.. |
lib
|
Add travisci to project and stabalize tests
|
2017-07-05 16:37:41 -05:00 |
plugins
|
Remove unused email alert plugin
|
2017-07-14 14:00:33 -05:00 |
__init__.py
|
averez-147-celery-alerts: more comments in the code
|
2014-07-15 16:31:21 -07:00 |
alertPlugins.ini
|
Adding log drain back to uwsgi ini files.
|
2017-06-15 15:07:29 -05:00 |
alertWorker.conf
|
Change default mq creds
|
2017-08-17 15:41:35 -05:00 |
alertWorker.py
|
Add logger statement in alert plugins
|
2017-06-15 15:06:22 -05:00 |
amoFailedLogins.py
|
Fix incorrect ES field names
|
2017-06-15 15:05:06 -05:00 |
auditd_sftp.py
|
Remove pyes from alert filenames
|
2017-06-15 15:03:34 -05:00 |
bruteforce_ssh.conf
|
Add alerts to use config files
|
2017-06-15 15:07:42 -05:00 |
bruteforce_ssh.py
|
Add alerts to use config files
|
2017-06-15 15:07:42 -05:00 |
bugzillaauthbruteforce.conf
|
Add alerts to use config files
|
2017-06-15 15:07:42 -05:00 |
bugzillaauthbruteforce.py
|
Add alerts to use config files
|
2017-06-15 15:07:42 -05:00 |
celeryconfig.py
|
Improve alert unit tests
|
2017-06-15 15:06:24 -05:00 |
cloudtrail_deadman.py
|
Add cloudtrail new alerts
|
2017-06-15 15:06:17 -05:00 |
cloudtrail_logging_disabled.py
|
Send Cloudtrail logging disabled alert to MOC
|
2017-06-15 15:07:45 -05:00 |
confluence_shell.py
|
Revert confluence shell fieldname
|
2017-06-15 15:05:07 -05:00 |
correlated_alerts.conf
|
Add alerts to use config files
|
2017-06-15 15:07:42 -05:00 |
correlated_alerts.py
|
Add alerts to use config files
|
2017-06-15 15:07:42 -05:00 |
deadman.conf
|
Add alerts to use config files
|
2017-06-15 15:07:42 -05:00 |
deadman.py
|
Add alerts to use config files
|
2017-06-15 15:07:42 -05:00 |
duo_authfail.conf
|
Add alerts to use config files
|
2017-06-15 15:07:42 -05:00 |
duo_authfail.py
|
Add alerts to use config files
|
2017-06-15 15:07:42 -05:00 |
duo_fail_open.py
|
Update formatting weirdness in alerts
|
2017-06-15 15:02:48 -05:00 |
fxaAlerts.py
|
Fix term for fxa alerts
|
2017-07-17 13:13:26 -05:00 |
generic_alert_loader.conf
|
Modify generic alerts path
|
2017-06-15 15:06:02 -05:00 |
generic_alert_loader.py
|
Add alerts to use config files
|
2017-06-15 15:07:42 -05:00 |
geomodel.py
|
derive geomodel MozDef alert severity from geomodel severity value
|
2017-06-15 15:06:34 -05:00 |
hostScannerAlerts.py
|
Fix incorrect ES field names
|
2017-06-15 15:05:06 -05:00 |
httpauthbruteforce.conf
|
Add alerts to use config files
|
2017-06-15 15:07:42 -05:00 |
httpauthbruteforce.py
|
Bump severity level in http alerts to warning
|
2017-06-15 15:07:46 -05:00 |
httperrors.conf
|
Add alerts to use config files
|
2017-06-15 15:07:42 -05:00 |
httperrors.py
|
Bump severity level in http alerts to warning
|
2017-06-15 15:07:46 -05:00 |
ldapAdd.py
|
Fix incorrect ES field names
|
2017-06-15 15:05:06 -05:00 |
ldapDelete.py
|
Fix incorrect ES field names
|
2017-06-15 15:05:06 -05:00 |
ldapGroup.py
|
Fix incorrect ES field names
|
2017-06-15 15:05:06 -05:00 |
ldapLockout.py
|
Fixup ldaplockout changepairs fieldname
|
2017-06-15 15:05:07 -05:00 |
multiple_intel_hits.py
|
Fix incorrect ES field names
|
2017-06-15 15:05:06 -05:00 |
open_port_violation.py
|
Add a pagerduty notification to the open port policy violation alert
|
2017-06-15 15:07:45 -05:00 |
promisc_audit.py
|
Fix broken alert unit tests
|
2017-06-15 15:06:31 -05:00 |
promisc_kernel.py
|
A rewrite of an alert to make it generic while fetching the correct hostname from details dict
|
2017-06-15 15:06:28 -05:00 |
proxy_drop.py
|
Remove pyes from alert filenames
|
2017-06-15 15:03:34 -05:00 |
sqs_queues_deadman.conf
|
Add deadman alert for sqs queues from tag
|
2017-06-15 15:07:29 -05:00 |
sqs_queues_deadman.py
|
Add alerts to use config files
|
2017-06-15 15:07:42 -05:00 |
ssh_access_signreleng.conf
|
Add complex filter in ssh alert config file
|
2017-07-12 15:44:26 -05:00 |
ssh_access_signreleng.py
|
Add complex filter in ssh alert config file
|
2017-07-12 15:44:26 -05:00 |
ssh_lateral.json
|
ssh_lateral: add sample config file
|
2017-06-15 15:07:42 -05:00 |
ssh_lateral.py
|
ssh_lateral: set level to WARNING
|
2017-06-15 15:17:38 -05:00 |
sshbruteforce_bro.conf
|
Add alerts to use config files
|
2017-06-15 15:07:42 -05:00 |
sshbruteforce_bro.py
|
Add alerts to use config files
|
2017-06-15 15:07:42 -05:00 |
sshioc.py
|
Update TermFilter to TermMatch
|
2017-06-15 15:01:21 -05:00 |
ssl_blacklist_hit.py
|
Remove pyes from alert filenames
|
2017-06-15 15:03:34 -05:00 |
supervisord.alerts.ini
|
moving supervisord logs to a subdir of /var/log/mozdef/supervisord/
|
2017-06-15 15:07:23 -05:00 |
unauth_portscan.conf
|
Add alerts to use config files
|
2017-06-15 15:07:42 -05:00 |
unauth_portscan.py
|
Add alerts to use config files
|
2017-06-15 15:07:42 -05:00 |
unauth_scan.conf
|
Add alerts to use config files
|
2017-06-15 15:07:42 -05:00 |
unauth_scan.py
|
Add alerts to use config files
|
2017-06-15 15:07:42 -05:00 |
unauth_ssh.conf
|
Unencrypt config files
|
2017-06-15 15:05:55 -05:00 |
unauth_ssh.py
|
Updated PhraseMatch in unauth_ssh.py so that this alert would correctly trigger. Tested. Works.
|
2017-06-15 15:05:43 -05:00 |
vpn_duo_auth_failures.py
|
Remove pyes from alert filenames
|
2017-06-15 15:03:34 -05:00 |