trinitor/DetectionLab
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
954 Commits 1 Branch 0 Tags
master
Commit Graph

12 Commits

Author SHA1 Message Date
Chris Long
bf502e85c9 More Exchange related code 2021-03-29 20:45:43 -07:00
Chris Long
0bf5a631fa Filter out Splunk and osqueryd events 2020-08-12 23:01:06 -07:00
Chris Long
84c29f6739 Fix sysmon sourcetype, update ThreatHunting app 2020-08-04 21:58:18 -07:00
Chris Long
9e9120f02b Implementing blacklist on wef_inputs.conf 
Resolving Issue #436
 2020-05-03 17:08:22 -07:00
Olaf Hartong
7476ff94df Added missing subscription forward rule 2020-04-30 21:53:05 +02:00
Mike Haag
2b37af791d Bootstrap.sh Error fixes 
Errors during install:
-     logger: Error during app install: failed to extract app from /vagrant/resources/splunk_forwarder/splunk-add-on-for-microsoft-windows_700.tgz to /opt/splunk/var/run/splunk/bundle_tmp/2ade41e05f0e68dc: No such file or directory

-     logger: Error during app install: failed to extract app from /vagrant/resources/splunk_server/add-on-for-microsoft-sysmon_1062.tgz to /opt/splunk/var/run/splunk/bundle_tmp/eeef7b83a2d6b716: No such file or directory

1. Fixed the forwarder error by placing the updated TA in the forwarder path.
2. fixed server error, this was caused by a typo in the name.
 2020-04-06 09:04:23 -06:00
Chris Long
ee9a1f87fd Removing Splunk forwarder from Windows hosts 2019-12-03 00:42:02 -08:00
Chris Long
e78c312bc5 Actually add files 2019-05-26 21:36:10 -07:00
Chris Long
3de47b621a Fix WEF inputs for Splunk 2019-04-28 13:12:53 -07:00
Chris Long
ca7dec8eb1 Updating build scripts to use vmware_desktop, update TA's, update bootstrap 2018-07-20 22:28:44 -07:00
Chris Long
25174fc641 Remove extraneous config stanza from WEF inputs 2017-12-29 07:36:38 +07:00
Chris Long
1577341ce9 Initial commit 2017-12-11 08:49:25 -08:00