mozilla
/
MozDef
зеркало из https://github.com/mozilla/MozDef.git
1
0
Форкнуть 0
Код Задачи Пакеты Проекты Релизы Вики Активность
5 424 коммитов 4 Ветки 53 Теги 68 MiB
Граф коммитов

41 Коммитов

Автор SHA1 Сообщение Дата
Brandon Myers dbad0bb8af
Add customizable sleep option for mq workers 2019-08-26 13:06:27 -05:00
Brandon Myers 29b6f99581
Remove unused config option 2019-08-26 13:01:14 -05:00
Brandon Myers 89374b3fe6
Remove sys.path where possible from mq 2019-08-07 16:40:27 -05:00
Jan Andre Ikenmeyer 51822417a3
Update MPL license to https 2019-08-02 01:41:37 +02:00
Brandon Myers fa7875f5c4
Fix region parameter in connect_sqs (#1383) 
* Fix region parameter in connect_sqs

* Modify parameter names to get_aws_credentials

* Clean up connect_sqs function to call get_aws_credentials

* Cleanup workers to use connect_sqs call

* Fix local import in sqs file

* Fix parameter name in cloudtrail worker

* Assert AWS region of SQS queues

Since the two SQS queues are provisioned by CloudTrail in the same region as the CloudTrail
stack, let's assert to MozDef that the region for those queus is indeed the same region.

* Update region name parameter in cloudtrail worker
 2019-07-19 17:50:58 -04:00
Brandon Myers 8a8562fce8
Convert sqs boto use to boto3 2019-07-03 12:58:35 -05:00
Brandon Myers 63c6cbf857
Update mq workers to remove need to use RawMessage 2019-07-02 19:14:33 -05:00
Brandon Myers 1cb8709681
Fix local includes for mq and alerts 2019-06-30 16:52:32 -05:00
Brandon Myers e3543a86a6
Fix relative imports for mq lib 2019-06-30 16:05:21 -05:00
Brandon Myers 9a075dcbe0
Remove unicode-u keyword 2019-06-29 15:11:00 -05:00
Brandon Myers 8506c4eb1a
Update syntax in cloudtrail worker 2019-06-28 18:59:06 -05:00
Brandon Myers bd4c48db9a
Rename iteritems to items for dictionaries 2019-06-28 16:49:30 -05:00
Phrozyn 6a9cdc3c9f
Minor tweaks to mq workers. 2019-03-25 13:14:42 -05:00
Phrozyn dcc3f68623
Updating sns_sqs worker to remove doc_type and add type. 2019-03-25 13:14:36 -05:00
Phrozyn 5d47bf2f37
Resolving issues with sshd events not parsing correctly. 2019-03-05 15:21:27 -06:00
Brandon Myers ea53957621
Merge remote-tracking branch 'origin/master' into replace_timer_with_threads 2019-01-30 13:22:52 -06:00
Brandon Myers 57c5dad652
Replace timer with threads 2019-01-23 11:59:31 -06:00
Brandon Myers 08749db287
Modify import for get_aws_credentials 2019-01-22 12:39:35 -06:00
Brandon Myers 7576a55ed7
Merge pull request #990 from ryandeivert/ryandeivert-dry-get-creds 
deduplicating get_aws_credentials function
 2019-01-22 12:35:23 -06:00
Brandon Myers fc771bd531
Remove unused import statements 2018-12-14 11:34:42 -06:00
Ryan Deivert 42032a99a7 deduplicating get_aws_credentials function 2018-11-29 15:37:45 -08:00
andrewkrug 5845d59dbb
ensure mozdef always polls the SQS queue we create 2018-11-21 06:55:46 -08:00
Zack Mullaly 13a6c7401b Replace all the imports to use mozdef_util 2018-10-16 12:45:04 -07:00
Brandon Myers ceebae3c6c
Modify mq workers to stop when ctrl-c 2018-09-25 19:59:07 -05:00
Brandon Myers 43d499efb7
Modify sqs workers to handle network connection error 2018-09-25 19:57:39 -05:00
Brandon Myers a4980a249f
Modify workers to stop bulk queue on errors 2018-08-06 13:09:58 -05:00
Jeff Bryner ee14fb2c76
Pull in required fields 
If the sqs message contains, source, summary or processname use them.
 2018-06-07 10:32:59 -07:00
Brandon Myers 26701ffa15
Fixup alert and worker for SSO feedback events 2018-04-30 12:43:59 -05:00
Brandon Myers ec7efb70c3
Add logic to drop event in sns sqs worker 2018-01-12 15:48:16 -06:00
Brandon Myers 08762af4b7
Remove unnecessary new line in logger statement 2018-01-12 15:04:34 -06:00
Brandon Myers e5be0a0a3f
Convert sns sqs worker to use logger 2018-01-12 14:51:03 -06:00
Brandon Myers 7c602afdf9
Switch workers to use lib functions 2018-01-11 16:07:12 -06:00
Brandon Myers c60c7b8c36
Remove extra line after copywrite date 2018-01-04 17:15:35 -06:00
Yash Mehrotra 90d7e3b6d3
Remove free-form 'Contributor:' text from code. Fixes #407 2017-12-23 02:14:53 +05:30
Brandon Myers 8ef7c4fd71
Merge remote-tracking branch 'origin' into add_events_class 2017-10-10 13:15:51 -05:00
Brandon Myers c4134f1764
Modify mq workers to use save_event method from es client 2017-09-28 14:57:18 -05:00
Brandon Myers 6db687cfb5
Modify esworker sns sqs to cast processid to str 2017-09-21 14:57:15 -05:00
Brandon Myers b52c506810
Add defaults for sns sqs worker 2017-06-15 15:07:44 -05:00
Brandon Myers 43a722c65d
Fix typo in parsys ini file 2017-06-15 15:07:40 -05:00
Brandon Myers 496311a364
Add parsys mq worker 2017-06-15 15:07:30 -05:00
Brandon Myers 9e734175e7
Add SNS SQS mq worker 2017-06-15 15:07:30 -05:00