MozDef

Граф коммитов

Автор	SHA1	Сообщение	Дата
Brandon Myers	a4cefe9f26	Modify update_generic_alerts to use ssh key Signed-off-by: Brandon Myers <bmyers@mozilla.com>	2017-06-15 15:06:05 -05:00
Brandon Myers	bcbe1a56e5	Fixup update generic alerts cron Signed-off-by: Brandon Myers <bmyers@mozilla.com>	2017-06-15 15:06:05 -05:00
Brandon Myers	0fd79ca80e	Add cron script to pull generic alerts repo Signed-off-by: Brandon Myers <bmyers@mozilla.com>	2017-06-15 15:06:01 -05:00
Brandon Myers	a049e85e08	Fix a bug in createIPBlocklist from before changes Signed-off-by: Brandon Myers <bmyers@mozilla.com>	2017-06-15 15:05:57 -05:00
Brandon Myers	a069616358	Add check if ip list contains less than certain ips Signed-off-by: Brandon Myers <bmyers@mozilla.com>	2017-06-15 15:05:56 -05:00
Brandon Myers	c135d99ab1	Create network list if doesnt exist Signed-off-by: Brandon Myers <bmyers@mozilla.com>	2017-06-15 15:05:56 -05:00
Brandon Myers	511add00e8	Modify createIPBlockList and rest banhammer plugin to use dynamic ip list Signed-off-by: Brandon Myers <bmyers@mozilla.com>	2017-06-15 15:05:56 -05:00
Brandon Myers	de5c05915f	Add ip list cron script Signed-off-by: Brandon Myers <bmyers@mozilla.com>	2017-06-15 15:05:56 -05:00
Brandon Myers	8318358d20	Update ip list config Signed-off-by: Brandon Myers <bmyers@mozilla.com>	2017-06-15 15:05:55 -05:00
Brandon Myers	c2168ebdae	Add ip list conf and sh files Signed-off-by: Brandon Myers <bmyers@mozilla.com>	2017-06-15 15:05:55 -05:00
Brandon Myers	f87c94a088	Unencrypt config files Signed-off-by: Brandon Myers <bmyers@mozilla.com>	2017-06-15 15:05:55 -05:00
Brandon Myers	136d37cfd3	Rename okta field to another due to mapping error Signed-off-by: Brandon Myers <bmyers@mozilla.com>	2017-06-15 15:05:54 -05:00
Brandon Myers	3c21395bb0	Add state_file okta config key Signed-off-by: Brandon Myers <bmyers@mozilla.com>	2017-06-15 15:05:54 -05:00
Brandon Myers	488d3f3d0e	Add uncommitted changes to duo_logpull Signed-off-by: Brandon Myers <bmyers@mozilla.com>	2017-06-15 15:05:53 -05:00
Brandon Myers	e4654db72c	Update exception list for auth02mozdef cron Signed-off-by: Brandon Myers <bmyers@mozilla.com>	2017-06-15 15:05:52 -05:00
Brandon Myers	7168564e34	Modify createipblocklist configs Signed-off-by: Brandon Myers <bmyers@mozilla.com>	2017-06-15 15:05:43 -05:00
Brandon Myers	f8a17e823d	Rename healthAndStatus fxa config Signed-off-by: Brandon Myers <bmyers@mozilla.com>	2017-06-15 15:05:43 -05:00
Brandon Myers	1657c0a444	Generalize configs for cron directory Signed-off-by: Brandon Myers <bmyers@mozilla.com>	2017-06-15 15:05:41 -05:00
Brandon Myers	0511d1a7ca	Fix lastrun state file timing problem in okta cron Signed-off-by: Brandon Myers <bmyers@mozilla.com>	2017-06-15 15:05:40 -05:00
Brandon Myers	4de39b39b4	Improve unicode check in auth02mozdef Signed-off-by: Brandon Myers <bmyers@mozilla.com>	2017-06-15 15:05:39 -05:00
Brandon Myers	212c8d0d8f	Fixup auth02 script for unicode problems Signed-off-by: Brandon Myers <bmyers@mozilla.com>	2017-06-15 15:05:39 -05:00
Brandon Myers	346ea99dae	Remove blank line Signed-off-by: Brandon Myers <bmyers@mozilla.com>	2017-06-15 15:05:38 -05:00
Brandon Myers	995eb0be69	Fix format of state file Signed-off-by: Brandon Myers <bmyers@mozilla.com>	2017-06-15 15:05:38 -05:00
Brandon Myers	f020109333	Fixup google2mozdef state files Signed-off-by: Brandon Myers <bmyers@mozilla.com>	2017-06-15 15:05:37 -05:00
Brandon Myers	30892b91ae	Remove setConfig import from compromisedCreds cron Signed-off-by: Brandon Myers <bmyers@mozilla.com>	2017-06-15 15:05:36 -05:00
