csnf
csnf copied to clipboard
onug
ONUG Cloud Security Notification Framework (CSNF)
Look at the mappings from the beginning of the project and verify in the native cloud environment that they are still valid.
Add some information that's actually useful for folks to contribute to the mappings and project as a whole.
Right now, as I understand it our Splunk TA mappings will only match when a given sourcetype matches. If your organization uses bespoke sourcetype strings, our plugin will not work....
To date, there's not a clear sense of "release". Right now our main, versioned assets are: - The mapping manifest. - Our splunk TA code. - Our tooling for working...
A CSV, while simple and straightforward, isn't optimal when ingested from other sources. We should consider outlining the provider mappings in a new format (most likely JSON or YAML). Let's...
We've been building hands-on CSNF labs for use at ONUG events, but we would like to have a lab available async for organizations and end users who want to gain...
We'd like to support organizations that have decided to use ELK stack in addition to those who use Splunk. If we can support a plugin similar to what we have...
Alibaba Cloud has a security center that admittedly has many log types, but for our case, we can start by mapping the security alert logs, as those are closest to...