idaholab Malcolm issues

idaholab / Malcolm

Malcolm is a powerful, easily deployable network traffic analysis tool suite for full packet capture artifacts (PCAP files), Zeek logs and Suricata alerts.

https://idaholab.github.io/Malcolm/

Other

326 stars 53 forks source link

issues

Newest

Newest Most commented Recently updated Oldest Least commented Least recently updated

determine difference in storage space based on enabling/disabling features

#510 mmguero opened 3 days ago
0
indicators based on JA4+ hashes

#509 mmguero opened 4 days ago
0
provide configuration option in local.zeek to set number of packets for ja4ssh.log

#508 mmguero opened 4 days ago
0
Malcolm v24.06.0

#507 mmguero closed 4 days ago
0
code cleanup: rename zeek fields to ECS rather than just merge

#506 mmguero opened 5 days ago
1
Integrate Fox-IO JA4 Plugin

#505 piercema closed 4 days ago
1
enrichment for Arkime data

#504 mmguero opened 5 days ago
0
air gapped environment

#503 devilman85 opened 5 days ago
0
Not bug, missing documentation

#502 y0d4a opened 5 days ago
0
netbox enrichment for non-network data in Logstash

#501 mmguero opened 5 days ago
0
resolve errors for and update nginx-proxy to alpine 3.20

#500 mmguero opened 1 week ago
0
invalid (?) DNS on host can interfere with container resolution in dashboards-helper container

#499 mmguero opened 1 week ago
0
implement some sort of system/hardware estimator

#498 mmguero opened 1 week ago
0
file extraction/scanning with AssemblyLine

#497 mmguero opened 1 week ago
0
anonymized intelligence sharing framework

#496 mmguero opened 1 week ago
0
improvements to documentation and install.py for Linux performance tweaks

#495 mmguero opened 1 week ago
0
16GB RAM and 16 Core system resources are quickly being exhausted till system locks up

#494 jtlindsey closed 1 week ago
7
Bump urllib3 from 1.26.18 to 1.26.19 in /hedgehog-iso/interface

#493 dependabot[bot] closed 4 days ago
1
generate new forwarder SSL keys on-the-fly when transferring between Malcolm and Hedgehog

#492 mmguero closed 1 week ago
0
document using GitHub runners to build malcolm images (for contributors)

#491 mmguero closed 2 weeks ago
1
Captured data does not flow from Hedgedog to Malcolm

#490 Zokol closed 2 weeks ago
4
incorporate ACID

#489 mmguero closed 6 days ago
3
Best Guess log ports flipped

#488 ee-hex-ee closed 3 weeks ago
1
No option to go backwards in Malcolm install tool

#487 Zokol opened 3 weeks ago
0
Hedgedog-raspi make fails

#486 Zokol opened 3 weeks ago
0
standardize locations/sources for GeoIP database

#485 mmguero opened 3 weeks ago
0
Arkime viewer not rolling pcaps

#484 coffeecoffeecoffeecoffeecoffee closed 2 weeks ago
2
GUIfy install.py for installation and configuration

#483 mmguero opened 3 weeks ago
0
Malcolm v24.05.0

#482 mmguero closed 1 month ago
0
Cannot complete build.sh

#481 vanyell closed 1 month ago
1
Zeek json

#480 yorkyman closed 1 month ago
1
clean-processed-folder.py out of date for current filebeat registry behavior

#479 mmguero closed 1 month ago
0
Bump requests from 2.31.0 to 2.32.0 in /api

#478 dependabot[bot] closed 1 month ago
1
sensor and policy manager for Malcolm

#477 mmguero opened 1 month ago
0
discrepancy between environment variables used to populate Arkime's config.ini between Malcolm and Hedgehog

#476 mmguero closed 1 month ago
0
streamline configuration of Zeek live capture worker load balancing using AF_PACKET and fanout

#475 mmguero closed 1 month ago
1
BPF capture filter does not seem to be passed to Zeek correctly

#474 mmguero closed 1 month ago
0
use mount instead of volume in docker compose file to avoid creating empty directories for missing files

#473 mmguero opened 1 month ago
1
don't overwrite Zeek threat intel files if all sources associated with a type fail

#472 mmguero closed 1 month ago
0
allow setting spiDataMaxIndices for Arkime's config.ini

#471 mmguero closed 1 month ago
1
Bump jinja2 from 3.1.3 to 3.1.4 in /hedgehog-iso/interface

#470 dependabot[bot] closed 1 month ago
1
Bump werkzeug from 3.0.1 to 3.0.3 in /hedgehog-iso/interface

#469 dependabot[bot] closed 1 month ago
1
Vagrant nfs server additions

#468 scott-jeffery closed 1 month ago
1
error reporting memory and CPU resources in scripts/malcolm_kubernetes.py

#467 mmguero closed 2 months ago
0
Malcolm v24.04.0

#466 mmguero closed 2 months ago
0
allow artifact upload to handle windows event logs

#465 mmguero closed 2 weeks ago
2
set category fields in default anomaly detectors to give a better breakdown of contributors

#464 mmguero closed 2 months ago
1
allow custom tags to be specified at the point of log file ingestion (ie., filebeat)

#463 mmguero closed 1 month ago
2
Track latest Suricata release rather than what's in Debian stable APT repository

#462 mmguero closed 1 month ago
3
handle invalid URLs better (with a 404 instead of a 500)

#461 mmguero closed 1 month ago
1