issues
search
OTRF
/
OSSEM
Open Source Security Events Metadata (OSSEM)
MIT License
1.23k
stars
214
forks
source link
issues
Newest
Newest
Most commented
Recently updated
Oldest
Least commented
Least recently updated
user_logon_id was improperly formatted
#27
zackpayton
closed
5 years ago
0
According to the Microsoft source document linked TokenElevationType …
#26
zackpayton
closed
5 years ago
0
hash_sha256 field misspelled.
#25
zackpayton
closed
5 years ago
0
Can we standardize on ISO 8601 for all date formats where applicable?
#24
zackpayton
closed
3 years ago
1
alt field in event log illustration is incorrect.
#23
zackpayton
closed
5 years ago
0
Adding initial phase of CrowdStrike data_dictionaries and Sysmon/Carbon Black Data Model Images
#22
jaredcatkinson
closed
5 years ago
1
Added WDATP dictionaries and updated process, registry, and host entities
#21
jaredcatkinson
closed
5 years ago
1
Updated process entity documentation
#20
jaredcatkinson
closed
5 years ago
3
Common model network additions
#19
chills42
closed
5 years ago
1
Update ip.md
#18
neu5ron
closed
5 years ago
1
Added the relationships from the attackcon google sheet as markdown table
#17
jaredcatkinson
closed
5 years ago
0
adding standardized names to carbon black fields
#16
jaredcatkinson
closed
5 years ago
1
updated carbon black dictionaries to incude processblock & tamper events
#15
jaredcatkinson
closed
5 years ago
0
Fixing a couple typos in OSQuery File Table and added a Carbon Black README
#14
jaredcatkinson
closed
5 years ago
1
Adding Carbon Black Datasets to OSSEM
#13
jaredcatkinson
closed
5 years ago
1
Create firewall.md
#12
Demondep
closed
4 years ago
2
Add destination IPv6
#11
solhuebner
closed
6 years ago
0
Add source IPv6
#10
solhuebner
closed
6 years ago
1
Added ip_proto field to IP Schema
#9
Demondep
closed
6 years ago
2
removed source annotation
#8
olafhartong
closed
6 years ago
1
adjusted event_creation_time field to proper value
#7
olafhartong
closed
6 years ago
2
added target_process_address for mem injections
#6
olafhartong
closed
6 years ago
0
added initiated field
#5
olafhartong
closed
6 years ago
1
Added some Get-SOHostData data dictionaries
#4
jaredcatkinson
closed
6 years ago
1
Simplify port fields by dropping _number
#3
grogsaxle
closed
6 years ago
1
registry objects
#2
bfuzzy
closed
6 years ago
0
added powershell w/o descriptions
#1
bfuzzy
closed
6 years ago
1
Previous