Skip to content

Releases: D4-project/analyzer-d4-log

v0.2.1 of the analyzer-d4-log released

30 Apr 09:42
@gallypette gallypette
v0.2.1
c7372bc
This commit was signed with the committer’s verified signature.
gallypette Jean-Louis Huynen
GPG key ID: 64799157F4BD6B93
Verified
Learn about vigilant mode.
Compare
Choose a tag to compare
v0.2.1 of the analyzer-d4-log released Latest
Latest

Main changes

  • change port to 1323
Assets 2
Loading

v0.2 of the analyzer-d4-log released

28 Jul 10:06
@gallypette gallypette
v0.2
4bc6a0b
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Verified
Learn about vigilant mode.
Compare
Choose a tag to compare
v0.2 of the analyzer-d4-log released

Main Changes

External tools for grokking

The main change in this release is the use of external tools for grokking log lines:

MISP export

The second addition is the capability to export statistics to MISP as authentication-failure-report objects.
After MISP 2.4.129 it allows MISP to display a authentication failure report widget listing the top 100 ssh services abusers collected in D4:

Other changes

  • csv export
  • better Handling of redis-input EOF
  • some bug fixes

SHA 256

bbeaf2343fc313a800fe592154312529b4146e5ec3e3cfbee0fe12f132c7d225  analyzer-d4-log
Loading

v0.1.1 of the analyzer-d4-log released

13 Feb 13:42
@gallypette gallypette
v0.1.1
29009f8
This commit was signed with the committer’s verified signature.
gallypette Jean-Louis Huynen
GPG key ID: 64799157F4BD6B93
Verified
Learn about vigilant mode.
Compare
Choose a tag to compare
v0.1.1 of the analyzer-d4-log released

Main features

  • Parses auth.log logs ssh failed logins pushed through D4
  • Computes basics counts in redis
  • Compiles html/svg representations of daily, monthly and yearly counts.

Example output

SHA 256

610d987338166df75749dff6d8254e0de5968b35e62de8fbdbe090d1c1925f92  analyzer-d4-log
Loading