Skip to content

issues Search Results · repo:dustin-decker/threatseer language:Go

Filter by

11 results
 (54 ms)

11 results

industin-decker/threatseer (press backspace or delete to remove)

dustin-decker/threatseer
add agent token auth via gRPC

Add agent token auth via gRPC. Also think about API for managing tokens, and adding state storage to the threatseer servers.
  • dustin-decker
  • Opened 
    on May 28, 2018
  • #17

dustin-decker/threatseer
implement agent actions API

Implement Actions API on the agent s gRPC server. initial actions: 1. upload process_id binary to object storage 2. kill process_id
  • dustin-decker
  • Opened 
    on May 28, 2018
  • #16

dustin-decker/threatseer
use LRU cache with max count and expiry for tracking profiling in Profile Engine

In the current state short-lived entities that never complete their profile never get evicted from the cache. Use a LRU cache with max count and expiry to keep memory under control and automatically purge ...
  • dustin-decker
  • Opened 
    on May 26, 2018
  • #12

dustin-decker/threatseer
add configurable file / directory monitoring to static engine

Load file / directory monitoring rules from yaml config and use to generate this part of the agent sensor subscription: https://github.com/dustin-decker/threatseer/blob/master/server/daemon/subscription.go#L32 ...
good first issue
  • dustin-decker
  • Opened 
    on May 23, 2018
  • #10

dustin-decker/threatseer
add webui for rules, alert, and events

desired features: - triage and respond to alerts - sort by time, severity within window, severity within window grouped by agent - configure rules and see stats - view and query events (probably ...
help wanted
  • dustin-decker
  • 1
  • Opened 
    on May 23, 2018
  • #9

dustin-decker/threatseer
add engine and connection stats

- collect and emit engine pipeline stats - track TCP connections and provide stats for the server component. maybe expose connection pool options.
  • dustin-decker
  • 1
  • Opened 
    on May 23, 2018
  • #8

dustin-decker/threatseer
add gRPC mTLS authentication

add mTLS authentication to gRPC client and server and expose in the configuration
good first issue
  • dustin-decker
  • 1
  • Opened 
    on May 23, 2018
  • #7

dustin-decker/threatseer
add automatic runtime profile engine

For every process_id (not PID, it s a generated unique to the lifecycle of the process) and every container_image, collect events for some configurable time period during its run time. The collected events ...
  • dustin-decker
  • 1
  • Opened 
    on May 23, 2018
  • #6

dustin-decker/threatseer
add event sampling

for noisy event sources, provide a configurable sampling option
  • dustin-decker
  • 1
  • Opened 
    on Jan 28, 2018
  • #3

dustin-decker/threatseer
add event rate limiter

Add a configurable rate limiter for events. Per-source at minimum, so we get some of every type, and maybe overall rate limiter too?
good first issue
  • dustin-decker
  • 1
  • Opened 
    on Jan 28, 2018
  • #2
Issue origami icon

Learn how you can use GitHub Issues to plan and track your work.

Save views for sprints, backlogs, teams, or releases. Rank, sort, and filter issues to suit the occasion. The possibilities are endless.Learn more about GitHub Issues
ProTip! 
Press the
/
key to activate the search input again and adjust your query.
Issue origami icon

Learn how you can use GitHub Issues to plan and track your work.

Save views for sprints, backlogs, teams, or releases. Rank, sort, and filter issues to suit the occasion. The possibilities are endless.Learn more about GitHub Issues
ProTip! 
Restrict your search to the title by using the in:title qualifier.
Issue search results · GitHub