chronicle detection-rules issues

chronicle / detection-rules

Collection of YARA-L 2.0 sample rules for the Chronicle Detection API

https://chronicle.security

Apache License 2.0

274 stars 64 forks source link

issues

Newest

Newest Most commented Recently updated Oldest Least commented Least recently updated

update permission info in rule manager readme

#68 copybara-service[bot] closed 5 days ago
0
.env Rule Manager

#67 sat-tp closed 1 week ago
4
fix url for example github actions workflow files

#66 copybara-service[bot] closed 1 month ago
0
add example github actions workflow files

#65 copybara-service[bot] closed 1 month ago
0
chronicle_auth.py doesn't read in dotenv environment variable

#64 Bacon-404 closed 1 month ago
12
No public description

#63 copybara-service[bot] closed 2 months ago
0
group events by user id, github enterprise name, and github org name

#62 copybara-service[bot] closed 2 months ago
0
Added YARAL for malware SOGU

#61 Rommel-J opened 2 months ago
1
Detection for SOGU malware

#60 Rommel-J closed 2 months ago
1
Update google_workspace_malicious_file_downloaded.yaral

#59 Khipu-Bishal opened 2 months ago
1
Test pull request 1

#58 threatpunter opened 2 months ago
1
Add YARA-L rules for GitHub Enterprise audit logs

#57 copybara-service[bot] closed 2 months ago
0
add documentation for test-rule command

#56 copybara-service[bot] closed 3 months ago
0
add support to test a YARA-L rule via Chronicle's REST API without persisting results in Chronicle.

#55 copybara-service[bot] closed 3 months ago
0
Rule_manager - Unable to rename remote rules

#54 curiousghost closed 3 months ago
3
add support to manage reference lists in Chronicle and use Pydantic for data validation and manipulation.

#53 copybara-service[bot] closed 4 months ago
0
Add option to skip archived rules

#52 threat-punter closed 2 months ago
0
fix typos

#51 copybara-service[bot] closed 4 months ago
0
Rule_Manager - Skip archived Rules flag

#50 the2dl opened 4 months ago
7
Fix typos

#49 dandye closed 5 months ago
0
add link to blog post. add note on best practices for handling service account key

#48 copybara-service[bot] closed 5 months ago
0
No public description

#47 copybara-service[bot] closed 3 months ago
0
update readme and make minor improvements

#46 copybara-service[bot] closed 5 months ago
0
Adding new GCP YARA-L Detection Rules

#45 copybara-service[bot] closed 5 months ago
0
Fixing typo for Chrome Management Safe Browsing events

#44 copybara-service[bot] closed 6 months ago
0
fix typo in meta section

#43 copybara-service[bot] closed 6 months ago
0
No public description

#42 copybara-service[bot] closed 6 months ago
0
fix error in rule description

#41 copybara-service[bot] closed 6 months ago
0
Move 3 rules from GuardDuty folder to CloudTrail folder

#40 copybara-service[bot] closed 6 months ago
0
Remove the gcp_cloudaudit/ rules as they are superseded by Curated Detection rules and/or they can be re-created under community/

#39 copybara-service[bot] closed 6 months ago
0
Remove the google_workspace/ rules, as they are superseded by the community/workspace rules

#38 copybara-service[bot] closed 6 months ago
0
add example code for managing rules via chronicle api

#37 copybara-service[bot] closed 5 months ago
0
Add rules for O365/EntraID/ADFS

#36 copybara-service[bot] closed 6 months ago
0
Add rules for Amazon Web Services (AWS) CloudTrail and GuardDuty

#35 copybara-service[bot] closed 6 months ago
0
Add rules for Google Workspace

#34 copybara-service[bot] closed 6 months ago
0
Adding Google Workspace rules

#33 copybara-service[bot] closed 6 months ago
0
add contribution guidelines and rule style guide

#32 copybara-service[bot] closed 6 months ago
0
Add rule for Chrome Management Safe Browsing events

#31 copybara-service[bot] closed 6 months ago
0
Incorrect "allowed" should be "ALLOW"

#30 fryguy04 opened 7 months ago
1
Add rule for DNS query to typosquatting domain

#29 copybara-service[bot] closed 8 months ago
0
Adding Chronicle Dashboards folder under Community and Our Dashboard

#28 copybara-service[bot] closed 8 months ago
0
Updating deprecated fields in GCP rules

#27 shamo0 opened 9 months ago
0
Updating deprecated fields in GCP rules

#26 shamo0 closed 9 months ago
1
Add Okta Rules

#25 copybara-service[bot] closed 11 months ago
0
Add CISA Living off the Land Recon rules and GCTI Remote Access Tools rule

#24 copybara-service[bot] closed 11 months ago
0
Add community folder with new rules for entity graph and more

#23 copybara-service[bot] closed 1 year ago
0
Updates to rules on gcp_cloudaudit and soc_prime_rules

#22 bluPhy opened 1 year ago
0
Internal change

#21 copybara-service[bot] closed 1 year ago
0
Replace .src. with .principal.

#20 shapor closed 1 year ago
0
Adding a rule to detect network connections to Tor Exit Nodes.

#19 copybara-service[bot] closed 1 year ago
0