mozilla
/
MozDef
зеркало из https://github.com/mozilla/MozDef.git
1
0
Форкнуть 0
Код Задачи Пакеты Проекты Релизы Вики Активность
3 412 коммитов 4 Ветки 53 Теги 68 MiB
Граф коммитов

443 Коммитов

Автор SHA1 Сообщение Дата
Brandon Myers 3997ff8b0f
Merge remote-tracking branch 'origin/master' into proxy_drop_ip 2018-11-06 09:58:19 -06:00
Brandon Myers fc1e9cdc4c
Rename lib tests to mozdef_util 2018-11-05 14:24:01 -06:00
Brandon Myers 905eceb0f2
Resolve E122 continuation line missing indentation or outdented 2018-10-31 18:19:07 -05:00
Brandon Myers 280f85c90b
Resolve E121 continuation line under-indented hanging indent 2018-10-31 18:16:24 -05:00
Brandon Myers 3b07f12cc9
Resolve E128 continuation line under indented 2018-10-31 18:11:08 -05:00
Brandon Myers db5c6c92cc
Resolve E126 continuation of over-indented lines 2018-10-31 17:17:49 -05:00
Brandon Myers f20d113484
Merge remote-tracking branch 'origin/master' into templating_of_alerts 2018-10-31 14:28:35 -05:00
Brandon Myers 800f595023
Merge pull request #905 from mozilla/fix_geo_db_location 
Fix geolite db location
 2018-10-31 14:25:41 -05:00
Brandon Myers 747b766a07
Merge pull request #910 from mozilla/fix_some_pep8_errors 
Fix some pep8 errors
 2018-10-31 14:25:26 -05:00
Brandon Myers b413f018dc
Add filename creation output to templater 2018-10-31 14:22:45 -05:00
Brandon Myers 88520442d8
Move alert template script to tests 2018-10-31 14:13:14 -05:00
Brandon Myers c633040e04
Update alert and test template 2018-10-31 14:11:31 -05:00
Brandon Myers 48c625722a
Remove jinja dependency from alert template 2018-10-31 13:53:25 -05:00
Brandon Myers 57331f0973
Implement script to create alert and test template 2018-10-31 13:37:53 -05:00
Brandon Myers 3e88d1e8c0
Merge remote-tracking branch 'origin/improve_alertclass_error' into templating_of_alerts 2018-10-31 13:23:32 -05:00
Jonathan Claudius 7ebadbbff0
Add poc templater for alert 2018-10-31 13:54:58 -04:00
Brandon Myers 44ae09da2c
Add custom assert error text for alert classname mismatch 2018-10-31 11:55:41 -05:00
Brandon Myers e128bafebf
Remove ability for geoip class to guess db location 2018-10-30 18:35:28 -05:00
Brandon Myers 6e1a776e4d
Resolve E131 continuation line unaligned for hanging indent 2018-10-30 18:19:21 -05:00
Brandon Myers e5fac682a2
Resolve E266 too many # before comments 2018-10-30 18:12:54 -05:00
Brandon Myers 4c80290a2b
Resolve E302 expected 2 blank lines found 1 2018-10-30 18:08:59 -05:00
Brandon Myers c8922602f3
Resolve E305 expected 2 blank lines after class 2018-10-30 18:04:55 -05:00
Brandon Myers 30e62af435
Resolve E712 True conditional 2018-10-30 17:49:27 -05:00
Brandon Myers 1b3bfd952c
Resolve E711 None false conditional 2018-10-30 17:48:37 -05:00
Brandon Myers 877eb8cc56
Resolve E222 multiple spaces after operator 2018-10-30 17:31:27 -05:00
Guillaume Destuynder 67c92b592e
port build system to docker compose 3.7 
use dependency-based builds
default to GITHASH=latest instead of the opposite
rename mq_event-task to mq_worker where it wasn't
fix dockerfiles to import from mozdef/* by default
introduce `make BUILD_MODE=pull` to pull images (instead of build)
 2018-10-30 13:01:47 -07:00
Brandon Myers 1822d2e88e
Merge remote-tracking branch 'origin/master' into proxy_drop_ip 2018-10-25 17:59:24 -05:00
Guillaume Destuynder 1e1278ed94
Change all files to be compose 2.2 compliant (its either that or all 3.0 
but certain features are them docker-swarm only)

Change the rebuild/norebuild mechanism to use a parameter instead of
different targets for simplicity
 2018-10-17 14:33:13 -07:00
Brandon Myers 7e2a43080a
Reintroduce timezone count test in toUTC 2018-10-17 12:12:46 -07:00
Zack Mullaly 669f32de9c Removed test that will never pass 2018-10-17 10:01:52 -07:00
Guillaume Destuynder 8c2a7962c3
allow for make GITHASH=latest hub-get 
fix mozdef base pull for tests
 2018-10-16 16:35:00 -07:00
Guillaume Destuynder e4e8fd2bbd
s/base/mozdef_base/ 2018-10-16 16:15:43 -07:00
Zack Mullaly f9d0119902 Merge branch 'infosec_workweek' of github.com:mozilla/MozDef into infosec_workweek 2018-10-16 15:36:30 -07:00
Zack Mullaly 312b8a2ebc Fixed the rest of the imports 2018-10-16 15:33:58 -07:00
Guillaume Destuynder 3cccfa166e
add targets which use the prebuilt images, for speed 2018-10-16 14:57:03 -07:00
Zack Mullaly 09b7b0882d Replace system path modifications in tests to instead import from mozdef_util 2018-10-16 13:24:44 -07:00
Zack Mullaly 13a6c7401b Replace all the imports to use mozdef_util 2018-10-16 12:45:04 -07:00
Jonathan Claudius 6289e52936
Fix up alert and test expectations to pass 2018-10-12 12:54:49 -04:00
Jonathan Claudius 81bb1f574a
Add test cases for query string match to validate IP match pattern 2018-10-12 12:53:59 -04:00
Jonathan Claudius 05dc85e9b9
Remove anchor from query string match test case 2018-10-12 10:08:03 -04:00
Jonathan Claudius 301362757d
Add examples to querystring class for starting anchor 2018-10-12 10:03:47 -04:00
Jonathan Claudius e59dc8144b
Quick initial commit of proxy drop ip destinations 2018-10-11 16:52:06 -04:00
Jonathan Claudius 5c3fd45680
Make events work for single or multiple events, this alert will work for both 2018-10-11 15:40:56 -04:00
Jonathan Claudius 0d9e63895d
Standardize some proxy drop summary verbiage 2018-10-11 15:32:22 -04:00
Jonathan Claudius 341a6f7a9c
Change name from multiple to sucpicious 2018-10-11 14:21:35 -04:00
Brandon Myers 12b184c8f1
Merge pull request #750 from mozilla/add_proxy_connect_non_std 
Add connect proxy drops to non-std ports alert
 2018-10-11 14:08:18 -04:00
Brandon Myers df6e78b0fe
Merge pull request #748 from mozilla/make_proxy_drop_useful 
Add proxy drop on executable
 2018-10-11 13:44:06 -04:00
Brandon Myers 6456b8eddb
Merge remote-tracking branch 'origin/master' into fix_pep8_errors 2018-10-08 16:20:32 -04:00
Brandon Myers 82f6ba9a3c
Remove intermittent readtimeout unit test 2018-10-08 15:34:40 -04:00
Brandon Myers 6dfd213f17
Remove redundant backslach between brackets 2018-10-05 18:05:46 -04:00