Tomasz Grodzki
Tomasz Grodzki
There was a request for configurable delay between modules, so it's easier to identify results in the SIEM. Sounds as simple as adding a sleep in the loop.
We should somehow document each module so users know what they're for and why they're important. I had a will of describing new modules during the release notes, but these...
Worth adding simulator for malicious TLS traffic, i.e. having known bad JA3 or certificate hashes.
Zeek IP logs (conn.log) contain "service" column with application protocol, if detected. We can find values like "dns" or "ssl" in there. We should send it upstream as an "app"...
We're seeing DNS traffic with FQDNs containing only a single label (`xyzdiscoveryservice` etc), which is of limited use on a backend side. We could drop them at a source.
After executing the following steps in a _single_ transaction: 1. Create a bucket 2. Add key with a `nil` value to the bucket 3. Delete the bucket I get the...
I've been reading the section about [error handling](https://godoc.org/github.com/inconshreveable/log15#hdr-Error_Handling) and tried to play with some mistyped keys (to see `LOG15_ERROR` reports), but it didn't work very well. Here is the code...
The readme says flightsim can be installed using the following command: ``` go install github.com/alphasoc/flightsim@latest ``` However, it installs the latest v1 version (v1.1.1), not v2.
Actions are locked at the fixed goreleaser version due to errors with the latest one.
I've upgraded Sublime Text 3 from the last beta to the latest (and first) stable version (3.0 build 3143), which seemed to break Golang Build package. Now, after running build,...