mozilla
/
MozDef
зеркало из https://github.com/mozilla/MozDef.git
1
0
Форкнуть 0
Код Задачи Пакеты Проекты Релизы Вики Активность
1 409 коммитов 4 Ветки 53 Теги 68 MiB
Граф коммитов

1409 Коммитов

Автор SHA1 Сообщение Дата
Brandon Myers 30892b91ae
Remove setConfig import from compromisedCreds cron 
Signed-off-by: Brandon Myers <bmyers@mozilla.com>
 2017-06-15 15:05:36 -05:00
Brandon Myers 0264c654b6
Fixup compromisedCreds2fxa state file 
Signed-off-by: Brandon Myers <bmyers@mozilla.com>
 2017-06-15 15:05:36 -05:00
Brandon Myers ad1fe08859
Fix cloudtrail2mozdef state file 
Signed-off-by: Brandon Myers <bmyers@mozilla.com>
 2017-06-15 15:05:36 -05:00
Brandon Myers ec7e7b210b
Remove setConfig import in backupSnapshot 
Signed-off-by: Brandon Myers <bmyers@mozilla.com>
 2017-06-15 15:05:36 -05:00
Brandon Myers bd5fc82901
Remove state file from okta2mozdef 
Signed-off-by: Brandon Myers <bmyers@mozilla.com>
 2017-06-15 15:05:36 -05:00
Brandon Myers c2b3d43ab3
Fix fxaAlert function call 
Signed-off-by: Brandon Myers <bmyers@mozilla.com>
 2017-06-15 15:05:35 -05:00
Phrozyn a3d62281ae
Changing naming convention of supervisord.alerts.conf to an ini. This file contains no secrets and an ini is more inline with how this file operates. 2017-06-15 15:05:35 -05:00
Phrozyn c36b6cf1ec
Separating systemd files to be role specific. 2017-06-15 15:05:35 -05:00
Brandon Myers f078c003eb
Update mozdef bot conf with new creds 
Signed-off-by: Brandon Myers <bmyers@mozilla.com>
 2017-06-15 15:05:35 -05:00
Brandon Myers 3933cc67bb
Add open port alert to config 
Signed-off-by: Brandon Myers <bmyers@mozilla.com>
 2017-06-15 15:05:35 -05:00
Jonathan Claudius c06f653cb6
Add unit-tests for open port violation alert 2017-06-15 15:05:34 -05:00
Jonathan Claudius f935917a01
Fix copyright 2017-06-15 15:05:34 -05:00
Jonathan Claudius 993424c053
Add open port violation alert 2017-06-15 15:05:34 -05:00
Michal Purzynski 63349a4ae8
Match only records where details.indicators exists 2017-06-15 15:05:34 -05:00
Michal Purzynski 619ff1e337
Use the details.indicators field to look for the scan source. 2017-06-15 15:05:33 -05:00
Michal Purzynski a29d2a8250
Use the details.indicators field to look for a host initiating a scan. 2017-06-15 15:05:33 -05:00
Brandon Myers 5d03bc03d7
Remove mules from papertrail 
Signed-off-by: Brandon Myers <bmyers@mozilla.com>
 2017-06-15 15:05:33 -05:00
Brandon Myers 062fbc911b
Add missing specs to es client 
Signed-off-by: Brandon Myers <bmyers@mozilla.com>
 2017-06-15 15:05:33 -05:00
Brandon Myers 645947be19
Fix elasticsearch client failing spec 
Signed-off-by: Brandon Myers <bmyers@mozilla.com>
 2017-06-15 15:05:33 -05:00
Brandon Myers 78253da3d4
Remove unnecessary lines from specs 
Signed-off-by: Brandon Myers <bmyers@mozilla.com>
 2017-06-15 15:05:32 -05:00
Brandon Myers 9fa5cdd959
Add specs for matching on receivedtimestamp 
Signed-off-by: Brandon Myers <bmyers@mozilla.com>
 2017-06-15 15:05:32 -05:00
Brandon Myers 58fcb8b6f8
Modify search query to match on receivedtimestamp in addition 
Signed-off-by: Brandon Myers <bmyers@mozilla.com>
 2017-06-15 15:05:32 -05:00
Brandon Myers 577c5cecfa
Fix missing import in fluentdSqsFixup 
Signed-off-by: Brandon Myers <bmyers@mozilla.com>
 2017-06-15 15:05:32 -05:00
Brandon Myers 13aa806b1b
Move unittest from mq plugin to own file 
Signed-off-by: Brandon Myers <bmyers@mozilla.com>
 2017-06-15 15:05:32 -05:00
Brandon Myers 1fb67e49fb
Remove unittest from fluentdSqsFixup 
