matano
matano copied to clipboard
matanolabs
Open source security data lake for threat hunting, detection & response, and cybersecurity analytics at petabyte scale on AWS
When running multiple inits (assuming a new directory) is used I would expect a new unique identifier would be created each time ``` CDKToolkit | 0/12 | 9:06:46 AM |...
Add support for Zscaler logs to Matano. ### Sources 1) Zscaler Internet Access logs (zscaler_zia) Tables: - alerts - dns - firewall - tunnel - web 2) Zscaler Private Access...
Add support for managing audit logs from Signal Sciences. ## Considerations Signal Sciences has two types of audit logs: - Corp audit logs - Site audit logs Currently, only the...
Add support for managing access logs from Fastly. ## Considerations This could be a tricky one because Fastly allows you to customize the log format, which also depends on which...
## What? This is a packaging concern. It'd be nice to be able to pull and run a Docker image for the Matano CLI. ## Why? Run it locally without...
## Overview It is currently difficult to test VRL and schema changes in Matano. It requires a deployment and results in errors that make it hard to ascertain the issue....
## Overview Currently, it is difficult to search for a known indicator across all/multiple tables in your Matano security lake. ## Goals Add a CLI command that automatically searches for...
Tracking issue for SQS ingestion support. ## Goal Someone can send logs through SQS to Matano. ## Design * Likely have a separate ingest queue per log source. * SQS...
Tracking for scheduled detections using SQL ## Goal ## Design
## TL;DR Managed AWS GuardDuty log source support ## Feature Request Hey there! Love the project, thanks for all your work on it. The Matano documentation lists a few [Supported...
Metadata
Owner
Metadata
Open source security data lake for threat hunting, detection & response, and cybersecurity analytics at petabyte scale on AWS