mozilla
/
MozDef
зеркало из https://github.com/mozilla/MozDef.git
1
0
Форкнуть 0
Код Задачи Пакеты Проекты Релизы Вики Активность

Граф коммитов

  • bd6e2b3a6b
         changing specific tag to encompass all triagebot escalations (#1668) A Smith 2020-07-30 14:24:54 -0500
  • 69c71a24da
         updating test to reflect changes Phrozyn 2020-07-30 11:16:21 -0500
  • 082ff2164d
         changing specific tag to encompass all triagebot escalations Phrozyn 2020-07-30 10:50:39 -0500
  • dbe90e355d
         adding new triagebot escalation alert (#1666) A Smith 2020-07-29 14:39:06 -0500
  • 6e499044cb
         reverts change to raw_value from object to string and renames field to raw_event (#1667) A Smith 2020-07-29 13:54:19 -0500
  • 07e3409da2
         changes raw_value to raw_event Phrozyn 2020-07-29 12:57:17 -0500
  • 2d6e5b85d7
         reverts change to raw_value from object to string Phrozyn 2020-07-29 11:40:10 -0500
  • 7b2eaa2bce
         changing critical to info for pre-release Phrozyn 2020-07-28 17:26:56 -0500
  • 7b4c6a0d2d
         adding new triagebot escalation alert Phrozyn 2020-07-28 16:56:28 -0500
  • a6c4b1e466
         EIS-2365 (#1665) A Smith 2020-07-27 11:08:48 -0500
  • fc6a423d6d
         correcting the test summary Phrozyn 2020-07-27 10:36:01 -0500
  • 1c90a3b445
         updates the summary in the test Phrozyn 2020-07-24 18:12:38 -0500
  • 1dc792fb9f
         Refactoring the summary to be dynamic based on values present and not None Phrozyn 2020-07-24 18:04:52 -0500
  • 838c8827fa
         adding RP to summaries Phrozyn 2020-07-24 15:55:35 -0500
  • 4e578573db
         adding comments around the source field Phrozyn 2020-07-24 14:29:25 -0500
  • 3d9fd76dd0
         adding additional wording to summary Phrozyn 2020-07-24 14:08:33 -0500
  • 69522c9e2e
         tidying up comments, removing references to UNKNOWN. Phrozyn 2020-07-24 10:32:34 -0500
  • 42cf59f015
         adding summary changes Phrozyn 2020-07-24 10:30:19 -0500
  • 9a9bda6b4f
         removes json import Phrozyn 2020-07-24 10:27:46 -0500
  • 150c1680c8
         Defines successful api operation, modifies summaries to be more informative Phrozyn 2020-07-24 10:26:46 -0500
  • 38ee9879f2
         makes raw_value an object that is searchable, and pulls out some user metadata Phrozyn 2020-07-23 19:57:24 -0500
  • d5a9e3353f
         Merge remote-tracking branch 'origin' into EIS-2365 Phrozyn 2020-07-23 17:59:19 -0500
  • e3c2b7da83
         adds the raw msg as an object Phrozyn 2020-07-23 17:58:37 -0500
  • df9b02050f
         Auth0 categories (#1664) A Smith 2020-07-23 17:57:17 -0500
  • f637be1e6e
         parses further information into objects so that they are searchable Phrozyn 2020-07-23 15:56:05 -0500
  • e5acc031a8
         reduces redundancy of other event names to correctly assign succes/failure and ensure categorization Phrozyn 2020-07-23 14:34:13 -0500
  • 26f6d1880f
         reduces redundancy of push notification event and adds it to authentication category Phrozyn 2020-07-23 14:30:50 -0500
  • af40a6724e
         adds some additional parsing for email, user metadata, and adds to summary Phrozyn 2020-07-23 14:28:15 -0500
  • 6869de3dc2
         moves Success Signup into Authentication category Phrozyn 2020-07-23 12:13:09 -0500
  • c9c59160b7
         removes duplicate log event types from the dict Phrozyn 2020-07-22 18:21:45 -0500
  • c329ec34ea
         removes duplicated CORS from authentication category Phrozyn 2020-07-22 18:19:59 -0500
  • 28196bf5cd
         adds administration category, and adds terms to define the category for every potential event Phrozyn 2020-07-22 18:17:09 -0500
  • 6e2cb9b293
         checking that keys exist and are not empty or None (#1663) A Smith 2020-07-21 09:41:08 -0500
