issues
search
threathunters-io
/
laurel
Transform Linux Audit logs for SIEM usage
GNU General Public License v3.0
707
stars
56
forks
source link
issues
Newest
Newest
Most commented
Recently updated
Oldest
Least commented
Least recently updated
Laurel does not aggregate all EXECVE events
#178
SolitudePy
opened
10 months ago
20
Enable build on other (non-Linux) Unix systems
#177
hillu
closed
11 months ago
0
Fix some Clippy warnings
#176
hillu
closed
11 months ago
0
Drop SYSCALL.{syscall,arch} if drop-raw is set.
#175
hillu
closed
11 months ago
0
SELinux policy for RHEL8 fails
#174
0xFustang
closed
11 months ago
12
update dependencies
#173
hillu
closed
12 months ago
0
Add option to drop translated UID/GID values if theyy are translated
#172
hillu
closed
12 months ago
0
Support logging dropped records into separate log
#171
hillu
closed
12 months ago
0
Coalesce::emit_fn: Make filtering the user's responsibility
#170
hillu
closed
12 months ago
0
Implement a key-based process table
#169
hillu
closed
12 months ago
0
Add test demonstrating process tracking confusion
#168
hillu
closed
12 months ago
0
Test process tracking across fork/clone even if these syscalls are fi…
#167
hillu
closed
12 months ago
0
Move procfs-specific code into optional module
#166
hillu
closed
1 year ago
0
Add Hostname to JSON log
#165
chrisanag1985
closed
1 year ago
4
Simplify some aspects of the parser
#164
hillu
closed
1 year ago
0
Eliminate PARENT_INFO
#163
hillu
closed
8 months ago
0
Get rid of RUSTC wrapper for static musl builds
#162
hillu
closed
1 year ago
0
Update bindgen version
#161
hillu
closed
1 year ago
0
Please bump bindgen
#160
stintel
closed
1 year ago
0
Service auditd "rotate"
#159
grumo35
closed
11 months ago
10
Restart laurel on SIGHUP
#158
hillu
closed
1 year ago
0
For translated values, there should be an option to drop the numeric/binary original values.
#157
SolitudePy
closed
8 months ago
11
Laurel - output send via syslog
#156
JensJThuering
closed
12 months ago
5
install laurel offline
#155
kathyl21
closed
9 months ago
1
Update dependencies
#154
hillu
closed
1 year ago
0
Add a basic container image
#153
hillu
closed
1 year ago
0
Track processes across fork without execve
#152
hillu
closed
1 year ago
0
Add support for consuming process events
#151
hillu
closed
8 months ago
1
Build SELinux policy on Amazon Linux 2023
#150
hillu
closed
1 year ago
0
Add a basic container image
#149
Ardtas
closed
1 year ago
1
Update SELinux policy
#148
hillu
closed
1 year ago
0
enrich.script feature needs more SELinux policy
#147
hillu
closed
1 year ago
1
Deal better with proceess ID recycling
#146
hillu
closed
12 months ago
2
Support connecting to local socket to consume audit messages
#145
hillu
closed
1 year ago
0
Added null key filter #137
#144
Hu6li
closed
1 year ago
4
Update dependencies, add Cargo.lock
#143
hillu
closed
1 year ago
0
Replace custom syslog code with log crate
#142
hillu
closed
1 year ago
0
Support connecting to socket to read events
#141
hillu
closed
1 year ago
0
Use saner dependency declarations
#140
hillu
closed
1 year ago
0
Fix/simplify MessageType::is_multipart
#139
hillu
closed
1 year ago
0
log translate / enrichment seems not to work
#138
grumo35
closed
1 year ago
2
Handling of `(null)` keys in filters
#137
hillu
closed
1 year ago
2
Improve error messages
#136
hillu
closed
1 year ago
0
Error messages need improvement
#135
hillu
closed
1 year ago
0
Build different SELinux policy variants for differnt distros
#134
hillu
closed
1 year ago
0
Make laurel reload its configuration or re-exec via signal
#133
hillu
opened
1 year ago
0
Rename manual pages directory
#132
hillu
closed
1 year ago
0
Add configuration option to remove labels from processes
#131
hillu
closed
1 year ago
0
Add laurel.8 manpage
#130
hillu
closed
1 year ago
0
Analyse exec events for script execution
#129
hillu
closed
1 year ago
0
Previous
Next