search

outflanknl / RedELK

Red Team's SIEM - tool for Red Teams used for tracking and alarming about Blue Team activities as well as better usability in long term operations.
BSD 3-Clause "New" or "Revised" License
2.35k stars 371 forks source link

BounceBack redirector support #306

Closed D00Movenok closed 8 months ago

D00Movenok commented 10 months ago

It would be nice if RedELK supported BounceBack redirector. It has jsonl logs format that is easy to parse. If you need some additional logs, you may ask me for help.

MarcOverIP commented 8 months ago

Agree if would be great to add more tech components. But at this moment we are limited on time for devving on RedELK and like to stick to the original course. With support for Apache, Nginx and HAProxy I think we have covered most use cases at this moment.

We do accept PRs. If you feel like making a PR, you can check the code related to the other proxies to see what is required, e.g. logstash rules, installers.

Im closing this issue now. But feel free to re-open if you need support with a PR.