Jason Ish jasonish
jasonish
/ unknown-object.json
Created
October 9, 2015 05:46
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| { | |
| "dnp3": { | |
| "response": { | |
| "iin": { | |
| "indicators": [] | |
| }, | |
| "application": { | |
| "complete": false, | |
| "objects": [ | |
| { |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| diff --git a/staging/config/hooks/chroot-inside-Debian-Live.chroot b/staging/config/hooks/chroot-inside-Debian-Live.chroot | |
| index f0df2d3..1214591 100644 | |
| --- a/staging/config/hooks/chroot-inside-Debian-Live.chroot | |
| +++ b/staging/config/hooks/chroot-inside-Debian-Live.chroot | |
| @@ -20,8 +20,8 @@ echo " alias ll='ls $LS_OPTIONS -l'" >> /root/.bashrc | |
| ### START Scirius ### | |
| # NOTE python-pip is already installed in the build script | |
| -#pip install django==1.6.6 django-tables2 South GitPython pyinotify flup | |
| -pip install django django-tables2 South GitPython pyinotify flup |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| %YAML 1.1 | |
| --- | |
| # Suricata configuration file. In addition to the comments describing all | |
| # options in this file, full documentation can be found at: | |
| # https://redmine.openinfosecfoundation.org/projects/suricata/wiki/Suricatayaml | |
| # Number of packets preallocated per thread. The default is 1024. A higher number | |
| # will make sure each CPU will be more easily kept busy, but may negatively |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| { | |
| "timestamp": "2015-07-14T11:45:56.320059-0600", | |
| "flow_id": 106790066891968, | |
| "pcap_cnt": 11, | |
| "event_type": "dnp3", | |
| "src_ip": "127.0.0.1", | |
| "src_port": 59602, | |
| "dest_ip": "127.0.0.1", | |
| "dest_port": 20000, | |
| "proto": "TCP", |
jasonish
/ yaml-reader.py
Created
March 3, 2016 22:05
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #! /usr/bin/env python | |
| from __future__ import print_function | |
| import sys | |
| import pprint | |
| import argparse | |
| import json | |
| import yaml |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| event-services: | |
| scirius: | |
| url: http://.... | |
| moloch: | |
| url: http://.... | |
| # fancy-fpc-system: | |
| # url: http://... |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Event services: links that will be provided on events to link to additonal | |
| # services. | |
| event-services: | |
| # Custom service to link the rule in Scirius. | |
| - type: custom | |
| enabled: true | |
| name: Scirius | |
| # Only make available for alert types. |
jasonish
/ evebox: c3 example
Created
July 18, 2016 06:05
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| c3.generate({ | |
| bindto: "#test-c3", | |
| data: { | |
| x: 'date', | |
| columns: [ | |
| ["date"].concat(this.eventsOverTime.map((x:any) => { | |
| return x.date; | |
| })), | |
| ["Events"].concat(this.eventsOverTime.map((x:any) => { | |
| return x.value; |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| { | |
| "_index": "logstash-2016.08.15", | |
| "_type": "log", | |
| "_id": "AVaPvH6ai0XQWusMHN2I", | |
| "_score": null, | |
| "_source": { | |
| "timestamp": "2016-08-15T13:45:04.231416-0600", | |
| "flow_id": 405580725, | |
| "in_iface": "eth1", | |
| "event_type": "alert", |