opensearch-project/security-analytics issues and pull requests

#443 - Use strong password in security test

Pull Request - State: open - Opened by bowenlan-amzn over 1 year ago - 1 comment

#442 - Feature/composite monitors detector triggers bucket level

Pull Request - State: open - Opened by stevanbz over 1 year ago

#441 - bump version to 2.8

Pull Request - State: open - Opened by eirsep over 1 year ago

#440 - Bump 2.x version to 2.8.0

Pull Request - State: open - Opened by rishabh6788 over 1 year ago

#439 - Release version 2.8.0

Issue - State: open - Opened by peterzhuamazon over 1 year ago
Labels: untriaged, release, v2.8.0

#438 - Match maintainer account username.

Pull Request - State: open - Opened by dblock over 1 year ago

#437 - Gradle update

Pull Request - State: open - Opened by petardz over 1 year ago

#436 - [Backport 2.x] fix for failure in syslogs mappings view api

Pull Request - State: closed - Opened by opensearch-trigger-bot[bot] over 1 year ago - 1 comment

#435 - fix for failure in syslogs mappings view api

Pull Request - State: closed - Opened by sbcd90 over 1 year ago - 1 comment
Labels: backport 2.x

#434 - Update CODEOWNERS

Pull Request - State: closed - Opened by prudhvigodithi over 1 year ago

#433 - Delete refresh fix

Pull Request - State: open - Opened by petardz over 1 year ago - 4 comments

#432 - [BUG] Mapper not found: [linux]

Issue - State: open - Opened by paasi6666 over 1 year ago - 2 comments
Labels: bug

#431 - [Backport 2.7] fix for input validation of correlation rule names

Pull Request - State: closed - Opened by opensearch-trigger-bot[bot] over 1 year ago

#430 - [Backport 2.x] fix for input validation of correlation rule names

Pull Request - State: closed - Opened by opensearch-trigger-bot[bot] over 1 year ago

#429 - packetbeat for DNS and sigma rules

Issue - State: open - Opened by mareban over 1 year ago - 10 comments
Labels: bug

#428 - fix for input validation of correlation rule names

Pull Request - State: closed - Opened by sbcd90 over 1 year ago - 1 comment
Labels: backport 2.x, backport 2.7

#427 - [Backport 2.7] add rules to correlations for correlation engine

Pull Request - State: closed - Opened by opensearch-trigger-bot[bot] over 1 year ago

#426 - [Backport 2.x] add rules to correlations for correlation engine

Pull Request - State: closed - Opened by opensearch-trigger-bot[bot] over 1 year ago - 1 comment

#425 - [Backport 2.x] Moved CODEOWNERS files to align with org requirements.

Pull Request - State: closed - Opened by opensearch-trigger-bot[bot] over 1 year ago - 1 comment

#424 - security analytics : template vs _index_template

Issue - State: open - Opened by mareban over 1 year ago - 1 comment
Labels: bug

#423 - add rules to correlations for correlation engine

Pull Request - State: closed - Opened by sbcd90 over 1 year ago - 1 comment
Labels: backport 2.x, backport 2.7

#422 - [Backport 2.7] Alias and dataStream end-to-end ITs

Pull Request - State: closed - Opened by opensearch-trigger-bot[bot] over 1 year ago

#421 - [Backport 2.x] Alias and dataStream end-to-end ITs

Pull Request - State: closed - Opened by opensearch-trigger-bot[bot] over 1 year ago

#420 - [Backport 2.7] SearchRule API - source filtering

Pull Request - State: closed - Opened by opensearch-trigger-bot[bot] over 1 year ago

#419 - [Backport 2.x] SearchRule API - source filtering

Pull Request - State: closed - Opened by opensearch-trigger-bot[bot] over 1 year ago

#418 - Moved CODEOWNERS files to align with org requirements.

Pull Request - State: closed - Opened by AWSHurneyt over 1 year ago - 1 comment
Labels: backport 2.x

#417 - [AUTO] Incremented version to 2.7.1.

Pull Request - State: open - Opened by opensearch-trigger-bot[bot] over 1 year ago

#416 - [Backport 2.7] Findings index mappings fix

Pull Request - State: closed - Opened by opensearch-trigger-bot[bot] over 1 year ago

#415 - [Backport 2.x] Findings index mappings fix

Pull Request - State: closed - Opened by opensearch-trigger-bot[bot] over 1 year ago

#414 - [FEATURE] Enrichment of events with other datasets stored in opensearch

Issue - State: open - Opened by jimmyjones2 over 1 year ago - 1 comment
Labels: enhancement

#413 - [AUTOCUT] Integration Test failed for security-analytics: 2.7.0 tar distribution

Issue - State: closed - Opened by opensearch-ci-bot over 1 year ago - 2 comments
Labels: v2.7.0, integ-test-failure, autocut

#412 - Fixed compile issues related to latest OS core repo changes

Pull Request - State: closed - Opened by petardz over 1 year ago - 1 comment

#411 - [AUTOCUT] Integration Test failed for security-analytics: 2.7.0 deb distribution

Issue - State: closed - Opened by opensearch-ci-bot over 1 year ago - 3 comments
Labels: v2.7.0, integ-test-failure, autocut

#410 - [BUG] Missing Image mapping field

Issue - State: open - Opened by jiris245 over 1 year ago - 1 comment
Labels: bug

#409 - Findings index mappings fix

Pull Request - State: closed - Opened by petardz over 1 year ago
Labels: backport 2.x, backport 2.7

