cybercentrecanada/assemblyline-service-suricata issues and pull requests

#165 - Al 3333

Pull Request - State: closed - Opened by cccs-rs 5 months ago

#164 - Append raw alert logs to service ontology

Pull Request - State: closed - Opened by cccs-rs 5 months ago

#163 - Al 3337

Pull Request - State: closed - Opened by cccs-rs 6 months ago

#162 - Attempt to convert all input files to PCAP format

Pull Request - State: closed - Opened by cccs-rs 6 months ago

#161 - Update suricata_.py

Pull Request - State: closed - Opened by cccs-rs 6 months ago

#160 - Logging/failed rules

Pull Request - State: closed - Opened by cccs-rs 6 months ago

#159 - Log the rules that failed as warnings

Pull Request - State: closed - Opened by cccs-rs 6 months ago

#158 - Handle parsing of SRV records

Pull Request - State: closed - Opened by cccs-rs 6 months ago

#157 - Handle parsing of SRV records

Pull Request - State: closed - Opened by cccs-rs 6 months ago

#156 - Update helper.py

Pull Request - State: closed - Opened by cccs-rs 6 months ago

#155 - switch to use the templated pipelines

Pull Request - State: closed - Opened by cccs-ml 6 months ago

#154 - Update dev branch

Pull Request - State: closed - Opened by cccs-rs 6 months ago

#153 - convert to use pipeline templates

Pull Request - State: closed - Opened by cccs-ml 7 months ago

#152 - Support different keys for DNS queries in alerts

Pull Request - State: closed - Opened by cccs-rs 7 months ago

#151 - Assorted bugfixes

Pull Request - State: closed - Opened by cccs-rs 7 months ago

#150 - bugfix KeyError

Pull Request - State: closed - Opened by cccs-rs 7 months ago

#149 - Revert back to source repository for suricata

Pull Request - State: closed - Opened by cccs-rs 7 months ago

#148 - Add a file for testing

Pull Request - State: closed - Opened by cccs-rs 7 months ago

#147 - Ontology/smtp

Pull Request - State: closed - Opened by cccs-rs 7 months ago

#146 - Add SMTP event records to result ontology

Pull Request - State: closed - Opened by cccs-rs 7 months ago

#145 - Only attach a single DNS record to an alert

Pull Request - State: closed - Opened by cccs-rs 7 months ago

#144 - Ontology/duplicate dns attributes

Pull Request - State: closed - Opened by cccs-rs 7 months ago

#143 - Patch to use fork to build Suricata

Pull Request - State: closed - Opened by cccs-rs 7 months ago

#142 - Patch to use fork to build Suricata

Pull Request - State: closed - Opened by cccs-rs 7 months ago

#141 - Add tests for result parsing

Pull Request - State: closed - Opened by cccs-rs 7 months ago

#140 - Attribute flows to alerts where necessary

Pull Request - State: closed - Opened by cccs-rs 7 months ago

#139 - Attribute flows to alerts where necessary

Pull Request - State: closed - Opened by cccs-rs 7 months ago

#138 - Handle cases where network parts might not have the same headers

Pull Request - State: closed - Opened by cccs-rs 7 months ago

#137 - Break up conditions to skip adding invalid attributions (dev)

Pull Request - State: closed - Opened by cccs-rs 7 months ago

#136 - Attribute http network connections that are directly related to signature (dev)

Pull Request - State: closed - Opened by cccs-rs 7 months ago

#135 - Switch to tenacity (dev)

Pull Request - State: closed - Opened by cccs-rs 7 months ago

#134 - Attribute http network connections that are directly related to signature

Pull Request - State: closed - Opened by cccs-rs 7 months ago

#133 - Change retrying code to use Tenacity instead

Pull Request - State: closed - Opened by jasper-vdhoven 7 months ago - 2 comments

#132 - update branch

Pull Request - State: closed - Opened by cccs-rs 8 months ago

#131 - Suricata 8.0 dev pylint (dev)

