cisagov Malcolm issues - Githubissues

cisagov / Malcolm

Malcolm is a powerful, easily deployable network traffic analysis tool suite for full packet capture artifacts (PCAP files), Zeek logs and Suricata alerts.

https://cisagov.github.io/Malcolm/

Other

1.97k stars 331 forks source link

issues

Newest

Newest Most commented Recently updated Oldest Least commented Least recently updated

Not Populate Malcolm_beats_*

#508 devilman85 opened 1 hour ago
0
The Suricata alert did not appear on the dashboard

#507 alleniverson33 opened 7 hours ago
0
updates to documentation for Docker-based installation examples

#506 mmguero opened 1 day ago
1
yes/no/back dialog buttons in install/configure scripts don't work correctly on Ubuntu 22.04

#505 mmguero opened 1 day ago
1
prompt during configuration whether to enable capture statistics

#504 mmguero closed 16 hours ago
0
Issue regarding installation of netbox

#503 S1ubb closed 1 day ago
1
extend intel.log with additional fields using corelight/ExtendIntel

#502 mmguero opened 2 days ago
0
somehow NetBox gets into a read-only mode

#501 mmguero opened 2 days ago
0
Forward Logstash logs to a secondary remote document store

#497 devilman85 closed 4 days ago
1
bring netbox up-to-date with the current released version

#496 mmguero closed 16 hours ago
1
use new arkime tag-hiding feature to hide netbox tag from UI

#495 mmguero opened 1 week ago
0
Mandiant threat intel source doesn't get split correctly when using JSON zeek log format

#494 mmguero opened 1 week ago
0
Malcolm v24.11.0

#493 mmguero closed 3 days ago
0
fixed errors when running appliance packager on macOS

#492 robrui closed 3 days ago
2
standardize container health checks into scripts for all docker containers

#491 mmguero opened 2 weeks ago
1
uploading zeek log files with rolled-over filenames including the date don't get the log type detected correctly

#490 mmguero opened 2 weeks ago
0
Opensearch running abnormally

#489 alleniverson33 closed 1 week ago
3
Add ingest-stats API

#488 mmguero closed 2 weeks ago
0
OpenSearch to Splunk export/searching capabilities

#487 mmguero opened 2 weeks ago
1
automated testing

#486 mmguero opened 2 weeks ago
0
investigate Strelka for file scanning

#485 mmguero opened 2 weeks ago
0
not parsing Profinet Real-Time Protocol directly on ethernet frame

#484 mmguero opened 2 weeks ago
3
install.py should recommend different settings for minimal memory instances, if possible

#483 mmguero opened 2 weeks ago
0
support HTTP proxy for geoip database, rule updates, etc.

#482 mmguero opened 2 weeks ago
0
replace logstash with fluentd

#481 mmguero opened 2 weeks ago
2
AIDE false positives in ISO-installed Hedgehog and Malcolm

#480 mmguero opened 2 weeks ago
1
optimize OpenSearch index storage

#479 mmguero opened 2 weeks ago
0
Compare NetBox inventory with database of known vulnerabilities

#478 mmguero opened 2 weeks ago
6
Populate NetBox inventory via active discovery

#477 mmguero opened 2 weeks ago
3
allow forwarding setup to specify Malcolm connection information in one place (vs. three)

#476 mmguero opened 2 weeks ago
0
Integrate Sigma rules via OpenSearch Security Analytics

#475 mmguero opened 2 weeks ago
4
Live capture on AWS using VPC traffic mirroring

#474 mmguero opened 2 weeks ago
2
kubernetes (next steps) - helm chart(s)

#473 mmguero opened 2 weeks ago
3
kubernetes - check out filebeat on network volumes

#472 mmguero opened 2 weeks ago
0
support configuration for and enabling of TLS decryption for Zeek

#471 mmguero opened 2 weeks ago
0
suport PCAP files with 802.11 packet structure

#470 mmguero opened 2 weeks ago
1
Kubernetes - Document how to get running on Azure Kubernetes Service (AKS)

#469 mmguero opened 2 weeks ago
0
Support and document receiving cloud logs

#468 mmguero opened 2 weeks ago
0
NetFlow v9 input

#467 mmguero opened 2 weeks ago
1
OpenSearch report export to PDF/PNG fails on Firefox with some dashboards

#466 mmguero opened 2 weeks ago
3
examine default OpenSearch Dashboards dashboard

#465 mmguero opened 2 weeks ago
1
Add PCAP-over-IP support

#464 mmguero opened 2 weeks ago
0
examine tables in dashboards for sort column

#463 mmguero opened 2 weeks ago
0
allow uploading compressed PCAP files

#462 mmguero opened 2 weeks ago
0
investigate Zeek's javascript MISP interface as an improvement to existing Zeek intel MISP integration

#461 mmguero opened 2 weeks ago
2
fine-grained access controls

#460 mmguero opened 2 weeks ago
0
Single Sign On (SSO)

#459 mmguero opened 2 weeks ago
2
UI for backing up/restoring entire netbox configuration

#458 mmguero opened 2 weeks ago
0
improve efficiency of Suricata processing uploaded PCAP files

#457 mmguero opened 2 weeks ago
0
integrate BSI ot-parsers

#456 mmguero opened 2 weeks ago
0