Signed-off-by: Brandon Myers <bmyers@mozilla.com>
 2017-06-15 15:05:31 -05:00
Brandon Myers 4fbfd1f71e
Update smtp host for ssh releng emails 
Signed-off-by: Brandon Myers <bmyers@mozilla.com>
 2017-06-15 15:05:31 -05:00
Brandon Myers a14a670ee3
Add Exchange to include in collectAttackers 
Signed-off-by: Brandon Myers <bmyers@mozilla.com>
 2017-06-15 15:05:31 -05:00
Brandon Myers cc955da120
Fix collectAttackers missing library 
Signed-off-by: Brandon Myers <bmyers@mozilla.com>
 2017-06-15 15:05:31 -05:00
Brandon Myers 202770409a
Add bugzilla client to list of requirements 
Signed-off-by: Brandon Myers <bmyers@mozilla.com>
 2017-06-15 15:05:30 -05:00
Phrozyn 0832813446
Adding nginx.conf and openresty-nginx.conf to config. 2017-06-15 15:05:19 -05:00
Phrozyn cf55546506
Omitting the FxaOauthWebserver eventsource. 2017-06-15 15:05:19 -05:00
Phrozyn 0d2434ea46
Moved backups to us-west-1 region and bucket mozdefes2backups. 2017-06-15 15:05:18 -05:00
Guillaume Destuynder (kang) e31f668e31
Normalize msgs as per MozDef mandatory fields docs and use the newer 
MozDef library format
Fix debug to actually be useful (logs to syslog instead of sending to
mozdef)
 2017-06-15 15:05:18 -05:00
Guillaume Destuynder (kang) 47f0aeb2fa
Cleanups: Line feeds, double imports 2017-06-15 15:05:18 -05:00
Phrozyn cd044c455c
Bypass of TLS cert verification for now until I can fix it properly. 2017-06-15 15:05:10 -05:00
Brandon Myers 5b0853b2b9
Update auth02mozdef config file 
Signed-off-by: Brandon Myers <bmyers@mozilla.com>
 2017-06-15 15:05:10 -05:00
Phrozyn b483e83722
Updated ipblocklist bucket from qaipblocklist to ipblocklist for prod consumption by systems. 2017-06-15 15:05:09 -05:00
Brandon Myers 63af72f88c
Modify mongo health script to skip webhead 
Signed-off-by: Brandon Myers <bmyers@mozilla.com>
 2017-06-15 15:05:09 -05:00
Brandon Myers 4df35df707
Modify auth02 state path in conf 
Signed-off-by: Brandon Myers <bmyers@mozilla.com>
 2017-06-15 15:05:09 -05:00
Brandon Myers 52d88dd2d3
Fixup auth02mozdef location of config and state 
Signed-off-by: Brandon Myers <bmyers@mozilla.com>
 2017-06-15 15:05:09 -05:00
Brandon Myers dc7437ca63
Fix duo logpull state file 
Signed-off-by: Brandon Myers <bmyers@mozilla.com>
 2017-06-15 15:05:08 -05:00
Brandon Myers 42fc1784d5
Update duo_logpull cron 
Signed-off-by: Brandon Myers <bmyers@mozilla.com>
 2017-06-15 15:05:08 -05:00
Brandon Myers 203e43199e
Remove esCacheMaint cron script 
Signed-off-by: Brandon Myers <bmyers@mozilla.com>
 2017-06-15 15:05:08 -05:00
Brandon Myers 1b2e8c73a4
Update okta api key 
Signed-off-by: Brandon Myers <bmyers@mozilla.com>
 2017-06-15 15:05:08 -05:00
Brandon Myers 0456873624
Add pyopenssl to requirements 
Signed-off-by: Brandon Myers <bmyers@mozilla.com>
 2017-06-15 15:05:08 -05:00
Brandon Myers a3c8f6a2fc
Add missing healthAndStatus fxa script 
Signed-off-by: Brandon Myers <bmyers@mozilla.com>
 2017-06-15 15:05:07 -05:00
Brandon Myers d2ea5c3334
Add missing esworker releng conf 
Signed-off-by: Brandon Myers <bmyers@mozilla.com>
 2017-06-15 15:05:07 -05:00
Brandon Myers 79b2ee84ca
Add more workers to mqwSyslog 
Signed-off-by: Brandon Myers <bmyers@mozilla.com>
 2017-06-15 15:05:07 -05:00
Brandon Myers d05b7616c6
Revert confluence shell fieldname 
Signed-off-by: Brandon Myers <bmyers@mozilla.com>
 2017-06-15 15:05:07 -05:00
Brandon Myers 4adebb797d
Fixup ldaplockout changepairs fieldname 
Signed-off-by: Brandon Myers <bmyers@mozilla.com>
 2017-06-15 15:05:07 -05:00