680194adf7 
					 
					
						
						
							
							prep for new listbot FQDN  
						
						
						
						
					 
					
						2020-05-12 09:19:09 +00:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						ed73d83317 
					 
					
						
						
							
							Update update.sh  
						
						
						
						
					 
					
						2020-04-22 17:48:32 +02:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						a6c8d3d712 
					 
					
						
						
							
							Update Dockerfile  
						
						
						
						
					 
					
						2020-04-22 17:15:44 +02:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						1a7b3b3795 
					 
					
						
						
							
							Load listbot data from OTC  
						
						
						
						
					 
					
						2020-04-22 16:50:41 +02:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						73e1842c16 
					 
					
						
						
							
							offload listbot from netlify CDN  
						
						
						
						
					 
					
						2020-04-02 13:12:11 +00:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						df22adb45d 
					 
					
						
						
							
							bump elk stack to 7.6.1  
						
						
						
						
					 
					
						2020-03-05 21:20:11 +00:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						f11ad6b523 
					 
					
						
						
							
							tweaking  
						
						... 
						
						
						
						ELK 7.6.0 is not ready for production, however it works if APM is enabled (disabled in config, so image wont build as precaution)
Remove SISSDEN from ewsposter, suricata
Bump suricata to 5.0.1
Alpine now support suricata incl. enabled JA3 support, move back to Alpine install 
						
						
					 
					
						2020-02-14 15:28:06 +00:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						5ce5911ec1 
					 
					
						
						
							
							cleanup  
						
						
						
						
					 
					
						2020-02-03 12:59:21 +00:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						b9da9f04af 
					 
					
						
						
							
							adjust default field  
						
						
						
						
					 
					
						2020-02-03 12:18:43 +00:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						984ba958fb 
					 
					
						
						
							
							logstash template not upgraded  
						
						... 
						
						
						
						with daily index enabled logstash will not be able to put new events into ES
simple solution, just deleting logstash template upon logstash start and leave it to logstash to upload the latest template
. 
						
						
					 
					
						2020-02-01 14:08:23 +00:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						5a4724bcba 
					 
					
						
						
							
							elk 7.x dev test  
						
						
						
						
					 
					
						2020-01-31 14:21:55 +00:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						f110eb08b0 
					 
					
						
						
							
							prepare for mailoney json logging  
						
						
						
						
					 
					
						2020-01-22 12:17:30 +00:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						1d0aad3b34 
					 
					
						
						
							
							tweak logstash.conf for citrixhoneypot  
						
						
						
						
					 
					
						2020-01-16 18:04:29 +00:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						a6ed6613a5 
					 
					
						
						
							
							prepare citrixhoneypot for ELK integration  
						
						
						
						
					 
					
						2020-01-16 15:13:58 +00:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						66bb9443f9 
					 
					
						
						
							
							bump elk stack to 6.8.2  
						
						
						
						
					 
					
						2019-08-28 11:49:03 +00:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						bf39c0f5b2 
					 
					
						
						
							
							bump elastic stack to 6.7.2  
						
						
						
						
					 
					
						2019-08-15 15:38:12 +00:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						364831ae58 
					 
					
						
						
							
							fix cd  
						
						
						
						
					 
					
						2019-08-15 08:32:04 +00:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						31d7707d19 
					 
					
						
						
							
							download instead of git pull  
						
						... 
						
						
						
						download translation maps rather than running a git pull
translation maps will now be bzip2 compressed to reduce traffic to a minimum
fixes  #432  
						
						
					 
					
						2019-08-14 14:43:47 +00:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						bbf226aeda 
					 
					
						
						
							
							remove glastopf  
						
						
						
						
					 
					
						2019-06-03 19:57:50 +00:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						a7e553efe9 
					 
					
						
						
							
							still working on fatt  
						
						
						
						
					 
					
						2019-06-03 16:13:58 +00:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						f870c8e885 
					 
					
						
						
							
							continue working on fatt  
						
						
						
						
					 
					
						2019-06-03 10:22:07 +00:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						867bda6ad7 
					 
					
						
						
							
							increase number of fields limit  
						
						... 
						
