Alex-Devera/tpotce
1
0
Fork 0
mirror of https://github.com/telekom-security/tpotce.git synced 2025-04-29 11:48:52 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 1
1540 commits 8 branches 18 tags 388 MiB
Commit graph

137 commits

Author SHA1 Message Date
t3chn0m4g3
be918033e0 bump to ELK 7.7.0 2020-05-14 16:27:57 +00:00
t3chn0m4g3
680194adf7 prep for new listbot FQDN 2020-05-12 09:19:09 +00:00
Marco Ochse
ed73d83317
Update update.sh 2020-04-22 17:48:32 +02:00
Marco Ochse
a6c8d3d712
Update Dockerfile 2020-04-22 17:15:44 +02:00
Marco Ochse
1a7b3b3795
Load listbot data from OTC 2020-04-22 16:50:41 +02:00
t3chn0m4g3
73e1842c16 offload listbot from netlify CDN 2020-04-02 13:12:11 +00:00
t3chn0m4g3
df22adb45d bump elk stack to 7.6.1 2020-03-05 21:20:11 +00:00
t3chn0m4g3
07c68c85bb tweaking 2020-03-04 14:36:03 +00:00
t3chn0m4g3
f11ad6b523 tweaking 
ELK 7.6.0 is not ready for production, however it works if APM is enabled (disabled in config, so image wont build as precaution)
Remove SISSDEN from ewsposter, suricata
Bump suricata to 5.0.1
Alpine now support suricata incl. enabled JA3 support, move back to Alpine install
 2020-02-14 15:28:06 +00:00
t3chn0m4g3
5ce5911ec1 cleanup 2020-02-03 12:59:21 +00:00
t3chn0m4g3
b9da9f04af adjust default field 2020-02-03 12:18:43 +00:00
t3chn0m4g3
984ba958fb logstash template not upgraded 
with daily index enabled logstash will not be able to put new events into ES
simple solution, just deleting logstash template upon logstash start and leave it to logstash to upload the latest template
.
 2020-02-01 14:08:23 +00:00
t3chn0m4g3
64729f5064 remove ilm support, breaks existing index at upgrade 2020-01-31 15:50:34 +00:00
t3chn0m4g3
5a4724bcba elk 7.x dev test 2020-01-31 14:21:55 +00:00
t3chn0m4g3
fa0fdbb579 prepare for ELK migration to 7.x 2020-01-29 14:21:40 +00:00
t3chn0m4g3
f110eb08b0 prepare for mailoney json logging 2020-01-22 12:17:30 +00:00
t3chn0m4g3
1d0aad3b34 tweak logstash.conf for citrixhoneypot 2020-01-16 18:04:29 +00:00
t3chn0m4g3
a6ed6613a5 prepare citrixhoneypot for ELK integration 2020-01-16 15:13:58 +00:00
t3chn0m4g3
66bb9443f9 bump elk stack to 6.8.2 2019-08-28 11:49:03 +00:00
t3chn0m4g3
bc6e94d329 spiderfoot, head bump to latest master 2019-08-16 17:29:41 +00:00
t3chn0m4g3
bf39c0f5b2 bump elastic stack to 6.7.2 2019-08-15 15:38:12 +00:00
t3chn0m4g3
364831ae58 fix cd 2019-08-15 08:32:04 +00:00
t3chn0m4g3
31d7707d19 download instead of git pull 
download translation maps rather than running a git pull
translation maps will now be bzip2 compressed to reduce traffic to a minimum
fixes #432
 2019-08-14 14:43:47 +00:00
t3chn0m4g3
bbf226aeda remove glastopf 2019-06-03 19:57:50 +00:00
t3chn0m4g3
a7e553efe9 still working on fatt 2019-06-03 16:13:58 +00:00
t3chn0m4g3
f870c8e885 continue working on fatt 2019-06-03 10:22:07 +00:00
listbot
867bda6ad7 increase number of fields limit 
#382
 2019-05-31 15:34:29 +00:00
listbot
c09547e3a4 adjust group and permissions for /data 2019-05-08 11:16:48 +00:00
t3chn0m4g3
e8d8773863 tweaking 2019-03-19 11:08:23 +00:00
t3chn0m4g3
573ceb98a1 bump elk stack to 6.6.2, replace wget with aria2 to speed up d/l 2019-03-15 22:23:30 +00:00
t3chn0m4g3
6f30322ad5 prepare for honeypy 2019-03-10 18:15:59 +00:00
t3chn0m4g3
869f05ca8b cleanup 2019-03-01 21:08:36 +00:00
listbot
e1fe025dd7 remove fallback 2019-02-28 21:03:07 +00:00
listbot
728607a2da bump elk stack to 6.6.1 2019-02-28 14:52:42 +00:00
t3chn0m4g3
9664d7b6c3 kibana pin to alpine 3.8 2019-02-25 15:49:26 +00:00
t3chn0m4g3
4754526884 bump elk stack to 6.5.4 2019-01-14 20:41:08 +00:00
t3chn0m4g3
c4bae5f715 bump elk stack to 6.5.2 2018-12-10 17:25:46 +00:00
t3chn0m4g3
c7873554c3 prepare for adbhoney 2018-12-05 16:59:08 +00:00
t3chn0m4g3
1c8074bce3 update docs, screenshots 2018-11-24 01:05:21 +01:00
t3chn0m4g3
aa17604a7a change defaults for kibana.yml 2018-11-23 22:32:11 +00:00
t3chn0m4g3
5e8345695f bump elk stack to 6.5.1 
