Commit Graph

72 Commits (9da6a3744c32d2bf2f7b2b06e369f541ca87136a)

Author SHA1 Message Date
Braden Laverick 717be2b859 Removed extraneous comments and unused imports 2019-10-30 15:44:47 +00:00
Braden Laverick dc4c09f751 Fixed python links 2019-10-30 13:47:43 +00:00
Braden Laverick 62d25b1f76 Changed file name to mass eql export 2019-10-30 13:46:52 +00:00
Braden Laverick 08fc938acd Fixed comments 2019-10-30 13:41:40 +00:00
Braden Laverick 2a4c7ff150 Added ors for compound queries 2019-10-29 20:22:41 +00:00
Braden Laverick 5802575e44 Fixed string formatting 2019-10-29 16:29:36 +00:00
Braden Laverick 3142b0ab02 Fixed type error in JSON parsing 2019-10-29 16:08:58 +00:00
Braden Laverick c3ccc9c577 Attempting to import endgame module 2019-10-29 15:52:49 +00:00
Braden Laverick 8ac4b610b8 Added endgame export to __all__ 2019-10-29 15:11:31 +00:00
Braden Laverick 3e44181aed Added EQL export test module 2019-10-29 15:02:08 +00:00
Raphaël Vinot f5167c2f23 fix: Make flake8 happy. 2019-04-16 11:25:39 +02:00
iceone23 d24a6e2e24
Create cisco_firesight_manager_ACL_rule_export.py
Cisco Firesight Manager ACL Rule Export module
2019-04-15 06:17:27 -07:00
Falconieri 32e10ee273 fix: [exportpdf] custom path parameter 2019-03-05 10:39:07 +01:00
Falconieri a30bcc5dd2 fix: [exportpdf] add parameters 2019-03-04 12:36:18 +01:00
Falconieri 7d7c90143e fix: [exportpdf] mising whitespace 2019-03-01 09:25:02 +01:00
Falconieri aef8dbbe2e fix: [exportpdf] problem on one line 2019-03-01 09:17:38 +01:00
Falconieri a2716bc05d fix: [exportpdf] add configmodule parameter for galaxy 2019-03-01 09:11:34 +01:00
Falconieri a937b7c85d fix: [reportlab] Textual description parameter 2019-02-27 12:45:22 +01:00
Alexandre Dulaunoy e7fd7e8eb2
chg: [pdfexport] make flake8 happy 2019-02-25 21:18:26 +01:00
Falconieri a3a871f2fa fix [exportpdf] update parameters for links generation 2019-02-25 15:51:33 +01:00
Falconieri 40cd32f1b8 tidy: Remove old dead export code 2019-02-22 10:25:12 +01:00
Falconieri a93b34208f fix: [pdfexport] Bugfix on PyMisp exportpdf call 2019-02-22 10:14:22 +01:00
Falconieri 2d29ce11bb Test 1 - PDF call 2019-02-21 15:42:18 +01:00
Vincent-CIRCL be01d54779 print values 2019-02-18 15:23:57 +01:00
Vincent-CIRCL 2753f354ab test update 2019-02-18 14:27:16 +01:00
Raphaël Vinot 454c9e0f43 fix: Pep8 related fixes. 2019-02-04 11:05:51 +01:00
milkmix 02cdc11445 added 2 blank lines to comply w/ pep8 2018-12-26 08:33:21 +01:00
milkmix 615a56f9bb removed unused re module 2018-12-24 17:32:47 +01:00
milkmix b64c3e4bf4 added domain attributes support 2018-12-24 17:07:45 +01:00
milkmix 537f9132f5 support for md5 and sha1 hashes 2018-12-24 16:40:31 +01:00
milkmix 5ab8b605bb first export feature: sha1 attributes nxql query 2018-12-24 14:39:25 +01:00
Raphaël Vinot 8fc5b1fd1f fix: Make pep8 happy 2018-12-11 15:29:09 +01:00
milkmix e8761c1664 super simple support for mutexes through winbaseobj in osquery 3.3 2018-10-25 21:28:46 +02:00
Julien Bachmann 04ba4b34e3
Merge branch 'master' into export_osquery 2018-10-03 16:59:51 +01:00
milkmix 78b4aade08 corrected typos and unused imports 2018-10-03 17:55:08 +02:00
chrisr3d d15cbe58fe
fix: Quick cleanup 2018-08-30 20:41:49 +02:00
chrisr3d 63c3252062
fix: Put the report location parsing in a try/catch statement as it is an optional field 2018-07-30 14:22:40 +02:00
Steve Clement 562a6b1308 - Removed test modules from view
- Moved skeleton expansion module to it's proper place
2018-07-03 08:27:54 +02:00
milkmix 349dd99d47 added support for scheduledtasks 2018-06-24 21:13:56 +02:00
milkmix 7c037ed090 added support for service-displayname, regkey|value 2018-06-24 21:09:42 +02:00
milkmix 0c6a205136 initial implementation supporting regkey. mutexes support waiting osquery table 2018-06-23 15:51:38 +02:00
chrisr3d a02dbd6a8d
fix: Fixed typo of the aml type for country codes 2018-02-26 18:52:28 +01:00
chrisr3d 5df2d309a0
typo 2018-02-26 15:58:53 +01:00
chrisr3d 359ac9100e
fix: typo in references mapping dictionary 2018-02-23 15:58:04 +01:00
chrisr3d b2b0fccd47
fix: Added an object checking
- Checking if there are objects in the event, and then
  if there is at least 1 transaction object
- This prevents the module from crashing, but does not
  guaranty having a valid GoAML file (depending on
  objects and their relations)
2018-02-22 16:37:27 +01:00
chrisr3d c942013812
chg: Modified the mapping dictionary to support misp-objects updates 2018-02-22 01:23:08 +01:00
chrisr3d 5995458aab
fix: Added the moduleinfo field need to have MISP event in standard format 2018-02-21 17:14:26 +01:00
Alexandre Dulaunoy c3ac53a069
fix: goamlexport added 2018-02-20 17:18:36 +01:00
chrisr3d 02b8938b2a
typo 2018-02-20 16:57:27 +01:00
chrisr3d eb9e06f1cc
explicit name
Avoiding confusion with the coming import module for goaml
2018-02-20 15:18:12 +01:00