Skip to content

Security-Onion-Solutions/securityonion-resources

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

27 Commits
event_filters
event_filters
 
 
sigma/stable
sigma/stable
 
 
.gitignore
.gitignore
 
 
README.md
README.md
 
 

Repository files navigation

Security Onion - Resources

This repository contains the following resources:

Security Onion specific Sigma Rules

This Sigma ruleset is maintained by Security Onion and is loaded by default into the Security Onion Detections module.

Event Filters

  • Location: main branch, event_filters folder
  • License: MIT

Generic event filters for process_creation, dns_query, file_create and more. Used by Security Onion to generate event filters for Elastic Defend events.

Originally sourced from https://github.com/Neo23x0/sysmon-config and https://github.com/olafhartong/sysmon-modular

AI-Generated Detection Summaries

Summaries created by an LLM for Suricata, Sigma and YARA rules. Used by Security Onion in the Detections module.

About

No description, website, or topics provided.

Resources

Readme
Activity
Custom properties

Stars

4 stars

Watchers

10 watching

Forks

1 fork
Report repository

Contributors 2

  •  
  •