curben
/
splunk-malware-filter
mirror of https://gitlab.com/malware-filter/splunk-malware-filter
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
67 Commits 1 Branch 20 Tags 110 KiB
Commit Graph

67 Commits

Author SHA1 Message Date
Ming Di Leom 23e3238c2b
release: 0.2.0 2024-01-26 04:04:51 +00:00
Ming Di Leom 521012f9cd
refactor(savedsearches): move action.lookup to outputlookup 
enables on-demand lookup update
override_if_empty=false prevents lookup from being overwritten with empty result
 2024-01-26 03:55:22 +00:00
Ming Di Leom 716f9a521f
fix(transforms): leave batch_index_query to default 2024-01-26 03:48:37 +00:00
Ming Di Leom da853d5e9b
docs: example usage 2024-01-26 02:12:01 +00:00
Ming Di Leom 36fd29f277
chore(vscode): code action 
https://code.visualstudio.com/updates/v1_85#_code-actions-on-save-and-auto
 2024-01-26 02:08:42 +00:00
Ming Di Leom 313ee66590
release: 0.1.1 2023-11-14 07:30:07 +00:00
Ming Di Leom 1787e5e2de
fix: schedule_window should be less than cron frequency 2023-11-14 07:28:06 +00:00
Ming Di Leom 93b7e2a44c
ci: replace pylint with pre-commit 
pylint has been replaced by ruff
 2023-11-11 04:47:56 +00:00
Ming Di Leom 9b04a100db
ci: splunk-sdk does not support python 3.12 
https://github.com/splunk/splunk-sdk-python/issues/548
 2023-11-11 04:44:07 +00:00
Ming Di Leom 444b92a837
release: 0.1.0 2023-11-11 01:34:54 +00:00
Ming Di Leom 1cd2ec36a8
fix: set time range to all time 
https://docs.splunk.com/Documentation/Splunk/9.1.1/SearchReference/Collect#Events_without_timestamps
 2023-11-11 01:33:10 +00:00
Ming Di Leom 097ba9a3df
chore(pre-commit): update hooks 2023-10-01 10:10:49 +00:00
Ming Di Leom 81ee292f1d
build: reset file permission 
running in windows may set execution permission
that is not allowed in splunk cloud
 2023-10-01 10:10:24 +00:00
Ming Di Leom 4e084978b5
docs: add splunkbase page 2023-07-20 10:57:59 +00:00
Ming Di Leom b9d7dae295
release: 0.0.13 2023-07-18 10:37:40 +00:00
Ming Di Leom d677af89d9
fix(savedsearches): disable schedule by default 2023-07-18 10:27:04 +00:00
Ming Di Leom d5c2348beb
fix(manifest): check_that_app_passes_slim_validation_for_cloud 
">=x.y" syntax is not supported
 2023-07-18 10:09:43 +00:00
Ming Di Leom fd161d8b84
docs(manifest): limit to 2 categories 
splunkbase limitation
 2023-07-15 06:18:41 +00:00
Ming Di Leom 14484f0e1b
release: 0.0.12 2023-07-15 01:18:23 +00:00
Ming Di Leom fe2e887a2e
ci: publish TA-malware-filter-*.tar.gz 2023-07-14 12:46:49 +00:00
Ming Di Leom 7c91b86ed2
style: add icons 2023-07-14 12:44:42 +00:00
Ming Di Leom 08e1f36499
fix: add minimal nav 2023-07-14 12:44:01 +00:00
Ming Di Leom 099b117617
chore: ignore packaged app 2023-07-14 12:17:37 +00:00
Ming Di Leom 7f83739b4c
docs: add app.manifest 
https://dev.splunk.com/enterprise/reference/packagingtoolkit/pkgtoolkitappmanifest/
 2023-07-14 12:16:27 +00:00
Ming Di Leom 06fbf1c42e
docs: rename add-on 
https://dev.splunk.com/enterprise/docs/releaseapps/splunkbase/namingguidelines/
 2023-07-14 10:24:40 +00:00
Ming Di Leom 414e8aa1de
docs: add repo mirros 2023-06-05 08:05:20 +00:00
Ming Di Leom 135cc288f3
release: 0.0.11 2023-05-17 12:14:27 +00:00
Ming Di Leom eaad44b783
fix(conf): consistent value in [package] & [id] 2023-05-17 12:14:06 +00:00
Ming Di Leom f7ccb9b4ca
release: 0.0.10 2023-05-17 12:07:13 +00:00
Ming Di Leom 25ffffcfa6
fix(conf): splunk cloud compatibility 2023-05-17 12:06:28 +00:00
Ming Di Leom 9bfe891f02
release: 0.0.9 2023-05-16 10:13:06 +00:00
Ming Di Leom 5981e01b3d
chore: dual-license under MIT & CC0 
- OSI-approved license (e.g. MIT license) is required
for GitLab Open Source Program
- https://docs.gitlab.com/ee/subscriptions/community_programs.html#gitlab-for-open-source
 2023-04-27 09:29:28 +00:00
Ming Di Leom bfbe280c27
docs: link to guide with more examples 2023-04-23 10:25:01 +00:00
Ming Di Leom c2fdaaa99a
docs: fix toc 2023-03-20 09:30:32 +00:00
Ming Di Leom 5f11caab67
chore: ruff linter 
- replace pylint & isort
 2023-03-06 10:46:34 +00:00
Ming Di Leom 34b8f39eca
fix: update botnet_ip.csv & opendbl_ip.csv every 15 minutes 2023-03-03 07:10:05 +00:00
Ming Di Leom 05fd64af29
release: 0.0.8 2023-02-19 07:08:28 +00:00
Ming Di Leom 7d615cb50f
feat: scheduled update lookups 2023-02-19 07:07:13 +00:00
Ming Di Leom 5a18483c6f
docs: clarify download failover 2023-02-19 06:48:14 +00:00
Ming Di Leom 975e1531bc
feat: add _time 
so that generated records can be saved to index, if configured
 2023-02-15 09:40:37 +00:00
Ming Di Leom 10dc471223
release: 0.0.7 2023-02-10 20:32:51 +00:00
Ming Di Leom 43cd977e94
docs: utilise splunk proxy setting 2023-02-10 20:32:13 +00:00
Ming Di Leom 368fa19db8
feat: download mirrors 2023-02-10 20:24:03 +00:00
Ming Di Leom 60dedb650e
release: 0.0.6 2023-02-08 10:08:05 +00:00
Ming Di Leom f624f1fee7
build: exclude requests lib 
- use splunk built-in, maybe useful for certifi cacert.pem
style: add path instead of __init__.py
style: remove shebang (not meant to be executed by generic python)
 2023-02-08 10:06:21 +00:00
Ming Di Leom 3a288d036b
release: 0.0.5 2023-02-06 06:45:41 +00:00
Ming Di Leom 736bb44cc6
docs: tested with splunk 9 2023-02-06 06:45:18 +00:00
Ming Di Leom fe8476e2c1
fix: remove splunk 8 compatibility 
app is not compatible with SCP1 "chunked=false"
Revert "fix: compatibility with splunk 8"
This reverts commit 0cc9e2fd64.
 2023-02-06 06:40:51 +00:00
Ming Di Leom c1a572f845
style: escape regex char 2023-02-04 22:40:01 +00:00
Ming Di Leom 4a7d385459
release: 0.0.4 2023-02-04 22:31:55 +00:00