fix docker hub build
 2018-11-22 23:18:59 +00:00
t3chn0m4g3
ece169dd76 update docker-compose files 2018-11-21 09:26:31 +00:00
t3chn0m4g3
ed921d31f8 cleaning up 2018-11-19 12:34:07 +00:00
t3chn0m4g3
53383f7313 rename fields 2018-11-19 11:33:00 +00:00
t3chn0m4g3
5754c79086 clean up log sources 2018-11-13 15:46:57 +00:00
t3chn0m4g3
106193fac5 fix for CVE-2018-17244 2018-11-09 14:36:54 +00:00
t3chn0m4g3
c46d3e4f6f bump elk to 6.4.2 2018-10-12 16:07:20 +00:00
t3chn0m4g3
0c86bd9a5a tweaking 2018-09-11 12:19:26 +00:00
t3chn0m4g3
992d453b9a medpot tweaking 2018-09-11 07:59:14 +00:00
t3chn0m4g3
f0f6981f34 add medpot to ELK 2018-09-10 01:15:21 +00:00
Marco Ochse
79bb324a4a
rename conpot fields to match index pattern 2018-08-28 13:30:58 +02:00
Marco Ochse
d19d3823f6
prevent status field from being indexed as string 2018-08-28 12:41:11 +02:00
listbot
59c8c5b34c bump ELK to 6.4.0 
YES! Index patterns can finally exported through Kibana! A joy to the ELK world :-)
 2018-08-24 17:07:00 +00:00
t3chn0m4g3
a6d996d016 fix kibana ci color for highlighted elements 2018-08-02 17:36:11 +00:00
t3chn0m4g3
67d5c5a26c get FQDN for ES head from open window 2018-08-01 20:09:05 +00:00
t3chn0m4g3
7945961cee Bump ELK to 6.3.2 2018-07-31 14:31:49 +00:00
t3chn0m4g3
38112755ce Fix ci logo 2018-06-28 12:30:27 +00:00
t3chn0m4g3
00482df95b Bump ELK Stack to 6.3.0 2018-06-26 17:34:14 +00:00
Marco Ochse
b19aa6d5c8
update favicon 2018-06-26 10:09:33 +02:00
Marco Ochse
1dd57d8022 NGINX logs are in /data/nginx/log/ 
Syslog should be viewed in Cockpit now, storing events of Syslog in ELK
is ineffective
 2018-06-24 03:24:51 +02:00
Marco Ochse
d047d1edbb
disable 3rd party plugins 
At least one of them was corrupt on Github which seems unlikely, hence not trustworthy
 2018-06-13 19:20:52 +02:00
Marco Ochse
42577b6016 Editions 
start work on new editions
 2018-06-07 16:39:13 +02:00
Marco Ochse
37424eb541 cleanup 2018-05-29 12:06:20 +00:00
Marco Ochse
72313a600d include tanner patterns, tweaking 2018-05-29 12:05:07 +00:00
Marco Ochse
428ee43c18 prepare for tanner 2018-05-28 21:46:51 +00:00
Marco Ochse
5447978191 finetuning, tweaking 2018-05-16 14:57:52 +00:00
Marco Ochse
3bea740632 tweaking 2018-05-09 16:43:37 +00:00
Marco Ochse
a5745cbeb1 tweaking 2018-05-07 10:17:33 +00:00
Marco Ochse
b1fbcd9532 tweaking, hardening 2018-05-04 16:29:55 +00:00
Marco Ochse
40244d3bcb ciscoasa, tweaking, hardening, logging, logstash 2018-04-27 23:10:45 +00:00
Marco Ochse
dbd78921c9 ci colors 2018-04-24 14:03:57 +00:00
Marco Ochse
4bac26bef9 set magenta color 2018-04-23 17:16:17 +00:00
Marco Ochse
5e5723334e add kibana visualization fixes 
thank you @robcowart
 2018-04-23 12:29:38 +00:00
Marco Ochse
89d31ffbe0 finalize elk6.x docker images 
continue working on elk6.x helper scripts
cleaning up
 2018-04-20 21:22:46 +00:00
Marco Ochse
fd40fc96a6 elk 6.x 
start adjusting helper scripts for elk 6.x
migrate patterns, dashboards, viz, search, etc.
tweaking
 2018-04-19 22:38:45 +00:00
Marco Ochse
6e072980a0 start on elk6.x 2018-04-18 15:21:32 +00:00
Marco Ochse
d1756fa934 playing with signals 2018-04-16 23:25:50 +00:00
Marco Ochse
446880de55 tweaking 2018-04-16 22:05:16 +00:00
Marco Ochse
2f6a8014bc tweaking, hardening 2018-03-31 15:18:28 +00:00
Marco Ochse
c9a33870ff prep for 18.04 2018-03-25 18:35:32 +00:00
Marco Ochse
d2f1a27908 update elk stack to 5.6.5 2018-01-15 13:34:17 +00:00
Marco Ochse
c28dfa6bc7 update elk stack to 5.6.5 2018-01-15 13:33:48 +00:00
Marco Ochse
50d1c212ad Continue cleaning up 2017-10-23 13:10:47 +02:00
Marco Ochse
46264774b3 Start cleaning up and update documentation 2017-10-23 13:02:04 +02:00
Marco Ochse
70f75d51ee remove listbot sources 2017-10-21 16:32:14 +02:00
Marco Ochse
f2880ec3d6 refine ip matching 
fix regex to only match IPs at the beginning of a line
 2017-10-21 16:00:03 +02:00
Marco Ochse
0d5d80b1e3 include docker repos 
... skip emobility since it is a dev repo
 2017-10-13 18:58:14 +00:00