Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Wiki article and example YAML/scripts for custom Zeek/Suricata/NetFlow #72

Merged
merged 37 commits into from
Jun 9, 2021
+661 −4
Merged

Wiki article and example YAML/scripts for custom Zeek/Suricata/NetFlow #72

Changes from 1 commit
Commits
Show all changes
37 commits
Select commit Hold shift + click to select a range
ea2b64c
Initial version
philrz Apr 29, 2021
61b4ab5
Link to article
philrz May 5, 2021
6c64878
Add space
philrz May 5, 2021
8379e3a
PR feedback: Fix wording
philrz May 5, 2021
526c9a7
PR feedback: Single type definition for 'port' in Suricata shaper
philrz May 6, 2021
8d3154f
PR feedback: Exec zeek in the Zeek wrapper
philrz May 6, 2021
11a4e58
PR feedback: Remove cat and exec last command
philrz May 6, 2021
816e771
PR feedback: Use -e to exit early if Suricata returns nonzero
philrz May 6, 2021
a7c6b9d
Point to 'latest' Suricata docs
philrz May 6, 2021
bc151b7
PR feedback: Simplify sentence about dedup
philrz May 6, 2021
e16ad14
Add Debug section
philrz May 6, 2021
22792df
Reduce redundant wording
philrz May 6, 2021
12480e7
Match article text to script text
philrz May 6, 2021
749da10
Use apt -y
philrz May 6, 2021
8a7de12
Bash header
philrz May 6, 2021
41ac5bb
test
philrz May 10, 2021
8377db7
Revert "test"
philrz May 10, 2021
aaeb210
Merge branch 'main' into custom-yaml-article
philrz May 18, 2021
23f2c75
Rename article so it can pass link checker
philrz May 18, 2021
dc96a59
Updates for Zed language changes and zed/2670 fix
philrz May 18, 2021
9412f23
More updates to reflect langauge changes and enhancements
philrz May 18, 2021
59cdb24
Fix paths in wrapper scripts
philrz May 18, 2021
e39ea54
More path fixes
philrz May 18, 2021
7adab90
More path fixes & screenshot
philrz May 18, 2021
9b194a7
More path fixes
philrz May 18, 2021
2f6569e
nfdump fixes
philrz May 18, 2021
623ff52
Use absolute paths for workdir
philrz May 18, 2021
ab1beff
Final polish
philrz Jun 8, 2021
efa84ce
Adjust to new way of creating pools with zed api
philrz Jun 8, 2021
1555a68
Reference brim/950
philrz Jun 8, 2021
d1a3ca5
Fix path to Zeek binary
philrz Jun 8, 2021
e5fa400
Fix Suricata path
philrz Jun 8, 2021
2f1da43
Include LD_LIBRARY_PATH in nfdump wrapper
philrz Jun 8, 2021
20224df
Improve wording
philrz Jun 8, 2021
c45bdc4
Adjust wording
philrz Jun 8, 2021
00df747
Adjust wording
philrz Jun 8, 2021
6dbb4f7
Refernece zed/2398
philrz Jun 8, 2021
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Prev Previous commit
Next Next commit
test
  • Loading branch information
@philrz
philrz committed May 10, 2021
commit 41ac5bbcd88f777d0eca90f145810f172d647525
21 changes: 19 additions & 2 deletions docs/_Sidebar.md
View file
Original file line number Diff line number Diff line change
@@ -1,7 +1,24 @@
**Support Resources**


- [[Installation]]
- [[Supported Platforms]]
- [[Microsoft Windows beta limitations]]
- [[Troubleshooting]]

**User Documentation**

- [Custom `brimcap load` Config](Custom-brimcap-load-Config)
- [[Zeek Customization]]
- [[Geolocation]]
- [[Migration of Spaces]]
- [Importing CSV, JSON, Parquet, and ZST](Importing-CSV-JSON-Parquet-and-ZST)

**Cookbooks**

- [[Remote zed lake]]
- [[Query Library Transfer]]
- [[Joining Data]]

**Developer Resources**

- [[Code Base Walkthrough]]
- [[Adding Migrations]]