issues
search
philhagen
/
sof-elk
Configuration files for the SOF-ELK VM
GNU General Public License v3.0
1.47k
stars
276
forks
source link
issues
Newest
Newest
Most commented
Recently updated
Oldest
Least commented
Least recently updated
Fixing AWS CloudTrail username parsing
#336
ForensicITGuy
closed
4 days ago
1
Sysmon logs not being parsed by logstash
#335
matthewerobison
opened
1 week ago
0
Root volume does not exist. Getting this issue when I am trying this Image with HyperV
#334
Abhishekpathania01
closed
4 weeks ago
2
Enable Security for ELK stack
#333
Aquariius
closed
1 month ago
1
Best practice for local Evtx ingestion
#332
aarislarsen
opened
2 months ago
8
azure-vpcflow2sof-elk.py generates empty output
#331
Jurkiseczek
closed
2 months ago
9
Refine post-merge hook script
#330
philhagen
opened
2 months ago
0
Add border to SOF-ELK image so Dark Mode looks better
#329
philhagen
opened
3 months ago
0
Consider replacing logstash syslog input with filebeat processor
#328
philhagen
opened
4 months ago
0
identify supported configuration for remote `filebeat` log shipping
#327
philhagen
opened
5 months ago
0
[SOF-ELK - DEV AND TESTING - ECS] - Syslog Snare not parsing properly
#326
BrianMer
closed
5 months ago
13
[SOF-ELK - DEV AND TESTING - ECS] - Syslog not parsing properly
#325
BrianMer
closed
5 months ago
9
Live NetFlow fails with latest filebeat
#324
philhagen
opened
5 months ago
0
Sort using isort on aws-cloudtrail2sof-elk.py file
#323
za
closed
6 months ago
3
Added StorageWrite and StorageDelete parser to azure.conf
#322
tuzux8
closed
8 months ago
1
Azure Storage Logs StorageWrite not parsed
#321
tuzux8
closed
8 months ago
1
NetFlow UDP 9995 not listening
#320
stijnos1991
closed
8 months ago
6
domain-stats no longer works due to refactor
#319
StarkZarn
opened
9 months ago
3
update snare parsing
#318
philhagen
closed
9 months ago
0
Logstash randomly crashing when starting
#317
BrianMer
closed
9 months ago
2
Fixing Microsoft 365 multiline JSON logs parsing
#316
BrianMer
opened
9 months ago
6
convert iptables uptime to float
#315
philhagen
opened
9 months ago
0
XFF_IP Field Not Handling Multiple IPs properly
#314
funkwhatyouheard
opened
9 months ago
14
Broken link in Wiki/Virtual Machine README - Plaso
#313
BrianMer
closed
9 months ago
1
Wrong command line options in Wiki/log2timeline and Plaso
#312
BrianMer
closed
9 months ago
1
Broken link in Wiki/KAPE-Support
#311
BrianMer
closed
10 months ago
1
Consider "time in pipeline" calculation
#310
philhagen
opened
10 months ago
1
initial support for weird.log
#309
philhagen
closed
10 months ago
0
initial support for notice.log
#308
philhagen
closed
10 months ago
0
Zeek ftp
#307
philhagen
closed
10 months ago
0
Zeek x509
#306
philhagen
closed
10 months ago
0
initial ssl.log handling
#305
philhagen
closed
10 months ago
0
Add Zeek files.log handling
#304
philhagen
closed
10 months ago
0
Request for more Zeek JSON log support
#303
davidszili
opened
10 months ago
6
Use uncompressed filebeat shipping
#302
philhagen
closed
10 months ago
1
SOF-ELK integrate with opensearch
#301
oodog0126
closed
10 months ago
1
Typo in wiki
#300
Pierre450
closed
11 months ago
1
increase LS thread stack size
#299
philhagen
closed
10 months ago
1
Evaluate fingerprinting to generate consistent document_id field
#298
philhagen
closed
10 months ago
2
Experiment with removing filebeat metadata
#297
philhagen
closed
10 months ago
2
Fix Azure logstash parser in public release
#296
Pierre450
opened
11 months ago
1
update filebeat inputs to use filestream
#295
philhagen
closed
10 months ago
2
Parse additional Google Workspace Email logs
#294
megan201296
closed
11 months ago
3
Parse Additional Fields from CloudTrail
#293
vikas891
closed
11 months ago
6
SOF-ELK CentOS end of life
#292
maersk-matthewkelly
opened
1 year ago
1
Event Name and Type not being parsed from mobile logs for GWS
#291
megan201296
closed
11 months ago
3
EVTX in JSON format not being interpretted.
#290
gru3zi
opened
1 year ago
4
Format Python scripts with Black
#289
za
opened
1 year ago
0
[Feature Request] Support for IPinfo IP to Country ASN database
#288
abdullahdevrel
closed
1 year ago
4
update nfdump version
#287
philhagen
opened
1 year ago
0
Next