Skip to content

Navigation Menu

Explore
By company size
By use case
By industry
View all solutions
Topics
- AI
- DevOps
- Security
- Software Development
- View all
Explore
- GitHub Sponsors
  Fund open source developers
- The ReadME Project
  GitHub community articles
Repositories
- Enterprise platform
  AI-powered developer platform
Available add-ons
Pricing

Search code, repositories, users, issues, pull requests...

Search

Clear

Search syntax tips

Provide feedback

We read every piece of feedback, and take your input very seriously.

Include my email address so I can be contacted

Saved searches

Use saved searches to filter your results more quickly

Name

Query

To see all available qualifiers, see our documentation.

You signed in with another tab or window. Reload to refresh your session. You signed out in another tab or window. Reload to refresh your session. You switched accounts on another tab or window. Reload to refresh your session.

Dismiss alert

rocknsm / rock Public

Notifications You must be signed in to change notification settings
Fork 96
Star 447

Code
Issues 111
Pull requests 2
Actions
Projects
Security
Insights

Additional navigation options

Code
Issues
Pull requests
Actions
Projects
Security
Insights

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

living target for ECS #528

Closed

5 of 29 tasks

neu5ron opened this issue Dec 17, 2019 · 1 comment

Closed

5 of 29 tasks

living target for ECS #528

neu5ron opened this issue Dec 17, 2019 · 1 comment

Assignees

Labels

Tag for when the issue needs to be fixed in one of the other rock repos

Comments

Copy link

Contributor

neu5ron commented Dec 17, 2019 •

edited

Loading

Logstash

Document or note new ECS fields
- TLS
- Threat
- Rule
- DNS
  - sub_domain
  - top_level_domain
- Domain
  - sub_domain
  - top_level_domain
Document or note new ECS fields for Zeek
- TLS
  - ssl.log
  - no other logs that seem to apply, maybe a field or two in rdp.log or smtp.log but they i would say no...
- notice.log to rule.name
Document or note new Suricata
- TLS
  - tls log
    - generate logs with extended/custom
- alert log to rule schema
Update logstash config for Zeek
- TLS
Update logstash config for Suricata
- TLS

Kibana

Update migration dashboards for Zeek
Update migration dashboards for Suricata
Tweak docket pivot
Check any other dashboards
Test / Save everything for 7.5 objects

The text was updated successfully, but these errors were encountered:

PopotoFarmer reacted with heart emoji

All reactions

❤️ 1 reaction

neu5ron added the Other Repo Tag for when the issue needs to be fixed in one of the other rock repos label

spartan782 assigned neu5ron

Copy link

Contributor Author

neu5ron commented Dec 20, 2019

moved to rocknsm/rock-dashboards#46 like a normal human being would logically place it..

All reactions

Sorry, something went wrong.

neu5ron closed this as completed

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Assignees

Labels

Tag for when the issue needs to be fixed in one of the other rock repos

Projects

None yet

Milestone

No milestone

Development

No branches or pull requests

1 participant

Footer

© 2024 GitHub, Inc.

Footer navigation

Terms
Privacy
Security
Status
Docs
Contact

You can’t perform that action at this time.