Brandon Myers	0264c654b6	Fixup compromisedCreds2fxa state file Signed-off-by: Brandon Myers <bmyers@mozilla.com>	2017-06-15 15:05:36 -05:00
Brandon Myers	ad1fe08859	Fix cloudtrail2mozdef state file Signed-off-by: Brandon Myers <bmyers@mozilla.com>	2017-06-15 15:05:36 -05:00
Brandon Myers	ec7e7b210b	Remove setConfig import in backupSnapshot Signed-off-by: Brandon Myers <bmyers@mozilla.com>	2017-06-15 15:05:36 -05:00
Brandon Myers	bd5fc82901	Remove state file from okta2mozdef Signed-off-by: Brandon Myers <bmyers@mozilla.com>	2017-06-15 15:05:36 -05:00
Brandon Myers	a14a670ee3	Add Exchange to include in collectAttackers Signed-off-by: Brandon Myers <bmyers@mozilla.com>	2017-06-15 15:05:31 -05:00
Brandon Myers	cc955da120	Fix collectAttackers missing library Signed-off-by: Brandon Myers <bmyers@mozilla.com>	2017-06-15 15:05:31 -05:00
Phrozyn	0d2434ea46	Moved backups to us-west-1 region and bucket mozdefes2backups.	2017-06-15 15:05:18 -05:00
Guillaume Destuynder (kang)	e31f668e31	Normalize msgs as per MozDef mandatory fields docs and use the newer MozDef library format Fix debug to actually be useful (logs to syslog instead of sending to mozdef)	2017-06-15 15:05:18 -05:00
Guillaume Destuynder (kang)	47f0aeb2fa	Cleanups: Line feeds, double imports	2017-06-15 15:05:18 -05:00
Brandon Myers	5b0853b2b9	Update auth02mozdef config file Signed-off-by: Brandon Myers <bmyers@mozilla.com>	2017-06-15 15:05:10 -05:00
Phrozyn	b483e83722	Updated ipblocklist bucket from qaipblocklist to ipblocklist for prod consumption by systems.	2017-06-15 15:05:09 -05:00
Brandon Myers	63af72f88c	Modify mongo health script to skip webhead Signed-off-by: Brandon Myers <bmyers@mozilla.com>	2017-06-15 15:05:09 -05:00
Brandon Myers	4df35df707	Modify auth02 state path in conf Signed-off-by: Brandon Myers <bmyers@mozilla.com>	2017-06-15 15:05:09 -05:00
Brandon Myers	52d88dd2d3	Fixup auth02mozdef location of config and state Signed-off-by: Brandon Myers <bmyers@mozilla.com>	2017-06-15 15:05:09 -05:00
Brandon Myers	dc7437ca63	Fix duo logpull state file Signed-off-by: Brandon Myers <bmyers@mozilla.com>	2017-06-15 15:05:08 -05:00
Brandon Myers	42fc1784d5	Update duo_logpull cron Signed-off-by: Brandon Myers <bmyers@mozilla.com>	2017-06-15 15:05:08 -05:00
Brandon Myers	203e43199e	Remove esCacheMaint cron script Signed-off-by: Brandon Myers <bmyers@mozilla.com>	2017-06-15 15:05:08 -05:00
Brandon Myers	1b2e8c73a4	Update okta api key Signed-off-by: Brandon Myers <bmyers@mozilla.com>	2017-06-15 15:05:08 -05:00
Brandon Myers	a3c8f6a2fc	Add missing healthAndStatus fxa script Signed-off-by: Brandon Myers <bmyers@mozilla.com>	2017-06-15 15:05:07 -05:00
Brandon Myers	547c25896c	Fix program field Signed-off-by: Brandon Myers <bmyers@mozilla.com>	2017-06-15 15:05:06 -05:00
Jeff Bryner	204e194bb8	try/except around the ES node stats In case the stat is missing, or a node doesn't have a stat (like a non data node).	2017-06-15 15:05:05 -05:00
Brandon Myers	98b645d085	Fixup final references to bad mq password Signed-off-by: Brandon Myers <bmyers@mozilla.com>	2017-06-15 15:05:02 -05:00
Brandon Myers	baed355be7	Replace loginput host with localhost Signed-off-by: Brandon Myers <bmyers@mozilla.com>	2017-06-15 15:05:02 -05:00
Brandon Myers	c2d58fe23d	Modify collectAttackers conf to use new mq server Signed-off-by: Brandon Myers <bmyers@mozilla.com>	2017-06-15 15:05:02 -05:00
