issues
search
idaholab
/
Malcolm
Malcolm is a powerful, easily deployable network traffic analysis tool suite for full packet capture artifacts (PCAP files), Zeek logs and Suricata alerts.
https://idaholab.github.io/Malcolm/
Other
326
stars
53
forks
source link
issues
Newest
Newest
Most commented
Recently updated
Oldest
Least commented
Least recently updated
determine difference in storage space based on enabling/disabling features
#510
mmguero
opened
3 days ago
0
indicators based on JA4+ hashes
#509
mmguero
opened
4 days ago
0
provide configuration option in local.zeek to set number of packets for ja4ssh.log
#508
mmguero
opened
4 days ago
0
Malcolm v24.06.0
#507
mmguero
closed
4 days ago
0
code cleanup: rename zeek fields to ECS rather than just merge
#506
mmguero
opened
5 days ago
1
Integrate Fox-IO JA4 Plugin
#505
piercema
closed
4 days ago
1
enrichment for Arkime data
#504
mmguero
opened
5 days ago
0
air gapped environment
#503
devilman85
opened
5 days ago
0
Not bug, missing documentation
#502
y0d4a
opened
5 days ago
0
netbox enrichment for non-network data in Logstash
#501
mmguero
opened
5 days ago
0
resolve errors for and update nginx-proxy to alpine 3.20
#500
mmguero
opened
1 week ago
0
invalid (?) DNS on host can interfere with container resolution in dashboards-helper container
#499
mmguero
opened
1 week ago
0
implement some sort of system/hardware estimator
#498
mmguero
opened
1 week ago
0
file extraction/scanning with AssemblyLine
#497
mmguero
opened
1 week ago
0
anonymized intelligence sharing framework
#496
mmguero
opened
1 week ago
0
improvements to documentation and install.py for Linux performance tweaks
#495
mmguero
opened
1 week ago
0
16GB RAM and 16 Core system resources are quickly being exhausted till system locks up
#494
jtlindsey
closed
1 week ago
7
Bump urllib3 from 1.26.18 to 1.26.19 in /hedgehog-iso/interface
#493
dependabot[bot]
closed
4 days ago
1
generate new forwarder SSL keys on-the-fly when transferring between Malcolm and Hedgehog
#492
mmguero
closed
1 week ago
0
document using GitHub runners to build malcolm images (for contributors)
#491
mmguero
closed
2 weeks ago
1
Captured data does not flow from Hedgedog to Malcolm
#490
Zokol
closed
2 weeks ago
4
incorporate ACID
#489
mmguero
closed
6 days ago
3
Best Guess log ports flipped
#488
ee-hex-ee
closed
3 weeks ago
1
No option to go backwards in Malcolm install tool
#487
Zokol
opened
3 weeks ago
0
Hedgedog-raspi make fails
#486
Zokol
opened
3 weeks ago
0
standardize locations/sources for GeoIP database
#485
mmguero
opened
3 weeks ago
0
Arkime viewer not rolling pcaps
#484
coffeecoffeecoffeecoffeecoffee
closed
2 weeks ago
2
GUIfy install.py for installation and configuration
#483
mmguero
opened
3 weeks ago
0
Malcolm v24.05.0
#482
mmguero
closed
1 month ago
0
Cannot complete build.sh
#481
vanyell
closed
1 month ago
1
Zeek json
#480
yorkyman
closed
1 month ago
1
clean-processed-folder.py out of date for current filebeat registry behavior
#479
mmguero
closed
1 month ago
0
Bump requests from 2.31.0 to 2.32.0 in /api
#478
dependabot[bot]
closed
1 month ago
1
sensor and policy manager for Malcolm
#477
mmguero
opened
1 month ago
0
discrepancy between environment variables used to populate Arkime's config.ini between Malcolm and Hedgehog
#476
mmguero
closed
1 month ago
0
streamline configuration of Zeek live capture worker load balancing using AF_PACKET and fanout
#475
mmguero
closed
1 month ago
1
BPF capture filter does not seem to be passed to Zeek correctly
#474
mmguero
closed
1 month ago
0
use mount instead of volume in docker compose file to avoid creating empty directories for missing files
#473
mmguero
opened
1 month ago
1
don't overwrite Zeek threat intel files if all sources associated with a type fail
#472
mmguero
closed
1 month ago
0
allow setting spiDataMaxIndices for Arkime's config.ini
#471
mmguero
closed
1 month ago
1
Bump jinja2 from 3.1.3 to 3.1.4 in /hedgehog-iso/interface
#470
dependabot[bot]
closed
1 month ago
1
Bump werkzeug from 3.0.1 to 3.0.3 in /hedgehog-iso/interface
#469
dependabot[bot]
closed
1 month ago
1
Vagrant nfs server additions
#468
scott-jeffery
closed
1 month ago
1
error reporting memory and CPU resources in scripts/malcolm_kubernetes.py
#467
mmguero
closed
2 months ago
0
Malcolm v24.04.0
#466
mmguero
closed
2 months ago
0
allow artifact upload to handle windows event logs
#465
mmguero
closed
2 weeks ago
2
set category fields in default anomaly detectors to give a better breakdown of contributors
#464
mmguero
closed
2 months ago
1
allow custom tags to be specified at the point of log file ingestion (ie., filebeat)
#463
mmguero
closed
1 month ago
2
Track latest Suricata release rather than what's in Debian stable APT repository
#462
mmguero
closed
1 month ago
3
handle invalid URLs better (with a 404 instead of a 500)
#461
mmguero
closed
1 month ago
1
Next