Matthias Vallentin
Matthias Vallentin
This PR includes the first infrastructure work for a revamped version of Threat Bus in the form of VAST Python layer, sparked by two recent hackathons. ### :memo: Checklist -...
This PR updates the PR template to put more focus on the review process.
This PR adds supports for the Sigma rule modifiers `lt`, `lte`, `gt`, `gte`, and `cidr`. These are part of the new pySigma effort and not available in "legacy" sigmac. In...
This PR is an attempt at providing and `install.sh` script that makes it easy to install VAST, using the following idiom: ```bash /bin/bash -c "$(curl -fsSL https://vast.io/install.sh)" ``` The idea...
This PR is a workspace for the revamped partition sketching infrastructure. ### :memo: Checklist - [ ] All user-facing changes have changelog entries. - [ ] The changes are reflected...
This PR provides a reader plugin for the *Common Event Format (CEF)*. Details will follow. ### :memo: Checklist - [ ] All user-facing changes have changelog entries. - [ ]...
### :notebook_with_decorative_cover: Description This PR adds support for modern filter structures, such as the *split block Bloom filter* and Jim Apple's [Taffy Filters](https://arxiv.org/abs/2109.01947). ### :memo: Checklist - [x] Add split...
Several of our data structures have a member function `memusage` that provides an approximatation of the number of bytes the structure occupies in memory. However, this is technically an orthogonal...
Historically, we implemented several "concepts" like *hashable*, *printable*, and *parsable* and put them under the directories `vast/concept/X` where `X` is the concept name. The following "concepts" need to be migrated:...
The shebang of stackcollapse.pl begins with `#!/usr/bin/perl`. On FreeBSD, Perl is located in `/usr/local/bin`, causing the script to fail. Does anything speak against using the canonical form `#!/usr/bin/env perl`?