Jeff Bryner
3d89b5a153
add more json examples, fix up existing ones
2015-05-04 09:42:01 -07:00
Jeff Bryner
c0d9e5955d
update docs to current version, adds REST API plugin docs.
2015-05-04 09:34:23 -07:00
Jeff Bryner
bad55de6fa
css update, again
2015-05-04 09:14:25 -07:00
Jeff Bryner
0d63d64b48
css update, again
2015-05-04 08:50:41 -07:00
Jeff Bryner
b151558643
css update
2015-05-04 08:37:21 -07:00
Jeff Bryner
e494aa5e95
updates to doc version, attempt to fix table wrapping
2015-05-04 08:19:41 -07:00
Jeff Bryner
6d09eef85c
add notification to investigations, clean up
2015-04-13 16:23:25 -07:00
Jeff Bryner
6c52c33313
add notifications when another user enters the incident you are working on, closes #238
2015-04-13 16:16:31 -07:00
Jeff Bryner
ef3eeeb1c7
correct the search for duo fail open messages
2015-04-13 11:38:53 -07:00
Jeff Bryner
ab04456095
Rework references to distinguish between URLs and plain text references (workorderid#, etc), closes #62
2015-04-13 11:38:08 -07:00
Jeff Bryner
f1f86e3a1c
add tooltips to investigations for creator, dates, closes #226
2015-04-13 10:14:06 -07:00
Jeff Bryner
2aa58be046
Fix sort bug when adding new incident/investigation, closes #255
2015-04-13 08:38:34 -07:00
Jeff Bryner
9a5eae8454
minor: fix missing parens, closes #266
2015-04-01 10:16:18 -07:00
Jeff Bryner
a0a993e432
ignore 0.0.0.0, closes #266
2015-04-01 09:53:14 -07:00
Jeff Bryner
51bf1c1bf6
save some space on the incident layout using tooltips, enhances #265
2015-03-30 17:01:28 -07:00
Jeff Bryner
e2e0812e15
fix reference to timestamp, closes #265
2015-03-30 16:32:44 -07:00
Jeff Bryner
97b9296b69
correct the aggregation, add broadcast attacker option, closes #263 , closes #264
2015-03-28 07:40:20 -07:00
Jeff Bryner
08859d75b2
add auto categorization of attackers, closes #262
2015-03-27 08:39:55 -07:00
Jeff Bryner
569dec6f2e
minor: set example whitelists
2015-03-27 08:39:10 -07:00
Jeff Bryner
bb7cf1407d
minor: let only roulette module handle the !r
2015-03-27 08:38:29 -07:00
Jeff Bryner
648f484d71
minor bugfix in format string
2015-03-27 08:37:44 -07:00
Jeff Bryner
a9c2254491
add veris stat css to the special docker config for the demo site
2015-03-26 07:36:39 -07:00
Jeff Bryner
00c3bef7df
Merge pull request #259 from gdestuynder/master
...
Support querying bugzilla for bugs (for example, incident/investigation ...
2015-03-25 16:52:36 -07:00
Jeff Bryner
1a10323789
minor: include url as an example
2015-03-25 16:52:19 -07:00
Guillaume Destuynder
e994820e35
Support querying bugzilla for bugs (for example, incident/investigation bugs)
...
New options:
[zilla]
url = https://bugzilla.mozilla.org/
api_key = your api key (user preferences => api keys)
; how often to check, in seconds
interval = 120
; the channel to tell about the new bugs
channel = #test
; what bugs to search for?
search_terms = [{"product": "mozilla.org"}, {"component": "Security Operations: Incident"}, {"component": "Security
Operations: Investigation"}, {"status": "NEW"}]
2015-03-25 16:45:52 -07:00
Jeff Bryner
a1de61a210
refresh docker alerts config for new format
2015-03-25 16:22:44 -07:00
Jeff Bryner
7de00c03f5
add super call to start to register listeners
2015-03-25 15:14:13 -07:00
Jeff Bryner
92af4f0a7d
remove old cruft
2015-03-25 14:24:11 -07:00
Jeff Bryner
6a193c6240
add modular kitnirc and a fun module
2015-03-25 13:21:39 -07:00
Jeff Bryner
e13f725911
remove pika, refactor the mq for kombu consumer mixin, closes #92
2015-03-25 10:15:13 -07:00
Jeff Bryner
995c3d9487
update sample config.py to match new alert dict format
2015-03-25 09:00:03 -07:00
Jeff Bryner
aa2bb2e1a9
add docs URL to alerts, closes #241
2015-03-24 15:37:29 -07:00
Jeff Bryner
387b5ce24e
update attackers charts to use mongoCrossfilter, updating in realtime, closes #247
2015-03-24 14:52:45 -07:00
Jeff Bryner
eefa26090a
add pager duty sample alert plugin, closes #249
2015-03-22 21:01:34 -07:00
Jeff Bryner
63bcbf4373
rm old ini file for old alertWorker
2015-03-22 20:16:28 -07:00
Jeff Bryner
ad69a216f8
add alert plug in system, closes #162
2015-03-22 20:15:17 -07:00
Jeff Bryner
455e66e79d
add deadman alerts, refactor celeryconfig to allow args/kwargs, closes #257
2015-03-20 12:51:31 -07:00
Jeff Bryner
9339276129
implement deadman alerts on events that should have matches, closes #250
2015-03-18 15:52:33 -07:00
Jeff Bryner
31522968ea
minor css mod to the pivot table select overlay
2015-03-18 15:47:41 -07:00
Jeff Bryner
a577aea063
Merge pull request #253 from jvehent/master
...
Make complianceitem plugin extract item data from event message
2015-03-16 07:50:42 -07:00
Jeff Bryner
1089a91cb1
add ack by to edge case to ensure tooltip is up to date
2015-03-13 21:38:02 -07:00
Jeff Bryner
ed9e6ed2c4
add pivot table for veris stats, closes #254
2015-03-13 21:37:23 -07:00
Julien Vehent
8929794486
Remove doctype requirement on complianceitems plugin
2015-03-13 17:17:47 -04:00
Julien Vehent
e7cb5760f7
Make complianceitem plugin extract item data from event message
2015-03-13 16:28:17 -04:00
Jeff Bryner
aaeb55783f
no tooltip until acked, sync acking with tooltip trigger
2015-03-13 08:28:37 -07:00
Jeff Bryner
aec3e49777
tool tip on the ack button, closes #252
2015-03-12 16:12:03 -07:00
Jeff Bryner
7dc1818d6a
minor revision to ssh bruteforce alert
2015-03-12 16:11:10 -07:00
Jeff Bryner
5e0194d7cf
add category field to the message, closes #251
2015-03-12 12:51:58 -07:00
Jeff Bryner
a3d0d60c4f
add a safety update to pip to combat ubuntu old, old pip
2015-03-10 08:46:48 -07:00
Jeff Bryner
2e08da6e7d
update requests to avoid openssl bug
2015-03-10 08:08:48 -07:00