mozilla
/
MozDef
зеркало из https://github.com/mozilla/MozDef.git
1
0
Форкнуть 0
Код Задачи Пакеты Проекты Релизы Вики Активность
1 710 коммитов 4 Ветки 53 Теги 68 MiB
Граф коммитов

1710 Коммитов

Автор SHA1 Сообщение Дата
Brandon Myers e3011005ef
Remove log directory 2017-06-15 15:07:46 -05:00
Brandon Myers 8f34b5a8ed
Remove unused pip json file 2017-06-15 15:07:46 -05:00
Brandon Myers fe96636655
Improve cloudtrail mq worker 2017-06-15 15:07:46 -05:00
Brandon Myers c632ed8250
Fix mozillaLocation mq plugin 2017-06-15 15:07:46 -05:00
Michal Purzynski 2b389b3e19
Bump severity level in http alerts to warning 2017-06-15 15:07:46 -05:00
Michal Purzynski 76a2248ffe
Send Cloudtrail logging disabled alert to MOC 2017-06-15 15:07:45 -05:00
Michal Purzynski 6bb91c1dd8
Add a pagerduty notification to the open port policy violation alert 2017-06-15 15:07:45 -05:00
Brandon Myers e9e257fd23
Remove mozilla specific mq worker service files 2017-06-15 15:07:45 -05:00
Brandon Myers c6aaa8add8
Remove mozilla mq worker sample conf files 2017-06-15 15:07:45 -05:00
Brandon Myers cd25328625
Remove mozilla specific workers 2017-06-15 15:07:45 -05:00
Brandon Myers e59d2097ed
Remove default rabbitmq config 2017-06-15 15:07:44 -05:00
Brandon Myers cae96f73b1
Remove cymon rest plugin 2017-06-15 15:07:44 -05:00
Brandon Myers 4d9813424c
Remove test rest plugins 2017-06-15 15:07:44 -05:00
Brandon Myers b52c506810
Add defaults for sns sqs worker 2017-06-15 15:07:44 -05:00
Brandon Myers 5af4119661
Improve aggregation query model unit tests 2017-06-15 15:07:43 -05:00
Brandon Myers adf2c07d4d
Improve aggregation unit tests 2017-06-15 15:07:43 -05:00
Brandon Myers fa8e3d4cc3
Expand query_models into separate folder 2017-06-15 15:07:43 -05:00
Brandon Myers 8a9b34fd88
Remove unused generic unit tests 2017-06-15 15:07:43 -05:00
Brandon Myers a22f9fde47
Remove mozilla hostnames from meteor settings 2017-06-15 15:07:43 -05:00
Brandon Myers 16664de914
Remove mozilla hostname in mozdefweb.service 2017-06-15 15:07:42 -05:00
Brandon Myers 849cdb3252
Remove heatmap html page 2017-06-15 15:07:42 -05:00
Brandon Myers 29e3dec9ed
Add alerts to use config files 2017-06-15 15:07:42 -05:00
Aaron Meihm f66bf9f8dd
ssh_lateral: add sample config file 2017-06-15 15:07:42 -05:00
Aaron Meihm dd0cb003ff
add initial work around ssh_lateral alert 
Intended to generate alerts where SSH authentication occurs on devices
where the origin falls into a specific CIDR range (e.g., other devices
on the internal network).

Exceptions can be built into the configuration file for the alert to
exempt certain networks or users as required.
 2017-06-15 15:07:42 -05:00
Brandon Myers 4bcaff8e45
Remove unused config options in tests 2017-06-15 15:07:41 -05:00
Brandon Myers d8c742701d
Add if statement to other areas of delete_index 2017-06-15 15:07:41 -05:00
Brandon Myers 302eb1b665
Remove unncessary fixture from conftest 2017-06-15 15:07:41 -05:00
Brandon Myers 1d88b48c3f
Fix remaining reset es references 2017-06-15 15:07:41 -05:00
Brandon Myers 870a156aca
Remove contents in __init__ 2017-06-15 15:07:40 -05:00
Brandon Myers 1b140271f8
Add pytest option to delete indexes before tests 2017-06-15 15:07:40 -05:00
Brandon Myers bac6c7450a
Remove unncessary parsys file 2017-06-15 15:07:40 -05:00
Brandon Myers 43a722c65d
Fix typo in parsys ini file 2017-06-15 15:07:40 -05:00
Brandon Myers 2b38a29dd4
Add missing parsys worker 2017-06-15 15:07:40 -05:00
Brandon Myers c7ee535d69
Remove mozilla ip addresses from source 2017-06-15 15:07:39 -05:00
Brandon Myers 1c4fc1071c
Remove unused mq workers 2017-06-15 15:07:38 -05:00
Brandon Myers 496311a364
Add parsys mq worker 2017-06-15 15:07:30 -05:00
Brandon Myers 9e734175e7
Add SNS SQS mq worker 2017-06-15 15:07:30 -05:00
Phrozyn fc3e0e397e
Modifying urls to point to mozilla from jeffbryner, slight readability changes. 2017-06-15 15:07:30 -05:00
Brandon Myers d2664838e6
Add license info to test alert 2017-06-15 15:07:29 -05:00
Brandon Myers ca5bd81c30
Add deadman alert for sqs queues from tag 2017-06-15 15:07:29 -05:00
Phrozyn ceec55ad18
Changing verbiage of alert to be less specific. 2017-06-15 15:07:29 -05:00
Phrozyn f031d2b8d8
Adding log drain back to uwsgi ini files. 2017-06-15 15:07:29 -05:00
Phrozyn 30eb50385a
Adding infosecsqs to mozdef syslog filter 2017-06-15 15:07:29 -05:00
Phrozyn ab3714d22a
Adding log drain back into uwsgi ini files. 2017-06-15 15:07:28 -05:00
A Smith 3f4b4567fe
fix sso worker filter 2017-06-15 15:07:28 -05:00
A Smith daefdf3ceb
Correcting typo in contegix systemd unit file 2017-06-15 15:07:28 -05:00
Phrozyn aadd791181
Adding kibana logging to mozdef filter. 2017-06-15 15:07:28 -05:00
A Smith 78f450e847
Fix missing bracket on syslog worker 2017-06-15 15:07:28 -05:00
Phrozyn 8db45f199c
Adding logrotate config for nginx. 2017-06-15 15:07:27 -05:00
Phrozyn 79f0ba1ac9
Adding logrotate config for nginx. 2017-06-15 15:07:27 -05:00