Skip to content

v0.2 of the analyzer-d4-log released
Compare
Choose a tag to compare
@gallypette gallypette released this 28 Jul 10:06
· 1 commit to master since this release
v0.2
4bc6a0b
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Verified
Learn about vigilant mode.

Main Changes

External tools for grokking

The main change in this release is the use of external tools for grokking log lines:

MISP export

The second addition is the capability to export statistics to MISP as authentication-failure-report objects.
After MISP 2.4.129 it allows MISP to display a authentication failure report widget listing the top 100 ssh services abusers collected in D4:

Other changes

  • csv export
  • better Handling of redis-input EOF
  • some bug fixes

SHA 256

bbeaf2343fc313a800fe592154312529b4146e5ec3e3cfbee0fe12f132c7d225  analyzer-d4-log
Assets 3
Loading