#408 - Correct rule description in web_apache_segfault.yml

Pull Request - State: open - Opened by knarph over 1 year ago - 1 comment

#407 - [Backport 2.7] add correlation engine for security-analytics

Pull Request - State: closed - Opened by opensearch-trigger-bot[bot] over 1 year ago

#406 - [Backport 2.x] add correlation engine for security-analytics

Pull Request - State: closed - Opened by opensearch-trigger-bot[bot] over 1 year ago

#405 - add correlation engine for security-analytics

Pull Request - State: closed - Opened by sbcd90 over 1 year ago
Labels: backport 2.x, backport 2.7

#404 - New rules an Mappings fixes

Pull Request - State: open - Opened by petardz over 1 year ago - 1 comment

#403 - add correlation engine for security-analytics

Pull Request - State: closed - Opened by sbcd90 over 1 year ago

#402 - [Backport 2.7] Added 2.7 release notes.

Pull Request - State: closed - Opened by opensearch-trigger-bot[bot] over 1 year ago - 1 comment

#401 - Added 2.7 release notes.

Pull Request - State: closed - Opened by AWSHurneyt over 1 year ago - 1 comment
Labels: backport 2.7

#400 - Correlation rule api - Index and Delete

Pull Request - State: open - Opened by petardz over 1 year ago

#399 - [FEATURE]: Support logs from Kubernetes audit logs

Issue - State: open - Opened by praveensameneni over 1 year ago - 1 comment
Labels: enhancement, v2.8.0

#398 - [Backport 2.x] Handle monitor or monitor index not found during detector deletion

Pull Request - State: closed - Opened by opensearch-trigger-bot[bot] over 1 year ago - 1 comment

#397 - [Backport 2.x] Handle index not exists for detector search and delete

Pull Request - State: closed - Opened by opensearch-trigger-bot[bot] over 1 year ago - 1 comment

#396 - Handle index not exists for detector search and delete

Pull Request - State: closed - Opened by eirsep over 1 year ago - 1 comment
Labels: backport 2.x, backport 2.5

#395 - [support coreruleset]

Issue - State: open - Opened by zffocussss over 1 year ago - 1 comment
Labels: enhancement

#394 - Extended detector use-cases to consider the workflow

Pull Request - State: closed - Opened by stevanbz over 1 year ago - 3 comments

#393 - [FEATURE] Custom Rule field mappings should be provided while configuring detector

Issue - State: open - Opened by jinalp-crest over 1 year ago - 1 comment
Labels: enhancement

#392 - [BUG] Findings not getting generated for the nested JSON data

Issue - State: closed - Opened by jinalp-crest over 1 year ago - 4 comments
Labels: bug

#391 - [BUG] Import rule functionality of Security Analytics not working

Issue - State: open - Opened by jinalp-crest over 1 year ago - 1 comment
Labels: bug

#390 - External Rule Sourcer (SigmaHQ github)

Pull Request - State: open - Opened by petardz over 1 year ago

#389 - upgrade main to 3.0.0

Pull Request - State: closed - Opened by sbcd90 over 1 year ago - 1 comment

#388 - opensearch-2.5.0-SNAPSHOT.jar: 1 vulnerabilities (highest severity is: 9.8) - autoclosed

Issue - State: closed - Opened by mend-for-github-com[bot] over 1 year ago - 2 comments
Labels: Mend: dependency security vulnerability

#387 - 2.7 bump

Pull Request - State: closed - Opened by stevanbz over 1 year ago - 2 comments

#386 - 2.7 bump

Pull Request - State: closed - Opened by stevanbz over 1 year ago

#385 - Bumped version to 2.7.

Pull Request - State: closed - Opened by AWSHurneyt over 1 year ago - 3 comments
Labels: v2.7.0

#384 - Handle monitor or monitor index not found during detector deletion

Pull Request - State: closed - Opened by eirsep over 1 year ago - 2 comments
Labels: backport 2.x, backport 2.5

#383 - Release version 2.7.0

Issue - State: open - Opened by gaiksaya over 1 year ago
Labels: v2.7.0

#382 - [Refactor] XContent from common to core namespace

Issue - State: closed - Opened by nknize over 1 year ago - 4 comments
Labels: enhancement, v2.7.0

#381 - added wrapper around rollover API to include min_docs condition

Pull Request - State: open - Opened by petardz over 1 year ago

#380 - [BUG] - Missing Sigma field CommandLine for Windows category

Issue - State: open - Opened by fquinino over 1 year ago - 16 comments
Labels: bug

#379 - [FEATURE] Introduce min_docs settings for rollover logic of findings/alerting indices

Issue - State: open - Opened by petardz over 1 year ago
Labels: enhancement

#378 - [BUG] Detector deletion fails if underlying monitor deletion fails or is not found

Issue - State: closed - Opened by eirsep over 1 year ago - 1 comment
Labels: bug, v2.7.0

#377 - [BUG] Security analytics plugin ignores service property of logsource and generates false positives for service-specific Sigma rules

Issue - State: open - Opened by belendax over 1 year ago - 2 comments
Labels: bug

#319 - [BUG] Failed to create detector: [security_analytics_exception] analyzer [rule_analyzer] has not been configured in mappings

Issue - State: closed - Opened by CyberAbwehr over 1 year ago - 17 comments
Labels: bug

GitHub / opensearch-project/security-analytics issues and pull requests