outflanknl/RedELK issues and pull requests

#96 - Added release-drafter config

Pull Request - State: closed - Opened by fastlorenzo almost 4 years ago

#95 - Fixed release note pipeline

Pull Request - State: closed - Opened by fastlorenzo almost 4 years ago
Labels: githubci

#94 - Docker CI/CD workflows update

Pull Request - State: closed - Opened by fastlorenzo almost 4 years ago - 1 comment
Labels: documentation, githubci

#93 - Add docker deployment for prod

Pull Request - State: closed - Opened by fastlorenzo almost 4 years ago - 1 comment
Labels: elkserver, documentation, installer

#92 - adjust the docker files for non dev (full and limited) to use the right docker tags.

Issue - State: closed - Opened by xychix almost 4 years ago - 1 comment

#91 - create the redelk images in docker

Issue - State: closed - Opened by xychix almost 4 years ago - 3 comments

#90 - full integration test of the entire set

Issue - State: closed - Opened by xychix almost 4 years ago

#89 - Add and implement env.tmpl

Issue - State: closed - Opened by xychix almost 4 years ago

#88 - Update of alarms using old query names

Pull Request - State: closed - Opened by xychix almost 4 years ago
Labels: elkserver, docker

#87 - fix in alarm useragens - bad refactoring

Pull Request - State: closed - Opened by xychix almost 4 years ago
Labels: elkserver, docker

#86 - Tls certs env

Pull Request - State: closed - Opened by fastlorenzo almost 4 years ago
Labels: elkserver, installer, docker

#85 - Logstash full cert path as variable

Issue - State: closed - Opened by fastlorenzo almost 4 years ago - 3 comments

#84 - Update traffic dashboard

Issue - State: closed - Opened by fastlorenzo almost 4 years ago - 1 comment
Labels: enhancement

#83 - Several fixes in alarm and enrich

Pull Request - State: closed - Opened by fastlorenzo almost 4 years ago
Labels: elkserver, docker

#82 - [dev] Add sample data ingestor

Pull Request - State: closed - Opened by fastlorenzo almost 4 years ago - 1 comment
Labels: elkserver, installer

#81 - Kibana fixes

Pull Request - State: closed - Opened by fastlorenzo almost 4 years ago
Labels: elkserver, docker

#80 - Removed SendMail.py (now part of email connector)

Pull Request - State: closed - Opened by fastlorenzo almost 4 years ago
Labels: elkserver, docker

#79 - Added TLS support for nginx

Pull Request - State: closed - Opened by fastlorenzo almost 4 years ago - 1 comment
Labels: elkserver, installer

#78 - Add HTTPS to Nginx proxy

Issue - State: closed - Opened by fastlorenzo almost 4 years ago - 4 comments

#77 - Maindev py alarms

Pull Request - State: closed - Opened by xychix almost 4 years ago
Labels: elkserver, docker

#76 - Create production docker-compose files

Issue - State: closed - Opened by fastlorenzo almost 4 years ago

#75 - Migrate alarm_useragent to new format

Issue - State: closed - Opened by fastlorenzo almost 4 years ago - 5 comments

#74 - Migrate alarm_httptraffic to new format

Issue - State: closed - Opened by fastlorenzo almost 4 years ago - 5 comments

#73 - CI/CD pipeline automation for release/changelog

Pull Request - State: closed - Opened by fastlorenzo almost 4 years ago

#72 - Maindev upgrade alarm_lastline to new format

Pull Request - State: closed - Opened by xychix almost 4 years ago

#71 - Updated docker build

Pull Request - State: closed - Opened by fastlorenzo almost 4 years ago - 2 comments
Labels: elkserver, documentation, installer, docker, githubci

#70 - Fix alarm email template

Issue - State: closed - Opened by fastlorenzo almost 4 years ago - 1 comment
Labels: enhancement, elkserver, alarm

#69 - Add last_checked and last_alarmed per alarm

Pull Request - State: closed - Opened by fastlorenzo almost 4 years ago

#68 - Updated alarm

Pull Request - State: closed - Opened by fastlorenzo almost 4 years ago

#67 - Updated alarms

Pull Request - State: closed - Opened by fastlorenzo almost 4 years ago

#66 - Changes in alarm handling

Pull Request - State: closed - Opened by fastlorenzo almost 4 years ago

#65 - Ingest IDS logs

Issue - State: closed - Opened by dmaynor almost 4 years ago - 7 comments

#64 - Fixed detection rule import

Pull Request - State: closed - Opened by fastlorenzo almost 4 years ago

#63 - Support for Mythic C2

Issue - State: open - Opened by andrewchiles almost 4 years ago - 12 comments
Labels: enhancement, c2servers

