2.4.10-20230815.iso.sig -------------------------------------------------------------------------------- /sigs/securityonion-2.4.10-20230821.iso.sig: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/sigs/securityonion-2.4.10-20230821.iso.sig -------------------------------------------------------------------------------- /sigs/securityonion-2.4.20-20231006.iso.sig: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/sigs/securityonion-2.4.20-20231006.iso.sig -------------------------------------------------------------------------------- /sigs/securityonion-2.4.20-20231012.iso.sig: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/sigs/securityonion-2.4.20-20231012.iso.sig -------------------------------------------------------------------------------- /sigs/securityonion-2.4.30-20231113.iso.sig: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/sigs/securityonion-2.4.30-20231113.iso.sig -------------------------------------------------------------------------------- /sigs/securityonion-2.4.30-20231117.iso.sig: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/sigs/securityonion-2.4.30-20231117.iso.sig -------------------------------------------------------------------------------- /sigs/securityonion-2.4.30-20231121.iso.sig: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/sigs/securityonion-2.4.30-20231121.iso.sig -------------------------------------------------------------------------------- /sigs/securityonion-2.4.30-20231204.iso.sig: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/sigs/securityonion-2.4.30-20231204.iso.sig -------------------------------------------------------------------------------- /sigs/securityonion-2.4.30-20231219.iso.sig: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/sigs/securityonion-2.4.30-20231219.iso.sig -------------------------------------------------------------------------------- /sigs/securityonion-2.4.30-20231228.iso.sig: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/sigs/securityonion-2.4.30-20231228.iso.sig -------------------------------------------------------------------------------- /sigs/securityonion-2.4.40-20240116.iso.sig: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/sigs/securityonion-2.4.40-20240116.iso.sig -------------------------------------------------------------------------------- /sigs/securityonion-2.4.5-20230807.iso.sig: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/sigs/securityonion-2.4.5-20230807.iso.sig -------------------------------------------------------------------------------- /sigs/securityonion-2.4.50-20240220.iso.sig: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/sigs/securityonion-2.4.50-20240220.iso.sig -------------------------------------------------------------------------------- /sigs/securityonion-2.4.60-20240320.iso.sig: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/sigs/securityonion-2.4.60-20240320.iso.sig -------------------------------------------------------------------------------- /sigs/securityonion-2.4.70-20240529.iso.sig: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/sigs/securityonion-2.4.70-20240529.iso.sig -------------------------------------------------------------------------------- /sigs/securityonion-2.4.80-20240624.iso.sig: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/sigs/securityonion-2.4.80-20240624.iso.sig -------------------------------------------------------------------------------- /sigs/securityonion-2.4.90-20240729.iso.sig: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/sigs/securityonion-2.4.90-20240729.iso.sig -------------------------------------------------------------------------------- /so-desktop-install: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/so-desktop-install -------------------------------------------------------------------------------- /so-setup-network: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/so-setup-network -------------------------------------------------------------------------------- /tests/validation.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Security-Onion-Solutions/securityonion/HEAD/tests/validation.sh --------------------------------------------------------------------------------