mozilla
/
MozDef
зеркало из https://github.com/mozilla/MozDef.git
1
0
Форкнуть 0
Код Задачи Пакеты Проекты Релизы Вики Активность
685 коммитов 4 Ветки 53 Теги 68 MiB
Граф коммитов

685 Коммитов

Автор SHA1 Сообщение Дата
Jeff Bryner 1246b7dcab Merge pull request #223 from gdestuynder/master 
New alert for https://github.com/mozilla-it/duo_openvpn
 2015-01-22 16:45:14 -08:00
Jeff Bryner 13e491abd5 update VERIS tags, closes #222 2015-01-22 16:43:21 -08:00
Guillaume Destuynder 38078c65a2 New alert for https://github.com/mozilla-it/duo_openvpn 
Alerts when fDuoSecurity contact fails, which is means either authentication was refused, either granted based on a
single authentication factor ("fail open").
 2015-01-23 01:39:32 +01:00
Jeff Bryner 7b72733da2 minor comment/threshold change 2015-01-22 14:12:17 -08:00
Jeff Bryner e7dc4548d7 use the date range 2015-01-22 14:11:14 -08:00
Jeff Bryner 9d39c4fd59 match attacker category to skin, closes #219 2015-01-20 16:11:32 -08:00
Jeff Bryner c7a853fbbb minor case cleanup 2015-01-20 16:10:43 -08:00
Jeff Bryner e110cc1104 routing key should be the queue name rather than exchange name 2015-01-16 09:17:15 -08:00
Jeff Bryner 91055b3f3e minor change to conf file location for supervisord/alerts 2015-01-15 15:31:00 -08:00
Jeff Bryner 6da2875e98 explicitly set alert exchange to durable 2015-01-15 15:26:04 -08:00
Jeff Bryner 9e5ecb4873 explicitly set alert exchange to durable 2015-01-15 15:25:13 -08:00
Jeff Bryner e09fd9aad2 remove mrt installs for stuff installed by meteor automagically 2015-01-15 15:23:57 -08:00
Jeff Bryner 8b6dc4719c update packages and release to current meteor 2015-01-14 14:22:45 -08:00
Jeff Bryner 3c038ecb2e rate limit the bot to 1 message every 2seconds closing #220 2015-01-14 12:31:15 -08:00
Jeff Bryner 9bb85f63c8 increased density on the menu from css changes allows moar dashboards on the menu 2015-01-13 15:55:01 -08:00
Jeff Bryner b8ffb3a21d minor chmod +x 2015-01-13 14:55:25 -08:00
Jeff Bryner 202bba42a1 Migration to bootstrap v3, closes #160 2015-01-13 14:54:20 -08:00
Jeff Bryner 7c8fa9592e chmod +x and update target conf file 2014-12-19 12:32:11 -08:00
Jeff Bryner 6ef2631c40 fix old/new index mismatch between log message and action 2014-12-18 17:02:46 -08:00
Jeff Bryner 2b2c4fb3e3 minor cleanup to comments, logging 2014-12-18 16:54:25 -08:00
Jeff Bryner 2b53c6cd1f logic updates, debug messages with moar info 2014-12-18 16:02:09 -08:00
Jeff Bryner e86c71834a update snapshot backup to allow multiple snapshots/day 2014-12-18 14:32:41 -08:00
Jeff Bryner ad921e243d Merge pull request #218 from gdestuynder/master 
Replacing mozdef_lib by mozdef_client
 2014-12-17 10:35:34 -08:00
Guillaume Destuynder fe7a6f95bb Replacing mozdef_lib by mozdef_client 
Basically a: s/mozdef/mozdef_client

For use with your client-side code, change:
import mozdef

to:
import mozdef_client

This change clarifies that this library is for client-side code such as sending MozDef events.
 2014-12-17 18:10:31 +01:00
Jeff Bryner c104efd126 Merge pull request #216 from jvehent/master 
complianceitems plugin, take 2
 2014-12-16 17:02:00 -08:00
Julien Vehent 25f5ec69d6 complianceitems plugin, take 2 2014-12-16 19:03:59 -05:00
Jeff Bryner 1777c70781 Merge pull request #215 from jvehent/master 
complianceitems mozdef plugin, take 1
 2014-12-16 13:18:17 -08:00
Jeff Bryner 67e71e2b82 Merge pull request #214 from mpurzynski/master 
Add X-Cluster-Client-IP generated from NSM as yet another possible sourc...
 2014-12-16 13:17:54 -08:00
Julien Vehent 2d57f88380 complianceitems mozdef plugin, take 1 2014-12-16 16:13:49 -05:00
Michal Purzynski bf0c21eb36 Add X-Cluster-Client-IP generated from NSM as yet another possible source of the real client IP 2014-12-16 21:25:28 +01:00
Jeff Bryner 5c6bbac084 Alert Development ipython notebook, closes #213 2014-12-16 11:14:03 -08:00
Jeff Bryner 2352b475e2 correct mixed tabs/spaces 2014-12-15 15:39:26 -08:00
Jeff Bryner 34b6fcb483 Merge pull request #120 from netantho/averez-114-snapshots 
better snapshots
 2014-12-15 12:48:46 -08:00
Jeff Bryner e957f38ef5 add init script for alerts, closes #212 2014-12-12 14:40:07 -08:00
Jeff Bryner a43c0eaeb3 add correlation for user to mac address in new intel index closes #211 2014-12-09 15:19:26 -08:00
Jeff Bryner 844cc0e7df add event stats to the health/status 2014-12-09 09:35:44 -08:00
Jeff Bryner cc306e8a3f minor query change 2014-12-09 09:35:17 -08:00
Jeff Bryner 03b2623b3b sort by hostname, closes #206 2014-12-01 14:37:51 -08:00
Jeff Bryner bcdb87e566 correct the label for closed incident, closes #209 2014-12-01 13:43:11 -08:00
Jeff Bryner 969ab7225a add false positive category, closes #210 2014-12-01 13:42:43 -08:00
Jeff Bryner 3f902121ab Add aggregation cron script to tally category counts for statistical analysis, closes #207 2014-12-01 10:24:14 -08:00
Jeff Bryner f35743b2c3 update esworker to accept utctimestamp as a field, closes #208 2014-12-01 10:21:42 -08:00
Jeff Bryner 08805587a9 Merge pull request #204 from jvehent/master 
minor fixes to mig2mozdef
 2014-11-26 11:05:23 -08:00
Julien Vehent 6cf16bdb35 minor fixes to mig2mozdef 2014-11-26 12:49:30 -05:00
Jeff Bryner 003a2f3bfc Merge pull request #203 from jvehent/migpgpauth 
Replace client cert with PGP token in mig2mozdef.py
 2014-11-26 08:14:25 -08:00
Jeff Bryner 43d22324a8 simple sample script for generating and posing an event directly to rabbit..plus severity 2014-11-24 10:02:20 -08:00
Jeff Bryner 779205e322 simple sample script for generating and posing an event directly to rabbit 2014-11-24 09:59:35 -08:00
Julien Vehent 67e5f9e963 Replace client cert with PGP token in mig2mozdef.py 
This will require provisioning changes to replace the existing client cert with a
gnupg keyring in puppet.
 2014-11-15 17:02:17 -05:00
Jeff Bryner 7aa3f1e0cb round occasionally long, longs from rabbit queue api 2014-11-14 13:14:30 -08:00
Jeff Bryner f1b72a4162 update bro heka lua examples to ignore #comment lines 2014-11-12 15:25:19 -08:00