Brandon Myers	377e14ce26	Remove unused cron alert scripts Signed-off-by: Brandon Myers <bmyers@mozilla.com>	2017-06-15 15:05:01 -05:00
Phrozyn	8c4c71bfff	Updating mq creds in cron/healthAndStatus.conf for user mozdef (was using qa2)	2017-06-15 15:05:01 -05:00
Brandon Myers	eb8a4c7173	Replace mq server to localhost in healthandstatus Signed-off-by: Brandon Myers <bmyers@mozilla.com>	2017-06-15 15:05:00 -05:00
Brandon Myers	3e4d8bfc4f	Remove eventStatsAlert cron script Signed-off-by: Brandon Myers <bmyers@mozilla.com>	2017-06-15 15:04:59 -05:00
Brandon Myers	8cde233dd2	Remove other http references esCacheMaint cron Signed-off-by: Brandon Myers <bmyers@mozilla.com>	2017-06-15 15:04:59 -05:00
Brandon Myers	5345b03ff7	Update cron script to remove http prefix Signed-off-by: Brandon Myers <bmyers@mozilla.com>	2017-06-15 15:04:59 -05:00
Brandon Myers	c56f98456b	Break apart healthToMongo cron script Signed-off-by: Brandon Myers <bmyers@mozilla.com>	2017-06-15 15:04:59 -05:00
Brandon Myers	82b1e17a10	Convert auditDFileAlerts shell script Signed-off-by: Brandon Myers <bmyers@mozilla.com>	2017-06-15 15:04:59 -05:00
Brandon Myers	c144719898	Convert fxa health and status to cron shell script Signed-off-by: Brandon Myers <bmyers@mozilla.com>	2017-06-15 15:04:58 -05:00
Brandon Myers	d83344b13b	Convert eventStats to own cron shell script Signed-off-by: Brandon Myers <bmyers@mozilla.com>	2017-06-15 15:04:58 -05:00
Brandon Myers	7db4c05fea	Break apart esCacheMaint cron script Signed-off-by: Brandon Myers <bmyers@mozilla.com>	2017-06-15 15:04:58 -05:00
Brandon Myers	cba73e1dd5	Add new line to duo logpull conf Signed-off-by: Brandon Myers <bmyers@mozilla.com>	2017-06-15 15:04:58 -05:00
Brandon Myers	960f7f33e8	Update duolog pull mozdef url Signed-off-by: Brandon Myers <bmyers@mozilla.com>	2017-06-15 15:04:57 -05:00
Brandon Myers	eaa5137e3c	Modify duo loginput url Signed-off-by: Brandon Myers <bmyers@mozilla.com>	2017-06-15 15:04:57 -05:00
Brandon Myers	67cf919d20	Add creds to duo_logpull config Signed-off-by: Brandon Myers <bmyers@mozilla.com>	2017-06-15 15:04:57 -05:00
Brandon Myers	fabd0051bd	Add sample mozdef url in duologpull Signed-off-by: Brandon Myers <bmyers@mozilla.com>	2017-06-15 15:04:57 -05:00
Brandon Myers	6e719e9f0c	Fix logpull script Signed-off-by: Brandon Myers <bmyers@mozilla.com>	2017-06-15 15:04:57 -05:00
Brandon Myers	40d66285a9	Add duolog pull crons from kangs repo Signed-off-by: Brandon Myers <bmyers@mozilla.com>	2017-06-15 15:04:56 -05:00
Phrozyn	9a58559047	Removing history for mozdefGoogleCrednetials.json and committing encrypted version.	2017-06-15 15:04:56 -05:00
Brandon Myers	d573580c10	Increase verbosity for pruneIndexes Signed-off-by: Brandon Myers <bmyers@mozilla.com>	2017-06-15 15:04:55 -05:00
Brandon Myers	b9bf9e3f58	Increase logger level for rotateIndexes Signed-off-by: Brandon Myers <bmyers@mozilla.com>	2017-06-15 15:04:55 -05:00
Brandon Myers	e34c321e60	Update auth02mozdef script with bool comparison Signed-off-by: Brandon Myers <bmyers@mozilla.com>	2017-06-15 15:04:53 -05:00
Brandon Myers	3d5343d371	Modify auth02mozdef config with requirements Signed-off-by: Brandon Myers <bmyers@mozilla.com>	2017-06-15 15:04:52 -05:00
Brandon Myers	5b2fa87c48	Update changes to auth02mozdef.py Signed-off-by: Brandon Myers <bmyers@mozilla.com>	2017-06-15 15:04:52 -05:00
Brandon Myers	5f82b63dc2	Modify ip blocklist to ignore > 3 months Signed-off-by: Brandon Myers <bmyers@mozilla.com>	2017-06-15 15:04:51 -05:00
Phrozyn	3e02f27d14	modified esservers to new cluster.	2017-06-15 15:04:45 -05:00
