Граф коммитов

514 Коммитов

Автор SHA1 Сообщение Дата
Michal Purzynski 2c05bd2354
Merge pull request #1107 from mpurzynski/duosecurity_eis536
Promote the access_device's IP address to the sourceipaddress
2019-02-20 11:22:34 -08:00
Michal Purzynski 88e2ab9007 Promote the access_device's IP address to the sourceipaddress 2019-02-15 15:58:21 -08:00
Brandon Myers 6229410acd
Specify number of shards for alerts index in rotateIndexes cron 2019-02-06 14:52:52 -06:00
Guillaume Destuynder 8e702e5a0b
Fix API calls to use next_offset as this is the newer way to paginate
Note: only authentication logs support this

This *should* fix the duplicates. Needs a bit of testing.

See also https://community.duo.com/t/duo-admin-api-admin-v2-logs-authentication/3836/11
2019-01-29 16:33:16 -08:00
Jeff Bryner bf1d284768
remove extra N 2019-01-29 12:21:28 -08:00
Brandon Myers a2b3387e2e
Remove extra sqs prod and dev sh and conf files 2019-01-28 15:49:16 -06:00
Brandon Myers fd3c85a14a
Remove unused healthAndStatus extra files 2019-01-28 15:42:51 -06:00
Brandon Myers 413902611f
Remove duo logpull extra cron files 2019-01-28 15:29:23 -06:00
Brandon Myers b14ac58535
Fixup duo cron script to report success correctly 2019-01-16 13:22:46 -06:00
Brandon Myers 99c0b7e506
Add checks for keys in user dict for duo logs 2019-01-15 16:19:59 -06:00
Brandon Myers cf4b5808c7
Rename user dict into string keys 2019-01-15 15:57:57 -06:00
Brandon Myers 9992a767c3
Merge pull request #1039 from mozilla/fix_duo_dup_keys
Remove duplicate config key in duo log cron script
2019-01-14 17:39:12 -06:00
Guillaume Destuynder 5917016d5c
support older state files by upverting the timestamps to millisec 2019-01-11 15:24:32 -08:00
Guillaume Destuynder 13f2c60d17
Support api_version 2 for Duo auth logs
(https://duo.com/docs/adminapi#authentication-logs)
2019-01-11 14:56:19 -08:00
Brandon Myers 04ef5a9b15
Remove duplicate config key in duo log cron script 2019-01-10 14:31:35 -06:00
Brandon Myers 7fc1362b96
Merge pull request #1009 from mozilla/jeffbryner-auth0-1
user agent/username fixes
2018-12-26 10:27:09 -06:00
A Smith 7215580095
Merge pull request #964 from mozilla/lower_keys
Lower keys
2018-12-18 17:41:27 -06:00
Jeff Bryner b663cd4f57
user agent/username fixes
Correctly place user agent in details and update username to have defaults to avoid key errors when setting description/summaries.
2018-12-18 09:23:43 -08:00
Brandon Myers 8af926d9ef
Merge pull request #998 from mozilla/enable_library_unused_pep8_check
Enable library unused pep8 check
2018-12-14 17:18:25 -06:00
Brandon Myers 46be867d2f
Fixup unused variables check 2018-12-14 14:06:21 -06:00
Brandon Myers df84a1942d
Fixup block comments not having a space after hash 2018-12-14 13:40:07 -06:00
Brandon Myers 77e93f3fd8
Fixup missing whitespace around modulo operator 2018-12-14 12:53:25 -06:00
Brandon Myers be7788089d
Fixup missing whitespace around arithmetic operator 2018-12-14 12:49:25 -06:00
Brandon Myers 09989706a0
Fixup closing bracket indentation not matching original 2018-12-14 12:39:23 -06:00
Brandon Myers 4d5f70295c
Fixup redefinition of unused import statements 2018-12-14 12:35:18 -06:00
Jeff Bryner feaa882e99 match mozdef_client's expectation for set_category 2018-12-14 10:33:04 -08:00
Brandon Myers d04485c850
Fixup pep8 undefined library 2018-12-14 12:27:57 -06:00
Brandon Myers fc771bd531
Remove unused import statements 2018-12-14 11:34:42 -06:00
Jeff Bryner e7cd202d77
update category set
use the setter in the mozdef_client object we are using, rather than set a dict key
2018-12-13 16:36:47 -08:00
Jeff Bryner 72c51b64a9 success only on true, catch other ip field 2018-12-11 16:03:33 -08:00
Jeff Bryner c774d5921b set details.success to match auth0, other auth sources 2018-12-11 15:59:35 -08:00
A Smith 03dabc7524
Merge branch 'master' into lower_keys 2018-11-29 10:44:50 -06:00
Jeff Bryner 80847d9747 user_id doesn't always exist 2018-11-27 21:11:33 -08:00
Phrozyn 307d65165d
lowering keys that the lower_keys plugin will affect, and removing unused details.Random field. 2018-11-26 18:38:51 -06:00
andrewkrug e5c252e2b4
fix pep8 error 2018-11-23 16:07:55 -08:00
andrewkrug a254b8030c
refactor attacker collection to configure hitcount in cf 2018-11-23 15:33:17 -08:00
Jeff Bryner bd8944ed7b pep8 everything 2018-11-15 07:39:49 -08:00
Jeff Bryner 63ec17763f flake8 fixes 2018-11-14 15:56:49 -08:00
Jeff Bryner 3ea85c2df5 fix up field names, missing field logic 2018-11-14 14:46:27 -08:00
Brandon Myers b71970137f
Merge pull request #944 from mozilla/fix_cloudtrail_mapping
Add cloudtrail fields to default mapping
2018-11-06 15:19:56 -06:00
Brandon Myers 1154875f5b
Add cloudtrail fields to default mapping 2018-11-06 11:54:45 -06:00
Phrozyn ce36bf575c
Fixing indentation error in eventStats.py 2018-11-06 11:48:11 -06:00
Brandon Myers 3b07f12cc9
Resolve E128 continuation line under indented 2018-10-31 18:11:08 -05:00
Brandon Myers db5c6c92cc
Resolve E126 continuation of over-indented lines 2018-10-31 17:17:49 -05:00
Brandon Myers 1d03fd7037
Resolve E129 indented line with same indent as next logical line 2018-10-30 18:16:38 -05:00
Brandon Myers 4c80290a2b
Resolve E302 expected 2 blank lines found 1 2018-10-30 18:08:59 -05:00
Brandon Myers c8922602f3
Resolve E305 expected 2 blank lines after class 2018-10-30 18:04:55 -05:00
Brandon Myers 944dde209b
Resolve E301 expected 1 line got 0 2018-10-30 17:52:53 -05:00
Brandon Myers 1b3bfd952c
Resolve E711 None false conditional 2018-10-30 17:48:37 -05:00
Brandon Myers a8cfc375e0
Resolve E261 at least two spaces between inline comment 2018-10-30 17:42:21 -05:00