#62 - Support for Mythic C2 framework

Issue - State: closed - Opened by andrewchiles almost 4 years ago - 1 comment

#61 - Added config for notifications

Pull Request - State: closed - Opened by fastlorenzo almost 4 years ago

#60 - Docker Unknown Flag

Issue - State: closed - Opened by Ne0nd0g almost 4 years ago - 1 comment

#59 - Invalid Docker Flag

Issue - State: closed - Opened by Ne0nd0g almost 4 years ago - 4 comments

#58 - MS Teams connector support

Pull Request - State: closed - Opened by fastlorenzo almost 4 years ago - 3 comments

#57 - Fixed installer script for Kibana settings

Pull Request - State: closed - Opened by fastlorenzo almost 4 years ago

#56 - Updates on helper script and Kibana objects

Pull Request - State: closed - Opened by fastlorenzo almost 4 years ago

#55 - Missing ES index templates

Issue - State: closed - Opened by fastlorenzo almost 4 years ago - 3 comments

#54 - Fix ES template for redirtraffic

Issue - State: closed - Opened by fastlorenzo almost 4 years ago - 1 comment

#53 - Standardize RedELK scripts logging

Issue - State: open - Opened by fastlorenzo almost 4 years ago - 3 comments
Labels: enhancement

#52 - Added Jupyter notebook in dashboards

Pull Request - State: closed - Opened by fastlorenzo almost 4 years ago

#51 - Logging format required for Nginx?

Issue - State: closed - Opened by lez0sec almost 4 years ago - 1 comment

#50 - Added Kibana helper script

Pull Request - State: closed - Opened by fastlorenzo almost 4 years ago

#49 - Unable to view any teamserver data in Kibana

Issue - State: closed - Opened by 6r0k3d about 4 years ago - 41 comments

#48 - Hardcode version nr docker images in install-elkserver.sh

Issue - State: closed - Opened by MarcOverIP about 4 years ago - 2 comments
Labels: enhancement

#47 - Duplicated CS credentials

Issue - State: closed - Opened by fastlorenzo about 4 years ago

#46 - c2.message should be text type and not keyword

Issue - State: closed - Opened by fastlorenzo about 4 years ago - 1 comment

#45 - Automate searching for valuable info in downloaded files and keystrokes

Issue - State: open - Opened by MarcOverIP about 4 years ago - 1 comment
Labels: enhancement, help wanted

#44 - Cobalt Strike ssh logs not ingested

Issue - State: closed - Opened by MarcOverIP about 4 years ago - 1 comment
Labels: bug

#43 - User-Agent parsing in redir info

Issue - State: closed - Opened by MarcOverIP about 4 years ago - 10 comments
Labels: enhancement, help wanted

#42 - Verify if can be cleaned or removed

Issue - State: closed - Opened by MarcOverIP about 4 years ago - 5 comments
Labels: help wanted

#41 - New alarms

Issue - State: closed - Opened by MarcOverIP about 4 years ago - 3 comments
Labels: enhancement, help wanted

#40 - Fixed elasticsearch template import + missing kibana objects

Pull Request - State: closed - Opened by fastlorenzo about 4 years ago

#39 - Update redelk-redir-nginx.conf

Pull Request - State: closed - Opened by sunnyneo about 4 years ago - 1 comment

#38 - Replace rssh with rush

Pull Request - State: closed - Opened by dmaasland about 4 years ago - 1 comment

#37 - Rename fields to match ECS naming convention + add dashboards

Pull Request - State: closed - Opened by fastlorenzo about 4 years ago - 1 comment

#36 - Using logstash queries to enrich log entries

Issue - State: closed - Opened by fastlorenzo about 4 years ago - 3 comments

#35 - Adding additional dashboards

Issue - State: closed - Opened by fastlorenzo about 4 years ago - 2 comments

#34 - Adding the user that initiated a task on the task log entry

Issue - State: closed - Opened by fastlorenzo about 4 years ago - 3 comments

#33 - HTTP status code should be INT instead of POSINT

Issue - State: closed - Opened by MarcOverIP about 4 years ago - 1 comment

#32 - Added support for CS 4.1 logs

Pull Request - State: closed - Opened by fastlorenzo about 4 years ago - 3 comments

