mozilla
/
MozDef
зеркало из https://github.com/mozilla/MozDef.git
1
0
Форкнуть 0
Код Задачи Пакеты Проекты Релизы Вики Активность
749 коммитов 4 Ветки 53 Теги 68 MiB
Граф коммитов

749 Коммитов

Автор SHA1 Сообщение Дата
Michal Purzynski 0275e7a1fc Add tons of new alerts and improve some old ones. 2015-02-26 19:42:51 +01:00
Jeff Bryner 5fc33c6569 fixup persona login to create emails collection like local accounts 2015-02-23 15:03:15 -08:00
Jeff Bryner 8893b0d252 example settings.js file allowing client account creation 2015-02-23 11:07:57 -08:00
Jeff Bryner 307dfddd6d add server-side code to expose client accounts as a settings option 2015-02-23 11:07:27 -08:00
Jeff Bryner 44e8932c04 update docker settings to allow local/client account creation 2015-02-23 11:00:37 -08:00
Jeff Bryner e8bbd0d7f5 update docker to enable local login UI 2015-02-23 09:37:01 -08:00
Jeff Bryner 1da5029f9e add css with the local login options enabled 2015-02-23 09:34:21 -08:00
Jeff Bryner ababb568bd check for persona service as well as email before setting user attribute 2015-02-23 09:31:53 -08:00
Jeff Bryner 4022f796ff add nameplate meteor template files 2015-02-17 12:59:23 -08:00
Jeff Bryner dc183386b4 rework the attacker nameplate/skin to respond reactively to category changes 2015-02-16 14:27:38 -08:00
Jeff Bryner 120c139192 updating the README to reflect production status (since Summer 2014) 2015-02-15 12:05:40 -08:00
Jeff Bryner fb1cbe0458 smarter IP finding 2015-02-13 09:31:13 -08:00
Jeff Bryner 0d57342a68 modify attacker details subscriptions to not request events since they are already in the attacker collection 2015-02-13 09:30:38 -08:00
Jeff Bryner 77ab7165aa correct the nested, nested escaped json format 2015-02-12 14:39:52 -08:00
Jeff Bryner d663a65fe2 remove events from the alert DB read 2015-02-12 14:38:29 -08:00
Jeff Bryner 3bc9859fc4 add a mostCommon utility to summarize a list of dictionaries for use in alert text 2015-02-12 14:37:39 -08:00
Jeff Bryner 6757535a7b add plugin to send message to AWS SQS queue, closes #196 2015-02-10 14:28:50 -08:00
Jeff Bryner 5148779ca2 remove test2 2015-02-10 13:19:58 -08:00
Jeff Bryner 50406d156f move sample plugin to test.py 2015-02-10 13:19:40 -08:00
Jeff Bryner a1bf4e9cd8 add banhammer plugin for blocking IPs using https://github.com/mozilla/banhammer 2015-02-10 12:59:40 -08:00
Jeff Bryner 4db651006b add another example/test rest plugin 2015-02-10 12:58:21 -08:00
Jeff Bryner c73d820a65 add plugin system to the rest api, alter blockIP to use plugins 2015-02-10 12:56:47 -08:00
Jeff Bryner 2d00426304 Merge pull request #240 from ameihm0912/master 
also copy tags during compliance item event cleanup
 2015-02-10 11:48:00 -08:00
Aaron Meihm 6fb0ea4c13 also copy tags during compliance item event cleanup 2015-02-10 11:40:15 -06:00
Jeff Bryner ba3695bf24 smarter alert summary text for victim hostnames 2015-02-06 12:31:26 -08:00
Jeff Bryner 061d0f6ddf correct errant route after post 2015-02-06 12:30:46 -08:00
Jeff Bryner 60330be51a move the volume histogram to minutes, really closes #235 2015-02-06 12:30:27 -08:00
Jeff Bryner 399f238b61 rework autosave closes #239, closes #97 2015-02-06 12:00:16 -08:00
Jeff Bryner 7f3bc0a7a5 Merge pull request #237 from michalpurzynski/master 
Correct the order of "where" and "category" fields
 2015-02-04 09:44:54 -08:00
Michal Purzynski de31324dfa Add the licensing header. 2015-02-04 18:40:06 +01:00
Michal Purzynski ae594aa9ac Shift two fields that were in the wrong order. 2015-02-04 18:35:29 +01:00
Jeff Bryner 51061c9468 auto_delete the queue, closes #236 2015-02-03 12:52:12 -08:00
Jeff Bryner 3e5647af2f fix timeline bar size, closes #235 2015-02-03 12:50:44 -08:00
Jeff Bryner 792dbad922 remove un-needed init 2015-02-02 17:05:27 -08:00
Jeff Bryner f4336451a1 add plugin list to meteor session variable on startup for use in dialogs 2015-02-02 17:04:56 -08:00
Jeff Bryner 31089aec3c add utctimestamp to event details for clarity 2015-02-02 15:31:12 -08:00
Jeff Bryner 2ed8d0d885 add country filter closes #233, fix category on refresh closes #234 2015-02-02 15:30:55 -08:00
Jeff Bryner 745364e20b Merge pull request #232 from ameihm0912/master 
sourcename in vuln event docid to add isolation between different writer...
 2015-02-02 12:26:16 -08:00
Aaron Meihm 67d7d84bcf sourcename in vuln event docid to add isolation between different writers 2015-02-02 14:19:08 -06:00
Jeff Bryner eb7a528d52 Merge pull request #231 from michalpurzynski/master 
The Lua code for parsing and transforming Bro logs inside the Heka sandbox
 2015-02-02 09:19:21 -08:00
Jeff Bryner 6b162923b8 unsubscribe entire attackers collection by default 2015-02-02 09:18:23 -08:00
Jeff Bryner cc62e0b5c5 change reference to _source to get details fields 2015-02-02 09:17:55 -08:00
Michal Purzynski 8236da6cb0 Add the licensing header. 2015-02-02 18:11:03 +01:00
Michal Purzynski 44d741a542 Introducing a set of Lua code for parsing, transforming and JSON generating from various Bro logs. Plug and play into Heka. Tested in production. 2015-02-02 18:08:42 +01:00
Jeff Bryner c0218c08e2 vulnerability->vulnerabilities for consistent index naming 2015-01-30 12:24:35 -08:00
Jeff Bryner 73d210b811 Merge pull request #230 from ameihm0912/master 
add MozDef vulnerability processing plugin
 2015-01-30 12:13:11 -08:00
Aaron Meihm 9a4efd1e12 add MozDef vulnerability processing plugin 2015-01-30 11:36:49 -06:00
Jeff Bryner aa53e904de lower the sample limit for noisy bruteforce alert 2015-01-30 09:25:58 -08:00
Jeff Bryner 40113b2006 add full list of events to aggregated alert, closes #229 2015-01-30 09:25:19 -08:00
Jeff Bryner 8fc5931312 add escalation to investigation button, closes #228 2015-01-30 09:22:34 -08:00