  • ca841cc816
         checking that keys exist and are not empty or None Phrozyn 2020-07-20 17:49:55 -0500
  • 8350ebcf98
         Reverts edit made to the check for the details.requestparameters.htmlpart (#1662) A Smith 2020-07-20 16:10:46 -0500
  • 1169e68841
         fixing whitespace Phrozyn 2020-07-20 15:36:43 -0500
  • 05f134254d
         Merge branch 'truncate_values' of https://github.com/mozilla/MozDef into truncate_values Phrozyn 2020-07-20 15:36:26 -0500
  • 72460aea85
         fixing whitespace Phrozyn 2020-07-20 15:35:58 -0500
  • 9326816c41
         Merge branch 'master' into truncate_values A Smith 2020-07-20 15:29:57 -0500
  • ebc4a2ff16
         reverting check for details.requestparameters.htmlpart edit Phrozyn 2020-07-20 15:28:07 -0500
  • d1b66ec378
         moving plugins into mozdef data class (#1659) A Smith 2020-07-16 18:21:15 -0500
  • 08b0ae2526
         truncates htmlpart to something ES can handle and adds authparameters to modify_keys (#1661) A Smith 2020-07-16 18:20:46 -0500
  • 868460b6b8
         adds a constnat and adds description for the ES_FIELD_LIMIT_VALUE constant. Phrozyn 2020-07-16 17:41:47 -0500
  • 184fcb896d
         removing whitespace Phrozyn 2020-07-16 16:39:41 -0500
  • e2194350cf
         remove dots from the start or end of a key (#1650) A Smith 2020-07-16 16:38:24 -0500
  • a8444bd8e8
         adding comments to code and checking if values exist per @arcrose's suggestion Phrozyn 2020-07-16 15:16:26 -0500
  • f181f3f6e9
         adds logic to check for null keys Phrozyn 2020-07-16 14:03:02 -0500
  • 91356570a6
         truncates htmlpart to something ES can handle Phrozyn 2020-07-16 13:42:40 -0500
  • a8a1663452
         Eis 2329 (#1660) Arcadia Rose 2020-07-15 15:58:12 -0400
  • 0218707c1b
         Split actor strings on spaces and on commas Arcadia Rose 2020-07-14 18:23:08 -0400
  • 7f58b1198e
         Add example from input that caused failure Arcadia Rose 2020-07-14 18:16:51 -0400
  • 70b80d55e9
         addressing review comments Phrozyn 2020-07-14 17:14:50 -0500
  • f015fac9e5
         Fix breaking test cases Arcadia Rose 2020-07-14 18:07:16 -0400
  • 24e65af82e
         Tweak tests to break as expected Arcadia Rose 2020-07-14 18:06:59 -0400
  • 1486d3232f
         Write some new test cases that break the current implementation of the ldap_fixup email parser Arcadia Rose 2020-07-14 17:26:25 -0400
  • 4bbf21c96e
         moving plugins into mozdef data class Phrozyn 2020-07-14 12:17:03 -0500
  • aa602f4763
         Update an alert to acknowledged in mongodb when the triagebot updates its status (#1656) Arcadia Rose 2020-07-13 17:38:12 -0400
  • ffa92efcb0
         Change Auth0 raw field from str repr to json (#1653) Gene Wood 2020-07-13 14:37:48 -0700
  • 2b7b8a2f5d
         Merge branch 'master' into EIS-2199 Arcadia Rose 2020-07-08 17:33:27 -0400
  • 88525f3dd7
         Revert "backporting package-lock from production (#1651)" (#1657) A Smith 2020-07-08 15:50:56 -0500
  • 8254fa09e7
         Revert "Bump jquery from 3.4.0 to 3.5.0 in /meteor (#1620)" (#1658) A Smith 2020-07-08 15:50:39 -0500
  • 8b1a0f5d8d Revert "Bump jquery from 3.4.0 to 3.5.0 in /meteor (#1620)" A Smith 2020-07-08 15:39:08 -0500
  • 11320e6604 Revert "backporting package-lock from production (#1651)" A Smith 2020-07-08 15:37:40 -0500
  • c706e902a5
         Add check to display SQS stats table if set is populated (#1655) Brandon Myers 2020-07-08 15:00:02 -0500
  • cbf21bfcf9
         Update an alert to acknowledged in mongodb when the triagebot updates its status Arcadia Rose 2020-07-08 13:13:25 -0400
  • 6a2d4a2fd5
         re-envisioned code per @pwnbus' suggestion Phrozyn 2020-07-07 11:26:51 -0500
  • 3e5909ab52
