MozDef/alerts
Brandon Myers 41a2a1a81b
Change default mq creds
2017-08-17 15:41:35 -05:00
..
lib Add travisci to project and stabalize tests 2017-07-05 16:37:41 -05:00
plugins Remove unused email alert plugin 2017-07-14 14:00:33 -05:00
__init__.py averez-147-celery-alerts: more comments in the code 2014-07-15 16:31:21 -07:00
alertPlugins.ini Adding log drain back to uwsgi ini files. 2017-06-15 15:07:29 -05:00
alertWorker.conf Change default mq creds 2017-08-17 15:41:35 -05:00
alertWorker.py Add logger statement in alert plugins 2017-06-15 15:06:22 -05:00
amoFailedLogins.py Fix incorrect ES field names 2017-06-15 15:05:06 -05:00
auditd_sftp.py Remove pyes from alert filenames 2017-06-15 15:03:34 -05:00
bruteforce_ssh.conf Add alerts to use config files 2017-06-15 15:07:42 -05:00
bruteforce_ssh.py Add alerts to use config files 2017-06-15 15:07:42 -05:00
bugzillaauthbruteforce.conf Add alerts to use config files 2017-06-15 15:07:42 -05:00
bugzillaauthbruteforce.py Add alerts to use config files 2017-06-15 15:07:42 -05:00
celeryconfig.py Improve alert unit tests 2017-06-15 15:06:24 -05:00
cloudtrail_deadman.py Add cloudtrail new alerts 2017-06-15 15:06:17 -05:00
cloudtrail_logging_disabled.py Send Cloudtrail logging disabled alert to MOC 2017-06-15 15:07:45 -05:00
confluence_shell.py Revert confluence shell fieldname 2017-06-15 15:05:07 -05:00
correlated_alerts.conf Add alerts to use config files 2017-06-15 15:07:42 -05:00
correlated_alerts.py Add alerts to use config files 2017-06-15 15:07:42 -05:00
deadman.conf Add alerts to use config files 2017-06-15 15:07:42 -05:00
deadman.py Add alerts to use config files 2017-06-15 15:07:42 -05:00
duo_authfail.conf Add alerts to use config files 2017-06-15 15:07:42 -05:00
duo_authfail.py Add alerts to use config files 2017-06-15 15:07:42 -05:00
duo_fail_open.py Update formatting weirdness in alerts 2017-06-15 15:02:48 -05:00
fxaAlerts.py Fix term for fxa alerts 2017-07-17 13:13:26 -05:00
generic_alert_loader.conf Modify generic alerts path 2017-06-15 15:06:02 -05:00
generic_alert_loader.py Add alerts to use config files 2017-06-15 15:07:42 -05:00
geomodel.py derive geomodel MozDef alert severity from geomodel severity value 2017-06-15 15:06:34 -05:00
hostScannerAlerts.py Fix incorrect ES field names 2017-06-15 15:05:06 -05:00
httpauthbruteforce.conf Add alerts to use config files 2017-06-15 15:07:42 -05:00
httpauthbruteforce.py Bump severity level in http alerts to warning 2017-06-15 15:07:46 -05:00
httperrors.conf Add alerts to use config files 2017-06-15 15:07:42 -05:00
httperrors.py Bump severity level in http alerts to warning 2017-06-15 15:07:46 -05:00
ldapAdd.py Fix incorrect ES field names 2017-06-15 15:05:06 -05:00
ldapDelete.py Fix incorrect ES field names 2017-06-15 15:05:06 -05:00
ldapGroup.py Fix incorrect ES field names 2017-06-15 15:05:06 -05:00
ldapLockout.py Fixup ldaplockout changepairs fieldname 2017-06-15 15:05:07 -05:00
multiple_intel_hits.py Fix incorrect ES field names 2017-06-15 15:05:06 -05:00
open_port_violation.py Add a pagerduty notification to the open port policy violation alert 2017-06-15 15:07:45 -05:00
promisc_audit.py Fix broken alert unit tests 2017-06-15 15:06:31 -05:00
promisc_kernel.py A rewrite of an alert to make it generic while fetching the correct hostname from details dict 2017-06-15 15:06:28 -05:00
proxy_drop.py Remove pyes from alert filenames 2017-06-15 15:03:34 -05:00
sqs_queues_deadman.conf Add deadman alert for sqs queues from tag 2017-06-15 15:07:29 -05:00
sqs_queues_deadman.py Add alerts to use config files 2017-06-15 15:07:42 -05:00
ssh_access_signreleng.conf Add complex filter in ssh alert config file 2017-07-12 15:44:26 -05:00
ssh_access_signreleng.py Add complex filter in ssh alert config file 2017-07-12 15:44:26 -05:00
ssh_lateral.json ssh_lateral: add sample config file 2017-06-15 15:07:42 -05:00
ssh_lateral.py ssh_lateral: set level to WARNING 2017-06-15 15:17:38 -05:00
sshbruteforce_bro.conf Add alerts to use config files 2017-06-15 15:07:42 -05:00
sshbruteforce_bro.py Add alerts to use config files 2017-06-15 15:07:42 -05:00
sshioc.py Update TermFilter to TermMatch 2017-06-15 15:01:21 -05:00
ssl_blacklist_hit.py Remove pyes from alert filenames 2017-06-15 15:03:34 -05:00
supervisord.alerts.ini moving supervisord logs to a subdir of /var/log/mozdef/supervisord/ 2017-06-15 15:07:23 -05:00
unauth_portscan.conf Add alerts to use config files 2017-06-15 15:07:42 -05:00
unauth_portscan.py Add alerts to use config files 2017-06-15 15:07:42 -05:00
unauth_scan.conf Add alerts to use config files 2017-06-15 15:07:42 -05:00
unauth_scan.py Add alerts to use config files 2017-06-15 15:07:42 -05:00
unauth_ssh.conf Unencrypt config files 2017-06-15 15:05:55 -05:00
unauth_ssh.py Updated PhraseMatch in unauth_ssh.py so that this alert would correctly trigger. Tested. Works. 2017-06-15 15:05:43 -05:00
vpn_duo_auth_failures.py Remove pyes from alert filenames 2017-06-15 15:03:34 -05:00