mozilla
/
MozDef
зеркало из https://github.com/mozilla/MozDef.git
1
0
Форкнуть 0
Код Задачи Пакеты Проекты Релизы Вики Активность
730 коммитов 4 Ветки 53 Теги 68 MiB
Граф коммитов

730 Коммитов

Автор SHA1 Сообщение Дата
Jeff Bryner a1bf4e9cd8 add banhammer plugin for blocking IPs using https://github.com/mozilla/banhammer 2015-02-10 12:59:40 -08:00
Jeff Bryner 4db651006b add another example/test rest plugin 2015-02-10 12:58:21 -08:00
Jeff Bryner c73d820a65 add plugin system to the rest api, alter blockIP to use plugins 2015-02-10 12:56:47 -08:00
Jeff Bryner 2d00426304 Merge pull request #240 from ameihm0912/master 
also copy tags during compliance item event cleanup
 2015-02-10 11:48:00 -08:00
Aaron Meihm 6fb0ea4c13 also copy tags during compliance item event cleanup 2015-02-10 11:40:15 -06:00
Jeff Bryner ba3695bf24 smarter alert summary text for victim hostnames 2015-02-06 12:31:26 -08:00
Jeff Bryner 061d0f6ddf correct errant route after post 2015-02-06 12:30:46 -08:00
Jeff Bryner 60330be51a move the volume histogram to minutes, really closes #235 2015-02-06 12:30:27 -08:00
Jeff Bryner 399f238b61 rework autosave closes #239, closes #97 2015-02-06 12:00:16 -08:00
Jeff Bryner 7f3bc0a7a5 Merge pull request #237 from michalpurzynski/master 
Correct the order of "where" and "category" fields
 2015-02-04 09:44:54 -08:00
Michal Purzynski de31324dfa Add the licensing header. 2015-02-04 18:40:06 +01:00
Michal Purzynski ae594aa9ac Shift two fields that were in the wrong order. 2015-02-04 18:35:29 +01:00
Jeff Bryner 51061c9468 auto_delete the queue, closes #236 2015-02-03 12:52:12 -08:00
Jeff Bryner 3e5647af2f fix timeline bar size, closes #235 2015-02-03 12:50:44 -08:00
Jeff Bryner 792dbad922 remove un-needed init 2015-02-02 17:05:27 -08:00
Jeff Bryner f4336451a1 add plugin list to meteor session variable on startup for use in dialogs 2015-02-02 17:04:56 -08:00
Jeff Bryner 31089aec3c add utctimestamp to event details for clarity 2015-02-02 15:31:12 -08:00
Jeff Bryner 2ed8d0d885 add country filter closes #233, fix category on refresh closes #234 2015-02-02 15:30:55 -08:00
Jeff Bryner 745364e20b Merge pull request #232 from ameihm0912/master 
sourcename in vuln event docid to add isolation between different writer...
 2015-02-02 12:26:16 -08:00
Aaron Meihm 67d7d84bcf sourcename in vuln event docid to add isolation between different writers 2015-02-02 14:19:08 -06:00
Jeff Bryner eb7a528d52 Merge pull request #231 from michalpurzynski/master 
The Lua code for parsing and transforming Bro logs inside the Heka sandbox
 2015-02-02 09:19:21 -08:00
Jeff Bryner 6b162923b8 unsubscribe entire attackers collection by default 2015-02-02 09:18:23 -08:00
Jeff Bryner cc62e0b5c5 change reference to _source to get details fields 2015-02-02 09:17:55 -08:00
Michal Purzynski 8236da6cb0 Add the licensing header. 2015-02-02 18:11:03 +01:00
Michal Purzynski 44d741a542 Introducing a set of Lua code for parsing, transforming and JSON generating from various Bro logs. Plug and play into Heka. Tested in production. 2015-02-02 18:08:42 +01:00
Jeff Bryner c0218c08e2 vulnerability->vulnerabilities for consistent index naming 2015-01-30 12:24:35 -08:00
Jeff Bryner 73d210b811 Merge pull request #230 from ameihm0912/master 
add MozDef vulnerability processing plugin
 2015-01-30 12:13:11 -08:00
Aaron Meihm 9a4efd1e12 add MozDef vulnerability processing plugin 2015-01-30 11:36:49 -06:00
Jeff Bryner aa53e904de lower the sample limit for noisy bruteforce alert 2015-01-30 09:25:58 -08:00
Jeff Bryner 40113b2006 add full list of events to aggregated alert, closes #229 2015-01-30 09:25:19 -08:00
Jeff Bryner 8fc5931312 add escalation to investigation button, closes #228 2015-01-30 09:22:34 -08:00
Jeff Bryner ac51dec6dd rough in get plugins function to meteor 2015-01-30 09:21:55 -08:00
Jeff Bryner f9361c1151 lower the threshold for attacker creation 2015-01-30 09:20:31 -08:00
Jeff Bryner 76a895ee72 add sample plugin and hooks for all endpoints 2015-01-28 14:57:17 -08:00
Jeff Bryner a5c259940f add description, name for use in UI 2015-01-28 14:00:07 -08:00
Jeff Bryner dfdb7a03a2 add initial plug-in support to the rest api, allowing registration and querying of plugins 2015-01-28 13:37:56 -08:00
Jeff Bryner e72f359545 sample ipython notebook with a simple ES query 2015-01-28 11:07:50 -08:00
Jeff Bryner 0281b61f10 add initial support for investigations UI 2015-01-26 16:03:40 -08:00
Jeff Bryner 175a20d9a5 cleanup incident data model, rough in investigation entity 2015-01-26 14:16:27 -08:00
Jeff Bryner 4d9eb87889 add base for investigations collection, clean up consistent naming for incident(s) publishing 2015-01-26 10:16:58 -08:00
Jeff Bryner 4c9cf4739d Merge pull request #224 from jvehent/master 
fix mig api error location in mig2mozdef.py
 2015-01-26 07:01:35 -08:00
Julien Vehent 76727906c3 fix mig api error location in mig2mozdef.py 2015-01-26 09:19:52 -05:00
Jeff Bryner 232af1afd8 rework ldaplogin stats call as a server-side call, consistent the spacing 2015-01-23 18:07:46 -08:00
Jeff Bryner 1ee910b485 rework veris stats call as a server-side call, consistent the spacing 2015-01-23 16:56:51 -08:00
Jeff Bryner 69ee2e0c3e fixup the selection criteria 2015-01-23 09:45:43 -08:00
Jeff Bryner 1246b7dcab Merge pull request #223 from gdestuynder/master 
New alert for https://github.com/mozilla-it/duo_openvpn
 2015-01-22 16:45:14 -08:00
Jeff Bryner 13e491abd5 update VERIS tags, closes #222 2015-01-22 16:43:21 -08:00
Guillaume Destuynder 38078c65a2 New alert for https://github.com/mozilla-it/duo_openvpn 
Alerts when fDuoSecurity contact fails, which is means either authentication was refused, either granted based on a
single authentication factor ("fail open").
 2015-01-23 01:39:32 +01:00
Jeff Bryner 7b72733da2 minor comment/threshold change 2015-01-22 14:12:17 -08:00
Jeff Bryner e7dc4548d7 use the date range 2015-01-22 14:11:14 -08:00