matano

matano copied to clipboard

## Overview [Microsoft Graph](https://learn.microsoft.com/en-us/graph/use-the-api) is a unified API for access to many relevant Microsoft/Azure logs & resources. ## Puller The advantage of Microsoft Graph is we can implement a largely...

Samrose-Ahmed

Support lookup metadata from file/payload to enrich events for sources such as AWS ELB

1

### Problem AWS ELB does not include AWS account ID in each event payload, this information is only included in the path e.g. `aws-elb-logs//...`. As a user, I would like...

shaeqahmed

CLI throws an error if there is no detections dir

1

## Problem If the Matano CLI doesn't find a `detections/` dir, it throws an error: ``` $ matano diff --user-directory ./config/envs/my-env › Error: ENOENT: no such file or directory, scandir...

timoguin

Expose Lambda configuration options to Matano config

1

We need to be able to modify things like function CPU, memory, and timeouts. Figure out a good UX for exposing these options (maybe others as well) via the Matano...

timoguin

Document Bring Your Own Bucket Permission requirements

1

The documentation for "Bring Your Own Bucket" ingestion does not include any instructions for setting permissions required for buckets and KMS resources. One use-case is an organisation where the AWS...

MadsRC

### Overview Having corporate user information available for enrichment as enrichment tables will be highly useful for analysis, investigation, detection. ### Goals - Integrate managed enrichment sources for popular user...

Samrose-Ahmed

S3 Event Notifications - Configuration is ambiguously defined

1

## The Problem When creating Matano with byob, I was unable to deploy DPMainStack with the error ["Configuration is ambiguously defined"](https://aws.amazon.com/premiumsupport/knowledge-center/lambda-s3-event-configuration-error/) Ultimately this was because my existing dev bucket already...

kai-ten

Add support for managing logs (data?) and events from AWS Config. This includes configuration snapshots, configuration history, and configuration streams. ## Considerations AWS Config sends notifications to SNS for a...

timoguin

Add a basic user guide showing how to run queries. ## Considerations I'm not sure if we should have a top-level guide (perhaps below the "Tables" section), or if we...

timoguin

## Overview Currently, semi structured data must be stringified and defined as a string type. Subsequently, it is always treated as a string type (e.g. in detections). ## Goal Add...

Samrose-Ahmed