issues
search
idaholab
/
Malcolm
Malcolm is a powerful, easily deployable network traffic analysis tool suite for full packet capture artifacts (PCAP files), Zeek logs and Suricata alerts.
https://idaholab.github.io/Malcolm/
Other
353
stars
58
forks
source link
issues
Newest
Newest
Most commented
Recently updated
Oldest
Least commented
Least recently updated
standardize locations/sources for GeoIP database
#485
mmguero
opened
3 months ago
0
Arkime viewer not rolling pcaps
#484
coffeecoffeecoffeecoffeecoffee
closed
3 months ago
2
GUIfy install.py for installation and configuration
#483
mmguero
opened
4 months ago
0
Malcolm v24.05.0
#482
mmguero
closed
4 months ago
0
Cannot complete build.sh
#481
vanyell
closed
4 months ago
1
Zeek json
#480
yorkyman
closed
4 months ago
1
clean-processed-folder.py out of date for current filebeat registry behavior
#479
mmguero
closed
4 months ago
0
Bump requests from 2.31.0 to 2.32.0 in /api
#478
dependabot[bot]
closed
4 months ago
1
"policy manager" for Malcolm and Hedgehog Linux (meta-issue)
#477
mmguero
opened
4 months ago
1
discrepancy between environment variables used to populate Arkime's config.ini between Malcolm and Hedgehog
#476
mmguero
closed
4 months ago
0
streamline configuration of Zeek live capture worker load balancing using AF_PACKET and fanout
#475
mmguero
closed
4 months ago
1
BPF capture filter does not seem to be passed to Zeek correctly
#474
mmguero
closed
4 months ago
0
use mount instead of volume in docker compose file to avoid creating empty directories for missing files
#473
mmguero
closed
2 months ago
2
don't overwrite Zeek threat intel files if all sources associated with a type fail
#472
mmguero
closed
4 months ago
0
allow setting spiDataMaxIndices for Arkime's config.ini
#471
mmguero
closed
4 months ago
1
Bump jinja2 from 3.1.3 to 3.1.4 in /hedgehog-iso/interface
#470
dependabot[bot]
closed
4 months ago
1
Bump werkzeug from 3.0.1 to 3.0.3 in /hedgehog-iso/interface
#469
dependabot[bot]
closed
4 months ago
1
Vagrant nfs server additions
#468
scott-jeffery
closed
4 months ago
1
error reporting memory and CPU resources in scripts/malcolm_kubernetes.py
#467
mmguero
closed
5 months ago
0
Malcolm v24.04.0
#466
mmguero
closed
5 months ago
0
allow artifact upload to handle windows event logs
#465
mmguero
closed
3 months ago
2
set category fields in default anomaly detectors to give a better breakdown of contributors
#464
mmguero
closed
5 months ago
1
allow custom tags to be specified at the point of log file ingestion (ie., filebeat)
#463
mmguero
closed
4 months ago
2
Track latest Suricata release rather than what's in Debian stable APT repository
#462
mmguero
closed
4 months ago
3
handle invalid URLs better (with a 404 instead of a 500)
#461
mmguero
closed
4 months ago
1
adopt digitalbond/Quickdraw ICS rules into Malcolm's suricata instance
#460
mmguero
opened
5 months ago
0
Bump gunicorn from 20.1.0 to 22.0.0 in /hedgehog-iso/interface
#459
dependabot[bot]
closed
5 months ago
1
Bump gunicorn from 20.1.0 to 22.0.0 in /api
#458
dependabot[bot]
closed
5 months ago
1
Bump idna from 3.4 to 3.7 in /hedgehog-iso/interface
#457
dependabot[bot]
closed
5 months ago
1
adjustments to how Zeek intel files get generated among Malcolm's containers
#456
mmguero
closed
5 months ago
1
allow user to specify prefix for dashboards
#455
mmguero
closed
5 months ago
1
Malcolm v24.03.1
#454
mmguero
closed
6 months ago
0
provide threshold for pruning extracted files
#453
mmguero
closed
5 months ago
2
stderr from new docker compose v2.25 will mess up creation of OpenSearch keystore
#452
mmguero
closed
6 months ago
0
Configuring Hedgehog Linux
#451
mmguero
opened
6 months ago
1
allow splitting out indexes by other field values
#450
mmguero
closed
1 month ago
1
handle multiple NetBox sites
#449
mmguero
closed
3 months ago
2
Installing Hedgehog Linux
#448
mmguero
opened
6 months ago
0
unformly increase number of results for table visualizations in Dashboards
#447
mmguero
closed
6 months ago
0
allow total index size-based pruning for opensearch-remote and elasticsearch-remote database modes
#446
mmguero
closed
2 weeks ago
1
add ability to generate suricata.yaml such that suricata's eve.json is split/rotated so it doesn't grow as large
#445
mmguero
closed
6 months ago
1
add community ID to more (all) Zeek logs types
#444
mmguero
opened
6 months ago
0
Exception: auth_setup should not be run as root
#443
kirankalelkar
closed
6 months ago
5
suricata stats on "Packet Capture Statistics" not reflecting search time frame
#442
mmguero
closed
6 months ago
0
file extraction/scanning could overwhelm the system, causing the disk to fill
#441
mmguero
closed
5 months ago
1
release ISO images with GitHub release artifacts
#440
mmguero
closed
6 months ago
1
add script for exporting dashboard
#439
mmguero
opened
6 months ago
0
how to build and start docker container using docker images
#438
kirankalelkar
closed
6 months ago
2
AF_PACKET isn't being enabled for zeek-live container capture
#437
mmguero
closed
6 months ago
1
autocreation and assignment of NetBox subnets in Logstash
#436
mmguero
closed
6 months ago
2
Previous
Next