Pull Request - State: closed - Opened by cccs-rs 9 months ago

#130 - Suricata 8.0 dev pylint

Pull Request - State: closed - Opened by einar-lanfranco 9 months ago

#129 - Suricata 8.0 dev pylint

Pull Request - State: closed - Opened by einar-lanfranco 9 months ago - 1 comment

#128 - Suricata 8.0 dev pylint

Pull Request - State: closed - Opened by einar-lanfranco 9 months ago

#127 - Suricata 8.0 dev pylint

Pull Request - State: closed - Opened by cccs-rs 9 months ago

#126 - Suricata 8.0 dev (dev)

Pull Request - State: closed - Opened by cccs-rs 9 months ago

#125 - Suricata 8.0 dev

Pull Request - State: closed - Opened by einar-lanfranco 9 months ago - 2 comments

#124 - minor changes so support suricata version 7.0.5

Pull Request - State: closed - Opened by cccs-rs 9 months ago

#123 - adding support for version 7.0.5 of suricata (dev)

Pull Request - State: closed - Opened by cccs-rs 9 months ago

#122 - Minor changes so support suricata version 7.0.5

Pull Request - State: closed - Opened by einar-lanfranco 9 months ago

#121 - Only link DNS results that are directly related to the alert

Pull Request - State: closed - Opened by cccs-rs 9 months ago

#120 - Only link DNS results that are directly related to the alert

Pull Request - State: closed - Opened by cccs-rs 9 months ago

#119 - Update with master branch

Pull Request - State: closed - Opened by cccs-rs 9 months ago

#118 - Bugfix/gid injection

Pull Request - State: closed - Opened by cccs-rs 9 months ago

#117 - Use `suricataparser` to parse/build modified suricata rules

Pull Request - State: closed - Opened by cccs-rs 9 months ago

#116 - Cccs rs patch 1

Pull Request - State: closed - Opened by cccs-rs 10 months ago

#115 - Update suricata_.py

Pull Request - State: closed - Opened by cccs-rs 10 months ago

#114 - Add helper function for debugging event log parsing

Pull Request - State: closed - Opened by cccs-rs 10 months ago

#113 - Add helper function for debugging event log parsing

Pull Request - State: closed - Opened by cccs-rs 10 months ago

#112 - Helper

Pull Request - State: closed - Opened by cccs-rs 10 months ago

#111 - Correct classification assignment

Pull Request - State: closed - Opened by cccs-rs 10 months ago

#110 - Correct classification assignment

Pull Request - State: closed - Opened by cccs-rs 10 months ago

#109 - Inject a GID into rules to prevent Suricata deduping rules across sou…

Pull Request - State: closed - Opened by cccs-rs 10 months ago

#108 - Add rule classification to the Signature object in the ontology

Pull Request - State: closed - Opened by cccs-rs 10 months ago

#107 - Add rule classification to the Signature object in the ontology

Pull Request - State: closed - Opened by cccs-rs 10 months ago

#106 - Inject a GID into rules to prevent Suricata deduping rules across sources

Pull Request - State: closed - Opened by cccs-rs 10 months ago

#105 - Al 3091

Pull Request - State: closed - Opened by cccs-rs 10 months ago

#104 - Link `app_proto` to Netflow's `connection_type` + fix attributes assigned to signature

Pull Request - State: closed - Opened by cccs-rs 10 months ago

#103 - Remove buster-backports

Pull Request - State: closed - Opened by cccs-rs 10 months ago

#102 - Bugfix/dockerfile

Pull Request - State: closed - Opened by cccs-rs 10 months ago

#101 - Filter out common link-local IPv6 addresses

Pull Request - State: closed - Opened by kam193 11 months ago - 1 comment

#100 - Update manifest

Pull Request - State: closed - Opened by cccs-rs about 1 year ago

#99 - Assemblyline/issues/101

Pull Request - State: closed - Opened by cccs-rs about 1 year ago

#98 - Update client

Pull Request - State: closed - Opened by cccs-rs about 1 year ago

#97 - Use Discord link over deprecated Google Groups link

Pull Request - State: closed - Opened by cccs-kevin about 1 year ago

#96 - Issues/143

Pull Request - State: closed - Opened by cccs-rs about 1 year ago