#31 - Nginx config: small fix for via header and backend var

Pull Request - State: closed - Opened by DrMeosch about 4 years ago - 3 comments

#30 - help for install

Issue - State: closed - Opened by meetgyn over 4 years ago - 1 comment

#29 - asn1 encoding routines:ASN1_mbstring_ncopy:string too long:../crypto/asn1/a_mbstr.c:107:maxsize=2

Issue - State: closed - Opened by xiongcancaom over 4 years ago - 1 comment

#28 - Added Nginx support

Pull Request - State: closed - Opened by sunnyneo over 4 years ago - 2 comments

#27 - ASN lookup in case of CDN not correct

Issue - State: closed - Opened by MarcOverIP over 4 years ago - 2 comments

#26 - Missing filebeat.yml

Issue - State: closed - Opened by curi0usJack over 4 years ago - 1 comment

#25 - Added initial PoshC2 integration to RedELK

Pull Request - State: closed - Opened by benpturner over 4 years ago - 3 comments

#24 - LOGSTASH SSL INTERNAL ERROR WRONG VERSION NUMBER

Issue - State: closed - Opened by trufardo over 4 years ago - 4 comments

#23 - Support for Covenant C2 framework

Issue - State: open - Opened by MarcOverIP over 4 years ago - 4 comments
Labels: enhancement, help wanted, c2servers

#22 - Support for PoshC2

Issue - State: open - Opened by MarcOverIP over 4 years ago - 28 comments
Labels: enhancement, help wanted, c2servers

#21 - Merge request for

Pull Request - State: closed - Opened by MarcOverIP over 4 years ago

#20 - CS4.0 update for beaconID

Pull Request - State: closed - Opened by MarcOverIP almost 5 years ago

#19 - New beacon message for Cobalt Strike v4

Pull Request - State: closed - Opened by MarcOverIP almost 5 years ago - 1 comment

#18 - Create optumshadow repo

Pull Request - State: closed - Opened by optum-shadow almost 5 years ago

#17 - Update enrich.py

Pull Request - State: closed - Opened by xychix almost 5 years ago

#16 - Logstash SSL issue

Issue - State: closed - Opened by ashu2188 about 5 years ago - 3 comments

#15 - Cobalt Strike 3.14 log parsing support

Pull Request - State: closed - Opened by fastlorenzo about 5 years ago - 5 comments

#14 - Added RedELK support for empire

Pull Request - State: closed - Opened by justsly about 5 years ago - 3 comments

#13 - Cobalt Strike 3.14 logging format changed, breaks logstash filter rules

Issue - State: closed - Opened by MarcOverIP over 5 years ago - 1 comment

#12 - Certificates for logstash need to be owned by logstash user

Issue - State: closed - Opened by sriese over 5 years ago - 2 comments

#11 - Limit privileges or permission to user ?

Issue - State: closed - Opened by clock-workorange over 5 years ago - 3 comments

#10 - example on how to use the re-director server and geo ip location

Issue - State: closed - Opened by alecmoran1 over 5 years ago - 2 comments

#9 - fix a few typos

Pull Request - State: closed - Opened by paralax over 5 years ago - 1 comment

#8 - "Date" header should be set on outgoing emails

Pull Request - State: closed - Opened by fastlorenzo almost 6 years ago - 1 comment

#7 - Some Comments and Suggestions

Issue - State: open - Opened by neu5ron almost 6 years ago - 7 comments
Labels: enhancement, help wanted

#6 - Kibana does not show target_user, target_hostname

Issue - State: closed - Opened by nikonc almost 6 years ago - 2 comments

#5 - Fixed typo in EOF notation

Pull Request - State: closed - Opened by fastlorenzo almost 6 years ago - 1 comment

#4 - fixing two typos

Pull Request - State: closed - Opened by justsly almost 6 years ago - 2 comments

#3 - fixed missing useragent in regex

Pull Request - State: closed - Opened by justsly almost 6 years ago - 2 comments

#2 - fixing folder does not exist error

Pull Request - State: closed - Opened by justsly almost 6 years ago

#1 - Fix readme typo

Pull Request - State: closed - Opened by erjanmx almost 6 years ago

GitHub / outflanknl/RedELK issues and pull requests