Brandon Myers	1073950c94	Remove mozdefes references in dev Signed-off-by: Brandon Myers <bmyers@mozilla.com>	2017-06-15 15:03:48 -05:00
Brandon Myers	ee07fe18a3	Modify esservers from localhost to cluster Signed-off-by: Brandon Myers <bmyers@mozilla.com>	2017-06-15 15:03:45 -05:00
Brandon Myers	70ce14c4e3	Fix minor config parameter in cloudTrailAlerts Signed-off-by: Brandon Myers <bmyers@mozilla.com>	2017-06-15 15:03:45 -05:00
Brandon Myers	931ec16021	Fix merge with cron directory Signed-off-by: Brandon Myers <bmyers@mozilla.com>	2017-06-15 15:03:44 -05:00
Brandon Myers	ef6e483c7e	First import of existing files from prod Signed-off-by: Brandon Myers <bmyers@mozilla.com>	2017-06-15 15:03:44 -05:00
Brandon Myers	0722ae4740	Add missing files from prod Signed-off-by: Brandon Myers <bmyers@mozilla.com>	2017-06-15 15:03:43 -05:00
Brandon Myers	94c4a2307f	Remove unused fxaAccountCreateAlerts Signed-off-by: Brandon Myers <bmyers@mozilla.com>	2017-06-15 15:03:43 -05:00
Brandon Myers	4181fcd276	Fixup remaining kibana-int references Signed-off-by: Brandon Myers <bmyers@mozilla.com>	2017-06-15 15:03:43 -05:00
Brandon Myers	0b0c58ff6a	Update missing paths to /opt/mozdef Signed-off-by: Brandon Myers <bmyers@mozilla.com>	2017-06-15 15:03:43 -05:00
Brandon Myers	e9a4a67e5a	Modify .py scripts to use /opt dir Signed-off-by: Brandon Myers <bmyers@mozilla.com>	2017-06-15 15:03:41 -05:00
Brandon Myers	ddcbfb1db6	Modify cron scripts to use /opt dir Signed-off-by: Brandon Myers <bmyers@mozilla.com>	2017-06-15 15:03:40 -05:00
Brandon Myers	81a07bc2d5	Rename mozdefqa1 to localhost in configs Signed-off-by: Brandon Myers <bmyers@mozilla.com>	2017-06-15 15:03:40 -05:00
Brandon Myers	e43fe3c323	Replace kibana-int with .kibana as index Signed-off-by: Brandon Myers <bmyers@mozilla.com>	2017-06-15 15:03:40 -05:00
Brandon Myers	2d79e07679	Change cpu usage to cpu percent Signed-off-by: Brandon Myers <bmyers@mozilla.com>	2017-06-15 15:03:40 -05:00
Brandon Myers	fb5a8fcb50	Switch from MultiMatch to QueryStringMatch in crons Signed-off-by: Brandon Myers <bmyers@mozilla.com>	2017-06-15 15:03:33 -05:00
Brandon Myers	b8f9aa8d10	Add size to search query Signed-off-by: Brandon Myers <bmyers@mozilla.com>	2017-06-15 15:03:33 -05:00
Brandon Myers	4bc99b0e38	Remove pyes comments Signed-off-by: Brandon Myers <bmyers@mozilla.com>	2017-06-15 15:03:32 -05:00
Brandon Myers	5b28f6746a	Convert auditDAlerts cron scrit Signed-off-by: Brandon Myers <bmyers@mozilla.com>	2017-06-15 15:03:32 -05:00
Brandon Myers	dc8e96f04c	Convert eventStats cron job Signed-off-by: Brandon Myers <bmyers@mozilla.com>	2017-06-15 15:03:32 -05:00
Brandon Myers	ef8bd7ca70	Fix auditDFileAlerts update object Signed-off-by: Brandon Myers <bmyers@mozilla.com>	2017-06-15 15:03:32 -05:00
Brandon Myers	f8f32b75b5	Modify auditDFileAlerts cron script Signed-off-by: Brandon Myers <bmyers@mozilla.com>	2017-06-15 15:03:32 -05:00
Brandon Myers	03168fcf61	Remove fxaAccountCreateAlerts cron script for alert Signed-off-by: Brandon Myers <bmyers@mozilla.com>	2017-06-15 15:03:31 -05:00
Brandon Myers	aded70c659	Modify marketPlaceNotices cron script Signed-off-by: Brandon Myers <bmyers@mozilla.com>	2017-06-15 15:03:31 -05:00
Brandon Myers	a4df1fa184	Remove pyes from okta2mozdef Signed-off-by: Brandon Myers <bmyers@mozilla.com>	2017-06-15 15:03:31 -05:00
Brandon Myers	891b65ef56	Update okta2mozdef cron script Signed-off-by: Brandon Myers <bmyers@mozilla.com>	2017-06-15 15:03:31 -05:00

1 2 3 4 5 ...

328 Коммитов