						
						
						#382  
					
						2019-05-31 15:34:29 +00:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						c09547e3a4 
					 
					
						
						
							
							adjust group and permissions for /data  
						
						
						
						
					 
					
						2019-05-08 11:16:48 +00:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						e8d8773863 
					 
					
						
						
							
							tweaking  
						
						
						
						
					 
					
						2019-03-19 11:08:23 +00:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						573ceb98a1 
					 
					
						
						
							
							bump elk stack to 6.6.2, replace wget with aria2 to speed up d/l  
						
						
						
						
					 
					
						2019-03-15 22:23:30 +00:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						6f30322ad5 
					 
					
						
						
							
							prepare for honeypy  
						
						
						
						
					 
					
						2019-03-10 18:15:59 +00:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						e1fe025dd7 
					 
					
						
						
							
							remove fallback  
						
						
						
						
					 
					
						2019-02-28 21:03:07 +00:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						728607a2da 
					 
					
						
						
							
							bump elk stack to 6.6.1  
						
						
						
						
					 
					
						2019-02-28 14:52:42 +00:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						4754526884 
					 
					
						
						
							
							bump elk stack to 6.5.4  
						
						
						
						
					 
					
						2019-01-14 20:41:08 +00:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						c4bae5f715 
					 
					
						
						
							
							bump elk stack to 6.5.2  
						
						
						
						
					 
					
						2018-12-10 17:25:46 +00:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						c7873554c3 
					 
					
						
						
							
							prepare for adbhoney  
						
						
						
						
					 
					
						2018-12-05 16:59:08 +00:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						5e8345695f 
					 
					
						
						
							
							bump elk stack to 6.5.1  
						
						... 
						
						
						
						fix docker hub build 
						
						
					 
					
						2018-11-22 23:18:59 +00:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						ece169dd76 
					 
					
						
						
							
							update docker-compose files  
						
						
						
						
					 
					
						2018-11-21 09:26:31 +00:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						ed921d31f8 
					 
					
						
						
							
							cleaning up  
						
						
						
						
					 
					
						2018-11-19 12:34:07 +00:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						53383f7313 
					 
					
						
						
							
							rename fields  
						
						
						
						
					 
					
						2018-11-19 11:33:00 +00:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						5754c79086 
					 
					
						
						
							
							clean up log sources  
						
						
						
						
					 
					
						2018-11-13 15:46:57 +00:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						106193fac5 
					 
					
						
						
							
							fix for CVE-2018-17244  
						
						
						
						
					 
					
						2018-11-09 14:36:54 +00:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						c46d3e4f6f 
					 
					
						
						
							
							bump elk to 6.4.2  
						
						
						
						
					 
					
						2018-10-12 16:07:20 +00:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						992d453b9a 
					 
					
						
						
							
							medpot tweaking  
						
						
						
						
					 
					
						2018-09-11 07:59:14 +00:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						f0f6981f34 
					 
					
						
						
							
							add medpot to ELK  
						
						
						
						
					 
					
						2018-09-10 01:15:21 +00:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						79bb324a4a 
					 
					
						
						
							
							rename conpot fields to match index pattern  
						
						
						
						
					 
					
						2018-08-28 13:30:58 +02:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						d19d3823f6 
					 
					
						
						
							
							prevent status field from being indexed as string  
						
						
						
						
					 
					
						2018-08-28 12:41:11 +02:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						59c8c5b34c 
					 
					
						
						
							
							bump ELK to 6.4.0  
						
						... 
						
						
						
						YES! Index patterns can finally exported through Kibana! A joy to the ELK world :-) 
						
						
					 
					
						2018-08-24 17:07:00 +00:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						7945961cee 
					 
					
						
						
							
							Bump ELK to 6.3.2  
						
						
						
						
					 
					
						2018-07-31 14:31:49 +00:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						00482df95b 
					 
					
						
						
							
							Bump ELK Stack to 6.3.0  
						
						
						
						
					 
					
						2018-06-26 17:34:14 +00:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						1dd57d8022 
					 
					
						
						
							
							NGINX logs are in /data/nginx/log/  
						
						... 
						
						
						
						Syslog should be viewed in Cockpit now, storing events of Syslog in ELK
is ineffective 
						
						
					 
					
						2018-06-24 03:24:51 +02:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						37424eb541 
					 
					
						
						
							
							cleanup  
						
						
						
						
					 
					
						2018-05-29 12:06:20 +00:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						72313a600d 
					 
					
						
						
							
							include tanner patterns, tweaking  
						
						
						
						
					 
					
						2018-05-29 12:05:07 +00:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						428ee43c18 
					 
					
						
						
							
							prepare for tanner  
						
						
						
						
					 
					
						2018-05-28 21:46:51 +00:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						5447978191 
					 
					
						
						
							
							finetuning, tweaking  
						
						
						
						
					 
					
						2018-05-16 14:57:52 +00:00