Skip to content

u-siem/usiem-utils

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

5 Commits

.github/workflows

.github/workflows

 
 

src

src

 
 

.gitignore

.gitignore

 
 

Cargo.toml

Cargo.toml

 
 

README.md

README.md

 
 

Repository files navigation

uSIEM Utils

Documentation crates.io workflow

Enrichers

  • BasicIPEnricher: Enrich all IP fields. Checks if the IP is in the block list, adds mac and hostname information to the IP.
  • CloudProviderEnricher: Adds cloud provider information like Google, Azure or AWS to each IP field
  • CloudServiceEnricher: Adds cloud service information like O365 to each IP field
  • GeoIpEnricher: Adds geo ip information to each IP field

Tasks

  • CloudProvider: Update cloud provider dataset with AWS and Azure
  • CloudService: Update cloud service dataset with O365 IPs
  • GeoIp: Update geo ip dataset with maxmind. Needs MAXMIND_API secret in the Secrets dataset.

Slow GeoIP

Enable the SlowGeoIP datasets using the feature slow_geoip.

Async Runtime

This crate uses Tokio and reqwest.

About

Enrichers, Tasks and other utilities

Resources

Readme
Activity
Custom properties

Stars

1 star

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages