issues
search
Cargill
/
OpenSIEM-Logstash-Parsing
SIEM Logstash parsing for more than hundred technologies
Apache License 2.0
181
stars
40
forks
source link
issues
Newest
Newest
Most commented
Recently updated
Oldest
Least commented
Least recently updated
Addes parsing for WEF event id 33205
#559
brian-grabau
closed
1 day ago
0
Update for ProofPoint pod log to include mime types
#558
brian-grabau
closed
3 days ago
0
removed event.created,message field removes; updated date match patterns
#557
lyradc
closed
2 weeks ago
0
Fix for Guardduty missing dataset
#556
brian-grabau
closed
2 weeks ago
0
removed 96_ecs, rnmd output to 96
#555
lyradc
closed
2 weeks ago
0
Mapped security groups for AWS Guarduty
#554
brian-grabau
closed
2 weeks ago
0
Will now handle non-split and split message field examples
#553
brian-grabau
closed
2 weeks ago
0
move removed tmp field up in Azure interactive sign in
#552
brian-grabau
closed
2 weeks ago
0
Added replayc message after split in Azure singin logs
#551
brian-grabau
closed
2 weeks ago
0
Azure Interactive signin split was incorrect
#550
brian-grabau
closed
2 weeks ago
0
Aws app error
#549
brian-grabau
closed
2 weeks ago
0
Added ecs checks after enrichments to remove bad fields from enrichments
#548
brian-grabau
closed
2 weeks ago
0
Fix field alignment for syncplicity
#547
brian-grabau
closed
2 weeks ago
0
Added additional mappings and improved parsing
#546
brian-grabau
closed
2 weeks ago
0
updated misp memcache tacs to be unqueue
#545
brian-grabau
closed
1 month ago
0
reordered enrichments for dns lookups
#544
brian-grabau
closed
1 month ago
0
Removed field with wrong data in cisco router
#543
brian-grabau
closed
1 month ago
0
cisco_router_fix
#542
MehaSal
closed
1 month ago
0
Tenable SC handed hostname depending netobios vs dns
#541
brian-grabau
closed
1 month ago
0
added vuln id split to teanable_sc
#540
brian-grabau
closed
1 month ago
0
adding vuln cve parsing
#539
MehaSal
closed
1 month ago
0
adding vuln cve parsing
#538
MehaSal
closed
1 month ago
1
Added parsing for cisco router acl logs
#537
brian-grabau
closed
1 month ago
0
Updated Cloud trail Parsing to mapp out addtional needed data
#536
brian-grabau
closed
1 month ago
0
regex update to match - in domain
#535
kritikashahi
closed
1 month ago
0
fixed grok field in url enrichment
#534
kritikashahi
closed
1 month ago
0
updated url enrichment to work more consistently
#533
brian-grabau
closed
2 months ago
0
interactive signin was missing dataset
#532
brian-grabau
closed
2 months ago
0
Remapped user fields
#531
brian-grabau
closed
2 months ago
0
Infoblox dns errors and queries
#530
brian-grabau
closed
2 months ago
0
Added remove host to rsyslog incase ecs is not configured correctly
#529
brian-grabau
closed
2 months ago
0
Fixed AWS app improper file field nesting
#528
brian-grabau
closed
2 months ago
0
handled urls with ts= and added error log parsing
#527
brian-grabau
closed
2 months ago
0
Removed square brackets from data in SWG
#526
brian-grabau
closed
2 months ago
0
Added addtional date parsing for SWG formats
#525
brian-grabau
closed
2 months ago
0
Updated UIL parsing to match additional url patterns
#524
brian-grabau
closed
2 months ago
0
adjusted host_split enrich
#523
lyradc
closed
2 months ago
0
Revert "upated AWS app to drop invalid host.ips"
#522
brian-grabau
closed
2 months ago
0
added remove blank entries on related_ip
#521
lyradc
closed
2 months ago
0
reordered related ip and host
#520
brian-grabau
closed
2 months ago
0
dns enrich: log.source.hostname to only accept single value
#519
lyradc
closed
2 months ago
0
DNS enrich fix
#518
lyradc
closed
2 months ago
0
upated AWS app to drop invalid host.ips
#517
brian-grabau
closed
2 months ago
0
Added look up for SkyHigh API locations
#516
brian-grabau
closed
3 months ago
0
Updated SWG to KV to provide better match
#515
brian-grabau
closed
3 months ago
0
trying to fix event.dataset missing field
#514
MehaSal
closed
3 months ago
0
Updated SWG for better performance
#513
brian-grabau
closed
3 months ago
0
Revert "Updated SWG to support virus and some inconsistencies"
#512
MehaSal
closed
3 months ago
0
Updated SWG to support virus and some inconsistencies
#511
brian-grabau
closed
3 months ago
0
Updated ProofPoint Pod Time Zone offset
#510
brian-grabau
closed
3 months ago
0
Next