Skip to content

Releases: LDO-CERT/mans_to_es

teruelictis

20 May 06:52
@garanews garanews
1.6
dd21bbd
Compare
Choose a tag to compare
teruelictis Latest
Latest
  • Use biliard to avoid "daemonic processes are not allowed to have children" in celery
  • Restore doc_type="generic_event" used by timesketch even if it'll be deprecated in elastic 8
Assets 4
Loading

poecilogale

19 May 13:52
@garanews garanews
1.5
dd21bbd
Compare
Choose a tag to compare
poecilogale
  • Little refactoring to improve usage as imported library
  • Add threat info to alerts if present
  • Aligned dependencies to Timesketch requirements
  • Added support for pip > 20 build
Assets 4
Loading

marbled polecat

03 Oct 15:06
@garanews garanews
1.4
38329e2
Compare
Choose a tag to compare
marbled polecat

news:

  • Add support for "Comprehensive Investigative Details" .mans enhancement as #1
  • Fixes NoneType found as #3
  • Support clockskew as #5
  • Fixes mans without hits.json as #6
  • Improved logging
Assets 4
Loading

ermine

29 Jul 10:36
@garanews garanews
1.3
3c07621
Compare
Choose a tag to compare
ermine

Small fixes

Some small fixes after new bulk test:

  • Added timestamp field in microseconds (useful for timesketch context query)
  • Added "processes-api" to processes items
  • If object type has not been considered in dict skip it
  • Check if selected time related fields are present, if not skip them
  • Some alert were not taken correctly
  • Some process_id for alerts are stored as string
  • Some internal csv are not utf8 compliant
  • Filedownloadhistory has different "time-related" keys for manual or auto download.
Assets 4
Loading

1.0

24 Jul 15:06
@garanews garanews
1.0
a742f84
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
1.0 
added pypi badge
Assets 4
Loading