         backporting package-lock from production (#1651) A Smith 2020-07-06 17:49:49 -0500
  • d24e677dba
         Add check to display SQS stats table if set is populated Brandon Myers 2020-07-06 17:13:11 -0500
  • ab0a82f12a
         Add notify mozdefbot for generic_alerts (#1654) Brandon Myers 2020-07-06 16:57:00 -0500
  • ed7ece344d
         Add notify_mozdefbot parameter to alerts for generic alert Brandon Myers 2020-07-06 12:58:13 -0500
  • 21eebb5e67
         Merge branch 'master' of ssh://github.com/mozilla/mozdef into add_notify_mozdefbot Brandon Myers 2020-07-06 12:57:43 -0500
  • b9fc856c04
         Rename ircchannel to channel (#1652) Brandon Myers 2020-07-06 12:57:02 -0500
  • be844b64a0
         Change Auth0 raw field from str repr to json Gene Wood 2020-07-06 07:51:14 -0700
  • ff8fa1fbb4
         Rename ircchannel to channel Brandon Myers 2020-07-01 09:20:34 -0500
  • 8affa094cf
         backporting package-lock from production Phrozyn 2020-06-30 14:52:44 -0500
  • d1849fbb74
         updating the comment text Phrozyn 2020-06-30 14:17:55 -0500
  • 1508a541be
         remove dots from the start or end of a key Phrozyn 2020-06-30 14:14:04 -0500
  • 4cc6433934
         removes dots from start or end of keys Phrozyn 2020-06-30 12:47:06 -0500
  • f97811512a
         Merge remote-tracking branch 'origin' into cloudtrail_parse_errorfix Phrozyn 2020-06-30 12:46:28 -0500
  • 2788729e2c
         Bump jquery from 3.4.0 to 3.5.0 in /meteor (#1620) dependabot[bot] 2020-06-29 10:25:47 -0500
  • 5af28d8717
         Alert when the Session Invalidation application is used to terminate a user's sessions (#1646) Arcadia Rose 2020-06-29 11:25:35 -0400
  • 49973b5256
         adds requestparameter for cloudtrail plugin (#1648) A Smith 2020-06-29 10:23:51 -0500
  • 122623d3fd
         adds requestparameter for cloudtrail plugin Phrozyn 2020-06-26 14:42:03 -0500
  • 2e39026568
         Update gitpython to 3.1.3 (#1647) Brandon Myers 2020-06-26 10:25:36 -0500
  • 2c792cf5a9
         Update gitpython to 3.1.3 Brandon Myers 2020-06-25 17:30:56 -0500
  • 7840b9c24e
         disabling date detection to improve on mapping conflicts (#1643) A Smith 2020-06-24 12:01:23 -0500
  • 4933c6b47c
         Create vpn_assignment alert plugin (#1645) Arcadia Rose 2020-06-24 11:41:28 -0400
  • da5546fede
         Have the ldap_group alert aggregate on details.email (#1642) Arcadia Rose 2020-06-24 11:41:08 -0400
  • bfea37de3a
         removing deprecated references to fluentd sqs (#1644) A Smith 2020-06-24 09:57:15 -0500
  • e3802324de
         Merge branch 'master' into EIS-516 Arcadia Rose 2020-06-23 17:08:08 -0400
  • d7546ee0bf
         Merge branch 'master' into EIS-2141 Arcadia Rose 2020-06-23 17:07:39 -0400
  • 38b6e6d6de
         Fixed session_invalidation alert Arcadia Rose 2020-06-23 14:23:36 -0400
  • 08c9613f86
         Add a blank line before class definition to satisfy linter Arcadia Rose 2020-06-23 14:23:06 -0400
  • c063495ab4
         Working on test for AlertSessionInvalidation Arcadia Rose 2020-06-23 10:57:28 -0400
  • 805a386de3
         Add information about the actor who instigated terminations to alert details Arcadia Rose 2020-06-23 10:52:32 -0400
  • 3305e82fb1
         Don't fire session_invalidation alert when no terminations took place Arcadia Rose 2020-06-23 10:52:07 -0400
  • ca45acecdd
         First pass through writing an alert to fire when the session invalidation tool is used Arcadia Rose 2020-06-22 17:56:43 -0400
  • 3090d1f239
         Bump httplib2 from 0.13.0 to 0.18.0 (#1633) dependabot[bot] 2020-06-22 13:19:37 -0500
  • e902c4a77b
         reference the utctimestamp core field Arcadia Rose 2020-06-12 11:22:44 -0400
  • eafdb12f8d
         Use utctimestmap and not ts to sort events Arcadia Rose 2020-06-11 19:27:39 -0400