mozilla
/
MozDef
зеркало из https://github.com/mozilla/MozDef.git
1
0
Форкнуть 0
Код Задачи Пакеты Проекты Релизы Вики Активность
3 662 коммитов 4 Ветки 53 Теги 68 MiB
Граф коммитов

389 Коммитов

Автор SHA1 Сообщение Дата
Brandon Myers 97409a248c
Merge pull request #995 from mozilla/add_port_details_root 
Move source port and destination port to details root
 2018-12-18 12:48:56 -06:00
Brandon Myers 46be867d2f
Fixup unused variables check 2018-12-14 14:06:21 -06:00
Brandon Myers df84a1942d
Fixup block comments not having a space after hash 2018-12-14 13:40:07 -06:00
Brandon Myers be7788089d
Fixup missing whitespace around arithmetic operator 2018-12-14 12:49:25 -06:00
Brandon Myers 09989706a0
Fixup closing bracket indentation not matching original 2018-12-14 12:39:23 -06:00
Brandon Myers d04485c850
Fixup pep8 undefined library 2018-12-14 12:27:57 -06:00
Brandon Myers fc771bd531
Remove unused import statements 2018-12-14 11:34:42 -06:00
Brandon Myers e77b791c8a
Merge pull request #934 from mpurzynski/githubevent_pr 
A MozDef plugin that parses GitHub's Webhook events to create meaning…
 2018-12-13 15:52:41 -05:00
Michal Purzynski 9693dfa58e Address nits from the review - use mozdef_util instead of changing the path, remove unnecessary config file 2018-12-12 12:47:12 -08:00
Brandon Myers 4e28602162
Move source port and destination port to details root 2018-12-10 01:55:54 -05:00
Jeff Bryner 410eb27e1b explicitly accept/map 'source' field 2018-12-03 15:38:24 -05:00
Michal Purzynski 43f1fa2f53 Dynamically resolve path to the config file 2018-11-29 18:06:36 -08:00
Michal Purzynski ebfacbe147 Move the mapping configuration to a plugin directory 2018-11-29 13:53:43 -08:00
Michal Purzynski 2548178183 Merge remote-tracking branch 'upstream/master' into githubevent_pr 2018-11-29 13:44:16 -08:00
Jeff Bryner 839d545dd6 pull ip from an occasionally present list 2018-11-23 09:26:45 -08:00
andrewkrug 440d50478d
fix flake 8 error 2018-11-21 07:43:37 -08:00
andrewkrug 5845d59dbb
ensure mozdef always polls the SQS queue we create 2018-11-21 06:55:46 -08:00
andrewkrug a14f51fd0e
standardize es_worker credential handling 2018-11-21 06:13:48 -08:00
Michal Purzynski fd5ffafbca Move the configuration file where it can be found 2018-11-20 15:37:22 -08:00
Brandon Myers 21aacc57a0
Add Principal key to cloudtrail plugin 2018-11-14 13:51:55 -06:00
Brandon Myers 006b708693
Sort cloudtrail keys in mq plugin 2018-11-14 13:51:17 -06:00
Brandon Myers 4d07a1e470
Merge pull request #933 from mpurzynski/large_strings_github 
Truncate, if present, the GitHub Webhook's pr_body field
 2018-11-05 15:35:47 -06:00
Michal Purzynski 90b746e5c6 remove newline at the end of the file 2018-11-05 12:11:58 -08:00
Brandon Myers acc00029fe
Merge pull request #932 from mpurzynski/fixup_fxafixup 
Make sure the key eventsource exists before referencing it
 2018-11-05 14:09:33 -06:00
Michal Purzynski 3b751ee9b6 the pep check sometimes wants the empty line at the end of the file and sometimes it does not. go figure. 2018-11-05 12:01:15 -08:00
Michal Purzynski 4ca98e512a python hates me 2018-11-05 11:53:54 -08:00
Michal Purzynski 260b0ec957 python hates newlines 2018-11-05 11:49:39 -08:00
Michal Purzynski 8ac8ff1e29 Make sure the key eventsource exists before referencing it 2018-11-05 11:09:01 -08:00
Michal Purzynski a39f3c2010 Truncate, if present, the GitHub Webhook's pr_body field 2018-11-05 11:05:22 -08:00
Michal Purzynski d61168a3fc A MozDef plugin that parses GitHub's Webhook events to create meaningful IR data 2018-11-05 11:03:40 -08:00
Brandon Myers 3b07f12cc9
Resolve E128 continuation line under indented 2018-10-31 18:11:08 -05:00
Brandon Myers 3fbeae4611
Resolve E127 continuation line over indented 2018-10-31 17:30:18 -05:00
Brandon Myers db5c6c92cc
Resolve E126 continuation of over-indented lines 2018-10-31 17:17:49 -05:00
Brandon Myers 800f595023
Merge pull request #905 from mozilla/fix_geo_db_location 
Fix geolite db location
 2018-10-31 14:25:41 -05:00
Brandon Myers 4c80290a2b
Resolve E302 expected 2 blank lines found 1 2018-10-30 18:08:59 -05:00
Brandon Myers c856c29160
Resolve E713 test for membership 2018-10-30 18:01:19 -05:00
Brandon Myers 82be09f217
Resolve E114 indentation not a multiple of four 2018-10-30 17:51:54 -05:00
Brandon Myers 34ab0000ec
Resolve E116 unexpected indentation in comments 2018-10-30 17:30:02 -05:00
Brandon Myers 434788e9a8
Fix geodb missing path 2018-10-30 15:08:41 -05:00
Brandon Myers bf68a1e9ef
Merge pull request #891 from mozilla/fixup_sqs_connection_mq 
Fixup sqs connection with credentials
 2018-10-26 18:40:07 -05:00
Brandon Myers 420efe9f4c
Merge pull request #889 from mozilla/fix_missing_imports_papertrail 
Fix imports missing in papertrail worker
 2018-10-26 18:37:54 -05:00
Brandon Myers a91bc930e8
Fixup sqs connection with credentials 2018-10-26 17:37:37 -05:00
Gene Wood 22398eab5d
Change connect_sqs parameter names to match boto 2018-10-26 12:59:44 -07:00
Brandon Myers 22d669e417
Fix imports missing in papertrail worker 2018-10-26 14:55:32 -05:00
Gene Wood 1f536dcdd3
Add apiversion as a field forced into string type 
This should resolve this error in the esworker_cloudtrail
`RequestError: TransportError(400, u'mapper_parsing_exception', u'failed to parse [details.apiversion]')`
 2018-10-25 14:31:20 -07:00
Gene Wood 5428d76f52
Merge pull request #867 from gene1wood/cloudify-cloudtrail-worker 
Enable use of boto native access resolution and make role assumption optional in CloudTrail ES worker
 2018-10-25 10:27:55 -07:00
Gene Wood fbc682f852
Update lib.sqs to handle missing AWS API keys 2018-10-25 10:27:05 -07:00
Brandon Myers 8ef1e1ae48
Merge remote-tracking branch 'origin/master' into infosec_workweek 2018-10-25 12:14:19 -05:00
Brandon Myers 9b66dee995
Add logstreamname key to cloudtrail plugin 2018-10-24 19:06:45 -05:00
Brandon Myers a5b4970fc3
Merge remote-tracking branch 'origin/master' into fixup_merge_conflicts 2018-10-24 14:08:01 -05:00